You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@spark.apache.org by "WangTaoTheTonic (JIRA)" <ji...@apache.org> on 2014/08/01 11:57:38 UTC

[jira] [Updated] (SPARK-2750) Add Https support for Web UI

     [ https://issues.apache.org/jira/browse/SPARK-2750?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

WangTaoTheTonic updated SPARK-2750:
-----------------------------------

    Description: 
Now I try to add https support for web ui using Jetty ssl integration.Below is the plan:
1.Web UI include Master UI, Worker UI, HistoryServer UI and Spark Ui. User can switch between https and http by configure "spark.http.policy" in JVM property for each process, while choose http by default.
2.Web port of Master and worker would be decided in turn launch arguments, JVM property, System Env and default.
3.Below is some other configuration items:
spark.ssl.server.keystore.location The file or URL of the SSL Key store
spark.ssl.server.keystore.password  The password for the key store
spark.ssl.server.keystore.keypassword The password (if any) for the specific key within the key store
spark.ssl.server.keystore.type The type of the key store (default "JKS")
spark.client.https.need-auth True if SSL needs client authentication
spark.ssl.server.truststore.location The file name or URL of the trust store location
spark.ssl.server.truststore.password The password for the trust store
spark.ssl.server.truststore.type The type of the trust store (default "JKS")

Any feedback is welcome!

  was:
Now I try to add https support for web ui using Jetty ssl integration.Below is the plan:
1.Web UI include Master UI, Worker UI, HistoryServer UI and Spark Ui. User can choose to use http or/and https way to acess them. We add some configuration items here, for example, "SPARK_MASTER_WEBUI_HTTPS_PORT" in system envs claim the https port for master ui. Different items would be added  to control access way of dirrenet processes in system envs, JVM Properties and launch args.
2.User choose access way according to their configuration. If http port is assigned, then we start http service for web ui. If https port is assigned, we start https. If both two are assigned, we start two. If neither is assigned, we start http service at default port as same as now.
3.We should add some configuration items to state some args for ssl authentication, like keystore location and keystore password in 1-way ssl, truststore location in 2-way. User can also choose to switch between 1-way and 2-way.

Now I nearly have implemented the functions mentioned above. Here are some questions:
We know there are some hyper links between Master and Worker and some from Master to Spark UI(Driver UI). Now the link is their http addresses. So if we add https to them, what we should do when users click the links?
Situation:
1.Master http port to Worker which opens https port only.
2.Master https port to Worker which opens http port only.

Any feedback is welcome!


> Add Https support for Web UI
> ----------------------------
>
>                 Key: SPARK-2750
>                 URL: https://issues.apache.org/jira/browse/SPARK-2750
>             Project: Spark
>          Issue Type: New Feature
>          Components: Web UI
>            Reporter: WangTaoTheTonic
>              Labels: https, ssl, webui
>   Original Estimate: 96h
>  Remaining Estimate: 96h
>
> Now I try to add https support for web ui using Jetty ssl integration.Below is the plan:
> 1.Web UI include Master UI, Worker UI, HistoryServer UI and Spark Ui. User can switch between https and http by configure "spark.http.policy" in JVM property for each process, while choose http by default.
> 2.Web port of Master and worker would be decided in turn launch arguments, JVM property, System Env and default.
> 3.Below is some other configuration items:
> spark.ssl.server.keystore.location The file or URL of the SSL Key store
> spark.ssl.server.keystore.password  The password for the key store
> spark.ssl.server.keystore.keypassword The password (if any) for the specific key within the key store
> spark.ssl.server.keystore.type The type of the key store (default "JKS")
> spark.client.https.need-auth True if SSL needs client authentication
> spark.ssl.server.truststore.location The file name or URL of the trust store location
> spark.ssl.server.truststore.password The password for the trust store
> spark.ssl.server.truststore.type The type of the trust store (default "JKS")
> Any feedback is welcome!



--
This message was sent by Atlassian JIRA
(v6.2#6252)