Re: Encrypting jobs submitted by the client

Tue, 02 Feb 2016 13:00:08 -0800 

For #1, a brief search landed the following:

core/src/main/scala/org/apache/spark/SparkConf.scala:
 DeprecatedConfig("spark.rpc", "2.0", "Not used any more.")
core/src/main/scala/org/apache/spark/SparkConf.scala:
 "spark.rpc.numRetries" -> Seq(
core/src/main/scala/org/apache/spark/SparkConf.scala:
 "spark.rpc.retry.wait" -> Seq(
core/src/main/scala/org/apache/spark/SparkConf.scala:
 "spark.rpc.askTimeout" -> Seq(
core/src/main/scala/org/apache/spark/SparkConf.scala:
 "spark.rpc.lookupTimeout" -> Seq(
core/src/main/scala/org/apache/spark/SparkConf.scala:
 "spark.rpc.message.maxSize" -> Seq(
core/src/main/scala/org/apache/spark/SparkConf.scala:
 name.startsWith("spark.rpc") ||

There doesn't seem to be RPC protection for stand alone mode.

On Tue, Feb 2, 2016 at 12:36 PM, eugene miretsky <eugene.miret...@gmail.com>
wrote:

> Thanks Steve!
> 1. spark-submit submitting the YARN app for launch?  That you get it if
> you turn hadoop IPC encruption on, by settingo
> hadoop.rpc.protection=privacy across the cluster.
> > That's what I meant: Is there something similar for stand alone or
> Mesos?
>
> 2. communications between spark driver and executor. that can use HTTPS
> > My understanding is that that you can use HTTPS for the jar server on
> the driver, and SASL for block transfer. Is there anything else I'm missing?
>
> Cheers,
> Eugene
>
>
> On Tue, Feb 2, 2016 at 7:46 AM, Steve Loughran <ste...@hortonworks.com>
> wrote:
>
>>
>> > On 1 Feb 2016, at 20:48, eugene miretsky <eugene.miret...@gmail.com>
>> wrote:
>> >
>> > Spark supports client authentication via shared secret or kerberos (on
>> YARN). However, the job itself is sent unencrypted over the network.  Is
>> there a way to encrypt the jobs the client submits to cluster?
>>
>>
>> define submission?
>
>
>> 1. spark-submit submitting the YARN app for launch?  That you get it if
>> you turn hadoop IPC encruption on, by settingo
>> hadoop.rpc.protection=privacy across the cluster.
>
> 2. communications between spark driver and executor. that can use HTTPS
>>
>> > The rational for this is very similar to  encrypting the HTTP file
>> server traffic - Jars may have sensitive data.
>> >
>> > Cheers,
>> > Eugene
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscr...@spark.apache.org
>> For additional commands, e-mail: dev-h...@spark.apache.org
>>
>>
>

Reply via email to