[SPARK-15844] [core] HistoryServer doesn't come up if spark.authenticate = true #13579
Conversation
|
Test build #60238 has finished for PR 13579 at commit
|
|
I might be missing something, but why doesn't the following work? That value is never read from the environment as far as I can tell. |
|
The main problem here is in a cluster where auth is turned on globally, the HS gets really confused: it's enabled but doesn't have any secrets. This patch sets things up so that even in a cluster-wide security enabled, the history server doesn't fall over |
steveloughran
force-pushed
the
history/SPARK-15844-security
branch
from
26d1ad2 to
6701922
Compare
|
That doesn't answer my question, though. Why can't the history server explicitly set that value to false after all the settings having been read from wherever? |
|
Test build #66657 has finished for PR 13579 at commit
|
|
I see: you want the HS to set it? Yeah, that would work. I'll change this patch accordingly |
|
@steveloughran are you going to update this patch? |
|
yeah, I've just got so many other distractions. Let me do it again while tests run in different windows |
…rue; making new (visible for test) method private to the package
steveloughran
force-pushed
the
history/SPARK-15844-security
branch
from
6701922 to
01a0220
Compare
|
Test build #69823 has finished for PR 13579 at commit
|
|
Test build #69824 has finished for PR 13579 at commit
|
vanzin
left a comment
vanzin
left a comment
There was a problem hiding this comment.
Couple of small things, otherwise looks good.
| * always start. | ||
| * @param config configuration to be used in a SecurityManager constructor | ||
| */ | ||
| private def patchSecuritySettings(config: SparkConf): Unit = { |
There was a problem hiding this comment.
Could you just inline this method? That avoids adding a method with a single call, and pretty much a copy of the whole scaladoc of the other method you're adding.
There was a problem hiding this comment.
I've inlined it, which highlights something else. if the debug message is viewed as unimportant, the if() clause can be pulled completely, and the security flag always set to false.
| val conf = new SparkConf() | ||
| .set("spark.testing", "true") | ||
| .set(SecurityManager.SPARK_AUTH_CONF, "true") | ||
| HistoryServer.createSecurityManager(conf) |
There was a problem hiding this comment.
Can you add a comment explaining that the SecurityManager would throw an exception if spark.authenticate was true? (I think that'd be better than the comment you have before the test.)
There was a problem hiding this comment.
done. You know, this test could be merged into "incomplete apps get refreshed", just by setting the security option and mentioning why it matters in a comment. I've patched that test to also use HistoryServer.createSecurityManager for consistency. it would save a fractional amount of test time
| */ | ||
| test("SecurityManagerStartsWithSecureShuffle") { | ||
| val conf = new SparkConf() | ||
| .set("spark.testing", "true") |
There was a problem hiding this comment.
fixed, along with IDE settings
|
Test build #69864 has finished for PR 13579 at commit
|
|
stylecheck; unexpected, as I thought I'd run them in the Comment is /**
* Verify that the security manager needed for the history server can be instantiated
* when `spark.authenticate` is `true`, rather than raise an `IllegalArgumentException`.
**/...the trailing **/ is the problem. Fixed |
|
While tests are running, can you update the description? It mentions env vars, which is misleading since they don't have anything to do with this. |
|
done |
| * Verify that the security manager needed for the history server can be instantiated | ||
| * when `spark.authenticate` is `true`, rather than raise an `IllegalArgumentException`. | ||
| */ | ||
| test("SecurityManagerStartsWithSecureShuffle") { |
There was a problem hiding this comment.
nit: can you write a test description like the others in the class, instead of this camel-cased string?
Also spark.authenticate is not (just) for secure shuffle, so the string itself is not really accurate. Just mention spark.authenticate.
|
Test build #69868 has finished for PR 13579 at commit
|
|
Test failure is pretty unlikely to be related. Looks more like a timing or timeout problem. |
|
Test build #70023 has finished for PR 13579 at commit
|
|
retest this please |
|
LGTM, will merge once tests finish. (The interesting test is passing anyway.) |
|
Test build #70029 has finished for PR 13579 at commit
|
|
Merging to master. |
|
thanks! |
…te = true
## What changes were proposed in this pull request?
During history server startup, the spark configuration is examined. If security.authentication is
set, log at debug and set the value to false, so that {{SecurityManager}} can be created.
## How was this patch tested?
A new test in `HistoryServerSuite` sets the `spark.authenticate` property to true, tries to create a security manager via a new package-private method `HistoryServer.createSecurityManager(SparkConf)`. This is the method used in `HistoryServer.main`. All other instantiations of a security manager in `HistoryServerSuite` have been switched to the new method, for consistency with the production code.
Author: Steve Loughran <stevel@apache.org>
Closes apache#13579 from steveloughran/history/SPARK-15844-security.
…te = true
## What changes were proposed in this pull request?
During history server startup, the spark configuration is examined. If security.authentication is
set, log at debug and set the value to false, so that {{SecurityManager}} can be created.
## How was this patch tested?
A new test in `HistoryServerSuite` sets the `spark.authenticate` property to true, tries to create a security manager via a new package-private method `HistoryServer.createSecurityManager(SparkConf)`. This is the method used in `HistoryServer.main`. All other instantiations of a security manager in `HistoryServerSuite` have been switched to the new method, for consistency with the production code.
Author: Steve Loughran <stevel@apache.org>
Closes apache#13579 from steveloughran/history/SPARK-15844-security.
3 participants
What changes were proposed in this pull request?
During history server startup, the spark configuration is examined. If security.authentication is
set, log at debug and set the value to false, so that {{SecurityManager}} can be created.
How was this patch tested?
A new test in
HistoryServerSuitesets thespark.authenticateproperty to true, tries to create a security manager via a new package-private methodHistoryServer.createSecurityManager(SparkConf). This is the method used inHistoryServer.main. All other instantiations of a security manager inHistoryServerSuitehave been switched to the new method, for consistency with the production code.