[
https://issues.apache.org/jira/browse/HADOOP-19750?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
László Bodor updated HADOOP-19750:
----------------------------------
Description:
The proposal is to create a Kubernetes-based delegation token secret manager.
The motivation is to enable running Hadoop workloads on Kubernetes clusters
(without YARN) without requiring ZooKeeper for storing tokens, master keys, and
related metadata.
Key points of the migration:
Master Key → Kubernetes Secret
The master key would be stored as a Kubernetes Secret instead of in ZooKeeper.
Delegation Token → Kubernetes Custom Resource (CRD)
Delegation tokens would be represented as Kubernetes custom resources.
Through the Kubernetes API server, these tokens would be stored in the
cluster’s backing store (etcd), replacing ZooKeeper as the persistence layer.
Users of this delegation token manager should accept the possible performance
characteristics of using K8s control plane vs. Zookeeper storage.
was:
The proposal is to create a Kubernetes-based delegation token secret manager.
The motivation is to enable running Hadoop workloads on Kubernetes clusters
(without YARN) without requiring ZooKeeper for storing tokens, master keys, and
related metadata.
Key points of the migration:
Master Key → Kubernetes Secret
The master key would be stored as a Kubernetes Secret instead of in ZooKeeper.
Delegation Token → Kubernetes Custom Resource (CRD)
Delegation tokens would be represented as Kubernetes custom resources.
Through the Kubernetes API server, these tokens would be stored in the
cluster’s backing store (etcd), replacing ZooKeeper as the persistence layer.
> Delegation token secret manager for Kubernetes
> ----------------------------------------------
>
> Key: HADOOP-19750
> URL: https://issues.apache.org/jira/browse/HADOOP-19750
> Project: Hadoop Common
> Issue Type: New Feature
> Reporter: László Bodor
> Priority: Major
>
> The proposal is to create a Kubernetes-based delegation token secret manager.
> The motivation is to enable running Hadoop workloads on Kubernetes clusters
> (without YARN) without requiring ZooKeeper for storing tokens, master keys,
> and related metadata.
> Key points of the migration:
> Master Key → Kubernetes Secret
> The master key would be stored as a Kubernetes Secret instead of in ZooKeeper.
> Delegation Token → Kubernetes Custom Resource (CRD)
> Delegation tokens would be represented as Kubernetes custom resources.
> Through the Kubernetes API server, these tokens would be stored in the
> cluster’s backing store (etcd), replacing ZooKeeper as the persistence layer.
> Users of this delegation token manager should accept the possible performance
> characteristics of using K8s control plane vs. Zookeeper storage.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
