[jira] [Commented] (APEXCORE-711) Support custom SSL keystore for the Stram REST API web service

Thu, 27 Apr 2017 14:58:16 -0700 

    [ 
https://issues.apache.org/jira/browse/APEXCORE-711?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15987779#comment-15987779
 ] 

ASF GitHub Bot commented on APEXCORE-711:
-----------------------------------------

GitHub user sanjaypujare opened a pull request:

    https://github.com/apache/apex-core/pull/520

    APEXCORE-711 create a new attribute CUSTOM_SSL_SERVER_CONFIG and use its 
value to set custom ssl server config

    @PramodSSImmaneni  pls review and merge as appropriate

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/sanjaypujare/apex-core 
APEXCORE-711.sanjay.master

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/apex-core/pull/520.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #520
    
----
commit 660005fc77ebd6f7b6e0c23d6e82f9a08a9527d4
Author: Sanjay Pujare <[email protected]>
Date:   2017-04-27T21:56:17Z

    APEXCORE-711 create a new attribute CUSTOM_SSL_SERVER_CONFIG and use its 
value to set custom ssl server config

----


> Support custom SSL keystore for the Stram REST API web service
> --------------------------------------------------------------
>
>                 Key: APEXCORE-711
>                 URL: https://issues.apache.org/jira/browse/APEXCORE-711
>             Project: Apache Apex Core
>          Issue Type: Improvement
>            Reporter: Sanjay M Pujare
>            Assignee: Sanjay M Pujare
>   Original Estimate: 72h
>  Remaining Estimate: 72h
>
> Currently StrAM supports only the default Hadoop SSL configuration for the 
> web-service because it uses org.apache.hadoop.yarn.webapp.WebApps helper 
> class which has the limitation of only using the default Hadoop SSL config 
> that is read from Hadoop's ssl-server.xml resource file. Some users have run 
> into a situation where Hadoops' SSL keystore is not available on most cluster 
> nodes or the Stram process doesn't have read access to the keystore even when 
> present. So there is a need for the Stram to use a custom SSL keystore and 
> configuration that does not suffer from these limitations.
> There is already a PR https://github.com/apache/hadoop/pull/213 to Hadoop to 
> support this in Hadoop and it is in the process of getting merged soon.
> After that Stram needs to be enhanced (this JIRA) to accept the location of a 
> custom ssl-server.xml file (supplied by the client via a DAG attribute) and 
> use the values from that file to set up the config object to be passed to 
> WebApps which will end up using the custom SSL configuration. This approach 
> has already been verified in a prototype.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to