diff options
author | Thomas Graves <tgraves@apache.org> | 2014-08-05 12:52:52 -0500 |
---|---|---|
committer | Thomas Graves <tgraves@apache.org> | 2014-08-05 12:52:52 -0500 |
commit | 1c5555a23d3aa40423d658cfbf2c956ad415a6b1 (patch) | |
tree | b66cee1204610fca7374300b5229520613a1474b /docs/configuration.md | |
parent | 2c0f705e26ca3dfc43a1e9a0722c0e57f67c970a (diff) | |
download | spark-1c5555a23d3aa40423d658cfbf2c956ad415a6b1.tar.gz spark-1c5555a23d3aa40423d658cfbf2c956ad415a6b1.tar.bz2 spark-1c5555a23d3aa40423d658cfbf2c956ad415a6b1.zip |
SPARK-1890 and SPARK-1891- add admin and modify acls
It was easier to combine these 2 jira since they touch many of the same places. This pr adds the following:
- adds modify acls
- adds admin acls (list of admins/users that get added to both view and modify acls)
- modify Kill button on UI to take modify acls into account
- changes config name of spark.ui.acls.enable to spark.acls.enable since I choose poorly in original name. We keep backwards compatibility so people can still use spark.ui.acls.enable. The acls should apply to any web ui as well as any CLI interfaces.
- send view and modify acls information on to YARN so that YARN interfaces can use (yarn cli for killing applications for example).
Author: Thomas Graves <tgraves@apache.org>
Closes #1196 from tgravescs/SPARK-1890 and squashes the following commits:
8292eb1 [Thomas Graves] review comments
b92ec89 [Thomas Graves] remove unneeded variable from applistener
4c765f4 [Thomas Graves] Add in admin acls
72eb0ac [Thomas Graves] Add modify acls
Diffstat (limited to 'docs/configuration.md')
-rw-r--r-- | docs/configuration.md | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/docs/configuration.md b/docs/configuration.md index b3dee3f131..25adea210c 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -815,13 +815,13 @@ Apart from these, the following properties are also available, and may be useful </td> </tr> <tr> - <td><code>spark.ui.acls.enable</code></td> + <td><code>spark.acls.enable</code></td> <td>false</td> <td> - Whether Spark web ui acls should are enabled. If enabled, this checks to see if the user has - access permissions to view the web ui. See <code>spark.ui.view.acls</code> for more details. - Also note this requires the user to be known, if the user comes across as null no checks - are done. Filters can be used to authenticate and set the user. + Whether Spark acls should are enabled. If enabled, this checks to see if the user has + access permissions to view or modify the job. Note this requires the user to be known, + so if the user comes across as null no checks are done. Filters can be used with the UI + to authenticate and set the user. </td> </tr> <tr> @@ -832,6 +832,23 @@ Apart from these, the following properties are also available, and may be useful user that started the Spark job has view access. </td> </tr> +<tr> + <td><code>spark.modify.acls</code></td> + <td>Empty</td> + <td> + Comma separated list of users that have modify access to the Spark job. By default only the + user that started the Spark job has access to modify it (kill it for example). + </td> +</tr> +<tr> + <td><code>spark.admin.acls</code></td> + <td>Empty</td> + <td> + Comma separated list of users/administrators that have view and modify access to all Spark jobs. + This can be used if you run on a shared cluster and have a set of administrators or devs who + help debug when things work. + </td> +</tr> </table> #### Spark Streaming |