diff options
| author | jerryshao <sshao@hortonworks.com> | 2017-01-06 10:07:54 -0600 |
|---|---|---|
| committer | Tom Graves <tgraves@yahoo-inc.com> | 2017-01-06 10:07:54 -0600 |
| commit | 4a4c3dc9ca10e52f7981b225ec44e97247986905 (patch) | |
| tree | 6036fab912a00dd10bd9f9c9aa121617163bbe0c /docs | |
| parent | 903bb8e8a2b84b9ea82acbb8ae9d58754862be3a (diff) | |
| download | spark-4a4c3dc9ca10e52f7981b225ec44e97247986905.tar.gz spark-4a4c3dc9ca10e52f7981b225ec44e97247986905.tar.bz2 spark-4a4c3dc9ca10e52f7981b225ec44e97247986905.zip | |
[SPARK-19033][CORE] Add admin acls for history server
## What changes were proposed in this pull request?
Current HistoryServer's ACLs is derived from application event-log, which means the newly changed ACLs cannot be applied to the old data, this will become a problem where newly added admin cannot access the old application history UI, only the new application can be affected.
So here propose to add admin ACLs for history server, any configured user/group could have the view access to all the applications, while the view ACLs derived from application run-time still take effect.
## How was this patch tested?
Unit test added.
Author: jerryshao <sshao@hortonworks.com>
Closes #16470 from jerryshao/SPARK-19033.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/monitoring.md | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/docs/monitoring.md b/docs/monitoring.md index 37e50a57f7..e918174e2b 100644 --- a/docs/monitoring.md +++ b/docs/monitoring.md @@ -170,6 +170,28 @@ The history server can be configured as follows: </td> </tr> <tr> + <td>spark.history.ui.admin.acls</td> + <td>empty</td> + <td> + Comma separated list of users/administrators that have view access to all the Spark applications in + history server. By default only the users permitted to view the application at run-time could + access the related application history, with this, configured users/administrators could also + have the permission to access it. + Putting a "*" in the list means any user can have the privilege of admin. + </td> + </tr> + <tr> + <td>spark.history.ui.admin.acls.groups</td> + <td>empty</td> + <td> + Comma separated list of groups that have view access to all the Spark applications in + history server. By default only the groups permitted to view the application at run-time could + access the related application history, with this, configured groups could also + have the permission to access it. + Putting a "*" in the list means any group can have the privilege of admin. + </td> + </tr> + <tr> <td>spark.history.fs.cleaner.enabled</td> <td>false</td> <td> |