Spark History Server SSL
Describes how to enable SSL for Spark History Server.
NOTE For secure clusters, Spark History Server UI authentication is enabled by default. If
passwords are present in both
/opt/mapr/conf/ssl-client.xml
and
/opt/mapr/spark/spark-<spark_version>/conf/spark-defaults.conf
files,
the password from the spark-defaults.conf
file is usedStarting in EEP 4.0, for secure clusters, you can skip this step. For new installs done through the 6.0 MapR Installer, the installer enables this configuration. For manual installs and upgrades, running configure.sh -R enables these settings.
To configure SSL manually in a non-secure cluster or in versions earlier than EEP 4.0, add the following properties to the
spark-default.conf
file:
#HistoryServer https configure
spark.yarn.historyServer.address <Spark History Server node hostname>:18480
spark.ssl.protocol tls
spark.ssl.historyServer.enabled true
spark.ssl.trustStore $MAPR_HOME/conf/ssl_truststore
spark.ssl.keyStore $MAPR_HOME/conf/ssl_keystore
spark.ssl.trustStorePassword <ssl-keystore-password>
spark.ssl.keyStorePassword <ssl-keystore-password>
NOTE If a cluster is secure and you use unsecured ports with HTTP, you will be automatically
redirected to HTTPS with secure ports. For example, if on the secure cluster you go to
http://node1:18080
, you will be redirected to
https://node1:18480
.