-
Notifications
You must be signed in to change notification settings - Fork 28.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SPARK-16987] [None] Add spark-default.conf property to define https port for spark history server #15652
[SPARK-16987] [None] Add spark-default.conf property to define https port for spark history server #15652
Changes from all commits
955a82c
8ac0369
47108b4
3964609
1e2c985
935415c
62aeb6c
bd945aa
9d69f02
30a2927
83df9bc
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -284,7 +284,7 @@ private[spark] object JettyUtils extends Logging { | |
} | ||
|
||
// Bind to the given port, or throw a java.net.BindException if the port is occupied | ||
def connect(currentPort: Int): (Server, Int) = { | ||
def connect(currentPort: Int, securePort: Int = sslOptions.port): (Server, Int) = { | ||
val pool = new QueuedThreadPool | ||
if (serverName.nonEmpty) { | ||
pool.setName(serverName) | ||
|
@@ -307,15 +307,26 @@ private[spark] object JettyUtils extends Logging { | |
connectors += httpConnector | ||
|
||
sslOptions.createJettySslContextFactory().foreach { factory => | ||
// If the new port wraps around, do not try a privileged port. | ||
|
||
require(sslOptions.port == 0 || (1024 <= sslOptions.port && sslOptions.port < 65536), | ||
"securePort should be between 1024 and 65535 (inclusive)," + | ||
" or 0 for determined automatically.") | ||
|
||
val securePort = | ||
if (currentPort != 0) { | ||
(currentPort + 400 - 1024) % (65536 - 1024) + 1024 | ||
if (sslOptions.port == 0) { | ||
// If the new port wraps around, do not try a privileged port | ||
(currentPort + 400 - 1024) % (65536 - 1024) + 1024 | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Can you add a comment in the code explaining the math done here ? It will help readability of the code. |
||
} else { | ||
// use sslOptions.port value as securePort | ||
sslOptions.port | ||
} | ||
} else { | ||
0 | ||
} | ||
val scheme = "https" | ||
// Create a connector on port securePort to listen for HTTPS requests | ||
// Create a connector on port securePort to listen for HTTPS requests. | ||
|
||
val connector = new ServerConnector(server, factory) | ||
connector.setPort(securePort) | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2142,9 +2142,10 @@ private[spark] object Utils extends Logging { | |
*/ | ||
def startServiceOnPort[T]( | ||
startPort: Int, | ||
startService: Int => (T, Int), | ||
startService: (Int, Int) => (T, Int), | ||
conf: SparkConf, | ||
serviceName: String = ""): (T, Int) = { | ||
serviceName: String = "", | ||
securePort: Int = 0): (T, Int) = { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't like what you did here. As you yourself explained, not all consumers of this API have the concept of separate secure and non-secure ports. And as I explained in my previous comments, it's possible to fix the problem you introduced without changing this API. |
||
|
||
require(startPort == 0 || (1024 <= startPort && startPort < 65536), | ||
"startPort should be between 1024 and 65535 (inclusive), or 0 for a random free port.") | ||
|
@@ -2160,14 +2161,15 @@ private[spark] object Utils extends Logging { | |
((startPort + offset - 1024) % (65536 - 1024)) + 1024 | ||
} | ||
try { | ||
val (service, port) = startService(tryPort) | ||
val (service, port) = startService(tryPort, securePort + offset) | ||
logInfo(s"Successfully started service$serviceString on port $port.") | ||
return (service, port) | ||
} catch { | ||
case e: Exception if isBindCollision(e) => | ||
if (offset >= maxRetries) { | ||
val exceptionMessage = s"${e.getMessage}: Service$serviceString failed after " + | ||
s"$maxRetries retries (starting from $startPort)! Consider explicitly setting " + | ||
s"$maxRetries retries (starting from $startPort and $securePort)! " + | ||
s"Consider explicitly setting " + | ||
s"the appropriate port for the service$serviceString (for example spark.ui.port " + | ||
s"for SparkUI) to an available port or increasing spark.port.maxRetries." | ||
val exception = new BindException(exceptionMessage) | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's a problem with this logic. It ignores retries. Imagine that you're setting the base HTTP and SSL ports for the Spark UI (not for the history server), and you want multiple drivers on the same host. So you set (names may not be totally correct):
The first driver comes up and binds to 1234 and 5678. Then the second driver comes up and those two ports are used;
startServiceOnPort
will take care of retrying the HTTP port untilmaxRetries
, but this code does not do the same for the SSL port: it will always try5678
. So the second driver will never run because it will fail to bind to the SSL port.You should instead be using the
port
value passed tostartServiceOnPort
as the base to calculate the offset for the defined SSL port. That's not optimal, but it's probably the best you can do here.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for comment. Yes, as you say,this logic will occur some conflicts.
But as I refered at the top of PR comment,
startServiceOnPort
is called from many unrelated methods.So I conscious that this PR affects many unrelated components.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is not unrelated. As I described, you code will break things in the normal web UI if you set that option.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know that some methods which call
startServiceOnPort
is related, and for example,NettyBlockTransferService.init
orRestSubmissionServer.this
is unrelated, I think.But I'm trying to fix according to your comment. I'm in progress so please wait...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NettyBlockTransferService
is unrelated, but as I mentioned, the Spark UI also supports SSL and would break with your previous version of the code.