[SPARK-30087][CORE] Enhanced implementation of JmxSink on RMI remote calls #26727
Conversation
|
hi @jerryshao Have time to review this PR? |
|
hi, @dongjoon-hyun Thank you very much. Hive any time to review this PR? |
|
One concern is that this will expose a security hole of Java RMI, I'm not sure if it is OK, but somehow it will lead to CVE issue. |
hi @jerryshao Can I add a parameter for the user to decide whether to enable JAVA RMI?... |
|
Can you please investigate how other systems like Kafka, Hadoop handle this problem? Adding parameter could be a way, but my thinking is that if we want to enable RMI, it would be better to provide a security way also. |
Well, okay, let me look at the implementation of hadoop first. Flink is similarly implemented using open rmi ports. hadoop is implemented through |
|
hi @jerryshao What do you think about this PR? Add a parameter to control or implement the serverlet or the current RMI? |
|
Can one of the admins verify this patch? |
|
We're closing this PR because it hasn't been updated in a while. This isn't a judgement on the merit of the PR in any way. It's just a way of keeping the PR queue manageable. |
What changes were proposed in this pull request?
Enhanced implementation of JmxSink on RMI remote calls.
E.g:
service: jmx:rmi://127.0.0.1:1986/jndi/rmi://127.0.0.1:1986/jmxrmi to connect
Why are the changes needed?
JMX supports RMI remote which can be more suitable for production use.
Does this PR introduce any user-facing change?
Added JMX RMI remote port connection method.
How was this patch tested?
JmxSinkSuite.scala