Apache spark 如何在Kubernetes中通过SSL将ApacheSpark连接到Cassandra集群
我们在一个部署在裸机/VM上的应用程序中使用Spark&Cassandra。为了将Spark连接到Cassandra,我们使用以下属性来启用SSL:Apache spark 如何在Kubernetes中通过SSL将ApacheSpark连接到Cassandra集群,apache-spark,ssl,kubernetes,spark-cassandra-connector,Apache Spark,Ssl,Kubernetes,Spark Cassandra Connector,我们在一个部署在裸机/VM上的应用程序中使用Spark&Cassandra。为了将Spark连接到Cassandra,我们使用以下属性来启用SSL: spark.cassandra.connection.ssl.keyStore.password spark.cassandra.connection.ssl.keyStore.type spark.cassandra.connection.ssl.protocol spark.cassandra.connection.ssl.trustStore
spark.cassandra.connection.ssl.keyStore.password
spark.cassandra.connection.ssl.keyStore.type
spark.cassandra.connection.ssl.protocol
spark.cassandra.connection.ssl.trustStore.path
spark.cassandra.connection.ssl.trustStore.password
spark.cassandra.connection.ssl.trustStore.type
spark.cassandra.connection.ssl.clientAuth.enabled
现在我正尝试在Kubernetes中迁移相同的应用程序。我有以下问题:
是的,当您在Kubernetes上运行作业时,这些属性将继续工作。您需要考虑的唯一一点是,名称以
结尾的所有属性
都需要指向具有信任和密钥存储的实际文件。在Kubernetes上,你需要注意将它们作为秘密公开。首先,您需要创建一个秘密,如下所示:
apiVersion: v1
data:
spark.truststore: base64-encoded truststore
kind: Secret
metadata:
name: spark-truststore
type: Opaque
然后在等级库中,指向它:
spec:
containers:
- image: nginx
name: nginx
volumeMounts:
- mountPath: "/some/path"
name: spark-truststore
readOnly: true
volumes:
- name: spark-truststore
secret:
secretName: spark-truststore
并将配置选项指向给定路径,如:/some/path/spark.truststore