问题描述
从spark连接到第三方系统的常用方法是在传递给spark脚本的属性文件中提供系统的凭据.但是,这引起了一些有关安全性的问题.
A common approach for connecting to third party systems from spark is to provide the credentials for the systems in a properties file that is passed to the spark script. However, this raises some questions about security.
在bluemix上运行的spark作业是否可以访问其他用户的spark作业中的文件?我猜这不可能是一个设计目标,但最好对此进行验证.
Is it possible for a spark job running on bluemix to access files from other users spark jobs? I'm guessing that it was a design goal that this must not be possible, but it would be good to verify this.
我问了一个类似的,但是另一个问题集中在将凭据作为脚本参数传递给spark脚本的安全性.
I asked a similar question to this one, but the other question focuses on the security of passing credentials to the spark script as arguments to the script.
此问题提出与此问题类似的问题,但要求提供最佳安全实践.
This question asks a similar question to this one, but is asking for security best practice.
推荐答案
对于Bluemix Apache Spark服务,每个供应的Spark服务实例都是一个租户.每个租户都与所有其他租户隔离.给定租户的Spark作业无法访问任何其他租户的文件或内存.
For the Bluemix Apache Spark service, each provisioned spark service instance is a tenant. Each tenant is isolated from all other tenants. Spark jobs of a given tenant cannot access files or memory of any other tenant.
这篇关于bluemix上的spark作业是否可以访问其他用户的spark作业文件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!