SlideShare a Scribd company logo

Secured (Kerberos-based) Spark Notebook for Data Science: Spark Summit East talk by Joy Chakraborty

Spark Summit
Spark Summit

The document discusses securing Spark notebooks for data science by integrating Kerberos authentication. It begins with an overview of Spark notebooks and the current authentication approach. It then covers the requirements for Kerberos integration, how Kerberos works in HDFS and Yarn clusters, and a proposed design to integrate Kerberos into JupyterHub, SparkMagic and Livy to authenticate users and allow secured access to HDFS and Spark from notebooks. Key aspects of the design include custom JupyterHub authenticators and spawners, obtaining service tickets from the KDC, and propagating user identities through the system.

Data & Analytics
1 of 49
Download to read offline
© 2017 Bloomberg Finance L.P. All rights reserved. February 8, 2017 Joy Chakraborty Distributed System Architect Secured (Kerberos-based) Spark Notebook for Data Science Spark Summit East 2017
© 2017 Bloomberg Finance L.P. All rights reserved. Speaker Bio I am a Distributed System Architect with 17+ years of application software development experience and 10+ years of experience in designing, architecting and developing Distributed systems. I have a special interest in distributed and parallel computing, and currently work on Cloud and Big Data technologies. I also actively participate in various Software architectural organizations. I have been working in Bloomberg’s Data Platform team as a Data Engineer since 2014. My responsibility is to store and process petabytes of data reliably, predictably and securely.
© 2017 Bloomberg Finance L.P. All rights reserved. 3 Agenda Why Secured Data Science Notebook?1 Design and technologies consideration2 Integration and Implementation3 Question/Answers4
© 2017 Bloomberg Finance L.P. All rights reserved. • Create Distributed Data platform to : –Ingest various data sources across the organization –Store data at most granular level in consistent format –Provide tooling across organization to perform Data-exploration, Analysis & Machine learning activities 4 Why Data Science Notebook?
© 2017 Bloomberg Finance L.P. All rights reserved. 5 Data exploration, Analysis and Machine Learning Other Sources Databases Files Data Data Data Data Cluster
© 2017 Bloomberg Finance L.P. All rights reserved. 6 Data exploration, Analysis and Machine Learning Other Source s Databases Files Data Data Data Data Cluster
© 2017 Bloomberg Finance L.P. All rights reserved. 7 What are organization requirements for tooling?
© 2017 Bloomberg Finance L.P. All rights reserved. • Spark Notebook for  Web-based  Scala/Python libraries  Templates  Security and login integration  Data discovery  Enhanced SQL support 8 Jupyter Notebook for Spark
© 2017 Bloomberg Finance L.P. All rights reserved. • JupyterHub (Notebook web-application for multi-users environment) • SparkMagic (Spark kernel for Jupyter Notebook supporting Python & Scala) • Livy (HTTP REST web-service for to submit Spark jobs, managing sessions, etc.) • HDFS/Yarn (HDFS and Yarn running Spark jobs) 9 Spark Notebooks – Tech Stack
© 2017 Bloomberg Finance L.P. All rights reserved. 10 JupyterHub – Current State
© 2017 Bloomberg Finance L.P. All rights reserved. 11 JupyterHub Web Service Yarn Cluster Livy JupyterHub – Current State SparkMagic Spark-Scala Spark-Python Spark Job 1. JupyterHub login using OAuth 2. Sends HTTP Request 3. Creates/maintains Spark session and submits the Spark job to the yarn cluster xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy Running multiple Notebooks 4. Spark job output 5. HTTP Response
© 2017 Bloomberg Finance L.P. All rights reserved. 12 Requirement – Kerberos Integration • Kerberos is a Network Authentication Protocol that works on the basis of 'tickets' to allow nodes communicating over a network to prove their identity to one another in a secure manner. Kerberos uses account databases such as domain’s Active Directory.
© 2017 Bloomberg Finance L.P. All rights reserved. 13 Current State (with Kerberos) • HDFS supports Kerberos • Livy Supports Kerberos (configurable in Livy) • Can impersonate a user using HDFS “proxyuser” setting and submit Spark job on behalf of a user • A superuser with username ‘super’ wants to submit job and access hdfs on behalf of a user1. The superuser has kerberos credentials but user user1 doesn’t have any. The tasks are required to run as user user1. It is required that user1 can connect to the namenode or job tracker on a connection authenticated with super’s kerberos credentials. • JupyterHub and SparkMagic: No support for Kerberos <property> <name>hadoop.proxyuser. livyusr.hosts</name> <value>*</value> </property> <property> <name>hadoop.proxyuser.livyusr.groups</name> <value>LIVY_GRP</value> </property>
© 2017 Bloomberg Finance L.P. All rights reserved. 14 How Kerberos works in HDFS and Yarn cluster running Spark Jobs?
© 2017 Bloomberg Finance L.P. All rights reserved. 15 HDFS/Spark with Kerberos Client
© 2017 Bloomberg Finance L.P. All rights reserved. 16 HDFS/Spark with Kerberos Client 0. Service Principles/Keys
© 2017 Bloomberg Finance L.P. All rights reserved. 17 HDFS/Spark with Kerberos Client 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys
© 2017 Bloomberg Finance L.P. All rights reserved. 18 HDFS/Spark with Kerberos Client 1. Client Request Ticket 2. KDC sends TGT 0. Service Principles/Keys
© 2017 Bloomberg Finance L.P. All rights reserved. 19 HDFS/Spark with Kerberos Client 5. Sends Service Ticket and requests for Authentication 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys
© 2017 Bloomberg Finance L.P. All rights reserved. 20 HDFS/Spark with Kerberos Client Retrieves User roles/permissions 6. User Authenticated using Service Principle/key 5. Sends Service Ticket and requests for Authentication 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys
© 2017 Bloomberg Finance L.P. All rights reserved. 21 HDFS/Spark with Kerberos Client Retrieves User roles/permissions 6. User Authenticated using Service Principle/key 5. Sends Service Ticket and requests for Authentication Client/Server session established 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys
© 2017 Bloomberg Finance L.P. All rights reserved. 22 Let’s have JupyterHub as Client and bring SparkMagic and Livy
© 2017 Bloomberg Finance L.P. All rights reserved. 23 Jupyter + Spark with Kerberos Client Retrieves User roles/permissions 6. User Authenticated using Service Principle/key 5. Sends Service Ticket and requests for Authentication Client/Server session established 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys
© 2017 Bloomberg Finance L.P. All rights reserved. 24 Jupyter + Spark with Kerberos Client 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys The nature of communication between Browser client and HDFS will be different
© 2017 Bloomberg Finance L.P. All rights reserved. 25 Jupyter + Spark with Kerberos Client 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys Also the TGT process between Browser client and KDC will change.
© 2017 Bloomberg Finance L.P. All rights reserved. 26 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 0. Service Principles/Keys 1. Client requests Ticket 2. KDC sends TGT 1. KDCAuthenticator: JupyterHub Authentication extensibility point 2. KDCSpawner: JupyterHub per user session extensibility point
© 2017 Bloomberg Finance L.P. All rights reserved. 27 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 0. Service Principles/Keys 1. Client requests Ticket 2. KDC sends TGT ??? ??? ???
© 2017 Bloomberg Finance L.P. All rights reserved. 28 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 0. LIVY HTTP Service Principles/Keys 0. Service Principles/Keys ??? ??? ??? 1. Client requests Ticket 2. KDC sends TGT
© 2017 Bloomberg Finance L.P. All rights reserved. 29 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 0. Service Principles/Keys ??? ??? ???
© 2017 Bloomberg Finance L.P. All rights reserved. 30 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 0. LIVY HTTP Service Principles/Keys Retrieves User roles/permissions 2. KDC Sends TGT 1. Client requests Ticket (kinit) 4. 401/www-Authenticate: Negotiate 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ??? Spnego
© 2017 Bloomberg Finance L.P. All rights reserved. 31 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 4. 401/www-Authenticate: Negotiate 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ???
© 2017 Bloomberg Finance L.P. All rights reserved. 32 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ???
© 2017 Bloomberg Finance L.P. All rights reserved. 33 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ??? 1. Supports SPNEGO 2. Authenticates user using HTTP service principle/key 3. Retrieves user-id
© 2017 Bloomberg Finance L.P. All rights reserved. 34 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ??? Connection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 35 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Send HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 3. Jhub sends URL request (GET) ??? ??? 0. Service Principles/Keys Connection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 36 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ??? 1. Opens Notebook session 2. Encrypts user-id and puts it into env['PROXY_USER'] Connection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 37 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 0. Service Principles/Keys ??? ??? Connection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 38 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 11. Forwards the request to SparkMagic kernel 0. Service Principles/Keys ??? ??? Connection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 39 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 11. Forwards the request to SparkMagic kernel 0. Service Principles/Keys ??? ??? 1. SparkMagic reads the encrypted env['PROXY_USER'] and adds it to the Http request body as “proxyUser”. Connection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 40 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 0. Service Principles/Keys ??? Connection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 41 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 13 14 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 13. Uses Livy keytab to asks for HDFS service ticket 14. KDC sends HDFS Service Ticket 0. Service Principles/Keys ??? Connection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 42 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 13 14 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 13. Uses Livy keytab to asks for HDFS service ticket 14. KDC sends HDFS Service Ticket 0. Service Principles/Keys ??? 1. Livy decrypts the “proxyUser” and sets the “proxy-user” value for remote Spark-SubmitConnection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 43 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 13 14 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 13. Uses Livy keytab to asks for HDFS service ticket 14. KDC sends HDFS Service Ticket15 15. Livy submits remote Spark job using HTTP Spnego with Get- Authorization: Negotiate <HDFS service- ticket> 0. Service Principles/Keys Connection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 44 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and ask for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 13 14 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 13. Uses Livy keytab to asks for HDFS service ticket 14. KDC sends HDFS Service Ticket15 15. Livy submits remote Spark job using HTTP Spnego with Get- Authorization: Negotiate <HDFS service- ticket> 0. Service Principles/Keys Retrieves User roles/permissions 16. User Authenticated using Service Principle/key 16 Connection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 45 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and ask for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 13 14 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 13. Uses Livy keytab to asks for HDFS service ticket 14. KDC sends HDFS Service Ticket15 15. Livy submits remote Spark job using HTTP Spnego with Get- Authorization: Negotiate <HDFS service- ticket> 0. Service Principles/Keys Retrieves User roles/permissions 16. User Authenticated using Service Principle/key 16 Connection/session established Connection/session established
© 2017 Bloomberg Finance L.P. All rights reserved. 46 Jhub-Kerberos Development Summary • JupyterHub • KDC Authenticator (configurable using JupyerHub configuration) • Supports Kerberos-Spnego authentication using HTTP Service Principle and keys • KDC Spawner (configurable using JupyerHub configuration) • Encrypts the current user-name and stores it in the “PROXY_USER” environment variable (before spawning a new user child process) which SparkMagic reads/uses later. • Kinit to get the Livy Service ticket for Spnego Authentication with Livy server. • SparkMagic • Adds current user-name (reading from “PROXY_USER” environment variable) as “proxyUser” in the Livy HTTP Request body. This behavior can enabled or disabled (default) by SparkMagic configuration • Livy changes (configurable using Livy configuration) • Supports to decrypt the “proxyUser” from the request body & adds to the remote Spark job request for HDFS impersonation
© 2017 Bloomberg Finance L.P. All rights reserved. 47 Jhub-Kerberos Development Setup • Learnings • KDC Domain controller running the AS and TGS • Multiple nodes running JupyterHub, Livy and Yarn (Spark) at different DNS farm and networking between these farms • Creating/modifying key-tabs and principles on demand basis in a corporate environment for dev • Corporate IT dependency • How Docker helps • Easy to bootstrap the JupyterHub, Livy, Yarn and KDC using Docker script • Seamless networking (easy to configure) between Docker instances • Creating Service principles and key-tabs on demand (without involving corporate IT) • Custom DNS farm setup for POC and development activities
© 2017 Bloomberg Finance L.P. All rights reserved. Q&A
© 2017 Bloomberg Finance L.P. All rights reserved. THANK YOU Joy Chakraborty Bloomberg L.P. jchakrabort5@bloomberg.net

Recommended

PostgreSQL10徹底解説
PostgreSQL10徹底解説PostgreSQL10徹底解説
PostgreSQL10徹底解説Masahiko Sawada
 
Ceph アーキテクチャ概説
Ceph アーキテクチャ概説Ceph アーキテクチャ概説
Ceph アーキテクチャ概説Emma Haruka Iwao
 
Kubernetes雑にまとめてみた 2020年8月版
Kubernetes雑にまとめてみた 2020年8月版Kubernetes雑にまとめてみた 2020年8月版
Kubernetes雑にまとめてみた 2020年8月版VirtualTech Japan Inc.
 
Envoy and Kafka
Envoy and KafkaEnvoy and Kafka
Envoy and KafkaAdam Kotwasinski
 
Apache Pulsar Development 101 with Python
Apache Pulsar Development 101 with PythonApache Pulsar Development 101 with Python
Apache Pulsar Development 101 with PythonTimothy Spann
 
急速に進化を続けるCNIプラグイン Antrea
急速に進化を続けるCNIプラグイン Antrea 急速に進化を続けるCNIプラグイン Antrea
急速に進化を続けるCNIプラグイン Antrea Motonori Shindo
 
Building a Streaming Microservice Architecture: with Apache Spark Structured ...
Building a Streaming Microservice Architecture: with Apache Spark Structured ...Building a Streaming Microservice Architecture: with Apache Spark Structured ...
Building a Streaming Microservice Architecture: with Apache Spark Structured ...Databricks
 
Deploying Flink on Kubernetes - David Anderson
Deploying Flink on Kubernetes - David Anderson Deploying Flink on Kubernetes - David Anderson
Deploying Flink on Kubernetes - David AndersonVerverica
 

Recommended

PostgreSQL10徹底解説
PostgreSQL10徹底解説PostgreSQL10徹底解説
PostgreSQL10徹底解説Masahiko Sawada
 
Ceph アーキテクチャ概説
Ceph アーキテクチャ概説Ceph アーキテクチャ概説
Ceph アーキテクチャ概説Emma Haruka Iwao
 
Kubernetes雑にまとめてみた 2020年8月版
Kubernetes雑にまとめてみた 2020年8月版Kubernetes雑にまとめてみた 2020年8月版
Kubernetes雑にまとめてみた 2020年8月版VirtualTech Japan Inc.
 
Envoy and Kafka
Envoy and KafkaEnvoy and Kafka
Envoy and KafkaAdam Kotwasinski
 
Apache Pulsar Development 101 with Python
Apache Pulsar Development 101 with PythonApache Pulsar Development 101 with Python
Apache Pulsar Development 101 with PythonTimothy Spann
 
急速に進化を続けるCNIプラグイン Antrea
急速に進化を続けるCNIプラグイン Antrea 急速に進化を続けるCNIプラグイン Antrea
急速に進化を続けるCNIプラグイン Antrea Motonori Shindo
 
Building a Streaming Microservice Architecture: with Apache Spark Structured ...
Building a Streaming Microservice Architecture: with Apache Spark Structured ...Building a Streaming Microservice Architecture: with Apache Spark Structured ...
Building a Streaming Microservice Architecture: with Apache Spark Structured ...Databricks
 
Deploying Flink on Kubernetes - David Anderson
Deploying Flink on Kubernetes - David Anderson Deploying Flink on Kubernetes - David Anderson
Deploying Flink on Kubernetes - David AndersonVerverica
 
Kuberneteの運用を支えるGitOps
Kuberneteの運用を支えるGitOpsKuberneteの運用を支えるGitOps
Kuberneteの運用を支えるGitOpsshunki fujiwara
 
単なるキャッシュじゃないよ!?infinispanの紹介
単なるキャッシュじゃないよ!?infinispanの紹介単なるキャッシュじゃないよ!?infinispanの紹介
単なるキャッシュじゃないよ!?infinispanの紹介AdvancedTechNight
 
iostat await svctm の 見かた、考え方
iostat await svctm の 見かた、考え方iostat await svctm の 見かた、考え方
iostat await svctm の 見かた、考え方歩 柴田
 
Supporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability ImprovementsSupporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability ImprovementsDataWorks Summit
 
Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)
Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)
Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)NTT DATA Technology & Innovation
 
"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発
"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発
"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発Yahoo!デベロッパーネットワーク
 
Hadoop and Kerberos
Hadoop and KerberosHadoop and Kerberos
Hadoop and KerberosYuta Imai
 
Technical tips for secure Apache Hadoop cluster #ApacheConAsia #ApacheCon
Technical tips for secure Apache Hadoop cluster #ApacheConAsia #ApacheConTechnical tips for secure Apache Hadoop cluster #ApacheConAsia #ApacheCon
Technical tips for secure Apache Hadoop cluster #ApacheConAsia #ApacheConYahoo!デベロッパーネットワーク
 
【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介
【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介
【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介Juniper Networks (日本)
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingCJ Cullen
 
今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...
今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...
今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...NTT DATA Technology & Innovation
 
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요Jo Hoon
 
Apache Flink in the Cloud-Native Era
Apache Flink in the Cloud-Native EraApache Flink in the Cloud-Native Era
Apache Flink in the Cloud-Native EraFlink Forward
 
ヤフー発のメッセージキュー「Pulsar」のご紹介
ヤフー発のメッセージキュー「Pulsar」のご紹介ヤフー発のメッセージキュー「Pulsar」のご紹介
ヤフー発のメッセージキュー「Pulsar」のご紹介Yahoo!デベロッパーネットワーク
 
HDFS on Kubernetes—Lessons Learned with Kimoon Kim
HDFS on Kubernetes—Lessons Learned with Kimoon KimHDFS on Kubernetes—Lessons Learned with Kimoon Kim
HDFS on Kubernetes—Lessons Learned with Kimoon KimDatabricks
 
openstack+cephインテグレーション
openstack+cephインテグレーションopenstack+cephインテグレーション
openstack+cephインテグレーションOSSラボ株式会社
 
Docker道場「Dockerの基本概念」0825インフラ勉強会資料
Docker道場「Dockerの基本概念」0825インフラ勉強会資料Docker道場「Dockerの基本概念」0825インフラ勉強会資料
Docker道場「Dockerの基本概念」0825インフラ勉強会資料Masahito Zembutsu
 
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...ContainerDay Security 2023
 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Kentaro Ebisawa
 
OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)
OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)
OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)NTT DATA Technology & Innovation
 
Presto in my_use_case
Presto in my_use_casePresto in my_use_case
Presto in my_use_casewyukawa
 
PYNQ 祭り: Pmod のプログラミング
PYNQ 祭り: Pmod のプログラミングPYNQ 祭り: Pmod のプログラミング
PYNQ 祭り: Pmod のプログラミングryos36
 

More Related Content

What's hot

Kuberneteの運用を支えるGitOps
Kuberneteの運用を支えるGitOpsKuberneteの運用を支えるGitOps
Kuberneteの運用を支えるGitOpsshunki fujiwara
 
単なるキャッシュじゃないよ!?infinispanの紹介
単なるキャッシュじゃないよ!?infinispanの紹介単なるキャッシュじゃないよ!?infinispanの紹介
単なるキャッシュじゃないよ!?infinispanの紹介AdvancedTechNight
 
iostat await svctm の 見かた、考え方
iostat await svctm の 見かた、考え方iostat await svctm の 見かた、考え方
iostat await svctm の 見かた、考え方歩 柴田
 
Supporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability ImprovementsSupporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability ImprovementsDataWorks Summit
 
Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)
Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)
Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)NTT DATA Technology & Innovation
 
"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発
"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発
"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発Yahoo!デベロッパーネットワーク
 
Hadoop and Kerberos
Hadoop and KerberosHadoop and Kerberos
Hadoop and KerberosYuta Imai
 
【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介
【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介
【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介Juniper Networks (日本)
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingCJ Cullen
 
今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...
今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...
今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...NTT DATA Technology & Innovation
 
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요Jo Hoon
 
Apache Flink in the Cloud-Native Era
Apache Flink in the Cloud-Native EraApache Flink in the Cloud-Native Era
Apache Flink in the Cloud-Native EraFlink Forward
 
HDFS on Kubernetes—Lessons Learned with Kimoon Kim
HDFS on Kubernetes—Lessons Learned with Kimoon KimHDFS on Kubernetes—Lessons Learned with Kimoon Kim
HDFS on Kubernetes—Lessons Learned with Kimoon KimDatabricks
 
openstack+cephインテグレーション
openstack+cephインテグレーションopenstack+cephインテグレーション
openstack+cephインテグレーションOSSラボ株式会社
 
Docker道場「Dockerの基本概念」0825インフラ勉強会資料
Docker道場「Dockerの基本概念」0825インフラ勉強会資料Docker道場「Dockerの基本概念」0825インフラ勉強会資料
Docker道場「Dockerの基本概念」0825インフラ勉強会資料Masahito Zembutsu
 
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...ContainerDay Security 2023
 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Kentaro Ebisawa
 
OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)
OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)
OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)NTT DATA Technology & Innovation
 

What's hot (20)

Kuberneteの運用を支えるGitOps
Kuberneteの運用を支えるGitOpsKuberneteの運用を支えるGitOps
Kuberneteの運用を支えるGitOps
 
単なるキャッシュじゃないよ!?infinispanの紹介
単なるキャッシュじゃないよ!?infinispanの紹介単なるキャッシュじゃないよ!?infinispanの紹介
単なるキャッシュじゃないよ!?infinispanの紹介
 
iostat await svctm の 見かた、考え方
iostat await svctm の 見かた、考え方iostat await svctm の 見かた、考え方
iostat await svctm の 見かた、考え方
 
Supporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability ImprovementsSupporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability Improvements
 
Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)
Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)
Prometheus Operator 入門(Kubernetes Novice Tokyo #26 発表資料)
 
"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発
"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発
"Yahoo! JAPAN の Kubernetes-as-a-Service" で加速するアプリケーション開発
 
Hadoop and Kerberos
Hadoop and KerberosHadoop and Kerberos
Hadoop and Kerberos
 
Technical tips for secure Apache Hadoop cluster #ApacheConAsia #ApacheCon
Technical tips for secure Apache Hadoop cluster #ApacheConAsia #ApacheConTechnical tips for secure Apache Hadoop cluster #ApacheConAsia #ApacheCon
Technical tips for secure Apache Hadoop cluster #ApacheConAsia #ApacheCon
 
【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介
【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介
【Interop Tokyo 2022】ここが見どころ!ジュニパーのShowNetにおける取組みご紹介
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
 
今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...
今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...
今、改めて考えるPostgreSQLプラットフォーム - マルチクラウドとポータビリティ -(PostgreSQL Conference Japan 20...
 
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
 
Apache Flink in the Cloud-Native Era
Apache Flink in the Cloud-Native EraApache Flink in the Cloud-Native Era
Apache Flink in the Cloud-Native Era
 
ヤフー発のメッセージキュー「Pulsar」のご紹介
ヤフー発のメッセージキュー「Pulsar」のご紹介ヤフー発のメッセージキュー「Pulsar」のご紹介
ヤフー発のメッセージキュー「Pulsar」のご紹介
 
HDFS on Kubernetes—Lessons Learned with Kimoon Kim
HDFS on Kubernetes—Lessons Learned with Kimoon KimHDFS on Kubernetes—Lessons Learned with Kimoon Kim
HDFS on Kubernetes—Lessons Learned with Kimoon Kim
 
openstack+cephインテグレーション
openstack+cephインテグレーションopenstack+cephインテグレーション
openstack+cephインテグレーション
 
Docker道場「Dockerの基本概念」0825インフラ勉強会資料
Docker道場「Dockerの基本概念」0825インフラ勉強会資料Docker道場「Dockerの基本概念」0825インフラ勉強会資料
Docker道場「Dockerの基本概念」0825インフラ勉強会資料
 
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
 
OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)
OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)
OpenLineage による Airflow のデータ来歴の収集と可視化(Airflow Meetup Tokyo #3 発表資料)
 

Viewers also liked

Presto in my_use_case
Presto in my_use_casePresto in my_use_case
Presto in my_use_casewyukawa
 
PYNQ 祭り: Pmod のプログラミング
PYNQ 祭り: Pmod のプログラミングPYNQ 祭り: Pmod のプログラミング
PYNQ 祭り: Pmod のプログラミングryos36
 
PYNQ祭りLT todotani
PYNQ祭りLT todotaniPYNQ祭りLT todotani
PYNQ祭りLT todotaniKenshi Kamiya
 
PYNQ単体でUIを表示してみる(PYNQまつり)
PYNQ単体でUIを表示してみる(PYNQまつり)PYNQ単体でUIを表示してみる(PYNQまつり)
PYNQ単体でUIを表示してみる(PYNQまつり)Kenta IDA
 
PYNQで○○してみた!
PYNQで○○してみた!PYNQで○○してみた!
PYNQで○○してみた!aster_ism
 
Pynqでカメラ画像をリアルタイムfastx コーナー検出
Pynqでカメラ画像をリアルタイムfastx コーナー検出Pynqでカメラ画像をリアルタイムfastx コーナー検出
Pynqでカメラ画像をリアルタイムfastx コーナー検出marsee101
 
コンピュータエンジニアへのFPGAのすすめ
コンピュータエンジニアへのFPGAのすすめコンピュータエンジニアへのFPGAのすすめ
コンピュータエンジニアへのFPGAのすすめTakeshi HASEGAWA
 
Horizontally Scalable Relational Databases with Spark: Spark Summit East talk...
Horizontally Scalable Relational Databases with Spark: Spark Summit East talk...Horizontally Scalable Relational Databases with Spark: Spark Summit East talk...
Horizontally Scalable Relational Databases with Spark: Spark Summit East talk...Spark Summit
 
Going Real-Time: Creating Frequently-Updating Datasets for Personalization: S...
Going Real-Time: Creating Frequently-Updating Datasets for Personalization: S...Going Real-Time: Creating Frequently-Updating Datasets for Personalization: S...
Going Real-Time: Creating Frequently-Updating Datasets for Personalization: S...Spark Summit
 
Realtime Analytical Query Processing and Predictive Model Building on High Di...
Realtime Analytical Query Processing and Predictive Model Building on High Di...Realtime Analytical Query Processing and Predictive Model Building on High Di...
Realtime Analytical Query Processing and Predictive Model Building on High Di...Spark Summit
 
New Directions in pySpark for Time Series Analysis: Spark Summit East talk by...
New Directions in pySpark for Time Series Analysis: Spark Summit East talk by...New Directions in pySpark for Time Series Analysis: Spark Summit East talk by...
New Directions in pySpark for Time Series Analysis: Spark Summit East talk by...Spark Summit
 
Time Series Analytics with Spark: Spark Summit East talk by Simon Ouellette
Time Series Analytics with Spark: Spark Summit East talk by Simon OuelletteTime Series Analytics with Spark: Spark Summit East talk by Simon Ouellette
Time Series Analytics with Spark: Spark Summit East talk by Simon OuelletteSpark Summit
 
Improving Python and Spark Performance and Interoperability: Spark Summit Eas...
Improving Python and Spark Performance and Interoperability: Spark Summit Eas...Improving Python and Spark Performance and Interoperability: Spark Summit Eas...
Improving Python and Spark Performance and Interoperability: Spark Summit Eas...Spark Summit
 
Analysis Andromeda Galaxy Data Using Spark: Spark Summit East Talk by Jose Na...
Analysis Andromeda Galaxy Data Using Spark: Spark Summit East Talk by Jose Na...Analysis Andromeda Galaxy Data Using Spark: Spark Summit East Talk by Jose Na...
Analysis Andromeda Galaxy Data Using Spark: Spark Summit East Talk by Jose Na...Spark Summit
 
Spark SQL: Another 16x Faster After Tungsten: Spark Summit East talk by Brad ...
Spark SQL: Another 16x Faster After Tungsten: Spark Summit East talk by Brad ...Spark SQL: Another 16x Faster After Tungsten: Spark Summit East talk by Brad ...
Spark SQL: Another 16x Faster After Tungsten: Spark Summit East talk by Brad ...Spark Summit
 
Spark as the Gateway Drug to Typed Functional Programming: Spark Summit East ...
Spark as the Gateway Drug to Typed Functional Programming: Spark Summit East ...Spark as the Gateway Drug to Typed Functional Programming: Spark Summit East ...
Spark as the Gateway Drug to Typed Functional Programming: Spark Summit East ...Spark Summit
 
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...Spark Summit
 
Large-Scale Text Processing Pipeline with Spark ML and GraphFrames: Spark Sum...
Large-Scale Text Processing Pipeline with Spark ML and GraphFrames: Spark Sum...Large-Scale Text Processing Pipeline with Spark ML and GraphFrames: Spark Sum...
Large-Scale Text Processing Pipeline with Spark ML and GraphFrames: Spark Sum...Spark Summit
 

Viewers also liked (20)

Presto in my_use_case
Presto in my_use_casePresto in my_use_case
Presto in my_use_case
 
PYNQ 祭り: Pmod のプログラミング
PYNQ 祭り: Pmod のプログラミングPYNQ 祭り: Pmod のプログラミング
PYNQ 祭り: Pmod のプログラミング
 
PYNQ祭りLT todotani
PYNQ祭りLT todotaniPYNQ祭りLT todotani
PYNQ祭りLT todotani
 
PYNQ単体でUIを表示してみる(PYNQまつり)
PYNQ単体でUIを表示してみる(PYNQまつり)PYNQ単体でUIを表示してみる(PYNQまつり)
PYNQ単体でUIを表示してみる(PYNQまつり)
 
Pynq祭り資料
Pynq祭り資料Pynq祭り資料
Pynq祭り資料
 
PYNQ祭り
PYNQ祭りPYNQ祭り
PYNQ祭り
 
PYNQで○○してみた!
PYNQで○○してみた!PYNQで○○してみた!
PYNQで○○してみた!
 
Pynqでカメラ画像をリアルタイムfastx コーナー検出
Pynqでカメラ画像をリアルタイムfastx コーナー検出Pynqでカメラ画像をリアルタイムfastx コーナー検出
Pynqでカメラ画像をリアルタイムfastx コーナー検出
 
コンピュータエンジニアへのFPGAのすすめ
コンピュータエンジニアへのFPGAのすすめコンピュータエンジニアへのFPGAのすすめ
コンピュータエンジニアへのFPGAのすすめ
 
Horizontally Scalable Relational Databases with Spark: Spark Summit East talk...
Horizontally Scalable Relational Databases with Spark: Spark Summit East talk...Horizontally Scalable Relational Databases with Spark: Spark Summit East talk...
Horizontally Scalable Relational Databases with Spark: Spark Summit East talk...
 
Going Real-Time: Creating Frequently-Updating Datasets for Personalization: S...
Going Real-Time: Creating Frequently-Updating Datasets for Personalization: S...Going Real-Time: Creating Frequently-Updating Datasets for Personalization: S...
Going Real-Time: Creating Frequently-Updating Datasets for Personalization: S...
 
Realtime Analytical Query Processing and Predictive Model Building on High Di...
Realtime Analytical Query Processing and Predictive Model Building on High Di...Realtime Analytical Query Processing and Predictive Model Building on High Di...
Realtime Analytical Query Processing and Predictive Model Building on High Di...
 
New Directions in pySpark for Time Series Analysis: Spark Summit East talk by...
New Directions in pySpark for Time Series Analysis: Spark Summit East talk by...New Directions in pySpark for Time Series Analysis: Spark Summit East talk by...
New Directions in pySpark for Time Series Analysis: Spark Summit East talk by...
 
Time Series Analytics with Spark: Spark Summit East talk by Simon Ouellette
Time Series Analytics with Spark: Spark Summit East talk by Simon OuelletteTime Series Analytics with Spark: Spark Summit East talk by Simon Ouellette
Time Series Analytics with Spark: Spark Summit East talk by Simon Ouellette
 
Improving Python and Spark Performance and Interoperability: Spark Summit Eas...
Improving Python and Spark Performance and Interoperability: Spark Summit Eas...Improving Python and Spark Performance and Interoperability: Spark Summit Eas...
Improving Python and Spark Performance and Interoperability: Spark Summit Eas...
 
Analysis Andromeda Galaxy Data Using Spark: Spark Summit East Talk by Jose Na...
Analysis Andromeda Galaxy Data Using Spark: Spark Summit East Talk by Jose Na...Analysis Andromeda Galaxy Data Using Spark: Spark Summit East Talk by Jose Na...
Analysis Andromeda Galaxy Data Using Spark: Spark Summit East Talk by Jose Na...
 
Spark SQL: Another 16x Faster After Tungsten: Spark Summit East talk by Brad ...
Spark SQL: Another 16x Faster After Tungsten: Spark Summit East talk by Brad ...Spark SQL: Another 16x Faster After Tungsten: Spark Summit East talk by Brad ...
Spark SQL: Another 16x Faster After Tungsten: Spark Summit East talk by Brad ...
 
Spark as the Gateway Drug to Typed Functional Programming: Spark Summit East ...
Spark as the Gateway Drug to Typed Functional Programming: Spark Summit East ...Spark as the Gateway Drug to Typed Functional Programming: Spark Summit East ...
Spark as the Gateway Drug to Typed Functional Programming: Spark Summit East ...
 
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...
 
Large-Scale Text Processing Pipeline with Spark ML and GraphFrames: Spark Sum...
Large-Scale Text Processing Pipeline with Spark ML and GraphFrames: Spark Sum...Large-Scale Text Processing Pipeline with Spark ML and GraphFrames: Spark Sum...
Large-Scale Text Processing Pipeline with Spark ML and GraphFrames: Spark Sum...
 

Similar to Secured (Kerberos-based) Spark Notebook for Data Science: Spark Summit East talk by Joy Chakraborty

Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Canada
 
London Oracle Developer Meetup April 18
London Oracle Developer Meetup April 18London Oracle Developer Meetup April 18
London Oracle Developer Meetup April 18Phil Wilkins
 
Kubecon seattle 2018 recap - Application Deployment aspects
Kubecon seattle 2018 recap - Application Deployment aspectsKubecon seattle 2018 recap - Application Deployment aspects
Kubecon seattle 2018 recap - Application Deployment aspectsKrishna-Kumar
 
Managing containers on Oracle Cloud by Jamal Arif
Managing containers on Oracle Cloud by Jamal ArifManaging containers on Oracle Cloud by Jamal Arif
Managing containers on Oracle Cloud by Jamal ArifOracle Developers
 
Timings API: Performance Assertion during the functional testing
Timings API: Performance Assertion during the functional testing Timings API: Performance Assertion during the functional testing
Timings API: Performance Assertion during the functional testingPetrosPlakogiannis
 
Running secured Spark job in Kubernetes compute cluster and integrating with ...
Running secured Spark job in Kubernetes compute cluster and integrating with ...Running secured Spark job in Kubernetes compute cluster and integrating with ...
Running secured Spark job in Kubernetes compute cluster and integrating with ...DataWorks Summit
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack ArchitectureMirantis
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack ArchitectureMirantis
 
Paypal teradata gimel_thrift_server
Paypal teradata gimel_thrift_serverPaypal teradata gimel_thrift_server
Paypal teradata gimel_thrift_serverAnisha Nainani
 
Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Shravan (Sean) Pabba
 
Oracle Blockchain Cloud Service
Oracle Blockchain Cloud ServiceOracle Blockchain Cloud Service
Oracle Blockchain Cloud ServiceMonte Kluemper
 
JConWorld_ Continuous SQL with Kafka and Flink
JConWorld_ Continuous SQL with Kafka and FlinkJConWorld_ Continuous SQL with Kafka and Flink
JConWorld_ Continuous SQL with Kafka and FlinkTimothy Spann
 
CCNA v6.0 ITN - Chapter 10
CCNA v6.0 ITN - Chapter 10CCNA v6.0 ITN - Chapter 10
CCNA v6.0 ITN - Chapter 10Irsandi Hasan
 
Running your Spring Apps in the Cloud Javaone 2014
Running your Spring Apps in the Cloud Javaone 2014Running your Spring Apps in the Cloud Javaone 2014
Running your Spring Apps in the Cloud Javaone 2014cornelia davis
 
Full-Stack Development with JavaScript and NoSQL
Full-Stack Development with JavaScript and NoSQLFull-Stack Development with JavaScript and NoSQL
Full-Stack Development with JavaScript and NoSQLAaron Benton
 
State of the Union - Rohit Yadav - Apache CloudStack
State of the Union - Rohit Yadav - Apache CloudStackState of the Union - Rohit Yadav - Apache CloudStack
State of the Union - Rohit Yadav - Apache CloudStackShapeBlue
 

Similar to Secured (Kerberos-based) Spark Notebook for Data Science: Spark Summit East talk by Joy Chakraborty (20)

Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet Overview
 
London Oracle Developer Meetup April 18
London Oracle Developer Meetup April 18London Oracle Developer Meetup April 18
London Oracle Developer Meetup April 18
 
Kubecon seattle 2018 recap - Application Deployment aspects
Kubecon seattle 2018 recap - Application Deployment aspectsKubecon seattle 2018 recap - Application Deployment aspects
Kubecon seattle 2018 recap - Application Deployment aspects
 
Managing containers on Oracle Cloud by Jamal Arif
Managing containers on Oracle Cloud by Jamal ArifManaging containers on Oracle Cloud by Jamal Arif
Managing containers on Oracle Cloud by Jamal Arif
 
Timings API: Performance Assertion during the functional testing
Timings API: Performance Assertion during the functional testing Timings API: Performance Assertion during the functional testing
Timings API: Performance Assertion during the functional testing
 
Kubernetes scheduling and QoS
Kubernetes scheduling and QoSKubernetes scheduling and QoS
Kubernetes scheduling and QoS
 
Hadoop security
Hadoop securityHadoop security
Hadoop security
 
Running secured Spark job in Kubernetes compute cluster and integrating with ...
Running secured Spark job in Kubernetes compute cluster and integrating with ...Running secured Spark job in Kubernetes compute cluster and integrating with ...
Running secured Spark job in Kubernetes compute cluster and integrating with ...
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack Architecture
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack Architecture
 
Paypal teradata gimel_thrift_server
Paypal teradata gimel_thrift_serverPaypal teradata gimel_thrift_server
Paypal teradata gimel_thrift_server
 
Kubernetes basics and hands on exercise
Kubernetes basics and hands on exerciseKubernetes basics and hands on exercise
Kubernetes basics and hands on exercise
 
Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015
 
Oracle Blockchain Cloud Service
Oracle Blockchain Cloud ServiceOracle Blockchain Cloud Service
Oracle Blockchain Cloud Service
 
JConWorld_ Continuous SQL with Kafka and Flink
JConWorld_ Continuous SQL with Kafka and FlinkJConWorld_ Continuous SQL with Kafka and Flink
JConWorld_ Continuous SQL with Kafka and Flink
 
CCNA v6.0 ITN - Chapter 10
CCNA v6.0 ITN - Chapter 10CCNA v6.0 ITN - Chapter 10
CCNA v6.0 ITN - Chapter 10
 
Running your Spring Apps in the Cloud Javaone 2014
Running your Spring Apps in the Cloud Javaone 2014Running your Spring Apps in the Cloud Javaone 2014
Running your Spring Apps in the Cloud Javaone 2014
 
DevCon5 (July 2014) - Acision SDK
DevCon5 (July 2014) - Acision SDKDevCon5 (July 2014) - Acision SDK
DevCon5 (July 2014) - Acision SDK
 
Full-Stack Development with JavaScript and NoSQL
Full-Stack Development with JavaScript and NoSQLFull-Stack Development with JavaScript and NoSQL
Full-Stack Development with JavaScript and NoSQL
 
State of the Union - Rohit Yadav - Apache CloudStack
State of the Union - Rohit Yadav - Apache CloudStackState of the Union - Rohit Yadav - Apache CloudStack
State of the Union - Rohit Yadav - Apache CloudStack
 

More from Spark Summit

FPGA-Based Acceleration Architecture for Spark SQL Qi Xie and Quanfu Wang
FPGA-Based Acceleration Architecture for Spark SQL Qi Xie and Quanfu Wang FPGA-Based Acceleration Architecture for Spark SQL Qi Xie and Quanfu Wang
FPGA-Based Acceleration Architecture for Spark SQL Qi Xie and Quanfu Wang Spark Summit
 
VEGAS: The Missing Matplotlib for Scala/Apache Spark with DB Tsai and Roger M...
VEGAS: The Missing Matplotlib for Scala/Apache Spark with DB Tsai and Roger M...VEGAS: The Missing Matplotlib for Scala/Apache Spark with DB Tsai and Roger M...
VEGAS: The Missing Matplotlib for Scala/Apache Spark with DB Tsai and Roger M...Spark Summit
 
Apache Spark Structured Streaming Helps Smart Manufacturing with Xiaochang Wu
Apache Spark Structured Streaming Helps Smart Manufacturing with Xiaochang WuApache Spark Structured Streaming Helps Smart Manufacturing with Xiaochang Wu
Apache Spark Structured Streaming Helps Smart Manufacturing with Xiaochang WuSpark Summit
 
Improving Traffic Prediction Using Weather Data with Ramya Raghavendra
Improving Traffic Prediction Using Weather Data with Ramya RaghavendraImproving Traffic Prediction Using Weather Data with Ramya Raghavendra
Improving Traffic Prediction Using Weather Data with Ramya RaghavendraSpark Summit
 
A Tale of Two Graph Frameworks on Spark: GraphFrames and Tinkerpop OLAP Artem...
A Tale of Two Graph Frameworks on Spark: GraphFrames and Tinkerpop OLAP Artem...A Tale of Two Graph Frameworks on Spark: GraphFrames and Tinkerpop OLAP Artem...
A Tale of Two Graph Frameworks on Spark: GraphFrames and Tinkerpop OLAP Artem...Spark Summit
 
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark Marcin ...
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark Marcin ...No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark Marcin ...
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark Marcin ...Spark Summit
 
Apache Spark and Tensorflow as a Service with Jim Dowling
Apache Spark and Tensorflow as a Service with Jim DowlingApache Spark and Tensorflow as a Service with Jim Dowling
Apache Spark and Tensorflow as a Service with Jim DowlingSpark Summit
 
Apache Spark and Tensorflow as a Service with Jim Dowling
Apache Spark and Tensorflow as a Service with Jim DowlingApache Spark and Tensorflow as a Service with Jim Dowling
Apache Spark and Tensorflow as a Service with Jim DowlingSpark Summit
 
MMLSpark: Lessons from Building a SparkML-Compatible Machine Learning Library...
MMLSpark: Lessons from Building a SparkML-Compatible Machine Learning Library...MMLSpark: Lessons from Building a SparkML-Compatible Machine Learning Library...
MMLSpark: Lessons from Building a SparkML-Compatible Machine Learning Library...Spark Summit
 
Next CERN Accelerator Logging Service with Jakub Wozniak
Next CERN Accelerator Logging Service with Jakub WozniakNext CERN Accelerator Logging Service with Jakub Wozniak
Next CERN Accelerator Logging Service with Jakub WozniakSpark Summit
 
Powering a Startup with Apache Spark with Kevin Kim
Powering a Startup with Apache Spark with Kevin KimPowering a Startup with Apache Spark with Kevin Kim
Powering a Startup with Apache Spark with Kevin KimSpark Summit
 
Improving Traffic Prediction Using Weather Datawith Ramya Raghavendra
Improving Traffic Prediction Using Weather Datawith Ramya RaghavendraImproving Traffic Prediction Using Weather Datawith Ramya Raghavendra
Improving Traffic Prediction Using Weather Datawith Ramya RaghavendraSpark Summit
 
Hiding Apache Spark Complexity for Fast Prototyping of Big Data Applications—...
Hiding Apache Spark Complexity for Fast Prototyping of Big Data Applications—...Hiding Apache Spark Complexity for Fast Prototyping of Big Data Applications—...
Hiding Apache Spark Complexity for Fast Prototyping of Big Data Applications—...Spark Summit
 
How Nielsen Utilized Databricks for Large-Scale Research and Development with...
How Nielsen Utilized Databricks for Large-Scale Research and Development with...How Nielsen Utilized Databricks for Large-Scale Research and Development with...
How Nielsen Utilized Databricks for Large-Scale Research and Development with...Spark Summit
 
Spline: Apache Spark Lineage not Only for the Banking Industry with Marek Nov...
Spline: Apache Spark Lineage not Only for the Banking Industry with Marek Nov...Spline: Apache Spark Lineage not Only for the Banking Industry with Marek Nov...
Spline: Apache Spark Lineage not Only for the Banking Industry with Marek Nov...Spark Summit
 
Goal Based Data Production with Sim Simeonov
Goal Based Data Production with Sim SimeonovGoal Based Data Production with Sim Simeonov
Goal Based Data Production with Sim SimeonovSpark Summit
 
Preventing Revenue Leakage and Monitoring Distributed Systems with Machine Le...
Preventing Revenue Leakage and Monitoring Distributed Systems with Machine Le...Preventing Revenue Leakage and Monitoring Distributed Systems with Machine Le...
Preventing Revenue Leakage and Monitoring Distributed Systems with Machine Le...Spark Summit
 
Getting Ready to Use Redis with Apache Spark with Dvir Volk
Getting Ready to Use Redis with Apache Spark with Dvir VolkGetting Ready to Use Redis with Apache Spark with Dvir Volk
Getting Ready to Use Redis with Apache Spark with Dvir VolkSpark Summit
 
Deduplication and Author-Disambiguation of Streaming Records via Supervised M...
Deduplication and Author-Disambiguation of Streaming Records via Supervised M...Deduplication and Author-Disambiguation of Streaming Records via Supervised M...
Deduplication and Author-Disambiguation of Streaming Records via Supervised M...Spark Summit
 
MatFast: In-Memory Distributed Matrix Computation Processing and Optimization...
MatFast: In-Memory Distributed Matrix Computation Processing and Optimization...MatFast: In-Memory Distributed Matrix Computation Processing and Optimization...
MatFast: In-Memory Distributed Matrix Computation Processing and Optimization...Spark Summit
 

More from Spark Summit (20)

FPGA-Based Acceleration Architecture for Spark SQL Qi Xie and Quanfu Wang
FPGA-Based Acceleration Architecture for Spark SQL Qi Xie and Quanfu Wang FPGA-Based Acceleration Architecture for Spark SQL Qi Xie and Quanfu Wang
FPGA-Based Acceleration Architecture for Spark SQL Qi Xie and Quanfu Wang
 
VEGAS: The Missing Matplotlib for Scala/Apache Spark with DB Tsai and Roger M...
VEGAS: The Missing Matplotlib for Scala/Apache Spark with DB Tsai and Roger M...VEGAS: The Missing Matplotlib for Scala/Apache Spark with DB Tsai and Roger M...
VEGAS: The Missing Matplotlib for Scala/Apache Spark with DB Tsai and Roger M...
 
Apache Spark Structured Streaming Helps Smart Manufacturing with Xiaochang Wu
Apache Spark Structured Streaming Helps Smart Manufacturing with Xiaochang WuApache Spark Structured Streaming Helps Smart Manufacturing with Xiaochang Wu
Apache Spark Structured Streaming Helps Smart Manufacturing with Xiaochang Wu
 
Improving Traffic Prediction Using Weather Data with Ramya Raghavendra
Improving Traffic Prediction Using Weather Data with Ramya RaghavendraImproving Traffic Prediction Using Weather Data with Ramya Raghavendra
Improving Traffic Prediction Using Weather Data with Ramya Raghavendra
 
A Tale of Two Graph Frameworks on Spark: GraphFrames and Tinkerpop OLAP Artem...
A Tale of Two Graph Frameworks on Spark: GraphFrames and Tinkerpop OLAP Artem...A Tale of Two Graph Frameworks on Spark: GraphFrames and Tinkerpop OLAP Artem...
A Tale of Two Graph Frameworks on Spark: GraphFrames and Tinkerpop OLAP Artem...
 
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark Marcin ...
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark Marcin ...No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark Marcin ...
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark Marcin ...
 
Apache Spark and Tensorflow as a Service with Jim Dowling
Apache Spark and Tensorflow as a Service with Jim DowlingApache Spark and Tensorflow as a Service with Jim Dowling
Apache Spark and Tensorflow as a Service with Jim Dowling
 
Apache Spark and Tensorflow as a Service with Jim Dowling
Apache Spark and Tensorflow as a Service with Jim DowlingApache Spark and Tensorflow as a Service with Jim Dowling
Apache Spark and Tensorflow as a Service with Jim Dowling
 
MMLSpark: Lessons from Building a SparkML-Compatible Machine Learning Library...
MMLSpark: Lessons from Building a SparkML-Compatible Machine Learning Library...MMLSpark: Lessons from Building a SparkML-Compatible Machine Learning Library...
MMLSpark: Lessons from Building a SparkML-Compatible Machine Learning Library...
 
Next CERN Accelerator Logging Service with Jakub Wozniak
Next CERN Accelerator Logging Service with Jakub WozniakNext CERN Accelerator Logging Service with Jakub Wozniak
Next CERN Accelerator Logging Service with Jakub Wozniak
 
Powering a Startup with Apache Spark with Kevin Kim
Powering a Startup with Apache Spark with Kevin KimPowering a Startup with Apache Spark with Kevin Kim
Powering a Startup with Apache Spark with Kevin Kim
 
Improving Traffic Prediction Using Weather Datawith Ramya Raghavendra
Improving Traffic Prediction Using Weather Datawith Ramya RaghavendraImproving Traffic Prediction Using Weather Datawith Ramya Raghavendra
Improving Traffic Prediction Using Weather Datawith Ramya Raghavendra
 
Hiding Apache Spark Complexity for Fast Prototyping of Big Data Applications—...
Hiding Apache Spark Complexity for Fast Prototyping of Big Data Applications—...Hiding Apache Spark Complexity for Fast Prototyping of Big Data Applications—...
Hiding Apache Spark Complexity for Fast Prototyping of Big Data Applications—...
 
How Nielsen Utilized Databricks for Large-Scale Research and Development with...
How Nielsen Utilized Databricks for Large-Scale Research and Development with...How Nielsen Utilized Databricks for Large-Scale Research and Development with...
How Nielsen Utilized Databricks for Large-Scale Research and Development with...
 
Spline: Apache Spark Lineage not Only for the Banking Industry with Marek Nov...
Spline: Apache Spark Lineage not Only for the Banking Industry with Marek Nov...Spline: Apache Spark Lineage not Only for the Banking Industry with Marek Nov...
Spline: Apache Spark Lineage not Only for the Banking Industry with Marek Nov...
 
Goal Based Data Production with Sim Simeonov
Goal Based Data Production with Sim SimeonovGoal Based Data Production with Sim Simeonov
Goal Based Data Production with Sim Simeonov
 
Preventing Revenue Leakage and Monitoring Distributed Systems with Machine Le...
Preventing Revenue Leakage and Monitoring Distributed Systems with Machine Le...Preventing Revenue Leakage and Monitoring Distributed Systems with Machine Le...
Preventing Revenue Leakage and Monitoring Distributed Systems with Machine Le...
 
Getting Ready to Use Redis with Apache Spark with Dvir Volk
Getting Ready to Use Redis with Apache Spark with Dvir VolkGetting Ready to Use Redis with Apache Spark with Dvir Volk
Getting Ready to Use Redis with Apache Spark with Dvir Volk
 
Deduplication and Author-Disambiguation of Streaming Records via Supervised M...
Deduplication and Author-Disambiguation of Streaming Records via Supervised M...Deduplication and Author-Disambiguation of Streaming Records via Supervised M...
Deduplication and Author-Disambiguation of Streaming Records via Supervised M...
 
MatFast: In-Memory Distributed Matrix Computation Processing and Optimization...
MatFast: In-Memory Distributed Matrix Computation Processing and Optimization...MatFast: In-Memory Distributed Matrix Computation Processing and Optimization...
MatFast: In-Memory Distributed Matrix Computation Processing and Optimization...
 

Recently uploaded

Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...amitlee9823
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Delhi Call girls
 
Edukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFxEdukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFxolyaivanovalion
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfadriantubila
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxolyaivanovalion
 
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...ZurliaSoop
 
Week-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionWeek-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionfulawalesam
 
VidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxVidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxolyaivanovalion
 
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...amitlee9823
 
Capstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics ProgramCapstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics ProgramMoniSankarHazra
 
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxSmarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxolyaivanovalion
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxolyaivanovalion
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxolyaivanovalion
 
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...SUHANI PANDEY
 
Probability Grade 10 Third Quarter Lessons
Probability Grade 10 Third Quarter LessonsProbability Grade 10 Third Quarter Lessons
Probability Grade 10 Third Quarter LessonsJoseMangaJr1
 
Carero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxCarero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxolyaivanovalion
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxolyaivanovalion
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusTimothy Spann
 

Recently uploaded (20)

Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
 
Edukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFxEdukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFx
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
 
Predicting Loan Approval: A Data Science Project
Predicting Loan Approval: A Data Science ProjectPredicting Loan Approval: A Data Science Project
Predicting Loan Approval: A Data Science Project
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFx
 
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Week-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionWeek-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interaction
 
VidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxVidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptx
 
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
 
Capstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics ProgramCapstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics Program
 
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxSmarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptx
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFx
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptx
 
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
 
Probability Grade 10 Third Quarter Lessons
Probability Grade 10 Third Quarter LessonsProbability Grade 10 Third Quarter Lessons
Probability Grade 10 Third Quarter Lessons
 
Carero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxCarero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptx
 
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptx
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and Milvus
 

Secured (Kerberos-based) Spark Notebook for Data Science: Spark Summit East talk by Joy Chakraborty

  • 1. © 2017 Bloomberg Finance L.P. All rights reserved. February 8, 2017 Joy Chakraborty Distributed System Architect Secured (Kerberos-based) Spark Notebook for Data Science Spark Summit East 2017
  • 2. © 2017 Bloomberg Finance L.P. All rights reserved. Speaker Bio I am a Distributed System Architect with 17+ years of application software development experience and 10+ years of experience in designing, architecting and developing Distributed systems. I have a special interest in distributed and parallel computing, and currently work on Cloud and Big Data technologies. I also actively participate in various Software architectural organizations. I have been working in Bloomberg’s Data Platform team as a Data Engineer since 2014. My responsibility is to store and process petabytes of data reliably, predictably and securely.
  • 3. © 2017 Bloomberg Finance L.P. All rights reserved. 3 Agenda Why Secured Data Science Notebook?1 Design and technologies consideration2 Integration and Implementation3 Question/Answers4
  • 4. © 2017 Bloomberg Finance L.P. All rights reserved. • Create Distributed Data platform to : –Ingest various data sources across the organization –Store data at most granular level in consistent format –Provide tooling across organization to perform Data-exploration, Analysis & Machine learning activities 4 Why Data Science Notebook?
  • 5. © 2017 Bloomberg Finance L.P. All rights reserved. 5 Data exploration, Analysis and Machine Learning Other Sources Databases Files Data Data Data Data Cluster
  • 6. © 2017 Bloomberg Finance L.P. All rights reserved. 6 Data exploration, Analysis and Machine Learning Other Source s Databases Files Data Data Data Data Cluster
  • 7. © 2017 Bloomberg Finance L.P. All rights reserved. 7 What are organization requirements for tooling?
  • 8. © 2017 Bloomberg Finance L.P. All rights reserved. • Spark Notebook for  Web-based  Scala/Python libraries  Templates  Security and login integration  Data discovery  Enhanced SQL support 8 Jupyter Notebook for Spark
  • 9. © 2017 Bloomberg Finance L.P. All rights reserved. • JupyterHub (Notebook web-application for multi-users environment) • SparkMagic (Spark kernel for Jupyter Notebook supporting Python & Scala) • Livy (HTTP REST web-service for to submit Spark jobs, managing sessions, etc.) • HDFS/Yarn (HDFS and Yarn running Spark jobs) 9 Spark Notebooks – Tech Stack
  • 10. © 2017 Bloomberg Finance L.P. All rights reserved. 10 JupyterHub – Current State
  • 11. © 2017 Bloomberg Finance L.P. All rights reserved. 11 JupyterHub Web Service Yarn Cluster Livy JupyterHub – Current State SparkMagic Spark-Scala Spark-Python Spark Job 1. JupyterHub login using OAuth 2. Sends HTTP Request 3. Creates/maintains Spark session and submits the Spark job to the yarn cluster xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy xxxxxxxx yyyyyyyy Running multiple Notebooks 4. Spark job output 5. HTTP Response
  • 12. © 2017 Bloomberg Finance L.P. All rights reserved. 12 Requirement – Kerberos Integration • Kerberos is a Network Authentication Protocol that works on the basis of 'tickets' to allow nodes communicating over a network to prove their identity to one another in a secure manner. Kerberos uses account databases such as domain’s Active Directory.
  • 13. © 2017 Bloomberg Finance L.P. All rights reserved. 13 Current State (with Kerberos) • HDFS supports Kerberos • Livy Supports Kerberos (configurable in Livy) • Can impersonate a user using HDFS “proxyuser” setting and submit Spark job on behalf of a user • A superuser with username ‘super’ wants to submit job and access hdfs on behalf of a user1. The superuser has kerberos credentials but user user1 doesn’t have any. The tasks are required to run as user user1. It is required that user1 can connect to the namenode or job tracker on a connection authenticated with super’s kerberos credentials. • JupyterHub and SparkMagic: No support for Kerberos <property> <name>hadoop.proxyuser. livyusr.hosts</name> <value>*</value> </property> <property> <name>hadoop.proxyuser.livyusr.groups</name> <value>LIVY_GRP</value> </property>
  • 14. © 2017 Bloomberg Finance L.P. All rights reserved. 14 How Kerberos works in HDFS and Yarn cluster running Spark Jobs?
  • 15. © 2017 Bloomberg Finance L.P. All rights reserved. 15 HDFS/Spark with Kerberos Client
  • 16. © 2017 Bloomberg Finance L.P. All rights reserved. 16 HDFS/Spark with Kerberos Client 0. Service Principles/Keys
  • 17. © 2017 Bloomberg Finance L.P. All rights reserved. 17 HDFS/Spark with Kerberos Client 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys
  • 18. © 2017 Bloomberg Finance L.P. All rights reserved. 18 HDFS/Spark with Kerberos Client 1. Client Request Ticket 2. KDC sends TGT 0. Service Principles/Keys
  • 19. © 2017 Bloomberg Finance L.P. All rights reserved. 19 HDFS/Spark with Kerberos Client 5. Sends Service Ticket and requests for Authentication 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys
  • 20. © 2017 Bloomberg Finance L.P. All rights reserved. 20 HDFS/Spark with Kerberos Client Retrieves User roles/permissions 6. User Authenticated using Service Principle/key 5. Sends Service Ticket and requests for Authentication 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys
  • 21. © 2017 Bloomberg Finance L.P. All rights reserved. 21 HDFS/Spark with Kerberos Client Retrieves User roles/permissions 6. User Authenticated using Service Principle/key 5. Sends Service Ticket and requests for Authentication Client/Server session established 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys
  • 22. © 2017 Bloomberg Finance L.P. All rights reserved. 22 Let’s have JupyterHub as Client and bring SparkMagic and Livy
  • 23. © 2017 Bloomberg Finance L.P. All rights reserved. 23 Jupyter + Spark with Kerberos Client Retrieves User roles/permissions 6. User Authenticated using Service Principle/key 5. Sends Service Ticket and requests for Authentication Client/Server session established 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys
  • 24. © 2017 Bloomberg Finance L.P. All rights reserved. 24 Jupyter + Spark with Kerberos Client 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys The nature of communication between Browser client and HDFS will be different
  • 25. © 2017 Bloomberg Finance L.P. All rights reserved. 25 Jupyter + Spark with Kerberos Client 1. Client requests Ticket 2. KDC sends TGT 0. Service Principles/Keys Also the TGT process between Browser client and KDC will change.
  • 26. © 2017 Bloomberg Finance L.P. All rights reserved. 26 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 0. Service Principles/Keys 1. Client requests Ticket 2. KDC sends TGT 1. KDCAuthenticator: JupyterHub Authentication extensibility point 2. KDCSpawner: JupyterHub per user session extensibility point
  • 27. © 2017 Bloomberg Finance L.P. All rights reserved. 27 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 0. Service Principles/Keys 1. Client requests Ticket 2. KDC sends TGT ??? ??? ???
  • 28. © 2017 Bloomberg Finance L.P. All rights reserved. 28 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 0. LIVY HTTP Service Principles/Keys 0. Service Principles/Keys ??? ??? ??? 1. Client requests Ticket 2. KDC sends TGT
  • 29. © 2017 Bloomberg Finance L.P. All rights reserved. 29 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 0. Service Principles/Keys ??? ??? ???
  • 30. © 2017 Bloomberg Finance L.P. All rights reserved. 30 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 0. LIVY HTTP Service Principles/Keys Retrieves User roles/permissions 2. KDC Sends TGT 1. Client requests Ticket (kinit) 4. 401/www-Authenticate: Negotiate 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ??? Spnego
  • 31. © 2017 Bloomberg Finance L.P. All rights reserved. 31 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 4. 401/www-Authenticate: Negotiate 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ???
  • 32. © 2017 Bloomberg Finance L.P. All rights reserved. 32 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ???
  • 33. © 2017 Bloomberg Finance L.P. All rights reserved. 33 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ??? 1. Supports SPNEGO 2. Authenticates user using HTTP service principle/key 3. Retrieves user-id
  • 34. © 2017 Bloomberg Finance L.P. All rights reserved. 34 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ??? Connection/session established
  • 35. © 2017 Bloomberg Finance L.P. All rights reserved. 35 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Send HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 3. Jhub sends URL request (GET) ??? ??? 0. Service Principles/Keys Connection/session established
  • 36. © 2017 Bloomberg Finance L.P. All rights reserved. 36 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 3. Jhub sends URL request (GET) 0. Service Principles/Keys ??? ??? 1. Opens Notebook session 2. Encrypts user-id and puts it into env['PROXY_USER'] Connection/session established
  • 37. © 2017 Bloomberg Finance L.P. All rights reserved. 37 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 0. Service Principles/Keys ??? ??? Connection/session established
  • 38. © 2017 Bloomberg Finance L.P. All rights reserved. 38 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 11. Forwards the request to SparkMagic kernel 0. Service Principles/Keys ??? ??? Connection/session established
  • 39. © 2017 Bloomberg Finance L.P. All rights reserved. 39 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 11. Forwards the request to SparkMagic kernel 0. Service Principles/Keys ??? ??? 1. SparkMagic reads the encrypted env['PROXY_USER'] and adds it to the Http request body as “proxyUser”. Connection/session established
  • 40. © 2017 Bloomberg Finance L.P. All rights reserved. 40 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 0. Service Principles/Keys ??? Connection/session established
  • 41. © 2017 Bloomberg Finance L.P. All rights reserved. 41 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 13 14 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 13. Uses Livy keytab to asks for HDFS service ticket 14. KDC sends HDFS Service Ticket 0. Service Principles/Keys ??? Connection/session established
  • 42. © 2017 Bloomberg Finance L.P. All rights reserved. 42 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 13 14 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 13. Uses Livy keytab to asks for HDFS service ticket 14. KDC sends HDFS Service Ticket 0. Service Principles/Keys ??? 1. Livy decrypts the “proxyUser” and sets the “proxy-user” value for remote Spark-SubmitConnection/session established
  • 43. © 2017 Bloomberg Finance L.P. All rights reserved. 43 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and asks for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 13 14 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 13. Uses Livy keytab to asks for HDFS service ticket 14. KDC sends HDFS Service Ticket15 15. Livy submits remote Spark job using HTTP Spnego with Get- Authorization: Negotiate <HDFS service- ticket> 0. Service Principles/Keys Connection/session established
  • 44. © 2017 Bloomberg Finance L.P. All rights reserved. 44 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and ask for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 13 14 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 13. Uses Livy keytab to asks for HDFS service ticket 14. KDC sends HDFS Service Ticket15 15. Livy submits remote Spark job using HTTP Spnego with Get- Authorization: Negotiate <HDFS service- ticket> 0. Service Principles/Keys Retrieves User roles/permissions 16. User Authenticated using Service Principle/key 16 Connection/session established
  • 45. © 2017 Bloomberg Finance L.P. All rights reserved. 45 Jupyter + Spark with Kerberos Client KDC Spawner SparkMagic JupyterHub KDC Authenticator Web Service Livy 2 1 3 4 5 6 7 8 9 10 0. LIVY HTTP Service Principles/Keys 2. KDC sends TGT 1. Client requests Ticket (kinit) 5. Client sends TGT and ask for JHUB Service Ticket 6. KDC sends Service Ticket 8. Spawns user session 4. 401/www-Authenticate: Negotiate 7. Sends HTTP GET with Get- Authorization: Negotiate <jhub service-ticket> 9. Uses SM keytab to asks for LIVY service ticket (kinit) 3. Jhub sends URL request (GET) 10. KDC sends Livy Service Ticket 11 12 13 14 11. Forwards the request to SparkMagic kernel 12. Submits the Spark request over HTTP to Livy with Get- Authorization: Negotiate <Livy service-ticket> 13. Uses Livy keytab to asks for HDFS service ticket 14. KDC sends HDFS Service Ticket15 15. Livy submits remote Spark job using HTTP Spnego with Get- Authorization: Negotiate <HDFS service- ticket> 0. Service Principles/Keys Retrieves User roles/permissions 16. User Authenticated using Service Principle/key 16 Connection/session established Connection/session established
  • 46. © 2017 Bloomberg Finance L.P. All rights reserved. 46 Jhub-Kerberos Development Summary • JupyterHub • KDC Authenticator (configurable using JupyerHub configuration) • Supports Kerberos-Spnego authentication using HTTP Service Principle and keys • KDC Spawner (configurable using JupyerHub configuration) • Encrypts the current user-name and stores it in the “PROXY_USER” environment variable (before spawning a new user child process) which SparkMagic reads/uses later. • Kinit to get the Livy Service ticket for Spnego Authentication with Livy server. • SparkMagic • Adds current user-name (reading from “PROXY_USER” environment variable) as “proxyUser” in the Livy HTTP Request body. This behavior can enabled or disabled (default) by SparkMagic configuration • Livy changes (configurable using Livy configuration) • Supports to decrypt the “proxyUser” from the request body & adds to the remote Spark job request for HDFS impersonation
  • 47. © 2017 Bloomberg Finance L.P. All rights reserved. 47 Jhub-Kerberos Development Setup • Learnings • KDC Domain controller running the AS and TGS • Multiple nodes running JupyterHub, Livy and Yarn (Spark) at different DNS farm and networking between these farms • Creating/modifying key-tabs and principles on demand basis in a corporate environment for dev • Corporate IT dependency • How Docker helps • Easy to bootstrap the JupyterHub, Livy, Yarn and KDC using Docker script • Seamless networking (easy to configure) between Docker instances • Creating Service principles and key-tabs on demand (without involving corporate IT) • Custom DNS farm setup for POC and development activities
  • 48. © 2017 Bloomberg Finance L.P. All rights reserved. Q&A
  • 49. © 2017 Bloomberg Finance L.P. All rights reserved. THANK YOU Joy Chakraborty Bloomberg L.P. jchakrabort5@bloomberg.net