Open foxish opened 7 years ago
cc @lins05 @ash211
@lins05 @kimoonkim @mccheah will you have time to look at this?
Seems like a similar problem as https://github.com/apache-spark-on-k8s/spark/pull/95 -- maybe when running through a kubectl proxy
those the k8sProxyPattern
doesn't match?
Looks like a different problem here. With the v1 server, we used to create a service for the UI that we no longer create. The unauthorized message is coming from the K8s side and not the spark side. I'm not sure why, but it could be some component stripping out the proxy authentication headers.
The problem doesn't exist when the UI is accessed via the service + APIServer proxy. Considering adding the UI service definition to the job.
I'm accessing the driver UI after running:4040/proxy
All tabs except
kubectl proxy
, at URLs that look like: http://localhost:8080/api/v1/namespaces/default/pods/Executors
works. The Executors tab shows<h3>unauthorized</h3>
.I suspect it may be rejecting the embedding of the executor page based on the same-origin-policy that may need to specified through
spark.ui.allowFramingFrom
.