1 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Apache Zeppelin + Livy: Bringing Multi Tenancyto Interactive Data AnalysisRohit Choudhary & Jeff ZhangJune 28, 2016
2 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Web-based notebook that enables
interactive data analytics.
You can make beautiful data-driven,
interactive and collaborative
documents with SQL, Scala and more
What’s Apache Zeppelin?
3 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Interactive Analysis 1.0 (Spark-shell)
4 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Interactive Analysis 2.0 (Zeppelin)
Spark Interpreter
5 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Interactive Analysis 3.0 (Zeppelin + Livy)
Livy Interpreter
6 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Open Source Activity
7 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Quick Stats: Zeppelin
Zeppelin graduated in May 2016 and is now TLP Incubated by Apache Foundation, since Dec- 2014 9 Committers, 120+ contributors, growing list 1000+ JIRAs filed 900 PRs via the community Zeppelin just got a new friend “R”
8 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Recent Updates
Multi-tenancy with Livy Generic JDBC Interpreter
– Hive, Phoenix , RedShift – Postgres, MySql– Several others
Notebook Authentication and Authorization UI Automation through Selenium Security for other interpreters (on its way)
9 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Usage Patterns & Feedback Cluster monitoring, memory analysis Telecom data usage, Concert attendees travel patterns
10 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Upcoming GA with HDP 2.5 & Ambari 2.4.0, ETA – End July
11 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Architecture & Usage
12 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Zeppelin Architecture
Current Interpreter Support HDFS PySpark, SparkR, Spark Hive, Phoenix, SQL Shell …
13 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Zeppelin Features
Collate/Load Data
Collate/Load data from existing data sources, load from external CSVs. i.e. Eureka, Smartsense
Visualize Robust visualization mechanism to visualize data, and enable insights
Collaborate Notebook base collaboration, export Notebooks, soon to be added, tagging to Notebook generated data
14 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Popular Usage Scenarios
Customized Dashboards
Intended for usage towards customized dashboards for Big Data clusters
Security Analytics
Understanding nature of data coming through multiple sources and analyzing the effects of it
Bio-sciences Medical research companies are interested in using this for their research
15 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Bringing Multi-tenancy to Zeppelin
16 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Multi-Tenancy: Motivation
Supporting workloads of multiple customers
Supporting multiple LOBs (lines of business), on a single data systems
Support fine grained audits
Inability to provision capacity for multiple user groups
Inability to Audit user actions, as all jobs are run via ‘zeppelin’ proxy user
Inability to share state/data with other users as well
Objectives Requirements
17 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Zeppelin Livy Interaction
LDAP
Zeppelin
Shiro
Spark
Yarn
Livy
Ispark GroupInterpreter
SPNego: Kerberos Kerberos
Security Across Zeppelin-Livy-Spark
Livy APIs
18 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Deep dive on Livy
19 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
What is Livy
Livy ServerLivy Client
Http
Http (RPC)
Http (RPC)
Livy is an open source REST interface for interacting with Spark from anywhere.
Spark Interactive Session
SparkContext
Spark Batch Session
SparkContext
20 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Why we need Livy with Zeppelin
Reduce the pressure on client machine
Make the job submission/monitoring easy
Customize the job schedule
21 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Interactive Session – Create Session
21
3
4
curl -X POST --data '{"kind": "spark"}' -H "Content-Type: application/json" localhost:8998/sessions
{"state":"starting","proxyUser":”null","id":1,"kind":"spark","log":[]}
Request
Response
Livy Client
Livy Server
Spark Interactive Session
SparkContext
22 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Interactive Session – Execute Code
{"id":0,"state":"running","output":null}
Request
Response
curl http://localhost:8998/sessions/0/statements -X POST -H 'Content-Type: application/json' -d '{"code":"sc.parallelize(0 to 100).sum()"}'
21
3
4
Livy Client
Livy Server
Spark Interactive Session
SparkContext
23 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
SparkContext Sharing
Livy Server
Client 1
Client 2
Client 3
Session-1
Session-1
Session-2 Session-2
Session-1SparkSession-1
SparkContext
SparkSession-2
SparkContext
24 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Livy Security
Client Livy Server(Impersonation)
Shared SecretSpengoSparkSession
• Only authorized users can launch spark session / submit code
• Each user can access his own session
• Only Livy server can submit job securely to spark session
25 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
SPNEGO
Client(Kerbrose TGT)
Livy Server(SPENGO enabled)
Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO), often pronounced "spen-go”
It is a GSSAPI "pseudo mechanism" used by client-server software to negotiate the choice of security technology.
Http Get http://site/a.html
Error 401 Unauthorized
Http Get Request Authorization: Negotiation
Http Get Request
26 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Impersonation
Alice(Kerberos TGT)
Shared Secret
Bob(Kerberos TGT)
Shared SecretSpengo
Spengo
Livy Server(super user: livy)
Spark Session
Spark Session
27 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Shared Secret
1. Livy Server generate secret key
2. Livy Server pass secret key to spark session when launching spark session
3. Use the secret key to communicate with each other
Spark SessionShared Secret
Livy Server
28 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Multi Tenant: Zeppelin Demo
29 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Zeppelin Direction
Workspaces and Collaboration Customizable Visualization
– Helium– Custom, data type based visualization (Geolocation/Maps)
Enterprise Readiness– Bring security to all interpreters– Performance improvements
Collaboration Data Lineage
30 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Q & A
31 © Hortonworks Inc. 2011 – 2016. All Rights Reserved
Thank You