hadoop-mapreduce-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Nastetsky <anastet...@spryinc.com>
Subject Re: Service Level Authorization
Date Thu, 20 Feb 2014 16:38:04 GMT
If your test1 queue is under test queue, then you have to specify the path
in the same way:

yarn.scheduler.capacity.root.test.test1.acl_submit_applications (you are
missing the "test")

Also, if your "hadoop" user is a member of user group "hadoop", that is the
default value of the mapreduce.cluster.administrators in mapred-site.xml.
Users of that group can submit jobs to and administer all queues.


On Thu, Feb 20, 2014 at 11:28 AM, Juan Carlos <jucaf1@gmail.com> wrote:

> Yes, that is what I'm looking for, but I couldn't find this information
> for hadoop 2.2.0. I saw mapreduce.cluster.acls.enabled it's now the
> parameter to use. But I don't know how to set my ACLs.
> I'm using capacity schedurler and I've created 3 new queues test (which is
> under root at the same level as default) and test1 and test2, which are
> under test. As I said, I enabled mapreduce.cluster.acls.enabled in
> mapred-site.xml and later added the parameter
> yarn.scheduler.capacity.root.test1.acl_submit_applications with value
> "jcfernandez ". If I submit a job to queue test1 with user hadoop, it
> allows it to run it.
> Which is my error?
>
>
> 2014-02-20 16:41 GMT+01:00 Alex Nastetsky <anastetsky@spryinc.com>:
>
> Juan,
>>
>> What kind of information are you looking for? The service level ACLs are
>> for limiting which services can communicate under certain protocols, by
>> username or user group.
>>
>> Perhaps you are looking for client level ACL, something like the
>> MapReduce ACLs?
>> https://hadoop.apache.org/docs/r1.2.1/mapred_tutorial.html#Job+Authorization
>>
>> Alex.
>>
>>
>> 2014-02-20 4:58 GMT-05:00 Juan Carlos <jcfernandez@cediant.es>:
>>
>> Where could I find some information about ACL? I only could find the
>>> available in
>>> http://hadoop.apache.org/docs/r2.2.0/hadoop-project-dist/hadoop-common/ServiceLevelAuth.html,
which isn't so detailed.
>>> Regards
>>>
>>> Juan Carlos Fernández Rodríguez
>>> Consultor Tecnológico
>>>
>>> Telf: +34918105294
>>> Móvil: +34639311788
>>>
>>> CEDIANT
>>> Centro para el Desarrollo, Investigación y Aplicación de Nuevas
>>> Tecnologías
>>> HPC Business Solutions
>>>
>>> ********************* AVISO LEGAL *********************
>>> Este mensaje es solamente para la persona a la que va dirigido. Puede
>>> contener información confidencial o legalmente protegida. No hay renuncia a
>>> la confidencialidad o privilegio por cualquier transmisión mala/errónea. Si
>>> usted ha recibido este mensaje por error,le rogamos que borre de su sistema
>>> inmediatamente el mensaje asi como todas sus copias, destruya todas las
>>> copias del mismo de su disco duro y notifique al remitente. No debe,
>>> directa o indirectamente, usar, revelar, distribuir, imprimir o copiar
>>> ninguna de las partes de este mensaje si no es usted el destinatario.
>>> Cualquier opinión expresada en este mensaje proviene del remitente, excepto
>>> cuando el mensaje establezca lo contrario y el remitente esté autorizado
>>> para establecer que dichas opiniones provienen de 'CEDIANT'. Nótese que el
>>> correo electrónico vía Internet no permite asegurar ni la confidencialidad
>>> de los mensajes que se transmiten ni la correcta recepción de los mismos.
>>> En el caso de que el destinatario de este mensaje no consintiera la
>>> utilización del correo electrónico vía Internet, rogamos lo ponga en
>>> nuestro conocimiento de manera inmediata.
>>>
>>> ********************* DISCLAIMER *********************
>>>  This message is intended exclusively for the named person. It may
>>> contain confidential, propietary or legally privileged information. No
>>> confidentiality or privilege is waived or lost by any mistransmission. If
>>> you receive this message in error, please immediately delete it and all
>>> copies of it from your system, destroy any hard copies of it an notify the
>>> sender. Your must not, directly or indirectly, use, disclose, distribute,
>>> print, or copy any part of this message if you are not the intended
>>> recipient. Any views expressed in this message are those of the individual
>>> sender, except where the message states otherwise and the sender is
>>> authorised to state them to be the views of 'CEDIANT'. Please note that
>>> internet e-mail neither guarantees the confidentiality nor the proper
>>> receipt of the message sent. If the addressee of this message does not
>>> consent to the use of internet e-mail, please communicate it to us
>>> immediately.
>>>
>>>
>>
>

Mime
View raw message