Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id EB1F5200D0C for ; Wed, 6 Sep 2017 00:12:06 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id E9769160E16; Tue, 5 Sep 2017 22:12:06 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 13FCA160BCB for ; Wed, 6 Sep 2017 00:12:05 +0200 (CEST) Received: (qmail 44623 invoked by uid 500); 5 Sep 2017 22:12:05 -0000 Mailing-List: contact yarn-dev-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list yarn-dev@hadoop.apache.org Received: (qmail 44581 invoked by uid 99); 5 Sep 2017 22:12:04 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Sep 2017 22:12:04 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 4677E1A31F6; Tue, 5 Sep 2017 22:12:04 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.102 X-Spam-Level: X-Spam-Status: No, score=-0.102 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=disabled Authentication-Results: spamd2-us-west.apache.org (amavisd-new); dkim=pass (1024-bit key) header.d=effectivemachines.com Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id kaRduE1uwtU4; Tue, 5 Sep 2017 22:11:59 +0000 (UTC) Received: from effectivemachines.com (effectivemachines.com [104.236.136.112]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id 00A3B5FC99; Tue, 5 Sep 2017 22:11:58 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by effectivemachines.com (Postfix) with ESMTP id AE08F164367; Tue, 5 Sep 2017 15:11:51 -0700 (PDT) Received: from effectivemachines.com ([127.0.0.1]) by localhost (effectivemachines.com [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id rJXk-T_YJdr2; Tue, 5 Sep 2017 15:11:51 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by effectivemachines.com (Postfix) with ESMTP id 51757165254; Tue, 5 Sep 2017 15:11:51 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.9.2 effectivemachines.com 51757165254 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=effectivemachines.com; s=D35149BA-5A53-11E6-AF53-2EA667C55D35; t=1504649511; bh=/8x3sKe15BOH7wwuntcQeHtSQYui68wSCh58kc72yGw=; h=Content-Type:Mime-Version:Subject:From:Date: Content-Transfer-Encoding:Message-Id:To; b=Q+5CVr0gA5mn7qy6+umsyAGRzegCzbqkALzUcD/RbYpl4wACI2OnfkiS/na2RTcaz 2bAlR9u4vvRBjg0nltGIi2BZgeYdxteyhwHIsZctBcZicNmJ5i8Is6tw2ZssvctBoK gHnRtLv7RbiM0cG9A04FVc/X546zik1ZE5U5Wyxo= X-Virus-Scanned: amavisd-new at effectivemachines.com Received: from effectivemachines.com ([127.0.0.1]) by localhost (effectivemachines.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id Div0T5s_VnvP; Tue, 5 Sep 2017 15:11:51 -0700 (PDT) Received: from dhcp-217.private.iobm.com (108-193-1-249.lightspeed.sntcca.sbcglobal.net [108.193.1.249]) by effectivemachines.com (Postfix) with ESMTPSA id ECFCE164367; Tue, 5 Sep 2017 15:11:50 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) Subject: Re: [VOTE] Merge yarn-native-services branch into trunk From: Allen Wittenauer In-Reply-To: <550243F0-A333-4D27-90CE-D926162BA442@hortonworks.com> Date: Tue, 5 Sep 2017 15:11:50 -0700 Cc: "yarn-dev@hadoop.apache.org" , Hadoop Common , Hdfs-dev , "mapreduce-dev@hadoop.apache.org" Content-Transfer-Encoding: quoted-printable Message-Id: <980A1DD9-467B-4DB0-88DD-7EC1E1E3E7B8@effectivemachines.com> References: <1FEA8CAF-0E6C-4050-9DAC-68963681027B@effectivemachines.com> <550243F0-A333-4D27-90CE-D926162BA442@hortonworks.com> To: Jian He X-Mailer: Apple Mail (2.3124) archived-at: Tue, 05 Sep 2017 22:12:07 -0000 > On Sep 5, 2017, at 2:53 PM, Jian He wrote: >=20 >> Based on the documentation, this doesn=E2=80=99t appear to be a fully = function DNS server as an admin would expect (e.g., BIND, Knot, = whatever). Where=E2=80=99s forwarding? How do I setup notify? Are = secondaries even supported? etc, etc. >=20 > It seems like this is a rehash of some of the discussion you and = others had on the JIRA. The DNS here is a thin layer backed by service = registry. My understanding from the JIRA is that there are no claims = that this is already a DNS with all the bells and whistles - its goal is = mainly to expose dynamic services running on YARN as end-points. = Clearly, this is an optional daemon, if the provided feature set is = deemed insufficient, an alternative solution can be plugged in by = specific admins because the DNS piece is completely decoupled from the = rest of native-services.=20 If it doesn=E2=80=99t have all the bells and whistles, then it = shouldn=E2=80=99t be on port 53 by default. It should also be documented = that one *can=E2=80=99t* do these things. If the standard config is = likely to be a =E2=80=9Creal=E2=80=9D server on port 53 either acting as = a secondary to the YARN one or at least able to forward queries to it, = then these need to get documented. As it stands, operations folks are = going to be taken completely by surprise by some relatively random = process sitting on a very well established port. >> In fact: was this even tested on port 53? How does this get launched = such that it even has access to open port 53? I don=E2=80=99t see any = calls to use the secure daemon code in the shell scripts. Is there any = jsvc voodoo or is it just =E2=80=9Crun X as root=E2=80=9D? >=20 > Yes, we have tested this DNS server on port 53 on a cluster by running = the DNS server as root user. The port is clearly configurable, so the = admin has two options. Run as root + port 53. Run as non-root + = non-privileged port. We tested and left it as port 53 to keep it on a = standard DNS port. It is already documented as such though I can see = that part can be improved a little. *how* is it getting launched on a privileged port? It sounds = like the expectation is to run =E2=80=9Ccommand=E2=80=9D as root. = *ALL* of the previous daemons in Hadoop that needed a privileged port = used jsvc. Why isn=E2=80=99t this one? These questions matter from a = security standpoint. =20 >> 4) Post-merge, yarn usage information is broken. This is = especially bad since it doesn=E2=80=99t appear that YarnCommands was = ever updated to include the new sub-commands. >=20 > The =E2=80=9Cyarn=E2=80=9D usage command is working for me. what do = you mean ?=20 Check the output. It=E2=80=99s pretty obviously borked: =3D=3D=3Dsnip=3D=3D=3D=3D Daemon Commands: nodemanager run a nodemanager on each worker proxyserver run the web app proxy server resourcemanager run the ResourceManager router run the Router daemon timelineserver run the timeline server Run a service Commands: service run a service Run yarn-native-service rest server Commands: apiserver run yarn-native-service rest server =3D=3D=3Dsnip=3D=3D=3D > Yeah, looks like some previous features also forgot to update = YarnCommands.md for the new sub commands=20 Likely. But I was actually interested in playing with this one = to compare it to the competition. [Lucky you. ;) ] But with pretty = much zero documentation=E2=80=A6. --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-dev-unsubscribe@hadoop.apache.org For additional commands, e-mail: yarn-dev-help@hadoop.apache.org