hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vinod Kumar Vavilapalli (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-617) In unsercure mode, AM can fake resource requirements
Date Fri, 26 Apr 2013 00:08:16 GMT

    [ https://issues.apache.org/jira/browse/YARN-617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13642403#comment-13642403
] 

Vinod Kumar Vavilapalli commented on YARN-617:
----------------------------------------------

Like I mentioned in the description, we can do this by adding ContainerTokens to the payload
and still using the same ContainerTokens for authentication. We don't want to remove the authentication
altogether as we need mutual authentication (AMs need to be sure they are talking to valid
NMs). So,
 - in unsecure mode, RM and NMs share the container-master-key, use it to validate the ContainerTokens
from the payload
 - in secure mode, RM and NMs continue to share the container-master-key, use it to validate
the ContainerTokens from the payload. On top of that, ContainerTokens will be used to authenticate
the connection.
                
> In unsercure mode, AM can fake resource requirements 
> -----------------------------------------------------
>
>                 Key: YARN-617
>                 URL: https://issues.apache.org/jira/browse/YARN-617
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Vinod Kumar Vavilapalli
>            Assignee: Vinod Kumar Vavilapalli
>            Priority: Minor
>
> Without security, it is impossible to completely avoid AMs faking resources. We can at
the least make it as difficult as possible by using the same container tokens and the RM-NM
shared key mechanism over unauthenticated RM-NM channel.
> In the minimum, this will avoid accidental bugs in AMs in unsecure mode.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message