hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vinod Kumar Vavilapalli (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-617) In unsercure mode, AM can fake resource requirements
Date Mon, 29 Apr 2013 20:16:16 GMT

    [ https://issues.apache.org/jira/browse/YARN-617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13644814#comment-13644814
] 

Vinod Kumar Vavilapalli commented on YARN-617:
----------------------------------------------

bq. Does there really need to be different NM behavior? Ie. Why can't the NM always require
container tokens regardless of security setting?
That is what I meant in my points above. ContainerTokens will always be sent irrespective
of security and are used for *authorization*. I just put them as separate points to highlight
that in secure mode, we also use ContainerTokens for *authentication*.
                
> In unsercure mode, AM can fake resource requirements 
> -----------------------------------------------------
>
>                 Key: YARN-617
>                 URL: https://issues.apache.org/jira/browse/YARN-617
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Vinod Kumar Vavilapalli
>            Assignee: Vinod Kumar Vavilapalli
>            Priority: Minor
>
> Without security, it is impossible to completely avoid AMs faking resources. We can at
the least make it as difficult as possible by using the same container tokens and the RM-NM
shared key mechanism over unauthenticated RM-NM channel.
> In the minimum, this will avoid accidental bugs in AMs in unsecure mode.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message