hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vinod Kumar Vavilapalli (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-617) In unsercure mode, AM can fake resource requirements
Date Thu, 02 May 2013 03:36:17 GMT

    [ https://issues.apache.org/jira/browse/YARN-617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13647242#comment-13647242
] 

Vinod Kumar Vavilapalli commented on YARN-617:
----------------------------------------------

bq. Are you saying the goal is to auth container launches with the am token too?
Yes. All communication with NM to be authenticated by AMToken.

We could keep it separate from startContainer() and stop/getStatus, but we want to solve YARN-613
too. Having the authentication via container-token is forcing us to create a connection per-container.
You must have seen the gory MR ContainerLauncher resorting to tricks like creating lots of
threads, opening and closing connections immediately to avoid hitting ulimits etc. Some of
that ugliness will go away if we perform all authentication using AMTokens and use ContainerTokens
for authorization.

Thanks for the tip on HADOOP-8783/HADOOP-8784.
                
> In unsercure mode, AM can fake resource requirements 
> -----------------------------------------------------
>
>                 Key: YARN-617
>                 URL: https://issues.apache.org/jira/browse/YARN-617
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Vinod Kumar Vavilapalli
>            Assignee: Omkar Vinit Joshi
>            Priority: Minor
>         Attachments: YARN-617.20130501.1.patch, YARN-617.20130501.patch
>
>
> Without security, it is impossible to completely avoid AMs faking resources. We can at
the least make it as difficult as possible by using the same container tokens and the RM-NM
shared key mechanism over unauthenticated RM-NM channel.
> In the minimum, this will avoid accidental bugs in AMs in unsecure mode.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message