hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hadoop QA (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-694) Start using NMTokens to authenticate all communication with NM
Date Tue, 18 Jun 2013 12:47:20 GMT

    [ https://issues.apache.org/jira/browse/YARN-694?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13686656#comment-13686656
] 

Hadoop QA commented on YARN-694:
--------------------------------

{color:red}-1 overall{color}.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12588335/YARN-694-20130618.1.patch
  against trunk revision .

    {color:green}+1 @author{color}.  The patch does not contain any @author tags.

    {color:green}+1 tests included{color}.  The patch appears to include 21 new or modified
test files.

    {color:green}+1 javac{color}.  The applied patch does not increase the total number of
javac compiler warnings.

    {color:green}+1 javadoc{color}.  The javadoc tool did not generate any warning messages.

    {color:green}+1 eclipse:eclipse{color}.  The patch built with eclipse:eclipse.

    {color:red}-1 findbugs{color}.  The patch appears to introduce 2 new Findbugs (version
1.3.9) warnings.

        {color:red}-1 release audit{color}.  The applied patch generated 1 release audit warnings.

    {color:red}-1 core tests{color}.  The patch failed these unit tests in hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-app
hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-hs hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-applications-distributedshell
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-client hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-tests:

                  org.apache.hadoop.yarn.server.nodemanager.TestNodeManagerResync
                  org.apache.hadoop.yarn.server.nodemanager.containermanager.monitor.TestContainersMonitor

    {color:green}+1 contrib tests{color}.  The patch passed contrib unit tests.

Test results: https://builds.apache.org/job/PreCommit-YARN-Build/1329//testReport/
Release audit warnings: https://builds.apache.org/job/PreCommit-YARN-Build/1329//artifact/trunk/patchprocess/patchReleaseAuditProblems.txt
Findbugs warnings: https://builds.apache.org/job/PreCommit-YARN-Build/1329//artifact/trunk/patchprocess/newPatchFindbugsWarningshadoop-yarn-client.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-YARN-Build/1329//artifact/trunk/patchprocess/newPatchFindbugsWarningshadoop-yarn-server-nodemanager.html
Console output: https://builds.apache.org/job/PreCommit-YARN-Build/1329//console

This message is automatically generated.
                
> Start using NMTokens to authenticate all communication with NM
> --------------------------------------------------------------
>
>                 Key: YARN-694
>                 URL: https://issues.apache.org/jira/browse/YARN-694
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: Omkar Vinit Joshi
>            Assignee: Omkar Vinit Joshi
>         Attachments: YARN-694-20130613.patch, YARN-694-20130617.1.patch, YARN-694-20130617.2.patch,
YARN-694-20130617.patch, YARN-694-20130618.1.patch
>
>
> AM uses the NMToken to authenticate all the AM-NM communication.
> NM will validate NMToken in below manner
> * If NMToken is using current or previous master key then the NMToken is valid. In this
case it will update its cache with this key corresponding to appId.
> * If NMToken is using the master key which is present in NM's cache corresponding to
AM's appId then it will be validated based on this.
> * If NMToken is invalid then NM will reject AM calls.
> Modification for ContainerToken
> * At present RPC validates AM-NM communication based on ContainerToken. It will be replaced
with NMToken. Also now onwards AM will use NMToken per NM (replacing earlier behavior of ContainerToken
per container per NM).
> * startContainer in case of Secured environment is using ContainerToken from UGI YARN-617;
however after this it will use it from the payload (Container).
> * ContainerToken will exist and it will only be used to validate the AM's container start
request.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message