hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Siddharth Seth (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-899) Get queue administration ACLs working
Date Thu, 08 Aug 2013 21:38:47 GMT

    [ https://issues.apache.org/jira/browse/YARN-899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13734040#comment-13734040

Siddharth Seth commented on YARN-899:

bq.  With this in mind, I think who has access should be based on a union of ACLs 
Agree. AMs get ACLs from the RM when they register. That could be a combined list along with
the queue ACLs. It's up to the AMs to enforce these. Maybe the RM proxy could do some of this
as well. The MR JobHistoryServer gets ACLs from the AM - again it's up to this to enforce
them. The RM AppHistoryServer will need to do the union though.

Don't have experience with JT ACLs, but it does look like that's doing a union as well. View
vs Modify ACLs for queues makes sense to me.
> Get queue administration ACLs working
> -------------------------------------
>                 Key: YARN-899
>                 URL: https://issues.apache.org/jira/browse/YARN-899
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: scheduler
>    Affects Versions: 2.1.0-beta
>            Reporter: Sandy Ryza
>            Assignee: Xuan Gong
>         Attachments: YARN-899.1.patch
> The Capacity Scheduler documents the yarn.scheduler.capacity.root.<queue-path>.acl_administer_queue
config option for controlling who can administer a queue, but it is not hooked up to anything.
 The Fair Scheduler could make use of a similar option as well.  This is a feature-parity
regression from MR1.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message