hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gordon Wang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-1941) Yarn scheduler ACL improvement
Date Wed, 16 Apr 2014 14:16:17 GMT

    [ https://issues.apache.org/jira/browse/YARN-1941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13971442#comment-13971442

Gordon Wang commented on YARN-1941:

Hi [~sandyr], Thank you for your reply !

For (2), we can keep the behaviour compatible even if we change the default ACL to NOBODY_ACL.
From the user's view, changing the default ACL will not need user to update the scheduler
configuration. So, it is compatible with the previous configuration.
Here is my thinking.  We can consider this in 2 situations.
A) The ACL is disabled. (yarn.acl.enable = false). In this kind of configuration, changing
the default ACL of ROOT queue will not affect users. Because scheduler do not check any ACL
at this time.
B) The ACL is enabled. (yarn.acl.enable = true). Currently, if user want to make ACL works
correctly. They have to explicitly set the ACL of root queue to NOBODY_ACL( ). After we change
the default ACL of root queue, current configuration should work(the root queue ACL should
be set as what user wants.). But we can get benefit in new scheduler configuration. In new
configuration, user do not need to explicitly set the root queue ACL.

What's your opinion?

I create 2 subtasks to track each item. Please feel free to comment. I am formatting the patch.
Will give you a review soon.


> Yarn scheduler ACL improvement
> ------------------------------
>                 Key: YARN-1941
>                 URL: https://issues.apache.org/jira/browse/YARN-1941
>             Project: Hadoop YARN
>          Issue Type: Improvement
>          Components: scheduler
>    Affects Versions: 2.3.0
>            Reporter: Gordon Wang
>              Labels: scheduler
> Defect:
> 1. Currently, in Yarn Capacity Scheduler and Yarn Fair Scheduler, the queue ACL is always
checked when submitting a app to scheduler, regardless of the property "yarn.acl.enable".
> But for killing an app, the ACL is checked when yarn.acl.enable is set.
> The behaviour is not consistent.
> 2. default ACL for root queue is EVERYBODY_ACL( * ), while default ACL for other queues
is NODODY_ACL( ). From users' view, this is error prone and not easy to understand the ACL
policy of Yarn scheduler. root queue should not be so special compared with other parent queues.
> For example, if I want to set capacity scheduler ACL, the ACL of root has to be set explicitly.
Otherwise, everyone can submit APP to yarn scheduler. Because root queue ACL is EVERYBODY_ACL.
> This is hard for user to administrate yarn scheduler.
> So, I propose to improve the ACL of yarn scheduler in the following aspects.
> 1. only enable scheduler queue ACL when yarn.acl.enable is set to true.
> 2. set the default ACL of root queue as NOBODY_ACL( ). Make all the parent queues' ACL

This message was sent by Atlassian JIRA

View raw message