[ https://issues.apache.org/jira/browse/YARN-1915?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14095671#comment-14095671
]
Hitesh Shah commented on YARN-1915:
-----------------------------------
[~jlowe] [~daryn] Was there a reason for not sending in the secret to the AM via its env when
it launches? I am assuming this is to not have all the AMs to change to handle this? Wouldn't
that be a more effective solution as compared to use of a timer ( which in practice would
work ) but is still reliant upon the AM receiving the secret from the RM within the time window
before the client does.
> ClientToAMTokenMasterKey should be provided to AM at launch time
> ----------------------------------------------------------------
>
> Key: YARN-1915
> URL: https://issues.apache.org/jira/browse/YARN-1915
> Project: Hadoop YARN
> Issue Type: Sub-task
> Affects Versions: 2.2.0
> Reporter: Hitesh Shah
> Assignee: Jason Lowe
> Priority: Critical
> Attachments: YARN-1915.patch, YARN-1915v2.patch
>
>
> Currently, the AM receives the key as part of registration. This introduces a race where
a client can connect to the AM when the AM has not received the key.
> Current Flow:
> 1) AM needs to start the client listening service in order to get host:port and send
it to the RM as part of registration
> 2) RM gets the port info in register() and transitions the app to RUNNING. Responds back
with client secret to AM.
> 3) User asks RM for client token. Gets it and pings the AM. AM hasn't received client
secret from RM and so RPC itself rejects the request.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
|