hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-2424) LCE should support non-cgroups, non-secure mode
Date Mon, 18 Aug 2014 23:41:20 GMT

    [ https://issues.apache.org/jira/browse/YARN-2424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14101533#comment-14101533

Alejandro Abdelnur commented on YARN-2424:

I really don't like it, it is not my business how you run your clusters, but this is dangerous,
specially in a multi-tenancy scenario. From Allen's comment (the one I highlighted) it is
not clear to me this is meant only for setup/troubleshooting usage.

I would not -1 this JIRA if...

* the property has 'use-only-for-troubleshooting' in its name.
* the NM logs print a WARN at startup and on every started container stating the flag and
its un-secure nature
* the container stdout/stderr also print a WARN to alert the user of the cluster setup.

> LCE should support non-cgroups, non-secure mode
> -----------------------------------------------
>                 Key: YARN-2424
>                 URL: https://issues.apache.org/jira/browse/YARN-2424
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: nodemanager
>    Affects Versions: 2.3.0, 2.4.0, 2.5.0, 2.4.1
>            Reporter: Allen Wittenauer
>            Priority: Blocker
>              Labels: regression
>         Attachments: YARN-2424.patch
> After YARN-1253, LCE no longer works for non-secure, non-cgroup scenarios.  This is a
fairly serious regression, as turning on LCE prior to turning on full-blown security is a
fairly standard procedure.

This message was sent by Atlassian JIRA

View raw message