hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Naganarasimha G R (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-3557) Support Intel Trusted Execution Technology(TXT) in YARN scheduler
Date Thu, 30 Apr 2015 23:33:07 GMT

    [ https://issues.apache.org/jira/browse/YARN-3557?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14522477#comment-14522477

Naganarasimha G R commented on YARN-3557:

Hi [~dian.fu],
Thanks for posting the doc.  My views are similar to [~wangda], 
bq. Need to provide a mechanism at RM side which can configure node label in the similar way
as YARN-2495.
Did you mean NM here ? RM side configure is already there and NM side (distributed) is almost
done and might be available in 2.8.

bq. As labels related to security are very sensitive, it’s better to manage these labels
through the centralized method. So we choose #2
If you have selected the 2nd option {{RM retrieve the trust status of all cluster nodes from
OAT}}, then why is it dependent on YARN-2495 & support to {{configure centralized node
label configuration or distributed node label configuration}} required ? And also as Wangda
mentioned there would be issues with mixing them up.

Scenario suggested here looks like a good use case of NodeLabels but could not get the need
for modifications or current limitations in the feature which blocks the scenario.

> Support Intel Trusted Execution Technology(TXT) in YARN scheduler
> -----------------------------------------------------------------
>                 Key: YARN-3557
>                 URL: https://issues.apache.org/jira/browse/YARN-3557
>             Project: Hadoop YARN
>          Issue Type: New Feature
>            Reporter: Dian Fu
>         Attachments: Support TXT in YARN high level design doc.pdf
> Intel TXT defines platform-level enhancements that provide the building blocks for creating
trusted platforms. A TXT aware YARN scheduler can schedule security sensitive jobs on TXT
enabled nodes only. YARN-2492 provides the capacity to restrict YARN applications to run only
on cluster nodes that have a specified node label. This is a good mechanism that be utilized
for TXT aware YARN scheduler.

This message was sent by Atlassian JIRA

View raw message