Return-Path: X-Original-To: apmail-hadoop-yarn-issues-archive@minotaur.apache.org Delivered-To: apmail-hadoop-yarn-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B54E317FCB for ; Mon, 4 May 2015 08:41:12 +0000 (UTC) Received: (qmail 31404 invoked by uid 500); 4 May 2015 08:41:07 -0000 Delivered-To: apmail-hadoop-yarn-issues-archive@hadoop.apache.org Received: (qmail 31352 invoked by uid 500); 4 May 2015 08:41:07 -0000 Mailing-List: contact yarn-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: yarn-issues@hadoop.apache.org Delivered-To: mailing list yarn-issues@hadoop.apache.org Received: (qmail 31340 invoked by uid 99); 4 May 2015 08:41:07 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 04 May 2015 08:41:07 +0000 Date: Mon, 4 May 2015 08:41:07 +0000 (UTC) From: "Dian Fu (JIRA)" To: yarn-issues@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (YARN-3557) Support Intel Trusted Execution Technology(TXT) in YARN scheduler MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/YARN-3557?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14526416#comment-14526416 ] Dian Fu commented on YARN-3557: ------------------------------- Hi [~sunilg], Thanks for your comments. {quote}Apart from CLI and REST, do u mean like exposing these configuration for a specific user (i assume this user will have some security approval in the cluster) so that this user can make the config via REST or api's.{quote} Exposing these configuration for a specific user can be one option. But this will require users to start a job which updates the labels periodically and is complicated for users. If we can provide the similar method to YARN-2495 at RM side, user will just need to provide a script(which takes node hostname/ip as input and output the node labels). > Support Intel Trusted Execution Technology(TXT) in YARN scheduler > ----------------------------------------------------------------- > > Key: YARN-3557 > URL: https://issues.apache.org/jira/browse/YARN-3557 > Project: Hadoop YARN > Issue Type: New Feature > Reporter: Dian Fu > Attachments: Support TXT in YARN high level design doc.pdf > > > Intel TXT defines platform-level enhancements that provide the building blocks for creating trusted platforms. A TXT aware YARN scheduler can schedule security sensitive jobs on TXT enabled nodes only. YARN-2492 provides the capacity to restrict YARN applications to run only on cluster nodes that have a specified node label. This is a good mechanism that be utilized for TXT aware YARN scheduler. -- This message was sent by Atlassian JIRA (v6.3.4#6332)