hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joep Rottinghuis (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-3053) [Security] Review and implement security in ATS v.2
Date Thu, 17 Nov 2016 18:07:59 GMT

    [ https://issues.apache.org/jira/browse/YARN-3053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15674398#comment-15674398

Joep Rottinghuis commented on YARN-3053:

Two questions:
- are there race conditions going to be possible at the end of the application lifecycle when
the am is done, we cancel the token and then asynchronous communication from containers (through
NMs?) arrives?

- How we do deal with AM recovery?
  * What if the AM crashes and has to be re-started, are we going to restart it with the same
token, or cancel the token and re-generate a new one? If the answer is a new token, how do
we communicate this out to containers / NMs on other hosts?
* What if the entire machine where the AM and collectors run crashes (or worse network partitions),
then do we treat that the same as the previous case?

> [Security] Review and implement security in ATS v.2
> ---------------------------------------------------
>                 Key: YARN-3053
>                 URL: https://issues.apache.org/jira/browse/YARN-3053
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>          Components: timelineserver
>            Reporter: Sangjin Lee
>            Assignee: Varun Saxena
>              Labels: YARN-5355
>         Attachments: ATSv2Authentication(draft).pdf
> Per design in YARN-2928, we want to evaluate and review the system for security, and
ensure proper security in the system.
> This includes proper authentication, token management, access control, and any other
relevant security aspects.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org

View raw message