hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sunil G (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-6727) Improve getQueueUserAcls API to query for specific queue and user
Date Thu, 06 Jul 2017 16:06:00 GMT

    [ https://issues.apache.org/jira/browse/YARN-6727?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16076804#comment-16076804
] 

Sunil G commented on YARN-6727:
-------------------------------

bq.+ queue level readlock
{code:title=AbstractCSQueue#hasAccess}
  public boolean hasAccess(QueueACL acl, UserGroupInformation user) {
    return authorizer.checkPermission(
        new AccessRequest(queueEntity, user, SchedulerUtils.toAccessType(acl),
            null, null, Server.getRemoteAddress(), null));
}
{code}

We are currently invoking authorizer.checkPermission directly. So do we need queue readLock
here?

bq.Submission time QUEUE_SUBMIT right we could cache but we need all 
Sorry. I could not get you. could you please help to elaborate.

bq.IIUC the refresh interval is about 5/10 min.We dont have direct update or notifier as of
now.
cache invalidate is needed in cases where user's acls are changed in system. Hence it makes
sense.

> Improve getQueueUserAcls API to query for  specific queue and user
> ------------------------------------------------------------------
>
>                 Key: YARN-6727
>                 URL: https://issues.apache.org/jira/browse/YARN-6727
>             Project: Hadoop YARN
>          Issue Type: Improvement
>            Reporter: Bibin A Chundatt
>            Assignee: Bibin A Chundatt
>         Attachments: YARN-6727.WIP.patch
>
>
> Currently {{ApplicationClientProtocol#getQueueUserAcls}} return data for all the queues
available in scheduler for user.
> User wants to know whether he has rights of a particular queue only. For systems with
5K queues returning all queues list is not efficient.
> Suggested change: support additional parameters *userName and queueName* as optional.
Admin user should be able to query other users ACL for a particular queueName.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message