Uploaded image for project: 'Hadoop YARN'
  1. Hadoop YARN
  2. YARN-4653

Document YARN security model from the perspective of Application Developers

    Details

    • Type: Task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.7.2
    • Fix Version/s: 2.8.0, 2.7.3, 3.0.0-alpha1
    • Component/s: site
    • Labels:
      None
    • Target Version/s:
    • Hadoop Flags:
      Reviewed

      Description

      What YARN apps need to do for security today is generally copied direct from distributed shell, with a bit of ill-informed superstition being the sole prose.

      We need a normative document in the YARN site covering

      1. the needs for YARN security
      2. token creation for AM launch
      3. how the RM gets involved
      4. token propagation on container launch
      5. token renewal strategies
      6. How to get tokens for other apps like HBase and Hive.
      7. how to work under OOzie

      Perhaps the WritingYarnApplications.md doc is updated, otherwise why not just link to the relevant bit of the distributed shell client on github for a guarantee of staying up to date?

        Attachments

        1. YARN-4653-004.patch
          25 kB
          Steve Loughran
        2. YARN-4653-003.patch
          24 kB
          Steve Loughran
        3. YARN-4653-002.patch
          24 kB
          Steve Loughran
        4. YARN-4653-001.patch
          20 kB
          Steve Loughran

          Issue Links

            Activity

              People

              • Assignee:
                stevel@apache.org Steve Loughran
                Reporter:
                stevel@apache.org Steve Loughran
              • Votes:
                0 Vote for this issue
                Watchers:
                16 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 2h
                  2h
                  Remaining:
                  Remaining Estimate - 2h
                  2h
                  Logged:
                  Time Spent - Not Specified
                  Not Specified