Uploaded image for project: 'Hadoop YARN'
  1. Hadoop YARN
  2. YARN-4653

Document YARN security model from the perspective of Application Developers

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.7.2
    • 2.8.0, 2.7.3, 3.0.0-alpha1
    • site
    • None
    • Reviewed

    Description

      What YARN apps need to do for security today is generally copied direct from distributed shell, with a bit of ill-informed superstition being the sole prose.

      We need a normative document in the YARN site covering

      1. the needs for YARN security
      2. token creation for AM launch
      3. how the RM gets involved
      4. token propagation on container launch
      5. token renewal strategies
      6. How to get tokens for other apps like HBase and Hive.
      7. how to work under OOzie

      Perhaps the WritingYarnApplications.md doc is updated, otherwise why not just link to the relevant bit of the distributed shell client on github for a guarantee of staying up to date?

      Attachments

        1. YARN-4653-004.patch
          25 kB
          Steve Loughran
        2. YARN-4653-003.patch
          24 kB
          Steve Loughran
        3. YARN-4653-002.patch
          24 kB
          Steve Loughran
        4. YARN-4653-001.patch
          20 kB
          Steve Loughran

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            stevel@apache.org Steve Loughran
            stevel@apache.org Steve Loughran
            Votes:
            0 Vote for this issue
            Watchers:
            16 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - 2h
                2h
                Remaining:
                Remaining Estimate - 2h
                2h
                Logged:
                Time Spent - Not Specified
                Not Specified

                Slack

                  Issue deployment