Uploaded image for project: 'Hadoop YARN'
  1. Hadoop YARN
  2. YARN-47 [Umbrella] Security issues in YARN
  3. YARN-575

ContainerManager APIs should be user accessible

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Critical
    • Resolution: Won't Fix
    • 2.0.4-alpha
    • None
    • nodemanager
    • None

    Description

      Auth for ContainerManager is based on the containerId being accessed - since this is what is used to launch containers (There's likely another jira somewhere to change this to not be containerId based).
      What this also means is the API is effectively not usable with kerberos credentials.
      Also, it should be possible to use this API with some generic tokens (RMDelegation?), instead of with Container specific tokens.

      Attachments

        Issue Links

          is related to

          Sub-task - The sub-task of the issue YARN-613 Create NM proxy per NM instead of per container

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              sseth Siddharth Seth
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: