[YARN-617] In unsercure mode, AM can fake resource requirements - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.1.0-beta
Component/s: None
Labels:
None

Hadoop Flags:

Reviewed

Description

Without security, it is impossible to completely avoid AMs faking resources. We can at the least make it as difficult as possible by using the same container tokens and the RM-NM shared key mechanism over unauthenticated RM-NM channel.

In the minimum, this will avoid accidental bugs in AMs in unsecure mode.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

YARN-617-20130516.trunk.patch
16/May/13 22:33
151 kB
Omkar Vinit Joshi
YARN-617-20130516.branch-2.patch
16/May/13 23:25
151 kB
Omkar Vinit Joshi
YARN-617-20130515.patch
15/May/13 20:59
126 kB
Omkar Vinit Joshi
YARN-617-20130513.patch
14/May/13 02:43
127 kB
Omkar Vinit Joshi
YARN-617-20130507.patch
07/May/13 18:04
53 kB
Omkar Vinit Joshi
YARN-617.20130508.patch
09/May/13 01:09
130 kB
Omkar Vinit Joshi
YARN-617.20130502.patch
03/May/13 02:37
37 kB
Omkar Vinit Joshi
YARN-617.20130501.patch
02/May/13 02:04
15 kB
Omkar Vinit Joshi
YARN-617.20130501.1.patch
02/May/13 02:15
16 kB
Omkar Vinit Joshi

Issue Links

blocks

YARN-613 Create NM proxy per NM instead of per container

Closed

breaks

MAPREDUCE-5257 TestContainerLauncherImpl fails

Closed

MAPREDUCE-5261 TestRMContainerAllocator is exiting and failing the build

Closed

is blocked by

YARN-582 Restore appToken and clientToken for app attempt after RM restart

Closed

is related to

YARN-713 ResourceManager can exit unexpectedly if DNS is unavailable

Closed

Activity

People

Assignee:: Omkar Vinit Joshi

Reporter:: Vinod Kumar Vavilapalli

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 29/Jul/11 03:52

Updated:: 27/Aug/13 22:15

Resolved:: 17/May/13 06:38