On Feb 26, 2008, at 3:05 PM, Michael Bieniosek wrote:
Ah, that makes sense.
I have things set up this way because I can't trust code that gets
run on the tasktrackers: we have to prevent the tasktrackers from
eg. sending kill signals to the datanodes. I didn't think about
the jobtracker, but I suppose I should equally not trust code that
gets run on the jobtracker...
Just to be clear, no user code is run in the JobTracker or
TaskTracker. User code is only run in the client and task processes.
However, it makes a lot of sense to run map/reduce as a different
user than hdfs to prevent the task processes from having access to
the raw blocks or datanodes.
-- Owen
