[
https://issues.apache.org/jira/browse/HADOOP-3698?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12622494#action_12622494
]
Hemanth Yamijala commented on HADOOP-3698:
------------------------------------------
Initial proposal:
Firstly, as mentioned in
http://issues.apache.org/jira/browse/HADOOP-3479?focusedCommentId=12602243#action_12602243,
it possibly makes sense to make the access control mechanism something
pluggable at a class design level.
One concrete and simple mechanism is as follows:
- An ACL can be specified as an (operation, userlist or grouplist) tuple for a
given queue.
- The operations that seem relevant are:
-- submit job
-- administer jobs in a queue - including deleting any job or modifying any
job's properties such as it's priority
-- listing jobs
Currently, administering the queue itself (that is - operations such as adding
/ deleting or configuring a queue) is an admin only operation which is
controlled by means of access to the queue configuration file defined in
HADOOP-3479.
Thoughts ?
> Implement access control for submitting jobs to queues in the JobTracker
> ------------------------------------------------------------------------
>
> Key: HADOOP-3698
> URL: https://issues.apache.org/jira/browse/HADOOP-3698
> Project: Hadoop Core
> Issue Type: New Feature
> Components: mapred
> Reporter: Hemanth Yamijala
> Assignee: Hemanth Yamijala
> Fix For: 0.19.0
>
>
> HADOOP-3445 implements multiple queues in the JobTracker as part of the new
> resource manager for Hadoop (HADOOP-3421). There needs to be a mechanism to
> control who can submit jobs to a specified queue. This JIRA is for tracking
> the requirements, approach and implementation for the same.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
