Adam Antal created YARN-10215:
---------------------------------
Summary: Endpoint for obtaining direct URL for the logs
Key: YARN-10215
URL: https://issues.apache.org/jira/browse/YARN-10215
Project: Hadoop YARN
Issue Type: Sub-task
Components: yarn
Affects Versions: 3.3.0
Reporter: Adam Antal
Assignee: Andras Gyori
If CORS protected UIs are set up, there is an issue when the browser tries to
access the logs of a running container in the RM web UIv2.
Assuming ATS is not up, the browser follows the following call chain:
- Tries to access ATS, it fails, falls back to JHS
- From RM the browser received basic app info, we know that the application is
running
- From the JHS we got the list of containers and their log files.
- When we try to access a specific log file, the JHS redirects the request to
the NM's UI (on which node the container is running). This redirect is
performed by the browser automatically. In this setup the host is considered as
a protected information, thus the browser omits the "Origin" field from the
request when this redirect is done. The browser then denies access to the
NodeManager's web UI due to the CORS header set up for NM, but the Origin is
null in the redirect request.
- Finally, "Logs are unavailable" message is shown in the RM web UIv2 due to
the CORS violation.
We should fix this. As an approach we can expose another endpoints which only
returns the URL of the NodeManager what we should call directly from the UIv2
in order to receive the log. This adds a bit of a complexity, but will enable
users to keep the CORS protected setup.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-dev-h...@hadoop.apache.org
