[jira] [Commented] (YARN-2808) yarn client tool can not list app_attempt's container info correctly

2014-11-05 Thread Gordon Wang (JIRA) 

[ 
https://issues.apache.org/jira/browse/YARN-2808?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14199559#comment-14199559
 ] 

Gordon Wang commented on YARN-2808:
---

setting yarn.resourcemanager.max-completed-applications to 0 is not a solution 
from my view.
RM could cache completed app generic info, so that it is easy for user to check 
the job status. And more, user could find the job info in RM's web UI, then, 
redirect to history-server/timeline-server for more app detail info.

I think YARN-1794 is similar, but not the same.
{quote}
And was intending to fix by modifing YarnClientImpl.getContainers(). If the 
size of containers is 0. We can get it from timeline.
{quote}
I am afraid this fix is only for YARN-2808 case. But generally speaking, since 
RM does not cache completed container info, if a app is running, both the size 
of running containers and the size of completed container could be larger than 
0. So, one possible fix is that pulling the container info both from RM and 
timeline-server regardless of the state of app attempt.

 yarn client tool can not list app_attempt's container info correctly
 

 Key: YARN-2808
 URL: https://issues.apache.org/jira/browse/YARN-2808
 Project: Hadoop YARN
  Issue Type: Bug
  Components: client
Reporter: Gordon Wang

 When enabling timeline server, yarn client can not list the container info 
 for a application attempt correctly.
 Here is the reproduce step.
 # enabling yarn timeline server
 # submit a MR job
 # after the job is finished. use yarn client to list the container info of 
 the app attempt.
 Then, since the RM has cached the application's attempt info, the output show 
 {noformat}
 [hadoop@localhost hadoop-3.0.0-SNAPSHOT]$ ./bin/yarn container -list 
 appattempt_1415168250217_0001_01
 14/11/05 01:19:15 WARN util.NativeCodeLoader: Unable to load native-hadoop 
 library for your platform... using builtin-java classes where applicable
 14/11/05 01:19:15 INFO impl.TimelineClientImpl: Timeline service address: 
 http://0.0.0.0:8188/ws/v1/timeline/
 14/11/05 01:19:16 INFO client.RMProxy: Connecting to ResourceManager at 
 /0.0.0.0:8032
 14/11/05 01:19:16 INFO client.AHSProxy: Connecting to Application History 
 server at /0.0.0.0:10200
 Total number of containers :0
   Container-Id  Start Time Finish 
 Time   StateHost  
   LOG-URL
 {noformat}
 But if the rm is restarted, client can fetch the container info from timeline 
 server correctly.
 {noformat}
 [hadoop@localhost hadoop-3.0.0-SNAPSHOT]$ ./bin/yarn container -list 
 appattempt_1415168250217_0001_01
 14/11/05 01:21:06 WARN util.NativeCodeLoader: Unable to load native-hadoop 
 library for your platform... using builtin-java classes where applicable
 14/11/05 01:21:06 INFO impl.TimelineClientImpl: Timeline service address: 
 http://0.0.0.0:8188/ws/v1/timeline/
 14/11/05 01:21:06 INFO client.RMProxy: Connecting to ResourceManager at 
 /0.0.0.0:8032
 14/11/05 01:21:06 INFO client.AHSProxy: Connecting to Application History 
 server at /0.0.0.0:10200
 Total number of containers :4
   Container-Id  Start Time Finish 
 Time   StateHost  
   LOG-URL
 container_1415168250217_0001_01_01   1415168318376   
 1415168349896COMPLETElocalhost.localdomain:47024 
 http://0.0.0.0:8188/applicationhistory/logs/localhost.localdomain:47024/container_1415168250217_0001_01_01/container_1415168250217_0001_01_01/hadoop
 container_1415168250217_0001_01_02   1415168326399   
 1415168334858COMPLETElocalhost.localdomain:47024 
 http://0.0.0.0:8188/applicationhistory/logs/localhost.localdomain:47024/container_1415168250217_0001_01_02/container_1415168250217_0001_01_02/hadoop
 container_1415168250217_0001_01_03   1415168326400   
 1415168335277COMPLETElocalhost.localdomain:47024 
 http://0.0.0.0:8188/applicationhistory/logs/localhost.localdomain:47024/container_1415168250217_0001_01_03/container_1415168250217_0001_01_03/hadoop
 container_1415168250217_0001_01_04   1415168335825   
 1415168343873COMPLETElocalhost.localdomain:47024 
 http://0.0.0.0:8188/applicationhistory/logs/localhost.localdomain:47024/container_1415168250217_0001_01_04/container_1415168250217_0001_01_04/hadoop
 {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (YARN-2808) yarn client tool can not list app_attempt's container info correctly

2014-11-04 Thread Gordon Wang (JIRA) 
Gordon Wang created YARN-2808:
-

 Summary: yarn client tool can not list app_attempt's container 
info correctly
 Key: YARN-2808
 URL: https://issues.apache.org/jira/browse/YARN-2808
 Project: Hadoop YARN
  Issue Type: Bug
  Components: client
Reporter: Gordon Wang


When enabling timeline server, yarn client can not list the container info for 
a application attempt correctly.
Here is the reproduce step.

# enabling yarn timeline server
# submit a MR job
# after the job is finished. use yarn client to list the container info of the 
app attempt.

Then, since the RM has cached the application's attempt info, the output show 
{noformat}
[hadoop@localhost hadoop-3.0.0-SNAPSHOT]$ ./bin/yarn container -list 
appattempt_1415168250217_0001_01
14/11/05 01:19:15 WARN util.NativeCodeLoader: Unable to load native-hadoop 
library for your platform... using builtin-java classes where applicable
14/11/05 01:19:15 INFO impl.TimelineClientImpl: Timeline service address: 
http://0.0.0.0:8188/ws/v1/timeline/
14/11/05 01:19:16 INFO client.RMProxy: Connecting to ResourceManager at 
/0.0.0.0:8032
14/11/05 01:19:16 INFO client.AHSProxy: Connecting to Application History 
server at /0.0.0.0:10200
Total number of containers :0
  Container-IdStart Time Finish Time
   StateHost
LOG-URL
{noformat}

But if the rm is restarted, client can fetch the container info from timeline 
server correctly.
{noformat}
[hadoop@localhost hadoop-3.0.0-SNAPSHOT]$ ./bin/yarn container -list 
appattempt_1415168250217_0001_01
14/11/05 01:21:06 WARN util.NativeCodeLoader: Unable to load native-hadoop 
library for your platform... using builtin-java classes where applicable
14/11/05 01:21:06 INFO impl.TimelineClientImpl: Timeline service address: 
http://0.0.0.0:8188/ws/v1/timeline/
14/11/05 01:21:06 INFO client.RMProxy: Connecting to ResourceManager at 
/0.0.0.0:8032
14/11/05 01:21:06 INFO client.AHSProxy: Connecting to Application History 
server at /0.0.0.0:10200
Total number of containers :4
  Container-IdStart Time Finish Time
   StateHost
LOG-URL
container_1415168250217_0001_01_01 1415168318376   
1415168349896COMPLETElocalhost.localdomain:47024 
http://0.0.0.0:8188/applicationhistory/logs/localhost.localdomain:47024/container_1415168250217_0001_01_01/container_1415168250217_0001_01_01/hadoop
container_1415168250217_0001_01_02 1415168326399   
1415168334858COMPLETElocalhost.localdomain:47024 
http://0.0.0.0:8188/applicationhistory/logs/localhost.localdomain:47024/container_1415168250217_0001_01_02/container_1415168250217_0001_01_02/hadoop
container_1415168250217_0001_01_03 1415168326400   
1415168335277COMPLETElocalhost.localdomain:47024 
http://0.0.0.0:8188/applicationhistory/logs/localhost.localdomain:47024/container_1415168250217_0001_01_03/container_1415168250217_0001_01_03/hadoop
container_1415168250217_0001_01_04 1415168335825   
1415168343873COMPLETElocalhost.localdomain:47024 
http://0.0.0.0:8188/applicationhistory/logs/localhost.localdomain:47024/container_1415168250217_0001_01_04/container_1415168250217_0001_01_04/hadoop
{noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (YARN-1950) Do not check ACL in Yarn scheduler when Yarn ACL is disabled

2014-10-23 Thread Gordon Wang (JIRA) 

 [ 
https://issues.apache.org/jira/browse/YARN-1950?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gordon Wang updated YARN-1950:
--
Issue Type: Sub-task  (was: Bug)
Parent: YARN-1941

 Do not check ACL in Yarn scheduler when Yarn ACL is disabled
 

 Key: YARN-1950
 URL: https://issues.apache.org/jira/browse/YARN-1950
 Project: Hadoop YARN
  Issue Type: Sub-task
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang
Assignee: Gordon Wang





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (YARN-1941) Yarn scheduler ACL improvement

2014-04-27 Thread Gordon Wang (JIRA) 

[ 
https://issues.apache.org/jira/browse/YARN-1941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13982355#comment-13982355
 ] 

Gordon Wang commented on YARN-1941:
---

[~rusanu], from the dev engineer view, I can not agree with you more. But as 
[~sandyr] mentioned, if a lot of customers are using this, We should evaluate 
the impact of this change.
I reconsider this. I prefer to change the root ACL now. And here is my thought.
1. If we change root ACL to  , users who leave root ACL as default should 
have to update their scheduler configuration file. But it is an easy update, 
just implicitly set root ACL as * is OK.
2. Since most of the users may use ClouderaManager or Ambari to do the upgrade 
job. This kind of change can be easily implemented in these tools. Thus, the 
impact of users will be minimised. For the users who directly use hadoop 
binary, they must be the experienced hadoop admins. Change this configuration 
is not a hard job for them during cluster upgrade. 

[~sandyr], what are your opinions? could you please help me to involve more 
YARN guys to discuss this? Your comments are very welcome !

Thanks.

 Yarn scheduler ACL improvement
 --

 Key: YARN-1941
 URL: https://issues.apache.org/jira/browse/YARN-1941
 Project: Hadoop YARN
  Issue Type: Improvement
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang
Assignee: Gordon Wang
  Labels: scheduler

 Defect:
 1. Currently, in Yarn Capacity Scheduler and Yarn Fair Scheduler, the queue 
 ACL is always checked when submitting a app to scheduler, regardless of the 
 property yarn.acl.enable.
 But for killing an app, the ACL is checked when yarn.acl.enable is set.
 The behaviour is not consistent.
 2. default ACL for root queue is EVERYBODY_ACL( * ), while default ACL for 
 other queues is NODODY_ACL( ). From users' view, this is error prone and not 
 easy to understand the ACL policy of Yarn scheduler. root queue should not be 
 so special compared with other parent queues.
 For example, if I want to set capacity scheduler ACL, the ACL of root has to 
 be set explicitly. Otherwise, everyone can submit APP to yarn scheduler. 
 Because root queue ACL is EVERYBODY_ACL.
 This is hard for user to administrate yarn scheduler.
 So, I propose to improve the ACL of yarn scheduler in the following aspects.
 1. only enable scheduler queue ACL when yarn.acl.enable is set to true.
 2. set the default ACL of root queue as NOBODY_ACL( ). Make all the parent 
 queues' ACL consistent.
  



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Assigned] (YARN-1950) Do not check ACL in Yarn scheduler when Yarn ACL is disabled

2014-04-17 Thread Gordon Wang (JIRA) 

 [ 
https://issues.apache.org/jira/browse/YARN-1950?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gordon Wang reassigned YARN-1950:
-

Assignee: Gordon Wang

 Do not check ACL in Yarn scheduler when Yarn ACL is disabled
 

 Key: YARN-1950
 URL: https://issues.apache.org/jira/browse/YARN-1950
 Project: Hadoop YARN
  Issue Type: Bug
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang
Assignee: Gordon Wang





--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Commented] (YARN-1941) Yarn scheduler ACL improvement

2014-04-17 Thread Gordon Wang (JIRA) 

[ 
https://issues.apache.org/jira/browse/YARN-1941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13973662#comment-13973662
 ] 

Gordon Wang commented on YARN-1941:
---

[~sandyr], I agree with you. Your use case is legitimate. Let's keep the 
default ACL of root as EVERYBODY_ACL.

 Yarn scheduler ACL improvement
 --

 Key: YARN-1941
 URL: https://issues.apache.org/jira/browse/YARN-1941
 Project: Hadoop YARN
  Issue Type: Improvement
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang
Assignee: Gordon Wang
  Labels: scheduler

 Defect:
 1. Currently, in Yarn Capacity Scheduler and Yarn Fair Scheduler, the queue 
 ACL is always checked when submitting a app to scheduler, regardless of the 
 property yarn.acl.enable.
 But for killing an app, the ACL is checked when yarn.acl.enable is set.
 The behaviour is not consistent.
 2. default ACL for root queue is EVERYBODY_ACL( * ), while default ACL for 
 other queues is NODODY_ACL( ). From users' view, this is error prone and not 
 easy to understand the ACL policy of Yarn scheduler. root queue should not be 
 so special compared with other parent queues.
 For example, if I want to set capacity scheduler ACL, the ACL of root has to 
 be set explicitly. Otherwise, everyone can submit APP to yarn scheduler. 
 Because root queue ACL is EVERYBODY_ACL.
 This is hard for user to administrate yarn scheduler.
 So, I propose to improve the ACL of yarn scheduler in the following aspects.
 1. only enable scheduler queue ACL when yarn.acl.enable is set to true.
 2. set the default ACL of root queue as NOBODY_ACL( ). Make all the parent 
 queues' ACL consistent.
  



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Resolved] (YARN-1951) Change root queue default ACL to NOBODY_ACL in yarn scheduler

2014-04-17 Thread Gordon Wang (JIRA) 

 [ 
https://issues.apache.org/jira/browse/YARN-1951?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gordon Wang resolved YARN-1951.
---

Resolution: Won't Fix

Per discussion with [~sandyr] in YARN-1941.
The cost of breaking existing setups outweighs the benefits of changing this.
Let's keep the root queue default ACL.

 Change root queue default ACL to NOBODY_ACL in yarn scheduler
 -

 Key: YARN-1951
 URL: https://issues.apache.org/jira/browse/YARN-1951
 Project: Hadoop YARN
  Issue Type: Sub-task
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang





--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Commented] (YARN-1941) Yarn scheduler ACL improvement

2014-04-16 Thread Gordon Wang (JIRA) 

[ 
https://issues.apache.org/jira/browse/YARN-1941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13971442#comment-13971442
 ] 

Gordon Wang commented on YARN-1941:
---

Hi [~sandyr], Thank you for your reply !

For (2), we can keep the behaviour compatible even if we change the default ACL 
to NOBODY_ACL. From the user's view, changing the default ACL will not need 
user to update the scheduler configuration. So, it is compatible with the 
previous configuration.
Here is my thinking.  We can consider this in 2 situations.
A) The ACL is disabled. (yarn.acl.enable = false). In this kind of 
configuration, changing the default ACL of ROOT queue will not affect users. 
Because scheduler do not check any ACL at this time.
B) The ACL is enabled. (yarn.acl.enable = true). Currently, if user want to 
make ACL works correctly. They have to explicitly set the ACL of root queue to 
NOBODY_ACL( ). After we change the default ACL of root queue, current 
configuration should work(the root queue ACL should be set as what user 
wants.). But we can get benefit in new scheduler configuration. In new 
configuration, user do not need to explicitly set the root queue ACL.

What's your opinion?

I create 2 subtasks to track each item. Please feel free to comment. I am 
formatting the patch. Will give you a review soon.

Thanks,

 Yarn scheduler ACL improvement
 --

 Key: YARN-1941
 URL: https://issues.apache.org/jira/browse/YARN-1941
 Project: Hadoop YARN
  Issue Type: Improvement
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang
  Labels: scheduler

 Defect:
 1. Currently, in Yarn Capacity Scheduler and Yarn Fair Scheduler, the queue 
 ACL is always checked when submitting a app to scheduler, regardless of the 
 property yarn.acl.enable.
 But for killing an app, the ACL is checked when yarn.acl.enable is set.
 The behaviour is not consistent.
 2. default ACL for root queue is EVERYBODY_ACL( * ), while default ACL for 
 other queues is NODODY_ACL( ). From users' view, this is error prone and not 
 easy to understand the ACL policy of Yarn scheduler. root queue should not be 
 so special compared with other parent queues.
 For example, if I want to set capacity scheduler ACL, the ACL of root has to 
 be set explicitly. Otherwise, everyone can submit APP to yarn scheduler. 
 Because root queue ACL is EVERYBODY_ACL.
 This is hard for user to administrate yarn scheduler.
 So, I propose to improve the ACL of yarn scheduler in the following aspects.
 1. only enable scheduler queue ACL when yarn.acl.enable is set to true.
 2. set the default ACL of root queue as NOBODY_ACL( ). Make all the parent 
 queues' ACL consistent.
  



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Created] (YARN-1950) Do not check ACL in Yarn scheduler when Yarn ACL is disabled

2014-04-16 Thread Gordon Wang (JIRA) 
Gordon Wang created YARN-1950:
-

 Summary: Do not check ACL in Yarn scheduler when Yarn ACL is 
disabled
 Key: YARN-1950
 URL: https://issues.apache.org/jira/browse/YARN-1950
 Project: Hadoop YARN
  Issue Type: Bug
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang






--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Created] (YARN-1951) Change root queue default ACL to NOBODY_ACL in yarn scheduler

2014-04-16 Thread Gordon Wang (JIRA) 
Gordon Wang created YARN-1951:
-

 Summary: Change root queue default ACL to NOBODY_ACL in yarn 
scheduler
 Key: YARN-1951
 URL: https://issues.apache.org/jira/browse/YARN-1951
 Project: Hadoop YARN
  Issue Type: Sub-task
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang






--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Commented] (YARN-1950) Do not check ACL in Yarn scheduler when Yarn ACL is disabled

2014-04-16 Thread Gordon Wang (JIRA) 

[ 
https://issues.apache.org/jira/browse/YARN-1950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13971446#comment-13971446
 ] 

Gordon Wang commented on YARN-1950:
---

Use this issue to track the item 1 in YARN-1941

 Do not check ACL in Yarn scheduler when Yarn ACL is disabled
 

 Key: YARN-1950
 URL: https://issues.apache.org/jira/browse/YARN-1950
 Project: Hadoop YARN
  Issue Type: Bug
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang





--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Commented] (YARN-1941) Yarn scheduler ACL improvement

2014-04-16 Thread Gordon Wang (JIRA) 

[ 
https://issues.apache.org/jira/browse/YARN-1941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13971454#comment-13971454
 ] 

Gordon Wang commented on YARN-1941:
---

[~sandyr], would you mind to assign these 3 jiras to me? And I can submit the 
patch later :)
Thanks a lot !

 Yarn scheduler ACL improvement
 --

 Key: YARN-1941
 URL: https://issues.apache.org/jira/browse/YARN-1941
 Project: Hadoop YARN
  Issue Type: Improvement
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang
  Labels: scheduler

 Defect:
 1. Currently, in Yarn Capacity Scheduler and Yarn Fair Scheduler, the queue 
 ACL is always checked when submitting a app to scheduler, regardless of the 
 property yarn.acl.enable.
 But for killing an app, the ACL is checked when yarn.acl.enable is set.
 The behaviour is not consistent.
 2. default ACL for root queue is EVERYBODY_ACL( * ), while default ACL for 
 other queues is NODODY_ACL( ). From users' view, this is error prone and not 
 easy to understand the ACL policy of Yarn scheduler. root queue should not be 
 so special compared with other parent queues.
 For example, if I want to set capacity scheduler ACL, the ACL of root has to 
 be set explicitly. Otherwise, everyone can submit APP to yarn scheduler. 
 Because root queue ACL is EVERYBODY_ACL.
 This is hard for user to administrate yarn scheduler.
 So, I propose to improve the ACL of yarn scheduler in the following aspects.
 1. only enable scheduler queue ACL when yarn.acl.enable is set to true.
 2. set the default ACL of root queue as NOBODY_ACL( ). Make all the parent 
 queues' ACL consistent.
  



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Created] (YARN-1941) Yarn scheduler ACL improvement

2014-04-15 Thread Gordon Wang (JIRA) 
Gordon Wang created YARN-1941:
-

 Summary: Yarn scheduler ACL improvement
 Key: YARN-1941
 URL: https://issues.apache.org/jira/browse/YARN-1941
 Project: Hadoop YARN
  Issue Type: Improvement
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang


Defect:
1. Currently, in Yarn Capacity Scheduler and Yarn Fair Scheduler, the queue ACL 
is always checked when submitting a app to scheduler, regardless of the 
property yarn.acl.enable.
But for killing an app, the ACL is checked when yarn.acl.enable is set.
The behaviour is not consistent.

2. default ACL for root queue is EVERYBODY_ACL(*), while default ACL for other 
queues is NODODY_ACL( ). From users' view, this is error prone and not easy to 
understand the ACL policy of Yarn scheduler. root queue should not be so 
special compared with other parent queues.
For example, if I want to set capacity scheduler ACL, the ACL of root has to be 
set explicitly. Otherwise, everyone can submit APP to yarn scheduler. Because 
root queue ACL is EVERYBODY_ACL.
This is hard for user to administrate yarn scheduler.

So, I propose to improve the ACL of yarn scheduler in the following aspects.
1. only enable scheduler queue ACL when yarn.acl.enable is set to true.
2. set the default ACL of root queue as NOBODY_ACL( ). Make all the parent 
queues' ACL consistent.
 



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Commented] (YARN-1941) Yarn scheduler ACL improvement

2014-04-15 Thread Gordon Wang (JIRA) 

[ 
https://issues.apache.org/jira/browse/YARN-1941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13969349#comment-13969349
 ] 

Gordon Wang commented on YARN-1941:
---

Checking scheduler queue ACL when submitting a APP to scheduler may derive from 
hadoop 1 in which there is no properties to enable ACL. But in yarn, since 
there is already a property to enable yarn acl. we should change the behaviour 
of the scheduler.

Your comments are very welcome. I think I can format a patch later. If I can 
get any comments from community, I will change my patch according to your 
opinion. 

Thanks in advance.

 Yarn scheduler ACL improvement
 --

 Key: YARN-1941
 URL: https://issues.apache.org/jira/browse/YARN-1941
 Project: Hadoop YARN
  Issue Type: Improvement
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang
  Labels: scheduler

 Defect:
 1. Currently, in Yarn Capacity Scheduler and Yarn Fair Scheduler, the queue 
 ACL is always checked when submitting a app to scheduler, regardless of the 
 property yarn.acl.enable.
 But for killing an app, the ACL is checked when yarn.acl.enable is set.
 The behaviour is not consistent.
 2. default ACL for root queue is EVERYBODY_ACL(*), while default ACL for 
 other queues is NODODY_ACL( ). From users' view, this is error prone and not 
 easy to understand the ACL policy of Yarn scheduler. root queue should not be 
 so special compared with other parent queues.
 For example, if I want to set capacity scheduler ACL, the ACL of root has to 
 be set explicitly. Otherwise, everyone can submit APP to yarn scheduler. 
 Because root queue ACL is EVERYBODY_ACL.
 This is hard for user to administrate yarn scheduler.
 So, I propose to improve the ACL of yarn scheduler in the following aspects.
 1. only enable scheduler queue ACL when yarn.acl.enable is set to true.
 2. set the default ACL of root queue as NOBODY_ACL( ). Make all the parent 
 queues' ACL consistent.
  



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Updated] (YARN-1941) Yarn scheduler ACL improvement

2014-04-15 Thread Gordon Wang (JIRA) 

 [ 
https://issues.apache.org/jira/browse/YARN-1941?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gordon Wang updated YARN-1941:
--

Description: 
Defect:
1. Currently, in Yarn Capacity Scheduler and Yarn Fair Scheduler, the queue ACL 
is always checked when submitting a app to scheduler, regardless of the 
property yarn.acl.enable.
But for killing an app, the ACL is checked when yarn.acl.enable is set.
The behaviour is not consistent.

2. default ACL for root queue is EVERYBODY_ACL( * ), while default ACL for 
other queues is NODODY_ACL( ). From users' view, this is error prone and not 
easy to understand the ACL policy of Yarn scheduler. root queue should not be 
so special compared with other parent queues.
For example, if I want to set capacity scheduler ACL, the ACL of root has to be 
set explicitly. Otherwise, everyone can submit APP to yarn scheduler. Because 
root queue ACL is EVERYBODY_ACL.
This is hard for user to administrate yarn scheduler.

So, I propose to improve the ACL of yarn scheduler in the following aspects.
1. only enable scheduler queue ACL when yarn.acl.enable is set to true.
2. set the default ACL of root queue as NOBODY_ACL( ). Make all the parent 
queues' ACL consistent.
 

  was:
Defect:
1. Currently, in Yarn Capacity Scheduler and Yarn Fair Scheduler, the queue ACL 
is always checked when submitting a app to scheduler, regardless of the 
property yarn.acl.enable.
But for killing an app, the ACL is checked when yarn.acl.enable is set.
The behaviour is not consistent.

2. default ACL for root queue is EVERYBODY_ACL(*), while default ACL for other 
queues is NODODY_ACL( ). From users' view, this is error prone and not easy to 
understand the ACL policy of Yarn scheduler. root queue should not be so 
special compared with other parent queues.
For example, if I want to set capacity scheduler ACL, the ACL of root has to be 
set explicitly. Otherwise, everyone can submit APP to yarn scheduler. Because 
root queue ACL is EVERYBODY_ACL.
This is hard for user to administrate yarn scheduler.

So, I propose to improve the ACL of yarn scheduler in the following aspects.
1. only enable scheduler queue ACL when yarn.acl.enable is set to true.
2. set the default ACL of root queue as NOBODY_ACL( ). Make all the parent 
queues' ACL consistent.
 


 Yarn scheduler ACL improvement
 --

 Key: YARN-1941
 URL: https://issues.apache.org/jira/browse/YARN-1941
 Project: Hadoop YARN
  Issue Type: Improvement
  Components: scheduler
Affects Versions: 2.3.0
Reporter: Gordon Wang
  Labels: scheduler

 Defect:
 1. Currently, in Yarn Capacity Scheduler and Yarn Fair Scheduler, the queue 
 ACL is always checked when submitting a app to scheduler, regardless of the 
 property yarn.acl.enable.
 But for killing an app, the ACL is checked when yarn.acl.enable is set.
 The behaviour is not consistent.
 2. default ACL for root queue is EVERYBODY_ACL( * ), while default ACL for 
 other queues is NODODY_ACL( ). From users' view, this is error prone and not 
 easy to understand the ACL policy of Yarn scheduler. root queue should not be 
 so special compared with other parent queues.
 For example, if I want to set capacity scheduler ACL, the ACL of root has to 
 be set explicitly. Otherwise, everyone can submit APP to yarn scheduler. 
 Because root queue ACL is EVERYBODY_ACL.
 This is hard for user to administrate yarn scheduler.
 So, I propose to improve the ACL of yarn scheduler in the following aspects.
 1. only enable scheduler queue ACL when yarn.acl.enable is set to true.
 2. set the default ACL of root queue as NOBODY_ACL( ). Make all the parent 
 queues' ACL consistent.
  



--
This message was sent by Atlassian JIRA
(v6.2#6252)