[
https://issues.apache.org/jira/browse/YARN-35?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13684537#comment-13684537
]
Omkar Vinit Joshi commented on YARN-35:
---------------------------------------
* I think we should make it configurable if user wants he can enable it (like
for unsecured environment it will unnecessarily increase RM memory).
* This would be tricky when we are going to support work preserving mode. As
how long we will key per node SecretManager (key) in RM? say for example if NM
reconnects then it should be given same key or else nm will reject all the
connections with older tokens.
> Move to per-node RM-NM secrets
> ------------------------------
>
> Key: YARN-35
> URL: https://issues.apache.org/jira/browse/YARN-35
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Vinod Kumar Vavilapalli
>
> We should move over to per node secret (RM-NM shared secrets) for security
> sake. It was what I had in my mind while designing the whole security
> architecture, but somehow it got lost in all the storm of security patches.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
