Steve Loughran created YARN-4653:
------------------------------------
Summary: Document YARN security model
Key: YARN-4653
URL: https://issues.apache.org/jira/browse/YARN-4653
Project: Hadoop YARN
Issue Type: Task
Components: site
Affects Versions: 2.7.2
Reporter: Steve Loughran
Assignee: Steve Loughran
What YARN apps need to do for security today is generally copied direct from
distributed shell, with a bit of [ill-informed
superstition|https://steveloughran.gitbooks.io/kerberos_and_hadoop/content/sections/yarn.html]
being the sole prose.
We need a normative document in the YARN site covering
# the needs for YARN security
# token creation for AM launch
# how the RM gets involved
# token propagation on container launch
# token renewal strategies
# How to get tokens for other apps like HBase and Hive.
# how to work under OOzie
Perhaps the WritingYarnApplications.md doc is updated, otherwise why not just
link to the relevant bit of the distributed shell client on github for a
guarantee of staying up to date?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
