[
https://issues.apache.org/jira/browse/YARN-3053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15645776#comment-15645776
]
Li Lu commented on YARN-3053:
-----------------------------
Thanks [~varun_saxena] for the write up! After checking the doc I have a quick
question. IIUC, the default workflow of a YARN app under a secured environment
is the client, under the kerberos logged in user's authentication, gets
delegation tokens for the app, and hand in them to YARN via the app submission
context. The app then runs with the provided delegation token. YARN will assist
the application to renew tokens. Under the current design, our app collectors
will assist AMs to get timeline delegation tokens. I'm not sure if and how
we're actually checking if the AM is authenticated before the collector can
reply a token? Or, put in another way, how do we know if the AM should be
trusted by the collector? This problem seems not exist in the two alternative
approaches proposed in the write up, though.
> [Security] Review and implement security in ATS v.2
> ---------------------------------------------------
>
> Key: YARN-3053
> URL: https://issues.apache.org/jira/browse/YARN-3053
> Project: Hadoop YARN
> Issue Type: Sub-task
> Components: timelineserver
> Reporter: Sangjin Lee
> Assignee: Varun Saxena
> Labels: YARN-5355
> Attachments: ATSv2Authentication(draft).pdf
>
>
> Per design in YARN-2928, we want to evaluate and review the system for
> security, and ensure proper security in the system.
> This includes proper authentication, token management, access control, and
> any other relevant security aspects.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
