[ https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13724357#comment-13724357 ]
Vinod Kumar Vavilapalli commented on YARN-948: ---------------------------------------------- +1, looks good. Checking this in. > RM should validate the release container list before actually releasing them > ---------------------------------------------------------------------------- > > Key: YARN-948 > URL: https://issues.apache.org/jira/browse/YARN-948 > Project: Hadoop YARN > Issue Type: Bug > Reporter: Omkar Vinit Joshi > Assignee: Omkar Vinit Joshi > Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch, > YARN-948-20130729.1.patch > > > At present we are blinding passing the allocate request containing containers > to be released to the scheduler. This may result into one application > releasing another application's container. > {code} > @Override > @Lock(Lock.NoLock.class) > public Allocation allocate(ApplicationAttemptId applicationAttemptId, > List<ResourceRequest> ask, List<ContainerId> release, > List<String> blacklistAdditions, List<String> blacklistRemovals) { > FiCaSchedulerApp application = getApplication(applicationAttemptId); > .... > .... > // Release containers > for (ContainerId releasedContainerId : release) { > RMContainer rmContainer = getRMContainer(releasedContainerId); > if (rmContainer == null) { > RMAuditLogger.logFailure(application.getUser(), > AuditConstants.RELEASE_CONTAINER, > "Unauthorized access or invalid container", "CapacityScheduler", > "Trying to release container not owned by app or with invalid > id", > application.getApplicationId(), releasedContainerId); > } > completedContainer(rmContainer, > SchedulerUtils.createAbnormalContainerStatus( > releasedContainerId, > SchedulerUtils.RELEASED_CONTAINER), > RMContainerEventType.RELEASED); > } > {code} > Current checks are not sufficient and we should prevent this..... thoughts? -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira