[jira] [Commented] (YARN-3895) Support ACLs in ATSv2

Thu, 14 Sep 2017 05:01:38 -0700 

    [ 
https://issues.apache.org/jira/browse/YARN-3895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16166135#comment-16166135
 ] 

Rohith Sharma K S commented on YARN-3895:
-----------------------------------------

I think we should target this for GA! Though YARN-6820 provides basic 
whitelisting users for read access, it is not full solution.  
Request folks to put up your approaches for discussions!

Primarily I can think of couple of approaches which need to be discus 
complexities in detail!
#  User can submit acls during submission of application only which is 
currently supported for application. The same acls can be stored under 
application table which can be referred while reading entities. These acls 
belong to per application entities. All the entities under application have 
these acls. This approach works well for flow model but not for Tez kind of 
model. 
#  How about accepting ACLs via TimelineEntity itself.? Each entity has ACLS 
who should be read! Note that acls is for reading data only.  
#  At last, atsv2 can also have group concept where in each group of entities 
has their own acls. To to this way, probably let introduce new API that accept 
acls per group to store acls at back end. The concern is how are we going to 
store at back end? What should be the row key for new table!!
cc :/ [~jlowe] [~vrushalic] [~varun_saxena] [~jianhe] [~vinodkv] 
[~jrottinghuis] [~haibo.chen]

> Support ACLs in ATSv2
> ---------------------
>
>                 Key: YARN-3895
>                 URL: https://issues.apache.org/jira/browse/YARN-3895
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>          Components: timelineserver
>    Affects Versions: YARN-2928
>            Reporter: Varun Saxena
>            Assignee: Varun Saxena
>              Labels: YARN-5355
>
> This JIRA is to keep track of authorization support design discussions for 
> both readers and collectors. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to