[jira] [Created] (YARN-8167) Improve Diagonstic message when a user without privileged permission deploys a privileged app

Mon, 16 Apr 2018 14:12:03 -0700 

Yesha Vora created YARN-8167:
--------------------------------

             Summary: Improve Diagonstic message when a user without privileged 
permission deploys a privileged app
                 Key: YARN-8167
                 URL: https://issues.apache.org/jira/browse/YARN-8167
             Project: Hadoop YARN
          Issue Type: Bug
          Components: yarn-native-services
    Affects Versions: 3.1.0
            Reporter: Yesha Vora


Steps:

1) Validate hrt_qa user is not mentioned in 
yarn.nodemanager.runtime.linux.docker.privileged-containers.acl 
2) launch a dshell app with 
YARN_CONTAINER_RUNTIME_DOCKER_RUN_PRIVILEGED_CONTAINER=true
{code}
/usr/hdp/current/hadoop-yarn-client/bin/yarn jar 
/usr/hdp/3.0.0.0/hadoop-yarn/hadoop-yarn-applications-distributedshell-3.0.0.jar
 -shell_command "sleep 30" -num_containers 1 -shell_env 
YARN_CONTAINER_RUNTIME_TYPE=docker -shell_env 
YARN_CONTAINER_RUNTIME_DOCKER_IMAGE=centos/httpd-24-centos7:latest -shell_env 
YARN_CONTAINER_RUNTIME_DOCKER_RUN_PRIVILEGED_CONTAINER=true -jar 
/usr/hdp/3.0.0.0/hadoop-yarn/hadoop-yarn-applications-distributedshell-3.0.0.jar{code}

The application is failing to launch the container. However, diagnostic message 
of the app is not proper. 
It returns "Diagnostics., total=1, completed=1, allocated=1, failed=1"

The AM log also does not have proper error message
{code:title=AppMaster.stderr}
18/04/16 20:45:56 INFO distributedshell.ApplicationMaster: 
appattempt_1523387473707_0049_000001 got container status for 
containerID=container_e24_1523387473707_0049_01_000002, state=COMPLETE, 
exitStatus=-1, diagnostics=[2018-04-16 20:45:49.062]Exception from 
container-launch.
Container id: container_e24_1523387473707_0049_01_000002
Exit code: -1
Exception message: <unknown>
Shell output: <unknown>

[2018-04-16 20:45:49.085]Container exited with a non-zero exit code -1.
[2018-04-16 20:45:49.085]Container exited with a non-zero exit code -1.

18/04/16 20:45:56 INFO distributedshell.ApplicationMaster: Application 
completed. Stopping running containers{code}

Diagonstic message should be improved to explicitly mention that "hrt_qa user 
does not have permission to launch privilege containers"



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to