[
https://issues.apache.org/jira/browse/YARN-7933?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16474013#comment-16474013
]
Rohith Sharma K S commented on YARN-7933:
-----------------------------------------
bq. Isn't it the case that a TimelineClient must be able to authenticate with
the TimelineCollector first before it can post data to that TimelineCollector?
Here the intention I added is with ATS1.5 approach i.e if same client or
different client publishes same domain id then collector need to check for ACLs
for domain i.e owner. In our design, I was not sure about should we check owner
for domain id, so I added a TODO. If this is not our design in future, we can
remove this at any point of time.
bq. Where do we check the delegation token on inside
PerNodeTimelineCollectorService?
Timeline Token verification is at filter layer at the time of http connection
establishment i.e even before it reaches servlets. Follow the classes
NodeTimelineCollectorManager#startWebApp TimelineAuthenticationFilter
> [atsv2 read acls] Add TimelineWriter#writeDomain
> -------------------------------------------------
>
> Key: YARN-7933
> URL: https://issues.apache.org/jira/browse/YARN-7933
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Vrushali C
> Assignee: Rohith Sharma K S
> Priority: Major
> Attachments: YARN-7933.01.patch, YARN-7933.02.patch,
> YARN-7933.03.patch, YARN-7933.04.patch, YARN-7933.05.patch
>
>
>
> Add an API TimelineWriter#writeDomain for writing the domain info
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
