[
https://issues.apache.org/jira/browse/YARN-8920?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16657413#comment-16657413
]
Wangda Tan commented on YARN-8920:
----------------------------------
Thanks [~suma.shivaprasad],
1) Inside YarnConfiguration,
We should add a default field inside YarnConfiguration as well as
yarn-default.xml for the new key.
We should avoid use \{{conf.get(key, true)}} for easier maintenance. (Instead
you can use conf.get(key, DEFAULT_KEY_VALUE))
And also you can add necessary documentation (via description) to
yarn-default.xml for documentation purposes.
2) LogAggregationIndexedFileController#initializeWriterForApp,
I saw now the user is set to yarn when the config is set to false.
{\{indexedLogsMeta.setUser(ugi.getShortUserName())}}
I'm concerned about this, since the log is still belongs to the user when we
come to view the UI, etc. But the file is read/written by YARN user's
credentials. We should still separate the two.
> LogAggregation should be configurable to allow writing to underlying storage
> as appOwner or yarn user
> -----------------------------------------------------------------------------------------------------
>
> Key: YARN-8920
> URL: https://issues.apache.org/jira/browse/YARN-8920
> Project: Hadoop YARN
> Issue Type: Improvement
> Components: log-aggregation, yarn
> Reporter: Suma Shivaprasad
> Assignee: Suma Shivaprasad
> Priority: Major
> Attachments: YARN-8920.1.patch, YARN-8920.2.patch
>
>
> Currently NM Log Aggregation does not support writing to underlying storage
> as "yarn" user. This would be needed while writing storages like S3 which do
> not support POSIX compliant ACLs and a single access key would be used for
> writes and app owners will be allowed to read the logs with their own access
> keys.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
