[jira] [Commented] (YARN-8920) LogAggregation should be configurable to allow writing to underlying storage as appOwner or yarn user

Fri, 19 Oct 2018 17:11:55 -0700 


    [ 
https://issues.apache.org/jira/browse/YARN-8920?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16657588#comment-16657588
 ] 

Suma Shivaprasad commented on YARN-8920:
----------------------------------------

Thanks for reviewing the patch [~leftnoteasy] Attaching updated patch

1) Inside YarnConfiguration, 
We should add a default field inside YarnConfiguration as well as 
yarn-default.xml for the new key. 
We should avoid use conf.get(key, true) for easier maintenance. (Instead you 
can use conf.get(key, DEFAULT_KEY_VALUE))
And also you can add necessary documentation (via description) to 
yarn-default.xml for documentation purposes.

bq. Fixed

2) LogAggregationIndexedFileController#initializeWriterForApp, 
I saw now the user is set to yarn when the config is set to false.
indexedLogsMeta.setUser(ugi.getShortUserName())

I'm concerned about this, since the log is still belongs to the user when we 
come to view the UI, etc. But the file is read/written by YARN user's 
credentials. We should still separate the two.

bq. The ugi inside the LogAggregationFileControllerContext is still the user’s 
UGI and the Log meta will still have the app owner -  the code for 
createDir/writes/deletes is only bypassing the doAs as that user



> LogAggregation should be configurable to allow writing to underlying storage 
> as appOwner or yarn user
> -----------------------------------------------------------------------------------------------------
>
>                 Key: YARN-8920
>                 URL: https://issues.apache.org/jira/browse/YARN-8920
>             Project: Hadoop YARN
>          Issue Type: Improvement
>          Components: log-aggregation, yarn
>            Reporter: Suma Shivaprasad
>            Assignee: Suma Shivaprasad
>            Priority: Major
>         Attachments: YARN-8920.1.patch, YARN-8920.2.patch, YARN-8920.3.patch
>
>
> Currently NM Log Aggregation does not support writing to underlying storage 
> as "yarn" user.  This would be needed while writing storages like S3 which do 
> not support POSIX compliant ACLs and a single access key would be used for 
> writes and app owners will be allowed to read the logs with their own access 
> keys.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org

Reply via email to