[ 
https://issues.apache.org/jira/browse/YARN-10215?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17073650#comment-17073650
 ] 

Adam Antal commented on YARN-10215:
-----------------------------------

Thanks for the patch [~gandras]! It looks logically correct to me. 

Could you please test this change in a non CORS protected environment? (Also 
testing with AHS instead of JHS would be nice, but since we're focusing on the 
JHS part, we can get along without testing that part.)

Minor nits:
- Checkstyles as always
- Unnecessary whitespace changes in {{app/serializers/yarn-jhs-container.js}}
- I see some {{Ember.Logger}} calls in the patch. Please only print the most 
essential pieces of information.

And pretty much that's all I could add to this patch. Good job!

> Endpoint for obtaining direct URL for the logs
> ----------------------------------------------
>
>                 Key: YARN-10215
>                 URL: https://issues.apache.org/jira/browse/YARN-10215
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>          Components: yarn
>    Affects Versions: 3.3.0
>            Reporter: Adam Antal
>            Assignee: Andras Gyori
>            Priority: Major
>         Attachments: YARN-10025.001.patch, YARN-10025.002.patch
>
>
> If CORS protected UIs are set up, there is an issue when the browser tries to 
> access the logs of a running container in the RM web UIv2.
> Assuming ATS is not up, the browser follows the following call chain:
> - Tries to access ATS, it fails, falls back to JHS
> - From RM the browser received basic app info, we know that the application 
> is running
> - From the JHS we got the list of containers and their log files.
> - When we try to access a specific log file, the JHS redirects the request to 
> the NM's UI (on which node the container is running). This redirect is 
> performed by the browser automatically. In this setup the host is considered 
> as a protected information, thus the browser omits the "Origin" field from 
> the request when this redirect is done. The browser then denies access to the 
> NodeManager's web UI due to the CORS header set up for NM, but the Origin is 
> null in the redirect request. 
> - Finally, "Logs are unavailable" message is shown in the RM web UIv2 due to 
> the CORS violation.
> We should fix this. As an approach we can expose another endpoints which only 
> returns the URL of the NodeManager what we should call directly from the UIv2 
> in order to receive the log. This adds a bit of a complexity, but will enable 
> users to keep the CORS protected setup.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org

Reply via email to