Xuan Gong commented on YARN-2207:

copy Vinod's comment from YARN-941.
Clarifications for folks who are just getting started in this space

* Not renewing tokens is the same as dishing out tokens without an expiry time.

* The underlying master-key needs to be rolled over every so often, otherwise 
we run the risk of malicious users collecting tokens over time and having 
indefinite time to guess the underlying keys.

* Once we roll the master-keys, together with the fact that we want to support 
services that run for ever, the only way we can support not expiring tokens is 
by making ResourceManager remember master-keys for ever which is not feasible.
Hence, we roll master-keys, and to limit the memory requirements of 
ResourceManager, we also expire tokens and therefore to support long running 
services, we have to replace tokens.

And like Xuan Gong, mentioned above this JIRA is focused on putting expiry 
times for AMRMTokens and then periodically replacing them. This is the same 
thing that we do for NMTokens. If folks want to pursue a new approach, that 
should apply to all tokens and so should be done separately.

> Add ability to roll over AMRMToken
> ----------------------------------
>                 Key: YARN-2207
>                 URL: https://issues.apache.org/jira/browse/YARN-2207
>             Project: Hadoop YARN
>          Issue Type: Task
>          Components: resourcemanager
>            Reporter: Xuan Gong
>            Assignee: Xuan Gong
> Currently, the master key is fixed after it created. But It is not ideal. We 
> need to add ability to roll over the AMRMToken. 

This message was sent by Atlassian JIRA

Reply via email to