[jira] [Commented] (YARN-2102) More generalized timeline ACLs

Mon, 15 Sep 2014 18:46:08 -0700 

    [ 
https://issues.apache.org/jira/browse/YARN-2102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14134820#comment-14134820
 ] 

Zhijie Shen commented on YARN-2102:
-----------------------------------

bq. From your design doc, I think what we're proposing here is something to 
"partition" the domain of entities, but not enhancing identifications. Maybe we 
want to consider an alternative name like "domain" or "partition" here?

Talked to [~gtCarrera] offline. It seems to be a good suggestion, and we don't 
plan of nested namespaces actually. Change it to domain in the new patch.

bq. This is significantly different to any other fields. Are there any specific 
considerations behind this?

I follow the way that we put the start time and the insert time of an entity. 
It doesn't make much difference to split them and associate them with different 
keys, and they are usually retrieved together. I added more code comments to 
describe it.

bq. I think this is left out for some reasons, and maybe in YARN-2446 you're 
addressing this?

Yes, the use of the domain acls is in YARN-2446

bq. Shall we add a default branch here to track any potential problems? 

Added an else block here.

bq. just a quick thing to check, shall we use the lock map in the existing 
leveldbstore here? Seems like some operations need to acquire locks?

According to the offline discussion, the currently lock have some obvious 
issues. Let's fix it in a separate Jira.

> More generalized timeline ACLs
> ------------------------------
>
>                 Key: YARN-2102
>                 URL: https://issues.apache.org/jira/browse/YARN-2102
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Zhijie Shen
>            Assignee: Zhijie Shen
>         Attachments: GeneralizedTimelineACLs.pdf, YARN-2102.1.patch, 
> YARN-2102.2.patch, YARN-2102.3.patch, YARN-2102.5.patch, YARN-2102.6.patch
>
>
> We need to differentiate the access controls of reading and writing 
> operations, and we need to think about cross-entity access control. For 
> example, if we are executing a workflow of MR jobs, which writing the 
> timeline data of this workflow, we don't want other user to pollute the 
> timeline data of the workflow by putting something under it.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to