Vinod Kumar Vavilapalli commented on YARN-1915:

bq. Yes, I thought the ugi mangling was gone, but the AMRMToken is indeed 
manually removed.
I had a JIRA for fixing this, so that NMs themselves will remove it for non-AM 
containers, will find it.

bq. I'm assuming there was a valid reason why the secret is passed in the 
registration response, perhaps for future functionality.
The secret used to be in env. We moved it to registration because of security 
issues in Windows.

bq. However there's some confusion as to how the client token master key should 
be sent to the RM (e.g.: via container credentials, via the current method, 
We can deprecate the key returning in response and instead put it inside 
container credentials. The credentials is unfortunately named as 'tokens' - it 
was always token so far. We could deprecate tokens too and instead move to 
credentials ala CredentialsInfo for web-services.

The wait in the current patch is worrisome *only* if we have large number of 
clients pinging in and blocking RPC handlers. This doesn't happen in practice 
though, I'm okay getting it in for 2.6.

> ClientToAMTokenMasterKey should be provided to AM at launch time
> ----------------------------------------------------------------
>                 Key: YARN-1915
>                 URL: https://issues.apache.org/jira/browse/YARN-1915
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>    Affects Versions: 2.2.0
>            Reporter: Hitesh Shah
>            Assignee: Jason Lowe
>            Priority: Blocker
>         Attachments: YARN-1915.patch, YARN-1915v2.patch, YARN-1915v3.patch
> Currently, the AM receives the key as part of registration. This introduces a 
> race where a client can connect to the AM when the AM has not received the 
> key. 
> Current Flow:
> 1) AM needs to start the client listening service in order to get host:port 
> and send it to the RM as part of registration
> 2) RM gets the port info in register() and transitions the app to RUNNING. 
> Responds back with client secret to AM.
> 3) User asks RM for client token. Gets it and pings the AM. AM hasn't 
> received client secret from RM and so RPC itself rejects the request.

This message was sent by Atlassian JIRA

Reply via email to