Wangda Tan commented on YARN-3557:

Hi [~dian.fu],
Thanks for posting design doc, I just done a quick look at the doc, it seems to 
me supporting TXT can stay outside of YARN scheduler. Scheduler doesn't need to 
know if a node is trusted or not, "trusted" will be a generic label of a node. 
And some questions for design:

bq. Currently for centralized node label configuration, it only supports admin 
configure node label through CLI. Need to provide a mechanism at RM side which 
can configure node label in the similar way as YARN-2495.
Now RM supports using CLI or REST API, are they enough for you to configure 
NM's "trusted" status?

bq. Currently user can configure centralized node label configuration or 
distributed node label configuration, but cannot configure both. 
Configure both could be problematic, see my comment: 

Please let me know if your thoughts.

> Support Intel Trusted Execution Technology(TXT) in YARN scheduler
> -----------------------------------------------------------------
>                 Key: YARN-3557
>                 URL: https://issues.apache.org/jira/browse/YARN-3557
>             Project: Hadoop YARN
>          Issue Type: New Feature
>            Reporter: Dian Fu
>         Attachments: Support TXT in YARN high level design doc.pdf
> Intel TXT defines platform-level enhancements that provide the building 
> blocks for creating trusted platforms. A TXT aware YARN scheduler can 
> schedule security sensitive jobs on TXT enabled nodes only. YARN-2492 
> provides the capacity to restrict YARN applications to run only on cluster 
> nodes that have a specified node label. This is a good mechanism that be 
> utilized for TXT aware YARN scheduler.

This message was sent by Atlassian JIRA

Reply via email to