[
https://issues.apache.org/jira/browse/YARN-3557?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14522477#comment-14522477
]
Naganarasimha G R commented on YARN-3557:
-----------------------------------------
Hi [~dian.fu],
Thanks for posting the doc. My views are similar to [~wangda],
bq. Need to provide a mechanism at RM side which can configure node label in
the similar way as YARN-2495.
Did you mean NM here ? RM side configure is already there and NM side
(distributed) is almost done and might be available in 2.8.
bq. As labels related to security are very sensitive, it’s better to manage
these labels through the centralized method. So we choose #2
If you have selected the 2nd option {{RM retrieve the trust status of all
cluster nodes from OAT}}, then why is it dependent on YARN-2495 & support to
{{configure centralized node label configuration or distributed node label
configuration}} required ? And also as Wangda mentioned there would be issues
with mixing them up.
Scenario suggested here looks like a good use case of NodeLabels but could not
get the need for modifications or current limitations in the feature which
blocks the scenario.
> Support Intel Trusted Execution Technology(TXT) in YARN scheduler
> -----------------------------------------------------------------
>
> Key: YARN-3557
> URL: https://issues.apache.org/jira/browse/YARN-3557
> Project: Hadoop YARN
> Issue Type: New Feature
> Reporter: Dian Fu
> Attachments: Support TXT in YARN high level design doc.pdf
>
>
> Intel TXT defines platform-level enhancements that provide the building
> blocks for creating trusted platforms. A TXT aware YARN scheduler can
> schedule security sensitive jobs on TXT enabled nodes only. YARN-2492
> provides the capacity to restrict YARN applications to run only on cluster
> nodes that have a specified node label. This is a good mechanism that be
> utilized for TXT aware YARN scheduler.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
