[
https://issues.apache.org/jira/browse/YARN-4653?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15146460#comment-15146460
]
Hudson commented on YARN-4653:
------------------------------
FAILURE: Integrated in Hadoop-trunk-Commit #9302 (See
[https://builds.apache.org/job/Hadoop-trunk-Commit/9302/])
YARN-4653. Document YARN security model from the perspective of (jianhe: rev
dea90c9a86d0b17f36d0bdf24ca0c789dd1de2b6)
* hadoop-project/src/site/site.xml
* hadoop-yarn-project/CHANGES.txt
*
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-site/src/site/markdown/YarnApplicationSecurity.md
> Document YARN security model from the perspective of Application Developers
> ---------------------------------------------------------------------------
>
> Key: YARN-4653
> URL: https://issues.apache.org/jira/browse/YARN-4653
> Project: Hadoop YARN
> Issue Type: Task
> Components: site
> Affects Versions: 2.7.2
> Reporter: Steve Loughran
> Assignee: Steve Loughran
> Attachments: YARN-4653-001.patch, YARN-4653-002.patch,
> YARN-4653-003.patch, YARN-4653-004.patch
>
> Original Estimate: 2h
> Remaining Estimate: 2h
>
> What YARN apps need to do for security today is generally copied direct from
> distributed shell, with a bit of [ill-informed
> superstition|https://steveloughran.gitbooks.io/kerberos_and_hadoop/content/sections/yarn.html]
> being the sole prose.
> We need a normative document in the YARN site covering
> # the needs for YARN security
> # token creation for AM launch
> # how the RM gets involved
> # token propagation on container launch
> # token renewal strategies
> # How to get tokens for other apps like HBase and Hive.
> # how to work under OOzie
> Perhaps the WritingYarnApplications.md doc is updated, otherwise why not just
> link to the relevant bit of the distributed shell client on github for a
> guarantee of staying up to date?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
