[
https://issues.apache.org/jira/browse/YARN-1547?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15187942#comment-15187942
]
Vinod Kumar Vavilapalli commented on YARN-1547:
-----------------------------------------------
Looked at the PDF attached. Few comments:
As I mentioned before, we should organize code such that we can reuse your
proposed _DoSInterceptor_ (and may be even the _AbstractRequestInterceptor_
framework) to enforce limits on the server-side.
bq. Its request contains information about host, port, and tracking URL. We
need to validate them. One possible solution can be adding a validate inside
RMWebApp, by using Jetty DoSFilter.
I don't quite understand this. We should make sure that things like tracking
URL are limited in length at the time of accepting them into RM - that'd mean
checks-and-validations in ApplicationMasterService component (the first one in
RM interacting with AM) itself.
bq. To do this, we can implement a sliding window system that counts the number
of request per minute and determinates if in a time slot we AM exceeds the
number or requests.
For most of our limits, sliding-windows won't work. What we need we are static
limits per application, per ResourceRequest etc.
A general ask: instead of a textual representation of the proposal, I think it
is much better to reason/discuss about this in a tabular format. For e.g.
||Object||Object Type||Type of Limit to be put||Behavior on limit-overflow||
|RegisterApplicationMasterRequest.trackingURL|String|Size of String|String
truncated|
|AllocateRequest.ResourceBlacklistRequest.BlacklistAdditions|List of
Strings|Size of the list, Size of each string|Rejected if list-size overflow,
truncated strings|
> Prevent DoS of ApplicationMasterProtocol by putting in limits
> -------------------------------------------------------------
>
> Key: YARN-1547
> URL: https://issues.apache.org/jira/browse/YARN-1547
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Vinod Kumar Vavilapalli
> Assignee: Giovanni Matteo Fumarola
> Attachments: YARN-1547.pdf
>
>
> Points of DoS in ApplicationMasterProtocol
> - Host and trackingURL in RegisterApplicationMasterRequest
> - Diagnostics, final trackingURL in FinishApplicationMasterRequest
> - Unlimited number of resourceAsks, containersToBeReleased and
> resourceBlacklistRequest in AllocateRequest
> -- Unbounded number of priorities and/or resourceRequests in each ask.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
