[ 
https://issues.apache.org/jira/browse/YARN-5727?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Chris Trezzo updated YARN-5727:
-------------------------------
    Description: 
When running LinuxContainerExecutor in a secure mode 
({{yarn.nodemanager.linux-container-executor.nonsecure-mode.limit-users}} set 
to {{false}}), all localized files are owned by the user that owns the 
container which localized the resource. This presents a problem for the shared 
cache when a YARN application requests a resource to be uploaded to the shared 
cache that has a non-public visibility. The shared cache uploader (running as 
the node manager user) does not have access to the localized files and can not 
compute the checksum of the file or upload it to the cache. The solution should 
ideally satisfy the following three requirements:
# Localized files should still be safe/secure. Other users that run containers 
should not be able to modify, or delete the publicly localized files of others.
# The node manager user should be able to access these files for the purpose of 
checksumming and uploading to the shared cache without being a privileged user.
# The solution should avoid making unnecessary copies of the localized files.


  was:
When running LinuxContainerExecutor in a secure mode 
({{yarn.nodemanager.linux-container-executor.nonsecure-mode.limit-users}} set 
to {{false}}), all localized files are owned by the user that owns the 
container which localized the resource. This presents a problem for the shared 
cache when a YARN application requests a resource to be uploaded to the shared 
cache that has a non-public visibility. The shared cache uploader (running as 
the node manager user) does not have access to the localized files and can not 
compute the checksum of the file or upload it to the cache. In this document we 
will discuss various solutions to this problem, all of which should ideally 
satisfy the following three requirements:
# Localized files should still be safe/secure. Other users that run containers 
should not be able to modify, or delete the publicly localized files of others.
# The node manager user should be able to access these files for the purpose of 
checksumming and uploading to the shared cache without being a privileged user.
# The solution should avoid making unnecessary copies of the localized files.



> Improve YARN shared cache support for LinuxContainerExecutor
> ------------------------------------------------------------
>
>                 Key: YARN-5727
>                 URL: https://issues.apache.org/jira/browse/YARN-5727
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: Chris Trezzo
>            Assignee: Chris Trezzo
>         Attachments: YARN-5727-Design-v1.pdf
>
>
> When running LinuxContainerExecutor in a secure mode 
> ({{yarn.nodemanager.linux-container-executor.nonsecure-mode.limit-users}} set 
> to {{false}}), all localized files are owned by the user that owns the 
> container which localized the resource. This presents a problem for the 
> shared cache when a YARN application requests a resource to be uploaded to 
> the shared cache that has a non-public visibility. The shared cache uploader 
> (running as the node manager user) does not have access to the localized 
> files and can not compute the checksum of the file or upload it to the cache. 
> The solution should ideally satisfy the following three requirements:
> # Localized files should still be safe/secure. Other users that run 
> containers should not be able to modify, or delete the publicly localized 
> files of others.
> # The node manager user should be able to access these files for the purpose 
> of checksumming and uploading to the shared cache without being a privileged 
> user.
> # The solution should avoid making unnecessary copies of the localized files.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org

Reply via email to