You are viewing a plain text version of this content. The canonical link for it is here.
Posted to yarn-issues@hadoop.apache.org by "YunFan Zhou (JIRA)" <ji...@apache.org> on 2017/07/29 15:03:00 UTC
[jira] [Comment Edited] (YARN-6842) Implement a new access type for
queue
[ https://issues.apache.org/jira/browse/YARN-6842?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16106148#comment-16106148 ]
YunFan Zhou edited comment on YARN-6842 at 7/29/17 3:02 PM:
------------------------------------------------------------
Thank Sunil G, I think you got me wrong, sorry if I conveyed it wrongly.
Whether for a secure cluster or a non-secure cluster, there are only two possibilities if a user wants to access other users' applications.
# The user is the administrator of the queue where the job is submitted.
# DisableYARN ACL. You can do this through set *yarn.acl.enable* to false.
It certainly isn't realistic for users to be administrators of each queue,
so what we can do at this point is disable the YARN ACL.
Agree with me?
was (Author: daemon):
Thank Sunil G, I think you got me wrong, sorry if I conveyed it wrongly.
Whether for a secure cluster or a non-secure cluster, there are only two possibilities if you want to access other users' applications.
# The user is the administrator of the queue where the job is submitted.
# DisableYARN ACL. You can do this through set *yarn.acl.enable* to false.
It certainly isn't realistic for users to be administrators of each queue,
so what we can do at this point is disable the YARN ACL.
Agree with me?
> Implement a new access type for queue
> -------------------------------------
>
> Key: YARN-6842
> URL: https://issues.apache.org/jira/browse/YARN-6842
> Project: Hadoop YARN
> Issue Type: Improvement
> Components: scheduler
> Affects Versions: 2.8.2
> Reporter: YunFan Zhou
> Assignee: YunFan Zhou
> Attachments: YARN-6842.001.patch, YARN-6842.002.patch, YARN-6842.003.patch
>
>
> When we want to access applications of a queue, only we can do is become the administer of the queue at present.
> But sometimes we only want authorize someone view applications of a queue but not modify operation.
> In our current mechanism there isn't any way to meet it, so I will implement a new access type for queue to solve
> this problem.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org