You are viewing a plain text version of this content. The canonical link for it is here.
Posted to yarn-issues@hadoop.apache.org by "Gordon Wang (JIRA)" <ji...@apache.org> on 2014/04/15 10:47:14 UTC

[jira] [Created] (YARN-1941) Yarn scheduler ACL improvement

Gordon Wang created YARN-1941:
---------------------------------

             Summary: Yarn scheduler ACL improvement
                 Key: YARN-1941
                 URL: https://issues.apache.org/jira/browse/YARN-1941
             Project: Hadoop YARN
          Issue Type: Improvement
          Components: scheduler
    Affects Versions: 2.3.0
            Reporter: Gordon Wang


Defect:
1. Currently, in Yarn Capacity Scheduler and Yarn Fair Scheduler, the queue ACL is always checked when submitting a app to scheduler, regardless of the property "yarn.acl.enable".
But for killing an app, the ACL is checked when yarn.acl.enable is set.
The behaviour is not consistent.

2. default ACL for root queue is EVERYBODY_ACL(*), while default ACL for other queues is NODODY_ACL( ). From users' view, this is error prone and not easy to understand the ACL policy of Yarn scheduler. root queue should not be so special compared with other parent queues.
For example, if I want to set capacity scheduler ACL, the ACL of root has to be set explicitly. Otherwise, everyone can submit APP to yarn scheduler. Because root queue ACL is EVERYBODY_ACL.
This is hard for user to administrate yarn scheduler.

So, I propose to improve the ACL of yarn scheduler in the following aspects.
1. only enable scheduler queue ACL when yarn.acl.enable is set to true.
2. set the default ACL of root queue as NOBODY_ACL( ). Make all the parent queues' ACL consistent.
 



--
This message was sent by Atlassian JIRA
(v6.2#6252)