You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@tez.apache.org by "Siddharth Seth (JIRA)" <ji...@apache.org> on 2014/08/25 22:32:57 UTC
[jira] [Commented] (TEZ-1433) Invalid credentials can be used when
a DAG is submitted to a session which has timed out
[ https://issues.apache.org/jira/browse/TEZ-1433?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14109672#comment-14109672 ]
Siddharth Seth commented on TEZ-1433:
-------------------------------------
[~jeagles] - it seems like we have some races here, which could be triggered if we get AppState as RUNNING, just before the AM session times out. We're not really handling that at the moment - but should in the future. In such cases, I think it's better to rollback changes - rather than end up having one off failures, which could potentially be really difficult to debug.
DAGSubmissionTimedOut - is another case where the client may time out, for whatever reason, despite the AM still being alive.
I think a fix which is going to work when the error reporting and time outs are handled differently, would be better.
> Invalid credentials can be used when a DAG is submitted to a session which has timed out
> ----------------------------------------------------------------------------------------
>
> Key: TEZ-1433
> URL: https://issues.apache.org/jira/browse/TEZ-1433
> Project: Apache Tez
> Issue Type: Bug
> Affects Versions: 0.4.0
> Reporter: Siddharth Seth
> Assignee: Jonathan Eagles
> Attachments: TEZ-1433-v1.patch
>
>
> When a DAG is submitted to a session which has timed out, and the same DAG is then submitted to a new session - credentials associated with the old session can end up getting used.
> Before we know that the session is no longer valid, the DAG is modified to add local resources and credentials.
> On the next submission, since the DAG already has tokens (for HDFS for example) from the old session, the tokens are not updated.
> Meanwhile, the old token would end up being cancelled by the RM - since the applicaiton associated with the previous session has finished.
--
This message was sent by Atlassian JIRA
(v6.2#6252)