You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@slider.apache.org by Jon Maron <jm...@hortonworks.com> on 2014/12/18 15:54:09 UTC

Application Management and Authorization

Hi,

 Is there an existing approach for exposing management functions to users other than the application creator?  Most management operations validate the existence of a cluster definition in the cluster directory, which is by default under the creator’s home directory (e.g. /users/username/.slider/cluster/clusterName).  That check will fail if a user other than the creator attempts a management operation (e.g. stop) even if an authorization policy is in place to allow the operation (assuming RPC ACLs or Ranger is leveraged).  Do we:

	- Expect users to leverage the “slider.base.path” property to designate a location accessible to all management users (with appropriate permissions set for that directory)?
	- Move the default base path to one accessible to more users (the users designated as authorized to manage application instances), e.g. /apps/slider?	

— Jon



-- 
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to 
which it is addressed and may contain information that is confidential, 
privileged and exempt from disclosure under applicable law. If the reader 
of this message is not the intended recipient, you are hereby notified that 
any printing, copying, dissemination, distribution, disclosure or 
forwarding of this communication is strictly prohibited. If you have 
received this communication in error, please contact the sender immediately 
and delete it from your system. Thank You.

Re: Application Management and Authorization

Posted by Jon Maron <jm...@hortonworks.com>.

On Dec 18, 2014, at 1:53 PM, Steve Loughran <st...@hortonworks.com> wrote:

> some of these operations could skip the "is the cluster in the path" task;
> it's probably just there for fail-fast.
> 
> the AM could be located via YARN rm lookup (today), or via the full YARN
> registry, then (IPC/REST) operations made to it
> 
> straightforward: stop, status checks.
> the flex command currently writes the spec to HDFS if the cluster is down;
> it only talks to the AM when the AM is live.

OK - I had similar thoughts. I suppose a JIRA is required.

> 
> operations like create & destroy are very FS centric
> 
> On 18 December 2014 at 14:54, Jon Maron <jm...@hortonworks.com> wrote:
>> 
>> Hi,
>> 
>> Is there an existing approach for exposing management functions to users
>> other than the application creator?  Most management operations validate
>> the existence of a cluster definition in the cluster directory, which is by
>> default under the creator’s home directory (e.g.
>> /users/username/.slider/cluster/clusterName).  That check will fail if a
>> user other than the creator attempts a management operation (e.g. stop)
>> even if an authorization policy is in place to allow the operation
>> (assuming RPC ACLs or Ranger is leveraged).  Do we:
>> 
>>        - Expect users to leverage the “slider.base.path” property to
>> designate a location accessible to all management users (with appropriate
>> permissions set for that directory)?
>>        - Move the default base path to one accessible to more users (the
>> users designated as authorized to manage application instances), e.g.
>> /apps/slider?
>> 
>> — Jon
>> 
>> 
>> 
>> --
>> CONFIDENTIALITY NOTICE
>> NOTICE: This message is intended for the use of the individual or entity to
>> which it is addressed and may contain information that is confidential,
>> privileged and exempt from disclosure under applicable law. If the reader
>> of this message is not the intended recipient, you are hereby notified that
>> any printing, copying, dissemination, distribution, disclosure or
>> forwarding of this communication is strictly prohibited. If you have
>> received this communication in error, please contact the sender immediately
>> and delete it from your system. Thank You.
>> 
> 
> -- 
> CONFIDENTIALITY NOTICE
> NOTICE: This message is intended for the use of the individual or entity to 
> which it is addressed and may contain information that is confidential, 
> privileged and exempt from disclosure under applicable law. If the reader 
> of this message is not the intended recipient, you are hereby notified that 
> any printing, copying, dissemination, distribution, disclosure or 
> forwarding of this communication is strictly prohibited. If you have 
> received this communication in error, please contact the sender immediately 
> and delete it from your system. Thank You.


-- 
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to 
which it is addressed and may contain information that is confidential, 
privileged and exempt from disclosure under applicable law. If the reader 
of this message is not the intended recipient, you are hereby notified that 
any printing, copying, dissemination, distribution, disclosure or 
forwarding of this communication is strictly prohibited. If you have 
received this communication in error, please contact the sender immediately 
and delete it from your system. Thank You.

Re: Application Management and Authorization

Posted by Steve Loughran <st...@hortonworks.com>.

some of these operations could skip the "is the cluster in the path" task;
it's probably just there for fail-fast.

the AM could be located via YARN rm lookup (today), or via the full YARN
registry, then (IPC/REST) operations made to it

straightforward: stop, status checks.
the flex command currently writes the spec to HDFS if the cluster is down;
it only talks to the AM when the AM is live.

operations like create & destroy are very FS centric

On 18 December 2014 at 14:54, Jon Maron <jm...@hortonworks.com> wrote:
>
> Hi,
>
>  Is there an existing approach for exposing management functions to users
> other than the application creator?  Most management operations validate
> the existence of a cluster definition in the cluster directory, which is by
> default under the creator’s home directory (e.g.
> /users/username/.slider/cluster/clusterName).  That check will fail if a
> user other than the creator attempts a management operation (e.g. stop)
> even if an authorization policy is in place to allow the operation
> (assuming RPC ACLs or Ranger is leveraged).  Do we:
>
>         - Expect users to leverage the “slider.base.path” property to
> designate a location accessible to all management users (with appropriate
> permissions set for that directory)?
>         - Move the default base path to one accessible to more users (the
> users designated as authorized to manage application instances), e.g.
> /apps/slider?
>
> — Jon
>
>
>
> --
> CONFIDENTIALITY NOTICE
> NOTICE: This message is intended for the use of the individual or entity to
> which it is addressed and may contain information that is confidential,
> privileged and exempt from disclosure under applicable law. If the reader
> of this message is not the intended recipient, you are hereby notified that
> any printing, copying, dissemination, distribution, disclosure or
> forwarding of this communication is strictly prohibited. If you have
> received this communication in error, please contact the sender immediately
> and delete it from your system. Thank You.
>

-- 
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to 
which it is addressed and may contain information that is confidential, 
privileged and exempt from disclosure under applicable law. If the reader 
of this message is not the intended recipient, you are hereby notified that 
any printing, copying, dissemination, distribution, disclosure or 
forwarding of this communication is strictly prohibited. If you have 
received this communication in error, please contact the sender immediately 
and delete it from your system. Thank You.