You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@slider.apache.org by Jon Maron <jm...@hortonworks.com> on 2014/12/18 15:54:09 UTC
Application Management and Authorization
Hi,
Is there an existing approach for exposing management functions to users other than the application creator? Most management operations validate the existence of a cluster definition in the cluster directory, which is by default under the creator’s home directory (e.g. /users/username/.slider/cluster/clusterName). That check will fail if a user other than the creator attempts a management operation (e.g. stop) even if an authorization policy is in place to allow the operation (assuming RPC ACLs or Ranger is leveraged). Do we:
- Expect users to leverage the “slider.base.path” property to designate a location accessible to all management users (with appropriate permissions set for that directory)?
- Move the default base path to one accessible to more users (the users designated as authorized to manage application instances), e.g. /apps/slider?
— Jon
--
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to
which it is addressed and may contain information that is confidential,
privileged and exempt from disclosure under applicable law. If the reader
of this message is not the intended recipient, you are hereby notified that
any printing, copying, dissemination, distribution, disclosure or
forwarding of this communication is strictly prohibited. If you have
received this communication in error, please contact the sender immediately
and delete it from your system. Thank You.
Re: Application Management and Authorization
Posted by Jon Maron <jm...@hortonworks.com>.
On Dec 18, 2014, at 1:53 PM, Steve Loughran <st...@hortonworks.com> wrote:
> some of these operations could skip the "is the cluster in the path" task;
> it's probably just there for fail-fast.
>
> the AM could be located via YARN rm lookup (today), or via the full YARN
> registry, then (IPC/REST) operations made to it
>
> straightforward: stop, status checks.
> the flex command currently writes the spec to HDFS if the cluster is down;
> it only talks to the AM when the AM is live.
OK - I had similar thoughts. I suppose a JIRA is required.
>
> operations like create & destroy are very FS centric
>
> On 18 December 2014 at 14:54, Jon Maron <jm...@hortonworks.com> wrote:
>>
>> Hi,
>>
>> Is there an existing approach for exposing management functions to users
>> other than the application creator? Most management operations validate
>> the existence of a cluster definition in the cluster directory, which is by
>> default under the creator’s home directory (e.g.
>> /users/username/.slider/cluster/clusterName). That check will fail if a
>> user other than the creator attempts a management operation (e.g. stop)
>> even if an authorization policy is in place to allow the operation
>> (assuming RPC ACLs or Ranger is leveraged). Do we:
>>
>> - Expect users to leverage the “slider.base.path” property to
>> designate a location accessible to all management users (with appropriate
>> permissions set for that directory)?
>> - Move the default base path to one accessible to more users (the
>> users designated as authorized to manage application instances), e.g.
>> /apps/slider?
>>
>> — Jon
>>
>>
>>
>> --
>> CONFIDENTIALITY NOTICE
>> NOTICE: This message is intended for the use of the individual or entity to
>> which it is addressed and may contain information that is confidential,
>> privileged and exempt from disclosure under applicable law. If the reader
>> of this message is not the intended recipient, you are hereby notified that
>> any printing, copying, dissemination, distribution, disclosure or
>> forwarding of this communication is strictly prohibited. If you have
>> received this communication in error, please contact the sender immediately
>> and delete it from your system. Thank You.
>>
>
> --
> CONFIDENTIALITY NOTICE
> NOTICE: This message is intended for the use of the individual or entity to
> which it is addressed and may contain information that is confidential,
> privileged and exempt from disclosure under applicable law. If the reader
> of this message is not the intended recipient, you are hereby notified that
> any printing, copying, dissemination, distribution, disclosure or
> forwarding of this communication is strictly prohibited. If you have
> received this communication in error, please contact the sender immediately
> and delete it from your system. Thank You.
--
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to
which it is addressed and may contain information that is confidential,
privileged and exempt from disclosure under applicable law. If the reader
of this message is not the intended recipient, you are hereby notified that
any printing, copying, dissemination, distribution, disclosure or
forwarding of this communication is strictly prohibited. If you have
received this communication in error, please contact the sender immediately
and delete it from your system. Thank You.
Re: Application Management and Authorization
Posted by Steve Loughran <st...@hortonworks.com>.
some of these operations could skip the "is the cluster in the path" task;
it's probably just there for fail-fast.
the AM could be located via YARN rm lookup (today), or via the full YARN
registry, then (IPC/REST) operations made to it
straightforward: stop, status checks.
the flex command currently writes the spec to HDFS if the cluster is down;
it only talks to the AM when the AM is live.
operations like create & destroy are very FS centric
On 18 December 2014 at 14:54, Jon Maron <jm...@hortonworks.com> wrote:
>
> Hi,
>
> Is there an existing approach for exposing management functions to users
> other than the application creator? Most management operations validate
> the existence of a cluster definition in the cluster directory, which is by
> default under the creator’s home directory (e.g.
> /users/username/.slider/cluster/clusterName). That check will fail if a
> user other than the creator attempts a management operation (e.g. stop)
> even if an authorization policy is in place to allow the operation
> (assuming RPC ACLs or Ranger is leveraged). Do we:
>
> - Expect users to leverage the “slider.base.path” property to
> designate a location accessible to all management users (with appropriate
> permissions set for that directory)?
> - Move the default base path to one accessible to more users (the
> users designated as authorized to manage application instances), e.g.
> /apps/slider?
>
> — Jon
>
>
>
> --
> CONFIDENTIALITY NOTICE
> NOTICE: This message is intended for the use of the individual or entity to
> which it is addressed and may contain information that is confidential,
> privileged and exempt from disclosure under applicable law. If the reader
> of this message is not the intended recipient, you are hereby notified that
> any printing, copying, dissemination, distribution, disclosure or
> forwarding of this communication is strictly prohibited. If you have
> received this communication in error, please contact the sender immediately
> and delete it from your system. Thank You.
>
--
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to
which it is addressed and may contain information that is confidential,
privileged and exempt from disclosure under applicable law. If the reader
of this message is not the intended recipient, you are hereby notified that
any printing, copying, dissemination, distribution, disclosure or
forwarding of this communication is strictly prohibited. If you have
received this communication in error, please contact the sender immediately
and delete it from your system. Thank You.