You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@flink.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/12/12 15:23:00 UTC

[jira] [Updated] (FLINK-11126) Filter out AMRMToken in the TaskManager credentials

     [ https://issues.apache.org/jira/browse/FLINK-11126?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

ASF GitHub Bot updated FLINK-11126:
-----------------------------------
    Labels: pull-request-available  (was: )

> Filter out AMRMToken in the TaskManager credentials
> ---------------------------------------------------
>
>                 Key: FLINK-11126
>                 URL: https://issues.apache.org/jira/browse/FLINK-11126
>             Project: Flink
>          Issue Type: Improvement
>          Components: Security, YARN
>    Affects Versions: 1.6.2, 1.7.0
>            Reporter: Paul Lin
>            Assignee: Paul Lin
>            Priority: Minor
>              Labels: pull-request-available
>
> Currently, Flink JobManager propagates its storage tokens to TaskManager to meet the requirement of YARN log aggregation (see FLINK-6376). But in this way the AMRMToken is also included in the TaskManager credentials, which could be potentially insecure. We should filter out AMRMToken before setting the tokens to TaskManager's container launch context.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)