You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@reef.apache.org by "Byung-Gon Chun (JIRA)" <ji...@apache.org> on 2015/08/19 00:41:46 UTC
[jira] [Commented] (REEF-604) Support Hadoop security tokens in
YARN runtime during job submission and container creation
[ https://issues.apache.org/jira/browse/REEF-604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14702123#comment-14702123 ]
Byung-Gon Chun commented on REEF-604:
-------------------------------------
This is a rather old Hadoop security design doc for the reference.
http://www.valleytalk.org/wp-content/uploads/2013/03/hadoop-security-design.pdf
If anyone knows a more up-to-date doc, could you share the link to the doc?
> Support Hadoop security tokens in YARN runtime during job submission and container creation
> -------------------------------------------------------------------------------------------
>
> Key: REEF-604
> URL: https://issues.apache.org/jira/browse/REEF-604
> Project: REEF
> Issue Type: Improvement
> Components: REEF Runtime YARN
> Reporter: Anupam
>
> Hadoop uses delegation tokens ([#a], [#b]) for secure access to storage (and other components). When using REEF over YARN we need to propagate these tokens appropriately during job submission and container creation ([#c]).
> In order to do this, we need to:
> # Allow the user to express the intent to use tokens
> # Allow the user to provide tokens
> # Pass the token appropriately to YARN infrastructure
> {anchor:a} a: http://hortonworks.com/blog/the-role-of-delegation-tokens-in-apache-hadoop-security/
> {anchor:b} b: http://hadoop.apache.org/docs/r1.2.1/api/org/apache/hadoop/security/token/Token.html
> {anchor:c} c: http://hadoop.apache.org/docs/current/api/org/apache/hadoop/yarn/api/records/ContainerLaunchContext.html#setTokens(java.nio.ByteBuffer)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)