[
https://issues.apache.org/jira/browse/HDFS-7295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14189842#comment-14189842
]
Steve Loughran commented on HDFS-7295:
--------------------------------------
~aw: we are trying to allow users to have apps with a lifespan > 7 under YARN.
That lets users run their code against their private data without having to
create specific users. It's not something that happens today, and I do agree,
in production we'd recommend dedicated accounts, along with YARN labels to give
placement control.
There's also the fact that the way hadoop works, if I'm working with hdfs/yarn
on the CLII auth as me...my bit of HDFS for the apps, under ~/.slider, my bit
of the registy, etc. We've just said: you want that, add a keytab.
What we've also done is tried to put behind the CLI an API, which tooling can
use for the production services -specifically Ambari and some webapps that
other people have developed. These tools can create clusters under different
accounts. That means when we do want to deploy storm in production a secure
cluster, you point your browser to the management tools, and hit "launch" on
the configuration. Which, like AW points out: is something that others need
access to when its a production service. Not just for the "hit by bus"
scenario but the "wants a weekend without fearing support calls" scenario, that
being the only one I can identify with so far.
> Support arbitrary max expiration times for delegation token
> -----------------------------------------------------------
>
> Key: HDFS-7295
> URL: https://issues.apache.org/jira/browse/HDFS-7295
> Project: Hadoop HDFS
> Issue Type: Improvement
> Reporter: Anubhav Dhoot
> Assignee: Anubhav Dhoot
>
> Currently the max lifetime of HDFS delegation tokens is hardcoded to 7 days.
> This is a problem for different users of HDFS such as long running YARN apps.
> Users should be allowed to optionally specify max lifetime for their tokens.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
