[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13725103#comment-13725103
]
Hudson commented on YARN-948:
-
SUCCESS: Integrated in Hadoop-Yarn-trunk #287 (See
[https://builds.apache.org/job/Hadoop-Yarn-trunk/287/])
YARN-948. Changed ResourceManager to validate the release container list before
actually releasing them. Contributed by Omkar Vinit Joshi. (vinodkv:
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVNview=revrev=1508609)
* /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/exceptions/InvalidContainerReleaseException.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ApplicationMasterService.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/RMServerUtils.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/scheduler/SchedulerUtils.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/MockAM.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/applicationmasterservice/TestApplicationMasterService.java
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Fix For: 2.1.1-beta
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch,
YARN-948-20130729.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13725215#comment-13725215
]
Hudson commented on YARN-948:
-
FAILURE: Integrated in Hadoop-Hdfs-trunk #1477 (See
[https://builds.apache.org/job/Hadoop-Hdfs-trunk/1477/])
YARN-948. Changed ResourceManager to validate the release container list before
actually releasing them. Contributed by Omkar Vinit Joshi. (vinodkv:
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVNview=revrev=1508609)
* /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/exceptions/InvalidContainerReleaseException.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ApplicationMasterService.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/RMServerUtils.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/scheduler/SchedulerUtils.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/MockAM.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/applicationmasterservice/TestApplicationMasterService.java
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Fix For: 2.1.1-beta
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch,
YARN-948-20130729.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13725278#comment-13725278
]
Hudson commented on YARN-948:
-
SUCCESS: Integrated in Hadoop-Mapreduce-trunk #1504 (See
[https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1504/])
YARN-948. Changed ResourceManager to validate the release container list before
actually releasing them. Contributed by Omkar Vinit Joshi. (vinodkv:
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVNview=revrev=1508609)
* /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/exceptions/InvalidContainerReleaseException.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ApplicationMasterService.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/RMServerUtils.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/scheduler/SchedulerUtils.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/MockAM.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/applicationmasterservice/TestApplicationMasterService.java
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Fix For: 2.1.1-beta
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch,
YARN-948-20130729.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13724357#comment-13724357
]
Vinod Kumar Vavilapalli commented on YARN-948:
--
+1, looks good. Checking this in.
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch,
YARN-948-20130729.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13724394#comment-13724394
]
Hudson commented on YARN-948:
-
SUCCESS: Integrated in Hadoop-trunk-Commit #4189 (See
[https://builds.apache.org/job/Hadoop-trunk-Commit/4189/])
YARN-948. Changed ResourceManager to validate the release container list before
actually releasing them. Contributed by Omkar Vinit Joshi. (vinodkv:
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVNview=revrev=1508609)
* /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/exceptions/InvalidContainerReleaseException.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ApplicationMasterService.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/RMServerUtils.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/scheduler/SchedulerUtils.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/MockAM.java
*
/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/applicationmasterservice/TestApplicationMasterService.java
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Fix For: 2.1.1-beta
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch,
YARN-948-20130729.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13722906#comment-13722906
]
Omkar Vinit Joshi commented on YARN-948:
Thanks [~sandyr] ..made that change...Updating the patch.
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch,
YARN-948-20130729.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13722939#comment-13722939
]
Hadoop QA commented on YARN-948:
{color:red}-1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12594776/YARN-948-20130729.1.patch
against trunk revision .
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:green}+1 tests included{color}. The patch appears to include 2 new
or modified test files.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 javadoc{color}. The javadoc tool did not generate any
warning messages.
{color:green}+1 eclipse:eclipse{color}. The patch built with
eclipse:eclipse.
{color:green}+1 findbugs{color}. The patch does not introduce any new
Findbugs (version 1.3.9) warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:red}-1 core tests{color}. The patch failed these unit tests in
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager:
org.apache.hadoop.yarn.server.resourcemanager.TestAMAuthorization
{color:green}+1 contrib tests{color}. The patch passed contrib unit tests.
Test results:
https://builds.apache.org/job/PreCommit-YARN-Build/1605//testReport/
Console output: https://builds.apache.org/job/PreCommit-YARN-Build/1605//console
This message is automatically generated.
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch,
YARN-948-20130729.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13723179#comment-13723179
]
Hadoop QA commented on YARN-948:
{color:green}+1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12594776/YARN-948-20130729.1.patch
against trunk revision .
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:green}+1 tests included{color}. The patch appears to include 2 new
or modified test files.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 javadoc{color}. The javadoc tool did not generate any
warning messages.
{color:green}+1 eclipse:eclipse{color}. The patch built with
eclipse:eclipse.
{color:green}+1 findbugs{color}. The patch does not introduce any new
Findbugs (version 1.3.9) warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:green}+1 core tests{color}. The patch passed unit tests in
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager.
{color:green}+1 contrib tests{color}. The patch passed contrib unit tests.
Test results:
https://builds.apache.org/job/PreCommit-YARN-Build/1612//testReport/
Console output: https://builds.apache.org/job/PreCommit-YARN-Build/1612//console
This message is automatically generated.
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch,
YARN-948-20130729.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13721345#comment-13721345
]
Omkar Vinit Joshi commented on YARN-948:
bq. If some of the release requests are valid and some are invalid, we should
accept the valid requests?
bq. If so, please modify the test to validate these multiple success/failure
cases.
Probably not. We should have same behavior like ask. thoughts?
bq. To indicate its non-scheduler-specificity,
validateContainerReleaseRequest() could be in RMServerUtils?
Other validate calls are present in SchedulerUtils. Let me know if I should
move all or this?
bq. Shouldn't be using InvalidResourceRequestException for invalid
release-requests. Don't know if we are over-killing it, but a new exception?
Yeah thought about it but but then sticked to it don't think we should have
separate exception for this scenario. Let me know I will modify.
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13721366#comment-13721366
]
Vinod Kumar Vavilapalli commented on YARN-948:
--
bq. Probably not. We should have same behavior like ask. thoughts?
Ask can definitely be not per resource-request as there are implicit
dependencies between host and rack requests. For blacklist and release, there
are no dependencies, so handling them individually is fine. But I'm okay doing
it like you have mainly because reporting part partial successes and failures
is more API changes. *sigh*
bq. Other validate calls are present in SchedulerUtils. Let me know if I should
move all or this?
Yeah, let's move'em if they aren't really tied to any scheduler.
bq. Yeah thought about it but but then sticked to it don't think we should have
separate exception for this scenario. Let me know I will modify.
It is clearly not InvalidResourceRequest, so let's create a new one and add
documentation too.
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13721450#comment-13721450
]
Omkar Vinit Joshi commented on YARN-948:
Thanks [~vinodkv]..
bq. Ask can definitely be not per resource-request as there are implicit
dependencies between host and rack requests. For blacklist and release, there
are no dependencies, so handling them individually is fine. But I'm okay doing
it like you have mainly because reporting part partial successes and failures
is more API changes. sigh
yeah... :D
bq. Yeah, let's move'em if they aren't really tied to any scheduler.
moved all three to RMServerUtils
bq. It is clearly not InvalidResourceRequest, so let's create a new one and add
documentation too.
yeah ...created one.. is InvalidContainerReleaseRequestException good?
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13721461#comment-13721461
]
Bikas Saha commented on YARN-948:
-
Where is appAttemptId coming from? The token? If its coming from the client
request object itself then can client send different app's attempt id and
matching container ids?
InvalidContainerReleaseException sounds better to me.
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13721466#comment-13721466
]
Omkar Vinit Joshi commented on YARN-948:
bq. Where is appAttemptId coming from? The token? If its coming from the client
request object itself then can client send different app's attempt id and
matching container ids?
No ...we have removed appAttemptId now from request... it is from AMRMToken
(auth method retrieves and returns it).
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13721471#comment-13721471
]
Hadoop QA commented on YARN-948:
{color:green}+1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12594493/YARN-948-20130726.1.patch
against trunk revision .
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:green}+1 tests included{color}. The patch appears to include 2 new
or modified test files.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 javadoc{color}. The javadoc tool did not generate any
warning messages.
{color:green}+1 eclipse:eclipse{color}. The patch built with
eclipse:eclipse.
{color:green}+1 findbugs{color}. The patch does not introduce any new
Findbugs (version 1.3.9) warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:green}+1 core tests{color}. The patch passed unit tests in
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager.
{color:green}+1 contrib tests{color}. The patch passed contrib unit tests.
Test results:
https://builds.apache.org/job/PreCommit-YARN-Build/1595//testReport/
Console output: https://builds.apache.org/job/PreCommit-YARN-Build/1595//console
This message is automatically generated.
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13721486#comment-13721486
]
Sandy Ryza commented on YARN-948:
-
+1 to InvalidContainerReleaseException
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13718782#comment-13718782
]
Bikas Saha commented on YARN-948:
-
Changing title to reflect that this is not scheduler specific.
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
At present we are blinding passing the allocate request containing containers
to be released to CapacityScheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13718905#comment-13718905
]
Omkar Vinit Joshi commented on YARN-948:
Fixed... Added check to validate container release list.
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (YARN-948) RM should validate the release container list before actually releasing them
[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13718933#comment-13718933
]
Hadoop QA commented on YARN-948:
{color:green}+1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12594042/YARN-948-20130724.patch
against trunk revision .
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:green}+1 tests included{color}. The patch appears to include 2 new
or modified test files.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 javadoc{color}. The javadoc tool did not generate any
warning messages.
{color:green}+1 eclipse:eclipse{color}. The patch built with
eclipse:eclipse.
{color:green}+1 findbugs{color}. The patch does not introduce any new
Findbugs (version 1.3.9) warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:green}+1 core tests{color}. The patch passed unit tests in
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager.
{color:green}+1 contrib tests{color}. The patch passed contrib unit tests.
Test results:
https://builds.apache.org/job/PreCommit-YARN-Build/1577//testReport/
Console output: https://builds.apache.org/job/PreCommit-YARN-Build/1577//console
This message is automatically generated.
RM should validate the release container list before actually releasing them
Key: YARN-948
URL: https://issues.apache.org/jira/browse/YARN-948
Project: Hadoop YARN
Issue Type: Bug
Reporter: Omkar Vinit Joshi
Assignee: Omkar Vinit Joshi
Attachments: YARN-948-20130724.patch
At present we are blinding passing the allocate request containing containers
to be released to the scheduler. This may result into one application
releasing another application's container.
{code}
@Override
@Lock(Lock.NoLock.class)
public Allocation allocate(ApplicationAttemptId applicationAttemptId,
ListResourceRequest ask, ListContainerId release,
ListString blacklistAdditions, ListString blacklistRemovals) {
FiCaSchedulerApp application = getApplication(applicationAttemptId);
// Release containers
for (ContainerId releasedContainerId : release) {
RMContainer rmContainer = getRMContainer(releasedContainerId);
if (rmContainer == null) {
RMAuditLogger.logFailure(application.getUser(),
AuditConstants.RELEASE_CONTAINER,
Unauthorized access or invalid container, CapacityScheduler,
Trying to release container not owned by app or with invalid
id,
application.getApplicationId(), releasedContainerId);
}
completedContainer(rmContainer,
SchedulerUtils.createAbnormalContainerStatus(
releasedContainerId,
SchedulerUtils.RELEASED_CONTAINER),
RMContainerEventType.RELEASED);
}
{code}
Current checks are not sufficient and we should prevent this. thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
