[
https://issues.apache.org/jira/browse/YARN-613?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13658763#comment-13658763
]
Omkar Vinit Joshi commented on YARN-613:
----------------------------------------
One addition .. good suggestion [~bikassaha]
If RM restarts then we have two scenarios
* If we need to preserve the work, (AM and containers will continue to run) in
which AM should be able to communicate with NM with older AMNMToken after RM
start. So if AM gets new container on the NM after RM reboot (RM will send the
new AMNMToken to AM considering it has no knowledge of the previous AMNMToken -
information not persisted) then AM should replace the existing token with new
one. Now if NM gets a different token than the older /stored one it should
validate the current Token's master key with that of its current/previous
master key. If this is valid then replace older Token (thereby we can even
renew token).
* If we don't need to preserve the work, (AM and container will be killed after
RM restarts) then there will be no problem at all even with above
implementation in which case as applications are already killed so we can just
clear the cache on NM.
> Create NM proxy per NM instead of per container
> -----------------------------------------------
>
> Key: YARN-613
> URL: https://issues.apache.org/jira/browse/YARN-613
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Bikas Saha
> Assignee: Omkar Vinit Joshi
>
> Currently a new NM proxy has to be created per container since the secure
> authentication is using a containertoken from the container.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
