[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13721366#comment-13721366
]
Vinod Kumar Vavilapalli commented on YARN-948:
----------------------------------------------
bq. Probably not. We should have same behavior like "ask". thoughts?
Ask can definitely be not per resource-request as there are implicit
dependencies between host and rack requests. For blacklist and release, there
are no dependencies, so handling them individually is fine. But I'm okay doing
it like you have mainly because reporting part partial successes and failures
is more API changes. *sigh*
bq. Other validate calls are present in SchedulerUtils. Let me know if I should
move all or this?
Yeah, let's move'em if they aren't really tied to any scheduler.
bq. Yeah thought about it but but then sticked to it don't think we should have
separate exception for this scenario. Let me know I will modify.
It is clearly not InvalidResourceRequest, so let's create a new one and add
documentation too.
> RM should validate the release container list before actually releasing them
> ----------------------------------------------------------------------------
>
> Key: YARN-948
> URL: https://issues.apache.org/jira/browse/YARN-948
> Project: Hadoop YARN
> Issue Type: Bug
> Reporter: Omkar Vinit Joshi
> Assignee: Omkar Vinit Joshi
> Attachments: YARN-948-20130724.patch
>
>
> At present we are blinding passing the allocate request containing containers
> to be released to the scheduler. This may result into one application
> releasing another application's container.
> {code}
> @Override
> @Lock(Lock.NoLock.class)
> public Allocation allocate(ApplicationAttemptId applicationAttemptId,
> List<ResourceRequest> ask, List<ContainerId> release,
> List<String> blacklistAdditions, List<String> blacklistRemovals) {
> FiCaSchedulerApp application = getApplication(applicationAttemptId);
> ....
> ....
> // Release containers
> for (ContainerId releasedContainerId : release) {
> RMContainer rmContainer = getRMContainer(releasedContainerId);
> if (rmContainer == null) {
> RMAuditLogger.logFailure(application.getUser(),
> AuditConstants.RELEASE_CONTAINER,
> "Unauthorized access or invalid container", "CapacityScheduler",
> "Trying to release container not owned by app or with invalid
> id",
> application.getApplicationId(), releasedContainerId);
> }
> completedContainer(rmContainer,
> SchedulerUtils.createAbnormalContainerStatus(
> releasedContainerId,
> SchedulerUtils.RELEASED_CONTAINER),
> RMContainerEventType.RELEASED);
> }
> {code}
> Current checks are not sufficient and we should prevent this..... thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
