[
https://issues.apache.org/jira/browse/YARN-948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13721450#comment-13721450
]
Omkar Vinit Joshi commented on YARN-948:
----------------------------------------
Thanks [~vinodkv]..
bq. Ask can definitely be not per resource-request as there are implicit
dependencies between host and rack requests. For blacklist and release, there
are no dependencies, so handling them individually is fine. But I'm okay doing
it like you have mainly because reporting part partial successes and failures
is more API changes. sigh
yeah... :D
bq. Yeah, let's move'em if they aren't really tied to any scheduler.
moved all three to RMServerUtils
bq. It is clearly not InvalidResourceRequest, so let's create a new one and add
documentation too.
yeah ...created one.. is InvalidContainerReleaseRequestException good?
> RM should validate the release container list before actually releasing them
> ----------------------------------------------------------------------------
>
> Key: YARN-948
> URL: https://issues.apache.org/jira/browse/YARN-948
> Project: Hadoop YARN
> Issue Type: Bug
> Reporter: Omkar Vinit Joshi
> Assignee: Omkar Vinit Joshi
> Attachments: YARN-948-20130724.patch, YARN-948-20130726.1.patch
>
>
> At present we are blinding passing the allocate request containing containers
> to be released to the scheduler. This may result into one application
> releasing another application's container.
> {code}
> @Override
> @Lock(Lock.NoLock.class)
> public Allocation allocate(ApplicationAttemptId applicationAttemptId,
> List<ResourceRequest> ask, List<ContainerId> release,
> List<String> blacklistAdditions, List<String> blacklistRemovals) {
> FiCaSchedulerApp application = getApplication(applicationAttemptId);
> ....
> ....
> // Release containers
> for (ContainerId releasedContainerId : release) {
> RMContainer rmContainer = getRMContainer(releasedContainerId);
> if (rmContainer == null) {
> RMAuditLogger.logFailure(application.getUser(),
> AuditConstants.RELEASE_CONTAINER,
> "Unauthorized access or invalid container", "CapacityScheduler",
> "Trying to release container not owned by app or with invalid
> id",
> application.getApplicationId(), releasedContainerId);
> }
> completedContainer(rmContainer,
> SchedulerUtils.createAbnormalContainerStatus(
> releasedContainerId,
> SchedulerUtils.RELEASED_CONTAINER),
> RMContainerEventType.RELEASED);
> }
> {code}
> Current checks are not sufficient and we should prevent this..... thoughts?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
