[
https://issues.apache.org/jira/browse/YARN-899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13734040#comment-13734040
]
Siddharth Seth commented on YARN-899:
-------------------------------------
bq. With this in mind, I think who has access should be based on a union of
ACLs
Agree. AMs get ACLs from the RM when they register. That could be a combined
list along with the queue ACLs. It's up to the AMs to enforce these. Maybe the
RM proxy could do some of this as well. The MR JobHistoryServer gets ACLs from
the AM - again it's up to this to enforce them. The RM AppHistoryServer will
need to do the union though.
Don't have experience with JT ACLs, but it does look like that's doing a union
as well. View vs Modify ACLs for queues makes sense to me.
> Get queue administration ACLs working
> -------------------------------------
>
> Key: YARN-899
> URL: https://issues.apache.org/jira/browse/YARN-899
> Project: Hadoop YARN
> Issue Type: Bug
> Components: scheduler
> Affects Versions: 2.1.0-beta
> Reporter: Sandy Ryza
> Assignee: Xuan Gong
> Attachments: YARN-899.1.patch
>
>
> The Capacity Scheduler documents the
> yarn.scheduler.capacity.root.<queue-path>.acl_administer_queue config option
> for controlling who can administer a queue, but it is not hooked up to
> anything. The Fair Scheduler could make use of a similar option as well.
> This is a feature-parity regression from MR1.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
