[ https://issues.apache.org/jira/browse/YARN-899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13734040#comment-13734040 ]
Siddharth Seth commented on YARN-899: ------------------------------------- bq. With this in mind, I think who has access should be based on a union of ACLs Agree. AMs get ACLs from the RM when they register. That could be a combined list along with the queue ACLs. It's up to the AMs to enforce these. Maybe the RM proxy could do some of this as well. The MR JobHistoryServer gets ACLs from the AM - again it's up to this to enforce them. The RM AppHistoryServer will need to do the union though. Don't have experience with JT ACLs, but it does look like that's doing a union as well. View vs Modify ACLs for queues makes sense to me. > Get queue administration ACLs working > ------------------------------------- > > Key: YARN-899 > URL: https://issues.apache.org/jira/browse/YARN-899 > Project: Hadoop YARN > Issue Type: Bug > Components: scheduler > Affects Versions: 2.1.0-beta > Reporter: Sandy Ryza > Assignee: Xuan Gong > Attachments: YARN-899.1.patch > > > The Capacity Scheduler documents the > yarn.scheduler.capacity.root.<queue-path>.acl_administer_queue config option > for controlling who can administer a queue, but it is not hooked up to > anything. The Fair Scheduler could make use of a similar option as well. > This is a feature-parity regression from MR1. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira