[jira] [Commented] (YARN-4119) Expose the NM bind address as an env, so that AM can make use of it for exposing tracking URL

Tue, 22 Sep 2015 06:41:39 -0700 

    [ 
https://issues.apache.org/jira/browse/YARN-4119?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14902631#comment-14902631
 ] 

Naganarasimha G R commented on YARN-4119:
-----------------------------------------

Hi [~vvasudev] & [~rohithsharma],
  While trying to look into the modifications came across few things :
# {{ContainerLaunch.sanitizeEnv}} is already adding {{NM_HOST}} to the 
environment of a container Launch script. {{NM_HOST}} which is added as env is 
got from NM's NodeId.getHost(), NodeID is set in 
{{ContainerManagerImpl.serviceStart}} using {{yarn.nodemanager.address}}. So i 
was little skeptical about using this existing env param as though BindAddr is 
set they take NM_HOST's address.
# As per YARN-1994 {{NM_BIND_HOST}} is generally used to set {{0.0.0.0}} in a 
{{Multi homing/interface}} environment settings in server side. but user can 
set individual address too. So it would be ideal to expose this, but one 
concern what i have is what if this is not set ? As per my understanding we 
need to set address part of  {{NM_WEBAPP_ADDRESS/NM_WEBAPP_HTTPS_ADDRESS}} 
based on the schema. 

So my idea is 
* expose new ENV as {{AM_BIND_ADDR}} 
* It will be set with {{NM_BIND_HOST}} if its set
* if not set then {{NM_WEBAPP_ADDRESS/NM_WEBAPP_HTTPS_ADDRESS}} based on the 
schema.
Thoughts ? 



>  Expose the NM bind address as an env, so that AM can make use of it for 
> exposing tracking URL
> ----------------------------------------------------------------------------------------------
>
>                 Key: YARN-4119
>                 URL: https://issues.apache.org/jira/browse/YARN-4119
>             Project: Hadoop YARN
>          Issue Type: Improvement
>            Reporter: Naganarasimha G R
>            Assignee: Naganarasimha G R
>
> As described in MAPREDUCE-5938, In many security scanning tools its not 
> advisable to bind on all network addresses and would be good to bind only on 
> the desired address. As AM's can run on any of the nodes it would be better 
> for NM to share its bind address as part of Environment variables to the 
> container.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to