[ https://issues.apache.org/jira/browse/YARN-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15214258#comment-15214258 ]
Robert Joseph Evans commented on YARN-4757: ------------------------------------------- There are lots of ways to "fix" these issues on a case by case basis. I mostly want to be sure that any documentation around YARN and service discovery is very clear that there are inherent races that can happen on shared infrastructure. YARN/Slider cannot fix them for end users and any client talking to a secure application/server should validate that the server is the correct and expected server. Concrete examples of how to do this would be great. This is not a new issue. It has existed since the registry service was first implemented. We are simply making it much easier for a user to integrate off the shelf components that are coming from a more traditional infrastructure/deployment where this is not necessarily a concern. > [Umbrella] Simplified discovery of services via DNS mechanisms > -------------------------------------------------------------- > > Key: YARN-4757 > URL: https://issues.apache.org/jira/browse/YARN-4757 > Project: Hadoop YARN > Issue Type: New Feature > Reporter: Vinod Kumar Vavilapalli > Assignee: Jonathan Maron > Attachments: YARN-4757- Simplified discovery of services via DNS > mechanisms.pdf > > > [See overview doc at YARN-4692, copying the sub-section (3.2.10.2) to track > all related efforts.] > In addition to completing the present story of service-registry (YARN-913), > we also need to simplify the access to the registry entries. The existing > read mechanisms of the YARN Service Registry are currently limited to a > registry specific (java) API and a REST interface. In practice, this makes it > very difficult for wiring up existing clients and services. For e.g, dynamic > configuration of dependent endpoints of a service is not easy to implement > using the present registry-read mechanisms, *without* code-changes to > existing services. > A good solution to this is to expose the registry information through a more > generic and widely used discovery mechanism: DNS. Service Discovery via DNS > uses the well-known DNS interfaces to browse the network for services. > YARN-913 in fact talked about such a DNS based mechanism but left it as a > future task. (Task) Having the registry information exposed via DNS > simplifies the life of services. -- This message was sent by Atlassian JIRA (v6.3.4#6332)