[jira] [Commented] (APEXCORE-736) Security fix : YarnClient in StreamingContainerManager

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

[jira] [Commented] (APEXCORE-736) Security fix : YarnClient in StreamingContainerManager

JIRA jira@apache.org

    [ https://issues.apache.org/jira/browse/APEXCORE-736?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16035997#comment-16035997 ]

Pramod Immaneni commented on APEXCORE-736:

The exception is thrown because yarn web services would expect the client to authenticate with kerberos credentials and the client, in this case the container, has none.

> Security fix : YarnClient in StreamingContainerManager
> ------------------------------------------------------
>                 Key: APEXCORE-736
>                 URL: https://issues.apache.org/jira/browse/APEXCORE-736
>             Project: Apache Apex Core
>          Issue Type: Bug
>            Reporter: devendra tagare
>            Assignee: devendra tagare
> Currently we are using a WebServicesClient in StreamingContainerManager to get container report from Yarn.
> Using the WebServicesClient will throw and exception if the webservices are kerberized.
> We should use a YARN client instead which can access kerberized YARN webservices as per its access levels.

This message was sent by Atlassian JIRA