[TEZ-1433] Invalid credentials can be used when a DAG is submitted to a session which has timed out - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Blocker
Resolution: Fixed
Affects Version/s: 0.4.0
Fix Version/s: 0.5.1
Component/s: None
Labels:
None

Target Version/s:

0.5.1
Hadoop Flags:

Reviewed

Description

When a DAG is submitted to a session which has timed out, and the same DAG is then submitted to a new session - credentials associated with the old session can end up getting used.
Before we know that the session is no longer valid, the DAG is modified to add local resources and credentials.
On the next submission, since the DAG already has tokens (for HDFS for example) from the old session, the tokens are not updated.
Meanwhile, the old token would end up being cancelled by the RM - since the applicaiton associated with the previous session has finished.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

TEZ-1433.5.patch
23/Sep/14 05:19
43 kB
Bikas Saha
TEZ-1433.4.patch
22/Sep/14 07:04
42 kB
Bikas Saha
TEZ-1433.3.patch
21/Sep/14 22:59
41 kB
Bikas Saha
TEZ-1433.2.patch
14/Sep/14 02:29
8 kB
Bikas Saha
TEZ-1433-v1.patch
23/Aug/14 05:24
2 kB
Jonathan Turner Eagles

Issue Links

relates to

TEZ-1563 TezClient.submitDAGSession alters DAG local resources regardless of DAG submission

Closed

Activity

People

Assignee:: Bikas Saha

Reporter:: Siddharth Seth

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 15/Aug/14 07:03

Updated:: 02/Oct/14 21:41

Resolved:: 25/Sep/14 23:24