YARN-5549. AMLauncher#createAMContainerLaunchContext() should not log the command to be launched indiscriminately. (Daniel Templeton via rchiang)

This commit is contained in:
Ray Chiang 2016-09-02 11:07:39 -07:00
parent 5a8c5064d1
commit 378f624a39
3 changed files with 46 additions and 5 deletions

View File

@ -534,6 +534,18 @@ public static boolean isAclEnabled(Configuration conf) {
public static final int
DEFAULT_RM_SYSTEM_METRICS_PUBLISHER_DISPATCHER_POOL_SIZE = 10;
/**
* The {@code AMLauncher.createAMContainerLaunchContext()} method will log the
* command being executed to the RM log if this property is true. Commands
* may contain sensitive information, such as application or service
* passwords, making logging the commands a security risk. In cases where
* the cluster may be running applications with such commands, this property
* should be set to false. Commands are only logged at the debug level.
*/
public static final String RM_AMLAUNCHER_LOG_COMMAND =
RM_PREFIX + "amlauncher.log.command";
public static final boolean DEFAULT_RM_AMLAUNCHER_LOG_COMMAND = false;
//RM delegation token related keys
public static final String RM_DELEGATION_KEY_UPDATE_INTERVAL_KEY =
RM_PREFIX + "delegation.key.update-interval";

View File

@ -298,6 +298,19 @@
<value>50</value>
</property>
<property>
<description>
The resource manager will log all commands being executed to the RM log
if this property is true. Commands may contain sensitive information,
such as application or service passwords, making logging the commands a
security risk. In cases where the cluster may be running applications with
such commands this property should be set to false. Commands are only
logged at the debug level.
</description>
<name>yarn.resourcemanager.amlauncher.log.command</name>
<value>false</value>
</property>
<property>
<description>The class to use as the resource scheduler.</description>
<name>yarn.resourcemanager.scheduler.class</name>

View File

@ -66,6 +66,7 @@
import org.apache.hadoop.yarn.util.timeline.TimelineUtils;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Joiner;
/**
* The launch of the AM itself.
@ -81,6 +82,7 @@ public class AMLauncher implements Runnable {
private final AMLauncherEventType eventType;
private final RMContext rmContext;
private final Container masterContainer;
private final boolean logCommandLine;
@SuppressWarnings("rawtypes")
private final EventHandler handler;
@ -93,6 +95,9 @@ public AMLauncher(RMContext rmContext, RMAppAttempt application,
this.rmContext = rmContext;
this.handler = rmContext.getDispatcher().getEventHandler();
this.masterContainer = application.getMasterContainer();
this.logCommandLine =
conf.getBoolean(YarnConfiguration.RM_AMLAUNCHER_LOG_COMMAND,
YarnConfiguration.DEFAULT_RM_AMLAUNCHER_LOG_COMMAND);
}
private void connect() throws IOException {
@ -188,11 +193,22 @@ private ContainerLaunchContext createAMContainerLaunchContext(
// Construct the actual Container
ContainerLaunchContext container =
applicationMasterContext.getAMContainerSpec();
LOG.info("Command to launch container "
+ containerID
+ " : "
+ StringUtils.arrayToString(container.getCommands().toArray(
new String[0])));
if (LOG.isDebugEnabled()) {
StringBuilder message = new StringBuilder("Command to launch container ");
message.append(containerID).append(" : ");
if (logCommandLine) {
message.append(Joiner.on(",").join(container.getCommands()));
} else {
message.append("<REDACTED> -- Set ");
message.append(YarnConfiguration.RM_AMLAUNCHER_LOG_COMMAND);
message.append(" to true to reenable command logging");
}
LOG.debug(message.toString());
}
// Populate the current queue name in the environment variable.
setupQueueNameEnv(container, applicationMasterContext);