YARN Forum

Kill malicious application master

  • #48336
    Feng Meng
    Participant

    It is possible that some malicious application master requires way more resource than cluster can offer. Based my observation, it will starve the whole cluster since the malicious application reserves all resource but still waiting for more. It seems YARN eventually times out that app master. There is property yarn.am.liveness-monitor.expiry-interval-ms seems to be relevant, but I don’t want legitimate‎ long running am times out prematurely.

    Similarly, I can submit thousands of application at same time to Yarn cluster and each will launch an AM, which could produce deadlock situation.

    What’s the best way to handle this type of malicious application?

to create new topics or reply. | New User Registration

  • Author
    Replies
  • #48629

    Hi,

    Yes this can happen.

    To avoid such situations, Capacity Scheduler in YARN has two configurations: (1) yarn.scheduler.capacity.maximum-applications which limits the maximum number of applications that can be pending and running in the cluster and (2) yarn.scheduler.capacity.maximum-am-resource-percent which determines the maximum percent of resources in the cluster which can be used to run application masters; it thus controls number of concurrent running applications in the cluster at any point of time.

    The later is set to 0.1 by default which means that not more than 10% of cluster resources are used for running ApplicationMasters.

    #49072
    Feng Meng
    Participant

    Thanks for your reply. Do we have similar setting for fair scheduler? We cannot use capacity scheduler since it does not have preemption support.

You must be to reply to this topic. | Create Account

Support from the Experts

A HDP Support Subscription connects you experts with deep experience running Apache Hadoop in production, at-scale on the most demanding workloads.

Enterprise Support »

Become HDP Certified

Real world training designed by the core architects of Hadoop. Scenario-based training courses are available in-classroom or online from anywhere in the world

Training »

Hortonworks Data Platform
The Hortonworks Data Platform is a 100% open source distribution of Apache Hadoop that is truly enterprise grade having been built, tested and hardened with enterprise rigor.
Get started with Sandbox
Hortonworks Sandbox is a self-contained virtual machine with Apache Hadoop pre-configured alongside a set of hands-on, step-by-step Hadoop tutorials.
Modern Data Architecture
Tackle the challenges of big data. Hadoop integrates with existing EDW, RDBMS and MPP systems to deliver lower cost, higher capacity infrastructure.