Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Solved Go to solution

Is there any way to disable "kill application" button to Resource Manager's Web UI ?

Labels:
avatar
author-rank SK1
Guru

Created ‎02-02-2016 07:37 AM

Hello Friends,

Is there any way to disable "kill application" button to Resource Manager's Web UI ?

Thanks in advance.

4,225 Views
1 ACCEPTED SOLUTION

avatar
author-rank SK1
Guru

Created ‎02-21-2016 11:30 AM

@Ancil McBarnett @Benjamin Leonhardi @Jonas Straub: I have successfully disabled "kill Application" button by adding below property to yarn-site.xml.

yarn.resourcemanager.webapp.ui-actions.enabled= false.

For more detailed steps you can refer to below link .

http://www.hadoopadmin.co.in/bigdata/how-to-disable-kill-application-button-in-resource-manager-web-...

View solution in original post

2,969 Views
8 REPLIES 8

avatar
author-rank amcbarnett
Guru

Created ‎02-02-2016 08:06 AM

@Saurabh Kumar

Good question. I don't think there is a way to disable the "kill application" button.

Perhaps if a user is granted read only permission to the Dashboard in Ambari -> Manage Ambari, he might be unable to do so, but I also see that even a read only user can access the RM UI. So the only way is to not give that user any permission to the dashboard or to the RM UI via Knox secured by Ranger.

Perhaps someone else has a better answer.

2,969 Views

avatar
author-rank bleonhardi
Master Guru

Created ‎02-02-2016 09:52 AM

I think there are different options.

You can enable HTTP authentication using SPNEGO and kerberos for the web uis

https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/HttpAuthentication.html

( Problem is that Spnego is a bit finicky since the computers running the web browser need to be in the kerberos realm )

And you can disable administration of queues for specific users and groups. I.e. only allow a specific subgroup of users to kill applications.

https://hadoop.apache.org/docs/r2.4.1/hadoop-yarn/hadoop-yarn-site/CapacityScheduler.html#Configurat...

Is your cluster kerberized?

2,969 Views

avatar
author-rank jstraub
Guru

Created ‎02-02-2016 11:16 AM

Regarding spnego authentication, also see this http://docs.hortonworks.com/HDPDocuments/Ambari-2.1.2.1/bk_Ambari_Security_Guide/content/ch_enable_s...

2,969 Views
0 Kudos

avatar
author-rank SK1
Guru

Created ‎02-03-2016 05:56 AM

Hi Benjamin,

Thanks for your reply. And no we do not have kerbaros in our cluster. We are just using knox and ranger.

2,969 Views
0 Kudos

avatar
author-rank bleonhardi
Master Guru

Created ‎02-03-2016 10:11 AM

In that case you cannot use SPNEGO. But you might be able to stop users from administering queues. (killing applications ). I have seen these settings not working on a non-kerberized cluster but it might have been a bug.

2,969 Views
0 Kudos

avatar
author-rank SK1
Guru

Created ‎02-21-2016 11:30 AM

@Ancil McBarnett @Benjamin Leonhardi @Jonas Straub: I have successfully disabled "kill Application" button by adding below property to yarn-site.xml.

yarn.resourcemanager.webapp.ui-actions.enabled= false.

For more detailed steps you can refer to below link .

http://www.hadoopadmin.co.in/bigdata/how-to-disable-kill-application-button-in-resource-manager-web-...

2,970 Views

avatar
author-rank bleonhardi
Master Guru

Created ‎02-21-2016 11:31 AM

That is cool, I didn't find it in the original JIRA patch weird.

2,969 Views

avatar
author-rank SK1
Guru

Created ‎02-21-2016 11:30 AM

@Ancil McBarnett @Benjamin Leonhardi @Jonas Straub: I have successfully disabled "kill Application" button by adding below property to yarn-site.xml.

yarn.resourcemanager.webapp.ui-actions.enabled= false.

For more detailed steps you can refer to below link .

http://www.hadoopadmin.co.in/bigdata/how-to-disable-kill-application-button-in-resource-manager-web-...

2,969 Views
0 Kudos
webinar banner
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements
meetups banner