Configure ACLs for application priorities

Configure Priority ACLs to ensure that only select users can submit applications with a specified priority to a queue. You must configure these Priority ACLs at the leaf queue-level.

If ACLs are already configured for user access to a leaf queue, then the Priority ACLs for the queue can include only those users with access to that queue.
  1. In Cloudera Manager, select the YARN service.
  2. Click the Configuration tab.
  3. Search for scheduler.
  4. In Capacity Scheduler Configuration Advanced Configuration Snippet (Safety Valve) field, add the following:
    Name: yarn.scheduler.capacity.<leaf-queue-path>.acl_application_max_priority
    Value: [user={username} group={groupname} max_priority={priority} default_priority={priority}]
    Description: The ACL of users who can submit applications with configured priority.

    The following example shows how you can configure Priority ACLs for a user maria and for the users of a group hadoop:

    Name: yarn.scheduler.capacity.root.queue1.acl_application_max_priority
    Value: [user=maria group=hadoop max_priority=7 default_priority=4]

    The user maria and the users of the hadoop group can submit applications with a maximum priority of 7.