But this also means that a user could potentially get a session, save the handle in a variable, begin using it, use run, go back to using the session directly without calling get_session again, and then unexpectedly have their session die in the middle of using it because of the timeout set by run.

@nettrom_WMF maybe this is why you sometimes come back to notebooks and find the Spark session/context dead?

Adding Data-Engineering to all Wmfdata-Python tasks, as requested by Dan and Andrew.

If the kernel gets shut down, the driver and application master go with it, and this neatly frees up the resources used by the kernel itself too.

Right, but closing a kernel depends on user action, while a timeout will happen regardless.

In any case, I agree that doing resource management on the client side is an anti-pattern; it's better to do this server side. There doesn't seem to be a better solution for this server side other than what we already do which is to have dynamic allocation on by default, and to let the executor count drop all the way to zero (which is Spark's default). Perhaps as a sanity measure, we could make it so that a user cannot set spark.dynamicAllocation.enabled=false?

Also, was the timeout implemented for historical reasons? As in perhaps we didn't have dynamic allocation before?

In T298179#8323285, @xcollazo wrote:

If the kernel gets shut down, the driver and application master go with it, and this neatly frees up the resources used by the kernel itself too.

Right, but closing a kernel depends on user action, while a timeout will happen regardless.

Well, here we're talking about special functionality we built to time sessions out without user action. So my point is that similar functionality to cull unused kernels would be a much broader and better solution, since it controls resource use on the stat servers (which is a significant although not serious issue) as well as on the Hadoop cluster. I'm sure there would be challenges in how to do that, but that's equally true here.

In any case, I agree that doing resource management on the client side is an anti-pattern; it's better to do this server side. There doesn't seem to be a better solution for this server side other than what we already do which is to have dynamic allocation on by default, and to let the executor count drop all the way to zero (which is Spark's default). Perhaps as a sanity measure, we could make it so that a user cannot set spark.dynamicAllocation.enabled=false?

That definitely seems reasonable, even though I'm pretty sure we've never run into any issue with that.

Also, was the timeout implemented for historical reasons? As in perhaps we didn't have dynamic allocation before?

No, we had dynamic allocation then. It's just that in addition to the dynamically-allocated executors, any YARN session keeps a permanent hold on one executor to serve as the application master (not sure how big that executor is but it's definitely not bigger than a normal one). The timeout minimizes cases of this (not eliminates, because of the limitations mentioned in the description).

So we're talking about one executor per unused session. That's not nothing when you consider there will likely be multiple users with multiple open sessions, but we have the same situation with unused notebooks taking up memory on the stat servers, and nothing terrible has happened even though there are no controls or timeouts (which is why I said it was a significant but not serious issue).

If the timeout is removed, it could be possible to detect and alert when not production yarn applications are running for more than a week, for safety.

In T298179#8378525, @Antoine_Quhen wrote:

If the timeout is removed, it could be possible to detect and alert when not production yarn applications are running for more than a week, for safety.

Yes, this is definitely the type of thing I was thinking about when I mentioned "similar functionality to cull unused kernels"! Just for context, having an application open for more than a week will be common, since I guarantee that it's currently common to have notebooks open for much longer than a week (since you have to go out of your way to shut down notebooks, it's easy to leave them open almost indefinitely).

So if you have an alert for your team when an application has been open for a week, you'll get a ton of alerts, which probably won't be helpful. On the other hand, if it's an alert for an application owner, that will be extremely useful since it will remind people to be conscious of their resource use. Right now, you could leave a notebook or application open for a year and you wouldn't get any feedback (although eventually a server restart would silently close it), so an email alert for the owner would be a great first step.

It might be worth focusing on an alert for open notebooks over one for open applications. Every application is contained within a notebook, more or less, but not all notebooks have applications (but still might be using other resources like stat server memory), so focusing on notebooks gets more return on your investments.

Waiting for @xcollazo's review.