YARN-10120. Https Support in Router WebServiceClient.

Contributed by Bilwa S T.

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/pom.xml

@@ -75,6 +75,11 @@
       <groupId>com.google.guava</groupId>
       <artifactId>guava</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
+      <artifactId>bcprov-jdk15on</artifactId>
+      <scope>test</scope>
+    </dependency>
 
     <!-- 'mvn dependency:analyze' fails to detect use of this dependency -->
     <dependency>

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/WebServiceClient.java

@@ -0,0 +1,127 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.yarn.server.webapp;
+
+import java.io.IOException;
+import java.net.HttpURLConnection;
+import java.net.URL;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
+import org.apache.hadoop.security.authentication.client.AuthenticationException;
+import org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
+import org.apache.hadoop.security.ssl.SSLFactory;
+import org.apache.hadoop.yarn.conf.YarnConfiguration;
+
+import com.google.common.annotations.VisibleForTesting;
+import com.sun.jersey.api.client.Client;
+import com.sun.jersey.client.urlconnection.HttpURLConnectionFactory;
+import com.sun.jersey.client.urlconnection.URLConnectionClientHandler;
+
+/**
+ * Utility for handling Web client. 
+ *
+ */
+public class WebServiceClient {
+  @VisibleForTesting
+  protected static SSLFactory sslFactory = null;
+  private static volatile WebServiceClient instance = null;
+  private static boolean isHttps = false;
+
+  /**
+   * Construct a new WebServiceClient based on the configuration. It will try to
+   * load SSL certificates when it is specified.
+   *
+   * @param config
+   * @throws Exception
+   */
+  public static void initialize(Configuration conf) throws Exception {
+    if (instance == null) {
+      synchronized (WebServiceClient.class) {
+        if (instance == null) {
+          isHttps = YarnConfiguration.useHttps(conf);
+          if (isHttps) {
+            createSSLFactory(conf);
+          }
+          instance = new WebServiceClient();
+        }
+      }
+    }
+  }
+
+  public static WebServiceClient getWebServiceClient() {
+    return instance;
+  }
+
+  /**
+   * Start SSL factory.
+   *
+   * @param conf
+   * @return
+   * @throws Exception
+   */
+  private static SSLFactory createSSLFactory(Configuration conf)
+      throws Exception {
+    sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, conf);
+    sslFactory.init();
+    return sslFactory;
+  }
+
+  /**
+   * Create a client based on http conf.
+   *
+   * @return Client
+   */
+  public Client createClient() {
+    return new Client(
+        new URLConnectionClientHandler(getHttpURLConnectionFactory()));
+  }
+
+  @VisibleForTesting
+  protected HttpURLConnectionFactory getHttpURLConnectionFactory() {
+    return new HttpURLConnectionFactory() {
+      @Override
+      public HttpURLConnection getHttpURLConnection(URL url)
+          throws IOException {
+        AuthenticatedURL.Token token = new AuthenticatedURL.Token();
+        HttpURLConnection conn = null;
+        try {
+          HttpURLConnection.setFollowRedirects(false);
+          // If https is chosen, configures SSL client.
+          if (isHttps) {
+            conn = new AuthenticatedURL(new KerberosAuthenticator(),
+                sslFactory).openConnection(url, token);
+          } else {
+            conn = new AuthenticatedURL().openConnection(url, token);
+          }
+        } catch (AuthenticationException e) {
+          throw new IOException(e);
+        }
+        return conn;
+      }
+    };
+  }
+
+  public synchronized static void destroy() {
+    if (sslFactory != null) {
+      sslFactory.destroy();
+    }
+    instance = null;
+  }
+
+}

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/test/java/org/apache/hadoop/yarn/server/webapp/TestWebServiceClient.java

@@ -0,0 +1,100 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.yarn.server.webapp;
+
+import java.io.File;
+import java.net.HttpURLConnection;
+import java.net.URI;
+import java.net.URL;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.fs.FileUtil;
+import org.apache.hadoop.http.HttpServer2;
+import org.apache.hadoop.http.TestHttpServer.EchoServlet;
+import org.apache.hadoop.net.NetUtils;
+import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
+import org.apache.hadoop.yarn.conf.YarnConfiguration;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class TestWebServiceClient {
+
+  private static final String BASEDIR = System.getProperty("test.build.dir",
+      "target/test-dir") + "/" + TestWebServiceClient.class.getSimpleName();
+  static final String SSL_SERVER_KEYSTORE_PROP_PREFIX = "ssl.server.keystore";
+  static final String SSL_SERVER_TRUSTSTORE_PROP_PREFIX = 
+      "ssl.server.truststore";
+  static final String SERVLET_NAME_ECHO = "echo";
+  static final String SERVLET_PATH_ECHO = "/" + SERVLET_NAME_ECHO;
+
+  @Test
+  public void testGetWebServiceClient() throws Exception {
+    Configuration conf = new Configuration();
+    conf.set(YarnConfiguration.YARN_HTTP_POLICY_KEY, "HTTPS_ONLY");
+    WebServiceClient.initialize(conf);
+    Assert.assertNotNull(WebServiceClient.sslFactory);
+    WebServiceClient.destroy();
+  }
+
+  @Test
+  public void testCreateClient() throws Exception {
+    Configuration conf = new Configuration();
+    conf.set(YarnConfiguration.YARN_HTTP_POLICY_KEY, "HTTPS_ONLY");
+    File base = new File(BASEDIR);
+    FileUtil.fullyDelete(base);
+    base.mkdirs();
+    String keystoresDir = new File(BASEDIR).getAbsolutePath();
+    String sslConfDir = KeyStoreTestUtil
+        .getClasspathDir(TestWebServiceClient.class);
+
+    KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, conf, false,
+        true);
+
+    Configuration sslConf = KeyStoreTestUtil.getSslConfig();
+    sslConf.set(YarnConfiguration.YARN_HTTP_POLICY_KEY, "HTTPS_ONLY");
+
+    HttpServer2 server = new HttpServer2.Builder().setName("test")
+        .addEndpoint(new URI("https://localhost")).setConf(sslConf)
+        .keyPassword(
+            sslConf.get(SSL_SERVER_KEYSTORE_PROP_PREFIX + ".keypassword"))
+        .keyStore(sslConf.get(SSL_SERVER_KEYSTORE_PROP_PREFIX + ".location"),
+            sslConf.get(SSL_SERVER_KEYSTORE_PROP_PREFIX + ".password"),
+            sslConf.get(SSL_SERVER_KEYSTORE_PROP_PREFIX + ".type", "jks"))
+        .trustStore(
+            sslConf.get(SSL_SERVER_TRUSTSTORE_PROP_PREFIX + ".location"),
+            sslConf.get(SSL_SERVER_TRUSTSTORE_PROP_PREFIX + ".password"),
+            sslConf.get(SSL_SERVER_TRUSTSTORE_PROP_PREFIX + ".type", "jks"))
+        .excludeCiphers(sslConf.get("ssl.server.exclude.cipher.list")).build();
+    server.addServlet(SERVLET_NAME_ECHO, SERVLET_PATH_ECHO, EchoServlet.class);
+    server.start();
+
+    final URL baseUrl = new URL(
+        "https://" + NetUtils.getHostPortString(server.getConnectorAddress(0)));
+    URL u = new URL(baseUrl, SERVLET_PATH_ECHO + "?a=b&c=d");
+    WebServiceClient.initialize(sslConf);
+    WebServiceClient client = WebServiceClient.getWebServiceClient();
+    HttpURLConnection conn = client.getHttpURLConnectionFactory()
+        .getHttpURLConnection(u);
+    Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
+    WebServiceClient.destroy();
+    server.stop();
+    FileUtil.fullyDelete(new File(BASEDIR));
+    KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir);
+  }
+
+}

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-router/src/main/java/org/apache/hadoop/yarn/server/router/Router.java

@@ -36,6 +36,7 @@ import org.apache.hadoop.yarn.server.resourcemanager.webapp.RMWebAppUtil;
 import org.apache.hadoop.yarn.server.router.clientrm.RouterClientRMService;
 import org.apache.hadoop.yarn.server.router.rmadmin.RouterRMAdminService;
 import org.apache.hadoop.yarn.server.router.webapp.RouterWebApp;
+import org.apache.hadoop.yarn.server.webapp.WebServiceClient;
 import org.apache.hadoop.yarn.webapp.WebApp;
 import org.apache.hadoop.yarn.webapp.WebApps;
 import org.apache.hadoop.yarn.webapp.WebApps.Builder;
@@ -110,6 +111,7 @@ public class Router extends CompositeService {
     addService(pauseMonitor);
     jm.setPauseMonitor(pauseMonitor);
 
+    WebServiceClient.initialize(config);
     super.serviceInit(conf);
   }
 
@@ -134,6 +136,7 @@ public class Router extends CompositeService {
     }
     super.serviceStop();
     DefaultMetricsSystem.shutdown();
+    WebServiceClient.destroy();
   }
 
   protected void shutDown() {

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-router/src/main/java/org/apache/hadoop/yarn/server/router/webapp/AboutBlock.java

@@ -52,7 +52,7 @@ public class AboutBlock extends HtmlBlock {
 
     ClusterMetricsInfo metrics = RouterWebServiceUtil.genericForward(
         webAppAddress, null, ClusterMetricsInfo.class, HTTPMethods.GET,
-        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.METRICS, null, null);
+        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.METRICS, null, null, conf);
     boolean isEnabled = conf.getBoolean(
         YarnConfiguration.FEDERATION_ENABLED,
         YarnConfiguration.DEFAULT_FEDERATION_ENABLED);

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-router/src/main/java/org/apache/hadoop/yarn/server/router/webapp/AppsBlock.java

@@ -56,7 +56,7 @@ public class AppsBlock extends HtmlBlock {
     String webAppAddress = WebAppUtils.getRouterWebAppURLWithScheme(conf);
     AppsInfo apps = RouterWebServiceUtil.genericForward(webAppAddress, null,
         AppsInfo.class, HTTPMethods.GET,
-        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS, null, null);
+        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS, null, null, conf);
 
     setTitle("Applications");
 

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-router/src/main/java/org/apache/hadoop/yarn/server/router/webapp/DefaultRequestInterceptorREST.java

@@ -27,6 +27,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.ws.rs.core.Response;
 
+import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.security.authorize.AuthorizationException;
 import org.apache.hadoop.yarn.exceptions.YarnException;
 import org.apache.hadoop.yarn.exceptions.YarnRuntimeException;
@@ -107,28 +108,32 @@ public class DefaultRequestInterceptorREST
   public ClusterInfo getClusterInfo() {
     return RouterWebServiceUtil.genericForward(webAppAddress, null,
         ClusterInfo.class, HTTPMethods.GET,
-        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.INFO, null, null);
+        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.INFO, null, null,
+        getConf());
   }
 
   @Override
   public ClusterUserInfo getClusterUserInfo(HttpServletRequest hsr) {
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
-            ClusterUserInfo.class, HTTPMethods.GET,
-            RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.CLUSTER_USER_INFO, null, null);
+        ClusterUserInfo.class, HTTPMethods.GET,
+        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.CLUSTER_USER_INFO, null,
+        null, getConf());
   }
 
   @Override
   public ClusterMetricsInfo getClusterMetricsInfo() {
     return RouterWebServiceUtil.genericForward(webAppAddress, null,
         ClusterMetricsInfo.class, HTTPMethods.GET,
-        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.METRICS, null, null);
+        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.METRICS, null, null,
+        getConf());
   }
 
   @Override
   public SchedulerTypeInfo getSchedulerInfo() {
     return RouterWebServiceUtil.genericForward(webAppAddress, null,
         SchedulerTypeInfo.class, HTTPMethods.GET,
-        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.SCHEDULER, null, null);
+        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.SCHEDULER, null, null,
+        getConf());
   }
 
   @Override
@@ -137,7 +142,8 @@ public class DefaultRequestInterceptorREST
     // time is specified inside hsr
     return RouterWebServiceUtil.genericForward(webAppAddress, null,
         String.class, HTTPMethods.GET,
-        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.SCHEDULER_LOGS, null, null);
+        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.SCHEDULER_LOGS, null, null,
+        getConf());
   }
 
   @Override
@@ -150,7 +156,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, null,
         NodesInfo.class, HTTPMethods.GET,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.NODES, null,
-        additionalParam);
+        additionalParam, getConf());
   }
 
   @Override
@@ -158,7 +164,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, null,
         NodeInfo.class, HTTPMethods.GET,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.NODES + "/" + nodeId, null,
-        null);
+        null, getConf());
   }
 
   @Override
@@ -168,7 +174,7 @@ public class DefaultRequestInterceptorREST
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.NODES + "/" + nodeId;
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         ResourceInfo.class, HTTPMethods.POST,
-        nodePath + "/resource", resourceOption, null);
+        nodePath + "/resource", resourceOption, null, getConf());
   }
 
   @Override
@@ -180,7 +186,8 @@ public class DefaultRequestInterceptorREST
     // all the params are specified inside hsr
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         AppsInfo.class, HTTPMethods.GET,
-        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS, null, null);
+        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS, null, null,
+        getConf());
   }
 
   @Override
@@ -190,7 +197,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         ActivitiesInfo.class, HTTPMethods.GET,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.SCHEDULER_ACTIVITIES, null,
-        null);
+        null, getConf());
   }
 
   @Override
@@ -202,7 +209,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         AppActivitiesInfo.class, HTTPMethods.GET,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.SCHEDULER_APP_ACTIVITIES,
-        null, null);
+        null, null, getConf());
   }
 
   @Override
@@ -211,7 +218,8 @@ public class DefaultRequestInterceptorREST
     // stateQueries and typeQueries are specified inside hsr
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         ApplicationStatisticsInfo.class, HTTPMethods.GET,
-        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APP_STATISTICS, null, null);
+        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APP_STATISTICS, null, null,
+        getConf());
   }
 
   @Override
@@ -221,7 +229,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         AppInfo.class, HTTPMethods.GET,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS + "/" + appId, null,
-        null);
+        null, getConf());
   }
 
   @Override
@@ -230,7 +238,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         AppState.class, HTTPMethods.GET, RMWSConsts.RM_WEB_SERVICE_PATH
             + RMWSConsts.APPS + "/" + appId + "/" + RMWSConsts.STATE,
-        null, null);
+        null, null, getConf());
   }
 
   @Override
@@ -240,7 +248,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.PUT, RMWSConsts.RM_WEB_SERVICE_PATH
             + RMWSConsts.APPS + "/" + appId + "/" + RMWSConsts.STATE,
-        targetState, null);
+        targetState, null, getConf());
   }
 
   @Override
@@ -249,7 +257,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         NodeToLabelsInfo.class, HTTPMethods.GET,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.GET_NODE_TO_LABELS, null,
-        null);
+        null, getConf());
   }
 
   @Override
@@ -264,7 +272,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, null,
         LabelsToNodesInfo.class, HTTPMethods.GET,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.LABEL_MAPPINGS, null,
-        additionalParam);
+        additionalParam, getConf());
   }
 
   @Override
@@ -273,7 +281,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.POST,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.REPLACE_NODE_TO_LABELS,
-        newNodeToLabels, null);
+        newNodeToLabels, null, getConf());
   }
 
   @Override
@@ -284,7 +292,7 @@ public class DefaultRequestInterceptorREST
         .genericForward(webAppAddress, hsr,
             Response.class, HTTPMethods.POST, RMWSConsts.RM_WEB_SERVICE_PATH
                 + RMWSConsts.NODES + "/" + nodeId + "/replace-labels",
-            null, null);
+            null, null, getConf());
   }
 
   @Override
@@ -293,7 +301,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         NodeLabelsInfo.class, HTTPMethods.GET,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.GET_NODE_LABELS, null,
-        null);
+        null, getConf());
   }
 
   @Override
@@ -302,7 +310,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.POST,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.ADD_NODE_LABELS,
-        newNodeLabels, null);
+        newNodeLabels, null, getConf());
   }
 
   @Override
@@ -312,7 +320,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.POST,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.REMOVE_NODE_LABELS, null,
-        null);
+        null, getConf());
   }
 
   @Override
@@ -321,7 +329,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         NodeLabelsInfo.class, HTTPMethods.GET, RMWSConsts.RM_WEB_SERVICE_PATH
             + RMWSConsts.NODES + "/" + nodeId + "/get-labels",
-        null, null);
+        null, null, getConf());
   }
 
   @Override
@@ -330,7 +338,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         AppPriority.class, HTTPMethods.GET, RMWSConsts.RM_WEB_SERVICE_PATH
             + RMWSConsts.APPS + "/" + appId + "/" + RMWSConsts.PRIORITY,
-        null, null);
+        null, null, getConf());
   }
 
   @Override
@@ -340,7 +348,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.PUT, RMWSConsts.RM_WEB_SERVICE_PATH
             + RMWSConsts.APPS + "/" + appId + "/" + RMWSConsts.PRIORITY,
-        targetPriority, null);
+        targetPriority, null, getConf());
   }
 
   @Override
@@ -349,7 +357,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         AppQueue.class, HTTPMethods.GET, RMWSConsts.RM_WEB_SERVICE_PATH
             + RMWSConsts.APPS + "/" + appId + "/" + RMWSConsts.QUEUE,
-        null, null);
+        null, null, getConf());
   }
 
   @Override
@@ -359,7 +367,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.PUT, RMWSConsts.RM_WEB_SERVICE_PATH
             + RMWSConsts.APPS + "/" + appId + "/" + RMWSConsts.QUEUE,
-        targetQueue, null);
+        targetQueue, null, getConf());
   }
 
   @Override
@@ -368,7 +376,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.POST,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS_NEW_APPLICATION, null,
-        null);
+        null, getConf());
   }
 
   @Override
@@ -377,7 +385,8 @@ public class DefaultRequestInterceptorREST
       throws AuthorizationException, IOException, InterruptedException {
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.POST,
-        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS, newApp, null);
+        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS, newApp, null,
+        getConf());
   }
 
   @Override
@@ -387,7 +396,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.POST,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.DELEGATION_TOKEN, tokenData,
-        null);
+        null, getConf());
   }
 
   @Override
@@ -397,7 +406,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.POST,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.DELEGATION_TOKEN_EXPIRATION,
-        null, null);
+        null, null, getConf());
   }
 
   @Override
@@ -407,7 +416,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.DELETE,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.DELEGATION_TOKEN, null,
-        null);
+        null, getConf());
   }
 
   @Override
@@ -416,7 +425,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.POST,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.RESERVATION_NEW, null,
-        null);
+        null, getConf());
   }
 
   @Override
@@ -426,7 +435,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.POST,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.RESERVATION_SUBMIT,
-        resContext, null);
+        resContext, null, getConf());
   }
 
   @Override
@@ -436,7 +445,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.POST,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.RESERVATION_UPDATE,
-        resContext, null);
+        resContext, null, getConf());
   }
 
   @Override
@@ -446,7 +455,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.POST,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.RESERVATION_DELETE,
-        resContext, null);
+        resContext, null, getConf());
   }
 
   @Override
@@ -458,7 +467,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.GET,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.RESERVATION_LIST, null,
-        null);
+        null, getConf());
   }
 
   @Override
@@ -468,7 +477,7 @@ public class DefaultRequestInterceptorREST
         .genericForward(webAppAddress, hsr, AppTimeoutInfo.class,
             HTTPMethods.GET, RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS
                 + "/" + appId + "/" + RMWSConsts.TIMEOUTS + "/" + type,
-            null, null);
+            null, null, getConf());
   }
 
   @Override
@@ -477,7 +486,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         AppTimeoutsInfo.class, HTTPMethods.GET, RMWSConsts.RM_WEB_SERVICE_PATH
             + RMWSConsts.APPS + "/" + appId + "/" + RMWSConsts.TIMEOUTS,
-        null, null);
+        null, null, getConf());
   }
 
   @Override
@@ -487,7 +496,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         Response.class, HTTPMethods.PUT, RMWSConsts.RM_WEB_SERVICE_PATH
             + RMWSConsts.APPS + "/" + appId + "/" + RMWSConsts.TIMEOUT,
-        appTimeout, null);
+        appTimeout, null, getConf());
   }
 
   @Override
@@ -495,7 +504,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         AppAttemptsInfo.class, HTTPMethods.GET, RMWSConsts.RM_WEB_SERVICE_PATH
             + RMWSConsts.APPS + "/" + appId + "/" + RMWSConsts.APPATTEMPTS,
-        null, null);
+        null, null, getConf());
   }
 
   @Override
@@ -504,7 +513,7 @@ public class DefaultRequestInterceptorREST
     return RouterWebServiceUtil.genericForward(webAppAddress, hsr,
         RMQueueAclInfo.class, HTTPMethods.GET,
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.QUEUES + "/" + queue
-            + "/access", null, null);
+            + "/access", null, null, getConf());
   }
 
   @Override
@@ -514,7 +523,7 @@ public class DefaultRequestInterceptorREST
         AppAttemptInfo.class,
         HTTPMethods.GET, RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS + "/"
             + appId + "/" + RMWSConsts.APPATTEMPTS + "/" + appAttemptId,
-        null, null);
+        null, null, getConf());
   }
 
   @Override
@@ -525,7 +534,7 @@ public class DefaultRequestInterceptorREST
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS + "/" + appId + "/"
             + RMWSConsts.APPATTEMPTS + "/" + appAttemptId + "/"
             + RMWSConsts.CONTAINERS,
-        null, null);
+        null, null, getConf());
   }
 
   @Override
@@ -537,7 +546,7 @@ public class DefaultRequestInterceptorREST
         RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.APPS + "/" + appId + "/"
             + RMWSConsts.APPATTEMPTS + "/" + appAttemptId + "/"
             + RMWSConsts.CONTAINERS + "/" + containerId,
-        null, null);
+        null, null, getConf());
   }
 
   @Override
@@ -555,6 +564,6 @@ public class DefaultRequestInterceptorREST
         .genericForward(webAppAddress, req, Response.class, HTTPMethods.POST,
             RMWSConsts.RM_WEB_SERVICE_PATH + "/" + RMWSConsts.CONTAINERS + "/"
                 + containerId + "/" + RMWSConsts.SIGNAL + "/" + command, null,
-            null);
+            null, getConf());
   }
 }

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-router/src/main/java/org/apache/hadoop/yarn/server/router/webapp/NodesBlock.java

@@ -56,7 +56,7 @@ public class NodesBlock extends HtmlBlock {
     String webAppAddress = WebAppUtils.getRouterWebAppURLWithScheme(conf);
     NodesInfo nodes = RouterWebServiceUtil.genericForward(webAppAddress, null,
         NodesInfo.class, HTTPMethods.GET,
-        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.NODES, null, null);
+        RMWSConsts.RM_WEB_SERVICE_PATH + RMWSConsts.NODES, null, null, conf);
 
     setTitle("Nodes");
 

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-router/src/main/java/org/apache/hadoop/yarn/server/router/webapp/RouterWebServiceUtil.java

@@ -22,6 +22,7 @@ import static javax.servlet.http.HttpServletResponse.SC_NO_CONTENT;
 import static javax.servlet.http.HttpServletResponse.SC_OK;
 
 import java.io.IOException;
+import java.net.InetSocketAddress;
 import java.security.PrivilegedExceptionAction;
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -37,8 +38,11 @@ import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.ResponseBuilder;
 
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.net.NetUtils;
 import org.apache.hadoop.security.UserGroupInformation;
 import org.apache.hadoop.yarn.api.records.YarnApplicationState;
+import org.apache.hadoop.yarn.conf.YarnConfiguration;
 import org.apache.hadoop.yarn.server.resourcemanager.webapp.RMWebAppUtil;
 import org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.AppInfo;
 import org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.AppsInfo;
@@ -46,6 +50,7 @@ import org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.ClusterMetricsIn
 import org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.NodeInfo;
 import org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.NodesInfo;
 import org.apache.hadoop.yarn.server.uam.UnmanagedApplicationManager;
+import org.apache.hadoop.yarn.server.webapp.WebServiceClient;
 import org.apache.hadoop.yarn.webapp.BadRequestException;
 import org.apache.hadoop.yarn.webapp.ForbiddenException;
 import org.apache.hadoop.yarn.webapp.NotFoundException;
@@ -93,7 +98,7 @@ public final class RouterWebServiceUtil {
       final String webApp, final HttpServletRequest hsr,
       final Class<T> returnType, final HTTPMethods method,
       final String targetPath, final Object formParam,
-      final Map<String, String[]> additionalParam) {
+      final Map<String, String[]> additionalParam, Configuration conf) {
 
     UserGroupInformation callerUGI = null;
 
@@ -128,7 +133,7 @@ public final class RouterWebServiceUtil {
           ClientResponse response = RouterWebServiceUtil.invokeRMWebService(
               webApp, targetPath, method,
               (hsr == null) ? null : hsr.getPathInfo(), paramMap, formParam,
-              getMediaTypeFromHttpServletRequest(hsr, returnType));
+              getMediaTypeFromHttpServletRequest(hsr, returnType), conf);
           if (Response.class.equals(returnType)) {
             return (T) RouterWebServiceUtil.clientResponseToResponse(response);
           }
@@ -161,10 +166,15 @@ public final class RouterWebServiceUtil {
    */
   private static ClientResponse invokeRMWebService(String webApp, String path,
       HTTPMethods method, String additionalPath,
-      Map<String, String[]> queryParams, Object formParam, String mediaType) {
-    Client client = Client.create();
-
-    WebResource webResource = client.resource(webApp).path(path);
+      Map<String, String[]> queryParams, Object formParam, String mediaType,
+      Configuration conf) {
+    Client client = WebServiceClient.getWebServiceClient().createClient();
+    InetSocketAddress socketAddress = NetUtils
+        .getConnectAddress(NetUtils.createSocketAddr(webApp));
+    String scheme = YarnConfiguration.useHttps(conf) ? "https://" : "http://";
+    String webAddress = scheme + socketAddress.getHostName() + ":"
+        + socketAddress.getPort();
+    WebResource webResource = client.resource(webAddress).path(path);
 
     if (additionalPath != null && !additionalPath.isEmpty()) {
       webResource = webResource.path(additionalPath);