5 years ago · 8e6227441a
--- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherService.java
+++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherService.java
@@ -34,6 +34,8 @@ import org.apache.hadoop.hdfs.server.federation.store.StateStoreUnavailableExcep
 
				 import org.apache.hadoop.hdfs.server.federation.store.StateStoreUtils;
			
 
				 import org.apache.hadoop.hdfs.server.federation.store.records.RouterState;
			
 
				 import org.apache.hadoop.net.NetUtils;
			
 
				+import org.apache.hadoop.security.SecurityUtil;
			
 
				+import org.apache.hadoop.security.UserGroupInformation;
			
 
				 import org.apache.hadoop.service.AbstractService;
			
 
				 import org.slf4j.Logger;
			
 
				 import org.slf4j.LoggerFactory;
			
@@ -170,7 +172,12 @@ public class MountTableRefresherService extends AbstractService {
 
				   @VisibleForTesting
			
 
				   protected RouterClient createRouterClient(InetSocketAddress routerSocket,
			
 
				       Configuration config) throws IOException {
			
 
				-    return new RouterClient(routerSocket, config);
			
 
				+    return SecurityUtil.doAsLoginUser(() -> {
			
 
				+      if (UserGroupInformation.isSecurityEnabled()) {
			
 
				+        UserGroupInformation.getLoginUser().checkTGTAndReloginFromKeytab();
			
 
				+      }
			
 
				+      return new RouterClient(routerSocket, config);
			
 
				+    });
			
 
				   }
			
 
				 
			
 
				   @Override
			
--- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherThread.java
+++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherThread.java
@@ -23,6 +23,8 @@ import java.util.concurrent.CountDownLatch;
 
				 import org.apache.hadoop.hdfs.server.federation.resolver.MountTableManager;
			
 
				 import org.apache.hadoop.hdfs.server.federation.store.protocol.RefreshMountTableEntriesRequest;
			
 
				 import org.apache.hadoop.hdfs.server.federation.store.protocol.RefreshMountTableEntriesResponse;
			
 
				+import org.apache.hadoop.security.SecurityUtil;
			
 
				+import org.apache.hadoop.security.UserGroupInformation;
			
 
				 import org.slf4j.Logger;
			
 
				 import org.slf4j.LoggerFactory;
			
 
				 
			
@@ -61,10 +63,16 @@ public class MountTableRefresherThread extends Thread {
 
				   @Override
			
 
				   public void run() {
			
 
				     try {
			
 
				-      RefreshMountTableEntriesResponse refreshMountTableEntries =
			
 
				-          manager.refreshMountTableEntries(
			
 
				-              RefreshMountTableEntriesRequest.newInstance());
			
 
				-      success = refreshMountTableEntries.getResult();
			
 
				+      SecurityUtil.doAsLoginUser(() -> {
			
 
				+        if (UserGroupInformation.isSecurityEnabled()) {
			
 
				+          UserGroupInformation.getLoginUser().checkTGTAndReloginFromKeytab();
			
 
				+        }
			
 
				+        RefreshMountTableEntriesResponse refreshMountTableEntries = manager
			
 
				+            .refreshMountTableEntries(
			
 
				+                RefreshMountTableEntriesRequest.newInstance());
			
 
				+        success = refreshMountTableEntries.getResult();
			
 
				+        return true;
			
 
				+      });
			
 
				     } catch (IOException e) {
			
 
				       LOG.error("Failed to refresh mount table entries cache at router {}",
			
 
				           adminAddress, e);