Startsida Utforska Hjälp
Registrera dig Logga in
apache
/
hadoop
spegling av https://github.com/apache/hadoop.git
2
0
Fork 1
Filer Ärenden 0 Wiki
Bläddra i källkod

YARN-854. Fixing YARN bugs that are failing applications in secure environment. Contributed by Omkar Vinit Joshi and shv.

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-2.0.6-alpha@1508570 13f79535-47bb-0310-9956-ffa450edef68
Konstantin Shvachko 11 år sedan
förälder
48483e9aa1
incheckning
b50aef5add
3 ändrade filer med 12 tillägg och 8 borttagningar
Delad Vy Visa Diff Statistik
  1. 3 0
      hadoop-yarn-project/CHANGES.txt
  2. 1 7
      hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/localizer/ContainerLocalizer.java
  3. 8 1
      hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/localizer/ResourceLocalizationService.java

+ 3 - 0
hadoop-yarn-project/CHANGES.txt
Visa fil 

@@ -12,6 +12,9 @@ Release 2.0.6-alpha - UNRELEASED
 
 
   BUG FIXES
 
 
+    YARN-854. Fixing YARN bugs that are failing applications in secure
 
+    environment. (Omkar Vinit Joshi and shv)
 
+
 
 Release 2.0.5-alpha - 06/06/2013
 
 
   INCOMPATIBLE CHANGES

+ 1 - 7
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/localizer/ContainerLocalizer.java
Visa fil 

@@ -64,7 +64,6 @@ import org.apache.hadoop.yarn.server.nodemanager.api.protocolrecords.LocalizerHe
 
 import org.apache.hadoop.yarn.server.nodemanager.api.protocolrecords.LocalizerStatus;
 
 import org.apache.hadoop.yarn.server.nodemanager.api.protocolrecords.ResourceStatusType;
 
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.localizer.security.LocalizerTokenIdentifier;
 
-import org.apache.hadoop.yarn.server.nodemanager.containermanager.localizer.security.LocalizerTokenSecretManager;
 
 import org.apache.hadoop.yarn.util.ConverterUtils;
 
 import org.apache.hadoop.yarn.util.FSDownload;
 
 
@@ -144,12 +143,7 @@ public class ContainerLocalizer {
 
     // create localizer context
 
     UserGroupInformation remoteUser =
 
       UserGroupInformation.createRemoteUser(user);
 
-    LocalizerTokenSecretManager secretManager =
 
-      new LocalizerTokenSecretManager();
 
-    LocalizerTokenIdentifier id = secretManager.createIdentifier();
 
-    Token<LocalizerTokenIdentifier> localizerToken =
 
-      new Token<LocalizerTokenIdentifier>(id, secretManager);
 
-    remoteUser.addToken(localizerToken);
 
+    remoteUser.addToken(creds.getToken(LocalizerTokenIdentifier.KIND));
 
     final LocalizationProtocol nodeManager =
 
         remoteUser.doAs(new PrivilegedAction<LocalizationProtocol>() {
 
           @Override

+ 8 - 1
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/localizer/ResourceLocalizationService.java
Visa fil 

@@ -99,6 +99,7 @@ import org.apache.hadoop.yarn.server.nodemanager.containermanager.localizer.even
 
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.localizer.event.ResourceLocalizedEvent;
 
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.localizer.event.ResourceReleaseEvent;
 
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.localizer.event.ResourceRequestEvent;
 
+import org.apache.hadoop.yarn.server.nodemanager.containermanager.localizer.security.LocalizerTokenIdentifier;
 
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.localizer.security.LocalizerTokenSecretManager;
 
 import org.apache.hadoop.yarn.server.nodemanager.security.authorize.NMPolicyProvider;
 
 import org.apache.hadoop.yarn.service.AbstractService;
 
@@ -126,6 +127,7 @@ public class ResourceLocalizationService extends CompositeService
 
   private LocalizerTracker localizerTracker;
 
   private RecordFactory recordFactory;
 
   private final ScheduledExecutorService cacheCleanup;
 
+  private LocalizerTokenSecretManager secretManager;
 
 
   private final LocalResourcesTracker publicRsrc;
 
 
@@ -238,7 +240,6 @@ public class ResourceLocalizationService extends CompositeService
 
   Server createServer() {
 
     Configuration conf = getConfig();
 
     YarnRPC rpc = YarnRPC.create(conf);
 
-    LocalizerTokenSecretManager secretManager = null;
 
     if (UserGroupInformation.isSecurityEnabled()) {
 
       secretManager = new LocalizerTokenSecretManager();
 
     }
 
@@ -898,6 +899,12 @@ public class ResourceLocalizationService extends CompositeService
 
             LOG.debug(tk.getService() + " : " + tk.encodeToUrlString());
 
           }
 
         }
 
+        if (UserGroupInformation.isSecurityEnabled()) {
 
+          LocalizerTokenIdentifier id = secretManager.createIdentifier();
 
+          Token<LocalizerTokenIdentifier> localizerToken =
 
+              new Token<LocalizerTokenIdentifier>(id, secretManager);
 
+          credentials.addToken(id.getKind(), localizerToken);
 
+        }
 
         credentials.writeTokenStorageToStream(tokenOut);
 
       } finally {
 
         if (tokenOut != null) {