You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@bigtop.apache.org by rv...@apache.org on 2012/01/17 17:24:22 UTC
svn commit: r1232459 - in
/incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet: manifests/
modules/hadoop/manifests/ modules/hadoop/templates/
Author: rvs
Date: Tue Jan 17 16:24:22 2012
New Revision: 1232459
URL: http://svn.apache.org/viewvc?rev=1232459&view=rev
Log:
BIGTOP-344. puppet code needs to be updated to be able to deploy Hadoop 0.23 YARN in a secure fashion
Added:
incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/container-executor.cfg
Modified:
incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/manifests/cluster.pp
incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/manifests/init.pp
incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/hadoop
incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/yarn-site.xml
Modified: incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/manifests/cluster.pp
URL: http://svn.apache.org/viewvc/incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/manifests/cluster.pp?rev=1232459&r1=1232458&r2=1232459&view=diff
==============================================================================
--- incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/manifests/cluster.pp (original)
+++ incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/manifests/cluster.pp Tue Jan 17 16:24:22 2012
@@ -64,8 +64,9 @@ class hadoop_cluster_node {
$kerberos_kdc_server = extlookup("hadoop_kerberos_kdc_server")
include kerberos::client
- kerberos::client::host_keytab { ["hdfs", "mapred", "hbase", "oozie"]:
+ kerberos::client::host_keytab { ["hdfs", "yarn", "mapred", "hbase", "oozie"]:
princs_map => { hdfs => [ "host", "hdfs" ],
+ yarn => [ "yarn" ],
mapred => [ "mapred" ],
hbase => [ "hbase" ],
oozie => [ "oozie" ], },
Modified: incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/manifests/init.pp
URL: http://svn.apache.org/viewvc/incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/manifests/init.pp?rev=1232459&r1=1232458&r2=1232459&view=diff
==============================================================================
--- incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/manifests/init.pp (original)
+++ incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/manifests/init.pp Tue Jan 17 16:24:22 2012
@@ -50,10 +50,15 @@ class hadoop {
}
file {
- "/etc/yarn/conf/yarn-site.xml":
+ "/etc/hadoop/conf/yarn-site.xml":
content => template('hadoop/yarn-site.xml'),
require => [Package["hadoop"]],
}
+
+ file { "/etc/hadoop/conf/container-executor.cfg":
+ content => template('hadoop/container-executor.cfg'),
+ require => [Package["hadoop"]],
+ }
}
class common-hdfs inherits common {
@@ -218,7 +223,7 @@ class hadoop {
service { "hadoop-yarn-resourcemanager":
ensure => running,
hasstatus => true,
- subscribe => [Package["hadoop-yarn-resourcemanager"], File["/etc/hadoop/conf/hadoop-env.sh"], File["/etc/yarn/conf/yarn-site.xml"]],
+ subscribe => [Package["hadoop-yarn-resourcemanager"], File["/etc/hadoop/conf/hadoop-env.sh"], File["/etc/hadoop/conf/yarn-site.xml"]],
require => [ Package["hadoop-yarn-resourcemanager"] ]
}
}
@@ -260,7 +265,7 @@ class hadoop {
service { "hadoop-yarn-nodemanager":
ensure => running,
hasstatus => true,
- subscribe => [Package["hadoop-yarn-nodemanager"], File["/etc/hadoop/conf/hadoop-env.sh"], File["/etc/yarn/conf/yarn-site.xml"]],
+ subscribe => [Package["hadoop-yarn-nodemanager"], File["/etc/hadoop/conf/hadoop-env.sh"], File["/etc/hadoop/conf/yarn-site.xml"]],
require => [ Package["hadoop-yarn-nodemanager"], File[$dirs] ],
}
Added: incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/container-executor.cfg
URL: http://svn.apache.org/viewvc/incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/container-executor.cfg?rev=1232459&view=auto
==============================================================================
--- incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/container-executor.cfg (added)
+++ incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/container-executor.cfg Tue Jan 17 16:24:22 2012
@@ -0,0 +1,3 @@
+yarn.nodemanager.linux-container-executor.group=hadoop
+#banned.users=foo,bar
+#min.user.id=1000
Modified: incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/hadoop
URL: http://svn.apache.org/viewvc/incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/hadoop?rev=1232459&r1=1232458&r2=1232459&view=diff
==============================================================================
--- incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/hadoop (original)
+++ incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/hadoop Tue Jan 17 16:24:22 2012
@@ -11,9 +11,10 @@
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
+# limitations under the License.
export HADOOP_HOME_WARN_SUPPRESS=true
export HADOOP_PREFIX=/usr/lib/hadoop
-export HADOOP_LIBEXEC_DIR=/usr/libexec
+export HADOOP_LIBEXEC_DIR=/usr/lib/hadoop/libexec
export HADOOP_NAMENODE_USER=hdfs
export HADOOP_SECONDARYNAMENODE_USER=hdfs
export HADOOP_DATANODE_USER=hdfs
@@ -28,7 +29,6 @@ export HADOOP_IDENT_STRING=hdfs
export HADOOP_PID_DIR=/var/run/hadoop
export HADOOP_LOG_DIR=/var/log/hadoop
export HADOOP_CONF_DIR=/etc/hadoop/conf
-export YARN_CONF_DIR=/etc/yarn/conf
export HADOOP_CLASSPATH="${HADOOP_CLASSPATH}:${HADOOP_PREFIX}/*:${HADOOP_PREFIX}/lib/*"
# Pointless definitions making yarn happy
Modified: incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/yarn-site.xml
URL: http://svn.apache.org/viewvc/incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/yarn-site.xml?rev=1232459&r1=1232458&r2=1232459&view=diff
==============================================================================
--- incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/yarn-site.xml (original)
+++ incubator/bigtop/branches/hadoop-0.23/bigtop-deploy/puppet/modules/hadoop/templates/yarn-site.xml Tue Jan 17 16:24:22 2012
@@ -18,6 +18,44 @@
<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
<configuration>
+<% if hadoop_security_authentication == "kerberos" %>
+ <!-- JobTracker security configs -->
+ <property>
+ <name>yarn.resourcemanager.principal</name>
+ <value>yarn/_HOST@<%= kerberos_realm %></value>
+ </property>
+ <property>
+ <name>yarn.resourcemanager.keytab</name>
+ <value>/etc/yarn.keytab</value>
+ </property>
+
+ <property>
+ <name>yarn.nodemanager.principal</name>
+ <value>yarn/_HOST@<%= kerberos_realm %></value>
+ </property>
+ <property>
+ <name>yarn.nodemanager.keytab</name>
+ <value>/etc/yarn.keytab</value>
+ </property>
+ <property>
+ <name>yarn.nodemanager.container-executor.class</name>
+ <value>org.apache.hadoop.yarn.server.nodemanager.LinuxContainerExecutor</value>
+ </property>
+ <property>
+ <name>yarn.nodemanager.linux-container-executor.group</name>
+ <value>hadoop</value>
+ </property>
+
+ <property>
+ <name>yarn.web-proxy.principal</name>
+ <value>yarn/_HOST@<%= kerberos_realm %></value>
+ </property>
+ <property>
+ <name>yarn.web-proxy.keytab</name>
+ <value>/etc/yarn.keytab</value>
+ </property>
+<% end %>
+
<property>
<name>yarn.resourcemanager.resource-tracker.address</name>
<value><%= hadoop_rm_host %>:<%= hadoop_rt_port %></value>