You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Ramesh Mani <rm...@hortonworks.com> on 2015/12/02 01:53:09 UTC
Review Request 40848: Ranger 754 : Ranger YARN Plugin lookup and test
connection should support SPENGO enabled HTTP Authentication
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/40848/
-----------------------------------------------------------
Review request for ranger, Alok Lal, Abhay Kulkarni, Madhan Neethiraj, and Selvamohan Neethiraj.
Repository: ranger
Description
-------
Ranger 754 : Ranger YARN Plugin lookup and test connection should support SPENGO enabled HTTP Authentication
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/client/HadoopConfigHolder.java f95e10e
agents-common/src/main/resources/service-defs/ranger-servicedef-yarn.json ff1f39f
plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnClient.java fc07760
plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnConnectionMgr.java e2cc2ef
plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnResourceMgr.java 95d29c0
Diff: https://reviews.apache.org/r/40848/diff/
Testing
-------
Configure the hadoop for http Authenticaton https://hadoop.apache.org/docs/r1.2.1/HttpAuthentication.html
Verified Ranger Yarn Service Test connection successful in the Ranger Admin UI
Verified Ranger Yarn Service Lookup fetching the yarn resources in Ranger Admin UI
Verified the same without HTTP authentication in a cluster and secure cluster.
Thanks,
Ramesh Mani
Re: Review Request 40848: Ranger 754 : Ranger YARN Plugin lookup and
test connection should support SPENGO enabled HTTP Authentication
Posted by Madhan Neethiraj <ma...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/40848/#review108588
-----------------------------------------------------------
Ship it!
Please address the issues identified in the comments and commit.
agents-common/src/main/java/org/apache/ranger/plugin/client/HadoopConfigHolder.java (line 286)
<https://reviews.apache.org/r/40848/#comment168039>
Consider adding an else {} here to set isHadoopHTTPAuthentication = false.
Or initialize isHadoopHTTPAuthentication to false in line# 59.
plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnClient.java (line 101)
<https://reviews.apache.org/r/40848/#comment168041>
This sets a global authenticator for the entire process; this authenticator will be used when any server requests for authentication.
One of the implication is the potenial errors in simultaneous lookup on 2 YARN service instances (or other services that use HTTP for look up). Please look for an alternate way to set the authenticator, preferrably for the given Client object. If this is not feasible, at least reset the global authenticator - by setting Authenticator.setDefault(null) in the finally block.
plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnConnectionMgr.java (line 34)
<https://reviews.apache.org/r/40848/#comment168042>
Since the URL/username/password is handled within YarnClient constructor, remove this code from here and let the error handling (of logging error message) be done in the constructor.
- Madhan Neethiraj
On Dec. 2, 2015, 12:53 a.m., Ramesh Mani wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/40848/
> -----------------------------------------------------------
>
> (Updated Dec. 2, 2015, 12:53 a.m.)
>
>
> Review request for ranger, Alok Lal, Abhay Kulkarni, Madhan Neethiraj, and Selvamohan Neethiraj.
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Ranger 754 : Ranger YARN Plugin lookup and test connection should support SPENGO enabled HTTP Authentication
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/client/HadoopConfigHolder.java f95e10e
> agents-common/src/main/resources/service-defs/ranger-servicedef-yarn.json ff1f39f
> plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnClient.java fc07760
> plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnConnectionMgr.java e2cc2ef
> plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnResourceMgr.java 95d29c0
>
> Diff: https://reviews.apache.org/r/40848/diff/
>
>
> Testing
> -------
>
> Configure the hadoop for http Authenticaton https://hadoop.apache.org/docs/r1.2.1/HttpAuthentication.html
>
> Verified Ranger Yarn Service Test connection successful in the Ranger Admin UI
> Verified Ranger Yarn Service Lookup fetching the yarn resources in Ranger Admin UI
> Verified the same without HTTP authentication in a cluster and secure cluster.
>
>
> Thanks,
>
> Ramesh Mani
>
>