You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Tarun Parimi (JIRA)" <ji...@apache.org> on 2019/04/22 08:36:00 UTC

[jira] [Created] (AMBARI-25263) rm_security_opts should not be configured in YARN_OPTS/HADOOP_OPTS

Tarun Parimi created AMBARI-25263:
-------------------------------------

             Summary: rm_security_opts should not be configured in YARN_OPTS/HADOOP_OPTS
                 Key: AMBARI-25263
                 URL: https://issues.apache.org/jira/browse/AMBARI-25263
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 2.7.0
            Reporter: Tarun Parimi


After AMBARI-22824, rm_security_opts is defined in YARN_OPTS. YARN_OPTS is used by every single yarn command and daemon.

But this is not correct as rm_security_opts refers to the yarn_jaas.conf which contains the ResourceManager keytab and principal.

This leads to issues in certain kerberos environments where yarn client commands will not work for users not having access to the Resoucemanager keytab.

We should instead set rm_security_opts to YARN_RESOURCEMANAGER_OPTS.

 

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)