You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@gobblin.apache.org by su...@apache.org on 2020/01/16 22:40:17 UTC
[incubator-gobblin] branch master updated: [GOBBLIN-1030] Refactor
AbstractYarnSecurityManager to expose method for sending token file update
message
This is an automated email from the ASF dual-hosted git repository.
suvasude pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-gobblin.git
The following commit(s) were added to refs/heads/master by this push:
new c7e2c67 [GOBBLIN-1030] Refactor AbstractYarnSecurityManager to expose method for sending token file update message
c7e2c67 is described below
commit c7e2c670734ea1009dace621ecb137219476ce29
Author: sv2000 <su...@gmail.com>
AuthorDate: Thu Jan 16 14:40:10 2020 -0800
[GOBBLIN-1030] Refactor AbstractYarnSecurityManager to expose method for sending token file update message
Closes #2872 from sv2000/helixClusterManagedConfig
---
.../yarn/AbstractYarnAppSecurityManager.java | 20 ++++++++++++++++-
.../yarn/YarnAppSecurityManagerWithKeytabs.java | 25 ++--------------------
2 files changed, 21 insertions(+), 24 deletions(-)
diff --git a/gobblin-yarn/src/main/java/org/apache/gobblin/yarn/AbstractYarnAppSecurityManager.java b/gobblin-yarn/src/main/java/org/apache/gobblin/yarn/AbstractYarnAppSecurityManager.java
index af31fa2..d6da93e 100644
--- a/gobblin-yarn/src/main/java/org/apache/gobblin/yarn/AbstractYarnAppSecurityManager.java
+++ b/gobblin-yarn/src/main/java/org/apache/gobblin/yarn/AbstractYarnAppSecurityManager.java
@@ -44,6 +44,8 @@ import com.google.common.base.Throwables;
import com.google.common.util.concurrent.AbstractIdleService;
import com.typesafe.config.Config;
+import org.apache.gobblin.cluster.GobblinClusterConfigurationKeys;
+import org.apache.gobblin.cluster.GobblinClusterManager;
import org.apache.gobblin.cluster.GobblinHelixMessagingService;
import org.apache.gobblin.util.ConfigUtils;
import org.apache.gobblin.util.ExecutorsUtils;
@@ -67,12 +69,15 @@ public abstract class AbstractYarnAppSecurityManager extends AbstractIdleService
protected final HelixManager helixManager;
protected final FileSystem fs;
protected final Path tokenFilePath;
+
protected Token<? extends TokenIdentifier> token;
private final long loginIntervalInMinutes;
private final long tokenRenewIntervalInMinutes;
-
+ private final boolean isHelixClusterManaged;
+ private final String helixInstanceName;
private final ScheduledExecutorService loginExecutor;
private final ScheduledExecutorService tokenRenewExecutor;
+
private Optional<ScheduledFuture<?>> scheduledTokenRenewTask = Optional.absent();
// This flag is used to tell if this is the first login. If yes, no token updated message will be
@@ -95,6 +100,10 @@ public abstract class AbstractYarnAppSecurityManager extends AbstractIdleService
ExecutorsUtils.newThreadFactory(Optional.of(LOGGER), Optional.of("KeytabReLoginExecutor")));
this.tokenRenewExecutor = Executors.newSingleThreadScheduledExecutor(
ExecutorsUtils.newThreadFactory(Optional.of(LOGGER), Optional.of("TokenRenewExecutor")));
+ this.isHelixClusterManaged = ConfigUtils.getBoolean(config, GobblinClusterConfigurationKeys.IS_HELIX_CLUSTER_MANAGED,
+ GobblinClusterConfigurationKeys.DEFAULT_IS_HELIX_CLUSTER_MANAGED);
+ this.helixInstanceName = ConfigUtils.getString(config, GobblinClusterConfigurationKeys.HELIX_INSTANCE_NAME_KEY,
+ GobblinClusterManager.class.getSimpleName());
}
@Override
@@ -166,6 +175,15 @@ public abstract class AbstractYarnAppSecurityManager extends AbstractIdleService
}
}
+ protected void sendTokenFileUpdatedMessage() {
+ // Send a message to the controller (when the cluster is not managed)
+ // and all the participants if this is not the first login
+ if (!this.isHelixClusterManaged) {
+ sendTokenFileUpdatedMessage(InstanceType.CONTROLLER);
+ }
+ sendTokenFileUpdatedMessage(InstanceType.PARTICIPANT);
+ }
+
/**
* This method is used to send TokenFileUpdatedMessage which will handle by {@link YarnContainerSecurityManager}
*/
diff --git a/gobblin-yarn/src/main/java/org/apache/gobblin/yarn/YarnAppSecurityManagerWithKeytabs.java b/gobblin-yarn/src/main/java/org/apache/gobblin/yarn/YarnAppSecurityManagerWithKeytabs.java
index 5f234d2..8925d94 100644
--- a/gobblin-yarn/src/main/java/org/apache/gobblin/yarn/YarnAppSecurityManagerWithKeytabs.java
+++ b/gobblin-yarn/src/main/java/org/apache/gobblin/yarn/YarnAppSecurityManagerWithKeytabs.java
@@ -26,17 +26,12 @@ import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.helix.HelixManager;
-import org.apache.helix.InstanceType;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Optional;
import com.google.common.base.Strings;
import com.typesafe.config.Config;
-import org.apache.gobblin.cluster.GobblinClusterConfigurationKeys;
-import org.apache.gobblin.cluster.GobblinClusterManager;
-import org.apache.gobblin.util.ConfigUtils;
-
/**
* A class for managing Kerberos login and token renewing on the client side that has access to
@@ -61,8 +56,6 @@ import org.apache.gobblin.util.ConfigUtils;
* @author Yinan Li
*/
public class YarnAppSecurityManagerWithKeytabs extends AbstractYarnAppSecurityManager {
-
- private final String helixInstanceName;
private UserGroupInformation loginUser;
private Optional<ScheduledFuture<?>> scheduledTokenRenewTask = Optional.absent();
@@ -70,16 +63,11 @@ public class YarnAppSecurityManagerWithKeytabs extends AbstractYarnAppSecurityMa
// sent to the controller and the participants as they may not be up running yet. The first login
// happens after this class starts up so the token gets regularly refreshed before the next login.
private volatile boolean firstLogin = true;
- private final boolean isHelixClusterManaged;
public YarnAppSecurityManagerWithKeytabs(Config config, HelixManager helixManager, FileSystem fs, Path tokenFilePath)
throws IOException {
super(config, helixManager, fs, tokenFilePath);
this.loginUser = UserGroupInformation.getLoginUser();
- this.isHelixClusterManaged = ConfigUtils.getBoolean(config, GobblinClusterConfigurationKeys.IS_HELIX_CLUSTER_MANAGED,
- GobblinClusterConfigurationKeys.DEFAULT_IS_HELIX_CLUSTER_MANAGED);
- this.helixInstanceName = ConfigUtils.getString(config, GobblinClusterConfigurationKeys.HELIX_INSTANCE_NAME_KEY,
- GobblinClusterManager.class.getSimpleName());
}
/**
@@ -90,12 +78,7 @@ public class YarnAppSecurityManagerWithKeytabs extends AbstractYarnAppSecurityMa
writeDelegationTokenToFile();
if (!this.firstLogin) {
- // Send a message to the controller (when the cluster is not managed)
- // and all the participants if this is not the first login
- if (!this.isHelixClusterManaged) {
- sendTokenFileUpdatedMessage(InstanceType.CONTROLLER);
- }
- sendTokenFileUpdatedMessage(InstanceType.PARTICIPANT, this.helixInstanceName);
+ sendTokenFileUpdatedMessage();
}
}
@@ -138,11 +121,7 @@ public class YarnAppSecurityManagerWithKeytabs extends AbstractYarnAppSecurityMa
writeDelegationTokenToFile();
if (!this.firstLogin) {
- // Send a message to the controller (when the cluster is not managed) and all the participants
- if (!this.isHelixClusterManaged) {
- sendTokenFileUpdatedMessage(InstanceType.CONTROLLER);
- }
- sendTokenFileUpdatedMessage(InstanceType.PARTICIPANT, this.helixInstanceName);
+ sendTokenFileUpdatedMessage();
}
}
}