You are viewing a plain text version of this content. The canonical link for it is here.
Posted to mapreduce-commits@hadoop.apache.org by om...@apache.org on 2010/02/10 00:07:38 UTC
svn commit: r908271 - in /hadoop/mapreduce/trunk: ./
src/contrib/mumak/src/test/org/apache/hadoop/mapred/
src/java/org/apache/hadoop/mapred/ src/java/org/apache/hadoop/mapreduce/
src/java/org/apache/hadoop/mapreduce/protocol/
Author: omalley
Date: Tue Feb 9 23:07:23 2010
New Revision: 908271
URL: http://svn.apache.org/viewvc?rev=908271&view=rev
Log:
MAPREDUCE-1433. Add a delegation token for MapReduce. (omalley)
Modified:
hadoop/mapreduce/trunk/CHANGES.txt
hadoop/mapreduce/trunk/src/contrib/mumak/src/test/org/apache/hadoop/mapred/MockSimulatorJobTracker.java
hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JobClient.java
hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JobTracker.java
hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/LocalJobRunner.java
hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/Cluster.java
hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/MRConfig.java
hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/protocol/ClientProtocol.java
Modified: hadoop/mapreduce/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/CHANGES.txt?rev=908271&r1=908270&r2=908271&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/CHANGES.txt (original)
+++ hadoop/mapreduce/trunk/CHANGES.txt Tue Feb 9 23:07:23 2010
@@ -52,6 +52,8 @@
MAPREDUCE-1464. Makes a compatible change in JobTokenIdentifier to
account for HADOOP-6510. (Jitendra Nath Pandey via ddas)
+ MAPREDUCE-1433. Add a delegation token for MapReduce. (omalley)
+
IMPROVEMENTS
MAPREDUCE-1198. Alternatively schedule different types of tasks in
Modified: hadoop/mapreduce/trunk/src/contrib/mumak/src/test/org/apache/hadoop/mapred/MockSimulatorJobTracker.java
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/contrib/mumak/src/test/org/apache/hadoop/mapred/MockSimulatorJobTracker.java?rev=908271&r1=908270&r2=908271&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/contrib/mumak/src/test/org/apache/hadoop/mapred/MockSimulatorJobTracker.java (original)
+++ hadoop/mapreduce/trunk/src/contrib/mumak/src/test/org/apache/hadoop/mapred/MockSimulatorJobTracker.java Tue Feb 9 23:07:23 2010
@@ -26,6 +26,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.io.Text;
import org.apache.hadoop.mapred.TaskStatus.State;
import org.apache.hadoop.mapred.TaskStatus.Phase;
import org.apache.hadoop.mapreduce.ClusterMetrics;
@@ -36,6 +37,7 @@
import org.apache.hadoop.mapreduce.QueueAclsInfo;
import org.apache.hadoop.mapreduce.QueueInfo;
import org.apache.hadoop.security.TokenStorage;
+import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.mapreduce.TaskAttemptID;
import org.apache.hadoop.mapreduce.TaskReport;
import org.apache.hadoop.mapreduce.TaskTrackerInfo;
@@ -44,6 +46,7 @@
import org.apache.hadoop.tools.rumen.TaskInfo;
import org.apache.hadoop.tools.rumen.MapTaskAttemptInfo;
import org.apache.hadoop.tools.rumen.ReduceTaskAttemptInfo;
+import org.apache.hadoop.mapreduce.security.token.delegation.DelegationTokenIdentifier;
import org.apache.hadoop.mapreduce.split.JobSplit.*;
//
// Mock jobtracker class that check heartbeat() in parameters and
@@ -441,4 +444,22 @@
throw new UnsupportedOperationException();
}
+ @Override
+ public boolean cancelDelegationToken(Token<DelegationTokenIdentifier> token
+ ) throws IOException,
+ InterruptedException {
+ return false;
+ }
+
+ @Override
+ public Token<DelegationTokenIdentifier>
+ getDelegationToken(Text renewer) throws IOException, InterruptedException {
+ return null;
+ }
+
+ @Override
+ public boolean renewDelegationToken(Token<DelegationTokenIdentifier> token
+ ) throws IOException,InterruptedException{
+ return false;
+ }
}
Modified: hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JobClient.java
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JobClient.java?rev=908271&r1=908270&r2=908271&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JobClient.java (original)
+++ hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JobClient.java Tue Feb 9 23:07:23 2010
@@ -34,11 +34,16 @@
import org.apache.hadoop.mapreduce.TaskTrackerInfo;
import org.apache.hadoop.mapreduce.TaskType;
import org.apache.hadoop.mapreduce.filecache.DistributedCache;
+import org.apache.hadoop.mapreduce.security.token.delegation.DelegationTokenIdentifier;
import org.apache.hadoop.mapreduce.tools.CLI;
import org.apache.hadoop.mapreduce.util.ConfigUtil;
import org.apache.hadoop.fs.FileStatus;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
+import org.apache.hadoop.io.Text;
+import org.apache.hadoop.ipc.RemoteException;
+import org.apache.hadoop.security.token.Token;
+import org.apache.hadoop.security.token.SecretManager.InvalidToken;
import org.apache.hadoop.util.Tool;
import org.apache.hadoop.util.ToolRunner;
@@ -1031,6 +1036,45 @@
}
/**
+ * Get a delegation token for the user from the JobTracker.
+ * @param renewer the user who can renew the token
+ * @return the new token
+ * @throws IOException
+ */
+ public Token<DelegationTokenIdentifier>
+ getDelegationToken(Text renewer) throws IOException, InterruptedException {
+ return cluster.getDelegationToken(renewer);
+ }
+
+ /**
+ * Renew a delegation token
+ * @param token the token to renew
+ * @return true if the renewal went well
+ * @throws InvalidToken
+ * @throws IOException
+ */
+ public boolean renewDelegationToken(Token<DelegationTokenIdentifier> token)
+ throws InvalidToken, IOException, InterruptedException {
+ try {
+ return cluster.renewDelegationToken(token);
+ } catch (RemoteException re) {
+ throw re.unwrapRemoteException(InvalidToken.class);
+ }
+ }
+
+ /**
+ * Cancel a delegation token from the JobTracker
+ * @param token the token to cancel
+ * @return true if everything went well
+ * @throws IOException
+ */
+ public boolean cancelDelegationToken(Token<DelegationTokenIdentifier> token
+ ) throws IOException,
+ InterruptedException {
+ return cluster.cancelDelegationToken(token);
+ }
+
+ /**
*/
public static void main(String argv[]) throws Exception {
int res = ToolRunner.run(new JobClient(), argv);
Modified: hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JobTracker.java
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JobTracker.java?rev=908271&r1=908270&r2=908271&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JobTracker.java (original)
+++ hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JobTracker.java Tue Feb 9 23:07:23 2010
@@ -71,6 +71,7 @@
import org.apache.hadoop.mapred.JobTrackerStatistics.TaskTrackerStat;
import org.apache.hadoop.mapred.TaskTrackerStatus.TaskTrackerHealthStatus;
import org.apache.hadoop.mapreduce.ClusterMetrics;
+import org.apache.hadoop.mapreduce.MRConfig;
import org.apache.hadoop.mapreduce.QueueInfo;
import org.apache.hadoop.mapreduce.TaskTrackerInfo;
import org.apache.hadoop.mapreduce.TaskType;
@@ -78,6 +79,8 @@
import org.apache.hadoop.mapreduce.protocol.ClientProtocol;
import org.apache.hadoop.security.TokenStorage;
import org.apache.hadoop.mapreduce.security.token.JobTokenSecretManager;
+import org.apache.hadoop.mapreduce.security.token.delegation.DelegationTokenIdentifier;
+import org.apache.hadoop.mapreduce.security.token.delegation.DelegationTokenSecretManager;
import org.apache.hadoop.mapreduce.server.jobtracker.JTConfig;
import org.apache.hadoop.mapreduce.server.jobtracker.TaskTracker;
import org.apache.hadoop.mapreduce.util.ConfigUtil;
@@ -95,6 +98,7 @@
import org.apache.hadoop.security.authorize.AuthorizationException;
import org.apache.hadoop.security.authorize.RefreshAuthorizationPolicyProtocol;
import org.apache.hadoop.security.authorize.ServiceAuthorizationManager;
+import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.util.HostsFileReader;
import org.apache.hadoop.util.ReflectionUtils;
import org.apache.hadoop.util.StringUtils;
@@ -114,6 +118,8 @@
}
private final long tasktrackerExpiryInterval;
+ private final long DELEGATION_TOKEN_GC_INTERVAL = 3600000; // 1 hour
+ private final DelegationTokenSecretManager secretManager;
// The interval after which one fault of a tracker will be discarded,
// if there are no faults during this.
@@ -1311,6 +1317,7 @@
tasktrackerExpiryInterval = 0;
myInstrumentation = new JobTrackerMetricsInst(this, new JobConf());
mrOwner = null;
+ secretManager = null;
}
@@ -1346,6 +1353,22 @@
LOG.info("Starting jobtracker with owner as " + mrOwner.getShortUserName()
+ " and supergroup as " + supergroup);
clock = newClock;
+
+ long secretKeyInterval =
+ conf.getLong(MRConfig.DELEGATION_KEY_UPDATE_INTERVAL_KEY,
+ MRConfig.DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT);
+ long tokenMaxLifetime =
+ conf.getLong(MRConfig.DELEGATION_TOKEN_MAX_LIFETIME_KEY,
+ MRConfig.DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT);
+ long tokenRenewInterval =
+ conf.getLong(MRConfig.DELEGATION_TOKEN_RENEW_INTERVAL_KEY,
+ MRConfig.DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT);
+ secretManager =
+ new DelegationTokenSecretManager(secretKeyInterval,
+ tokenMaxLifetime,
+ tokenRenewInterval,
+ DELEGATION_TOKEN_GC_INTERVAL);
+ secretManager.startThreads();
//
// Grab some static constants
@@ -1406,7 +1429,11 @@
}
int handlerCount = conf.getInt(JT_IPC_HANDLER_COUNT, 10);
- this.interTrackerServer = RPC.getServer(this, addr.getHostName(), addr.getPort(), handlerCount, false, conf);
+ this.interTrackerServer = RPC.getServer(ClientProtocol.class,
+ this,
+ addr.getHostName(),
+ addr.getPort(), handlerCount,
+ false, conf, secretManager);
if (LOG.isDebugEnabled()) {
Properties p = System.getProperties();
for (Iterator it = p.keySet().iterator(); it.hasNext();) {
@@ -4350,6 +4377,8 @@
}
supergroup = conf.get("mapred.permissions.supergroup", "supergroup");
+ secretManager = null;
+
this.hostsReader = new HostsFileReader(conf.get("mapred.hosts", ""),
conf.get("mapred.hosts.exclude", ""));
// queue manager
@@ -4441,4 +4470,44 @@
return System.getProperty("hadoop.log.dir") +
File.separator + jobId + "_conf.xml";
}
+
+ /**
+ * Discard a current delegation token.
+ */
+ @Override
+ public boolean cancelDelegationToken(Token<DelegationTokenIdentifier> token
+ ) throws IOException,
+ InterruptedException {
+ String user = UserGroupInformation.getCurrentUser().getUserName();
+ return secretManager.cancelToken(token, user);
+ }
+
+ /**
+ * Get a new delegation token.
+ */
+ @Override
+ public Token<DelegationTokenIdentifier>
+ getDelegationToken(Text renewer
+ )throws IOException, InterruptedException {
+ UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
+ Text owner = new Text(ugi.getUserName());
+ Text realUser = null;
+ if (ugi.getRealUser() != null) {
+ realUser = new Text(ugi.getRealUser().getUserName());
+ }
+ DelegationTokenIdentifier ident =
+ new DelegationTokenIdentifier(owner, renewer, realUser);
+ return new Token<DelegationTokenIdentifier>(ident, secretManager);
+ }
+
+ /**
+ * Renew a delegation token to extend its lifetime.
+ */
+ @Override
+ public boolean renewDelegationToken(Token<DelegationTokenIdentifier> token
+ ) throws IOException,
+ InterruptedException {
+ String user = UserGroupInformation.getCurrentUser().getUserName();
+ return secretManager.renewToken(token, user);
+ }
}
Modified: hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/LocalJobRunner.java
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/LocalJobRunner.java?rev=908271&r1=908270&r2=908271&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/LocalJobRunner.java (original)
+++ hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/LocalJobRunner.java Tue Feb 9 23:07:23 2010
@@ -38,6 +38,7 @@
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.LocalDirAllocator;
import org.apache.hadoop.fs.Path;
+import org.apache.hadoop.io.Text;
import org.apache.hadoop.mapreduce.ClusterMetrics;
import org.apache.hadoop.mapreduce.MRConfig;
import org.apache.hadoop.mapreduce.QueueInfo;
@@ -49,12 +50,14 @@
import org.apache.hadoop.mapreduce.filecache.TrackerDistributedCacheManager;
import org.apache.hadoop.mapreduce.protocol.ClientProtocol;
import org.apache.hadoop.mapreduce.security.TokenCache;
+import org.apache.hadoop.mapreduce.security.token.delegation.DelegationTokenIdentifier;
import org.apache.hadoop.security.TokenStorage;
import org.apache.hadoop.mapreduce.server.jobtracker.JTConfig;
import org.apache.hadoop.mapreduce.server.jobtracker.State;
import org.apache.hadoop.mapreduce.split.SplitMetaInfoReader;
import org.apache.hadoop.mapreduce.split.JobSplit.TaskSplitMetaInfo;
import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.token.Token;
/** Implements MapReduce locally, in-process, for debugging. */
public class LocalJobRunner implements ClientProtocol {
@@ -754,4 +757,23 @@
org.apache.hadoop.mapreduce.JobContext job) {
return job.getConfiguration().getInt(LOCAL_MAX_MAPS, 1);
}
+
+ @Override
+ public boolean cancelDelegationToken(Token<DelegationTokenIdentifier> token
+ ) throws IOException,
+ InterruptedException {
+ return false;
+ }
+
+ @Override
+ public Token<DelegationTokenIdentifier>
+ getDelegationToken(Text renewer) throws IOException, InterruptedException {
+ return null;
+ }
+
+ @Override
+ public boolean renewDelegationToken(Token<DelegationTokenIdentifier> token
+ ) throws IOException,InterruptedException{
+ return false;
+ }
}
Modified: hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/Cluster.java
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/Cluster.java?rev=908271&r1=908270&r2=908271&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/Cluster.java (original)
+++ hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/Cluster.java Tue Feb 9 23:07:23 2010
@@ -27,16 +27,21 @@
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
+import org.apache.hadoop.io.Text;
import org.apache.hadoop.ipc.RPC;
+import org.apache.hadoop.ipc.RemoteException;
import org.apache.hadoop.mapred.JobConf;
import org.apache.hadoop.mapred.JobTracker;
import org.apache.hadoop.mapred.LocalJobRunner;
import org.apache.hadoop.mapreduce.jobhistory.JobHistory;
import org.apache.hadoop.mapreduce.protocol.ClientProtocol;
+import org.apache.hadoop.mapreduce.security.token.delegation.DelegationTokenIdentifier;
import org.apache.hadoop.mapreduce.server.jobtracker.State;
import org.apache.hadoop.mapreduce.util.ConfigUtil;
import org.apache.hadoop.net.NetUtils;
import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.token.Token;
+import org.apache.hadoop.security.token.SecretManager.InvalidToken;
/**
* Provides a way to access information about the map/reduce cluster.
@@ -307,4 +312,53 @@
return client.getTaskTrackerExpiryInterval();
}
+ /**
+ * Get a delegation token for the user from the JobTracker.
+ * @param renewer the user who can renew the token
+ * @return the new token
+ * @throws IOException
+ */
+ public Token<DelegationTokenIdentifier>
+ getDelegationToken(Text renewer) throws IOException, InterruptedException{
+ Token<DelegationTokenIdentifier> result =
+ client.getDelegationToken(renewer);
+ InetSocketAddress addr = JobTracker.getAddress(conf);
+ StringBuilder service = new StringBuilder();
+ service.append(NetUtils.normalizeHostName(addr.getAddress().
+ getHostAddress()));
+ service.append(':');
+ service.append(addr.getPort());
+ result.setService(new Text(service.toString()));
+ return result;
+ }
+
+ /**
+ * Renew a delegation token
+ * @param token the token to renew
+ * @return true if the renewal went well
+ * @throws InvalidToken
+ * @throws IOException
+ */
+ public boolean renewDelegationToken(Token<DelegationTokenIdentifier> token
+ ) throws InvalidToken, IOException,
+ InterruptedException {
+ try {
+ return client.renewDelegationToken(token);
+ } catch (RemoteException re) {
+ throw re.unwrapRemoteException(InvalidToken.class);
+ }
+ }
+
+ /**
+ * Cancel a delegation token from the JobTracker
+ * @param token the token to cancel
+ * @return true if everything went well
+ * @throws IOException
+ */
+ public boolean cancelDelegationToken(Token<DelegationTokenIdentifier> token
+ ) throws IOException,
+ InterruptedException {
+ return client.cancelDelegationToken(token);
+ }
+
}
Modified: hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/MRConfig.java
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/MRConfig.java?rev=908271&r1=908270&r2=908271&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/MRConfig.java (original)
+++ hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/MRConfig.java Tue Feb 9 23:07:23 2010
@@ -35,4 +35,18 @@
public static final String MAPMEMORY_MB = "mapreduce.cluster.mapmemory.mb";
public static final String REDUCEMEMORY_MB =
"mapreduce.cluster.reducememory.mb";
+
+ //Delegation token related keys
+ public static final String DELEGATION_KEY_UPDATE_INTERVAL_KEY =
+ "mapreduce.cluster.delegation.key.update-interval";
+ public static final long DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT =
+ 24*60*60*1000; // 1 day
+ public static final String DELEGATION_TOKEN_RENEW_INTERVAL_KEY =
+ "mapreduce.cluster.delegation.token.renew-interval";
+ public static final long DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT =
+ 24*60*60*1000; // 1 day
+ public static final String DELEGATION_TOKEN_MAX_LIFETIME_KEY =
+ "mapreduce.cluster.delegation.token.max-lifetime";
+ public static final long DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT =
+ 7*24*60*60*1000; // 7 days
}
Modified: hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/protocol/ClientProtocol.java
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/protocol/ClientProtocol.java?rev=908271&r1=908270&r2=908271&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/protocol/ClientProtocol.java (original)
+++ hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapreduce/protocol/ClientProtocol.java Tue Feb 9 23:07:23 2010
@@ -21,6 +21,8 @@
import java.io.IOException;
+import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenSelector;
+import org.apache.hadoop.io.Text;
import org.apache.hadoop.ipc.VersionedProtocol;
import org.apache.hadoop.mapreduce.ClusterMetrics;
import org.apache.hadoop.mapreduce.Counters;
@@ -34,9 +36,12 @@
import org.apache.hadoop.mapreduce.TaskReport;
import org.apache.hadoop.mapreduce.TaskTrackerInfo;
import org.apache.hadoop.mapreduce.TaskType;
+import org.apache.hadoop.mapreduce.security.token.delegation.DelegationTokenIdentifier;
import org.apache.hadoop.security.TokenStorage;
import org.apache.hadoop.mapreduce.server.jobtracker.State;
import org.apache.hadoop.security.KerberosInfo;
+import org.apache.hadoop.security.token.Token;
+import org.apache.hadoop.security.token.TokenInfo;
/**
* Protocol that a JobClient and the central JobTracker use to communicate. The
@@ -44,6 +49,7 @@
* the current system status.
*/
@KerberosInfo(JobContext.JOB_JOBTRACKER_ID)
+@TokenInfo(DelegationTokenSelector.class)
public interface ClientProtocol extends VersionedProtocol {
/*
*Changing the versionID to 2L since the getTaskCompletionEvents method has
@@ -94,9 +100,10 @@
* Version 30: Job submission files are uploaded to a staging area under
* user home dir. JobTracker reads the required files from the
* staging area using user credentials passed via the rpc.
- * Version 31: Added TokenStorage to submitJob
+ * Version 31: Added TokenStorage to submitJob
+ * Version 32: Added delegation tokens (add, renew, cancel)
*/
- public static final long versionID = 31L;
+ public static final long versionID = 32L;
/**
* Allocate a name for the job.
@@ -286,4 +293,38 @@
public QueueInfo[] getChildQueues(String queueName)
throws IOException, InterruptedException;
+ /**
+ * Get a new delegation token.
+ * @param renewer the user other than the creator (if any) that can renew the
+ * token
+ * @return the new delegation token
+ * @throws IOException
+ * @throws InterruptedException
+ */
+ public
+ Token<DelegationTokenIdentifier> getDelegationToken(Text renewer
+ ) throws IOException,
+ InterruptedException;
+
+ /**
+ * Renew an existing delegation token
+ * @param token the token to renew
+ * @return true if the token was successfully renewed
+ * @throws IOException
+ * @throws InterruptedException
+ */
+ public boolean renewDelegationToken(Token<DelegationTokenIdentifier> token
+ ) throws IOException,
+ InterruptedException;
+
+ /**
+ * Cancel a delegation token.
+ * @param token the token to cancel
+ * @return true if the token was successfully canceled
+ * @throws IOException
+ * @throws InterruptedException
+ */
+ public boolean cancelDelegationToken(Token<DelegationTokenIdentifier> token
+ ) throws IOException,
+ InterruptedException;
}