You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by zj...@apache.org on 2015/02/11 20:48:30 UTC
[12/50] [abbrv] hadoop git commit: YARN-2971. RM uses conf instead of
token service address to renew timeline delegation tokens (jeagles)
YARN-2971. RM uses conf instead of token service address to renew timeline delegation tokens (jeagles)
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/af084258
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/af084258
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/af084258
Branch: refs/heads/YARN-2928
Commit: af0842589359ad800427337ad2c84fac09907f72
Parents: aab459c
Author: Jonathan Eagles <je...@gmail.com>
Authored: Mon Feb 9 17:56:05 2015 -0600
Committer: Jonathan Eagles <je...@gmail.com>
Committed: Mon Feb 9 17:56:05 2015 -0600
----------------------------------------------------------------------
hadoop-yarn-project/CHANGES.txt | 3 +++
.../client/api/impl/TimelineClientImpl.java | 22 ++++++++++++++------
.../client/api/impl/TestTimelineClient.java | 14 +++++++++++--
3 files changed, 31 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/af084258/hadoop-yarn-project/CHANGES.txt
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/CHANGES.txt b/hadoop-yarn-project/CHANGES.txt
index 578a8cc..634a0e7 100644
--- a/hadoop-yarn-project/CHANGES.txt
+++ b/hadoop-yarn-project/CHANGES.txt
@@ -519,6 +519,9 @@ Release 2.7.0 - UNRELEASED
YARN-3094. Reset timer for liveness monitors after RM recovery. (Jun Gong
via jianhe)
+ YARN-2971. RM uses conf instead of token service address to renew timeline
+ delegation tokens (jeagles)
+
Release 2.6.0 - 2014-11-18
INCOMPATIBLE CHANGES
http://git-wip-us.apache.org/repos/asf/hadoop/blob/af084258/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java
index de9d8da..0b88632 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java
@@ -23,6 +23,7 @@ import java.io.IOException;
import java.lang.reflect.UndeclaredThrowableException;
import java.net.ConnectException;
import java.net.HttpURLConnection;
+import java.net.InetSocketAddress;
import java.net.URI;
import java.net.URL;
import java.net.URLConnection;
@@ -45,6 +46,7 @@ import org.apache.hadoop.classification.InterfaceAudience.Private;
import org.apache.hadoop.classification.InterfaceStability.Unstable;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.authentication.client.ConnectionConfigurator;
import org.apache.hadoop.security.ssl.SSLFactory;
import org.apache.hadoop.security.token.Token;
@@ -373,12 +375,14 @@ public class TimelineClientImpl extends TimelineClient {
== UserGroupInformation.AuthenticationMethod.PROXY;
final String doAsUser = isProxyAccess ?
UserGroupInformation.getCurrentUser().getShortUserName() : null;
+ boolean useHttps = YarnConfiguration.useHttps(this.getConfig());
+ final String scheme = useHttps ? "https" : "http";
+ final InetSocketAddress address = SecurityUtil.getTokenServiceAddr(timelineDT);
PrivilegedExceptionAction<Long> renewDTAction =
new PrivilegedExceptionAction<Long>() {
@Override
- public Long run()
- throws Exception {
+ public Long run() throws Exception {
// If the timeline DT to renew is different than cached, replace it.
// Token to set every time for retry, because when exception happens,
// DelegationTokenAuthenticatedURL will reset it to null;
@@ -388,8 +392,10 @@ public class TimelineClientImpl extends TimelineClient {
DelegationTokenAuthenticatedURL authUrl =
new DelegationTokenAuthenticatedURL(authenticator,
connConfigurator);
+ final URI serviceURI = new URI(scheme, null, address.getHostName(),
+ address.getPort(), RESOURCE_URI_STR, null, null);
return authUrl
- .renewDelegationToken(resURI.toURL(), token, doAsUser);
+ .renewDelegationToken(serviceURI.toURL(), token, doAsUser);
}
};
return (Long) operateDelegationToken(renewDTAction);
@@ -405,12 +411,14 @@ public class TimelineClientImpl extends TimelineClient {
== UserGroupInformation.AuthenticationMethod.PROXY;
final String doAsUser = isProxyAccess ?
UserGroupInformation.getCurrentUser().getShortUserName() : null;
+ boolean useHttps = YarnConfiguration.useHttps(this.getConfig());
+ final String scheme = useHttps ? "https" : "http";
+ final InetSocketAddress address = SecurityUtil.getTokenServiceAddr(timelineDT);
PrivilegedExceptionAction<Void> cancelDTAction =
new PrivilegedExceptionAction<Void>() {
@Override
- public Void run()
- throws Exception {
+ public Void run() throws Exception {
// If the timeline DT to cancel is different than cached, replace it.
// Token to set every time for retry, because when exception happens,
// DelegationTokenAuthenticatedURL will reset it to null;
@@ -420,7 +428,9 @@ public class TimelineClientImpl extends TimelineClient {
DelegationTokenAuthenticatedURL authUrl =
new DelegationTokenAuthenticatedURL(authenticator,
connConfigurator);
- authUrl.cancelDelegationToken(resURI.toURL(), token, doAsUser);
+ final URI serviceURI = new URI(scheme, null, address.getHostName(),
+ address.getPort(), RESOURCE_URI_STR, null, null);
+ authUrl.cancelDelegationToken(serviceURI.toURL(), token, doAsUser);
return null;
}
};
http://git-wip-us.apache.org/repos/asf/hadoop/blob/af084258/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/client/api/impl/TestTimelineClient.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/client/api/impl/TestTimelineClient.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/client/api/impl/TestTimelineClient.java
index c8027a2..859a6c9 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/client/api/impl/TestTimelineClient.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/client/api/impl/TestTimelineClient.java
@@ -238,7 +238,10 @@ public class TestTimelineClient {
new TimelineDelegationTokenIdentifier(
new Text("tester"), new Text("tester"), new Text("tester"));
client.renewDelegationToken(
- new Token<TimelineDelegationTokenIdentifier>(timelineDT, dtManager));
+ new Token<TimelineDelegationTokenIdentifier>(timelineDT.getBytes(),
+ dtManager.createPassword(timelineDT),
+ timelineDT.getKind(),
+ new Text("0.0.0.0:8188")));
assertFail();
} catch (RuntimeException ce) {
assertException(client, ce);
@@ -250,7 +253,10 @@ public class TestTimelineClient {
new TimelineDelegationTokenIdentifier(
new Text("tester"), new Text("tester"), new Text("tester"));
client.cancelDelegationToken(
- new Token<TimelineDelegationTokenIdentifier>(timelineDT, dtManager));
+ new Token<TimelineDelegationTokenIdentifier>(timelineDT.getBytes(),
+ dtManager.createPassword(timelineDT),
+ timelineDT.getKind(),
+ new Text("0.0.0.0:8188")));
assertFail();
} catch (RuntimeException ce) {
assertException(client, ce);
@@ -371,5 +377,9 @@ public class TestTimelineClient {
return new TimelineDelegationTokenIdentifier();
}
+ @Override
+ public synchronized byte[] createPassword(TimelineDelegationTokenIdentifier identifier) {
+ return super.createPassword(identifier);
+ }
}
}