From 8e6227441ab31f3ad37998f76faa131e11b0cfe9 Mon Sep 17 00:00:00 2001 From: Surendra Singh Lilhore Date: Sat, 18 Apr 2020 20:07:21 +0530 Subject: [PATCH] HDFS-15218. RBF: MountTableRefresherService failed to refresh other router MountTableEntries in secure mode. Contributed by Surendra Singh Lilhore. --- .../router/MountTableRefresherService.java | 9 ++++++++- .../router/MountTableRefresherThread.java | 16 ++++++++++++---- 2 files changed, 20 insertions(+), 5 deletions(-) diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherService.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherService.java index e3ecd266ab..e998ab0a9d 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherService.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherService.java @@ -34,6 +34,8 @@ import org.apache.hadoop.hdfs.server.federation.store.StateStoreUtils; import org.apache.hadoop.hdfs.server.federation.store.records.RouterState; import org.apache.hadoop.net.NetUtils; +import org.apache.hadoop.security.SecurityUtil; +import org.apache.hadoop.security.UserGroupInformation; import org.apache.hadoop.service.AbstractService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -170,7 +172,12 @@ public RouterClient load(String adminAddress) throws IOException { @VisibleForTesting protected RouterClient createRouterClient(InetSocketAddress routerSocket, Configuration config) throws IOException { - return new RouterClient(routerSocket, config); + return SecurityUtil.doAsLoginUser(() -> { + if (UserGroupInformation.isSecurityEnabled()) { + UserGroupInformation.getLoginUser().checkTGTAndReloginFromKeytab(); + } + return new RouterClient(routerSocket, config); + }); } @Override diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherThread.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherThread.java index c9967a2073..a077c4b3f4 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherThread.java +++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/MountTableRefresherThread.java @@ -23,6 +23,8 @@ import org.apache.hadoop.hdfs.server.federation.resolver.MountTableManager; import org.apache.hadoop.hdfs.server.federation.store.protocol.RefreshMountTableEntriesRequest; import org.apache.hadoop.hdfs.server.federation.store.protocol.RefreshMountTableEntriesResponse; +import org.apache.hadoop.security.SecurityUtil; +import org.apache.hadoop.security.UserGroupInformation; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -61,10 +63,16 @@ public MountTableRefresherThread(MountTableManager manager, @Override public void run() { try { - RefreshMountTableEntriesResponse refreshMountTableEntries = - manager.refreshMountTableEntries( - RefreshMountTableEntriesRequest.newInstance()); - success = refreshMountTableEntries.getResult(); + SecurityUtil.doAsLoginUser(() -> { + if (UserGroupInformation.isSecurityEnabled()) { + UserGroupInformation.getLoginUser().checkTGTAndReloginFromKeytab(); + } + RefreshMountTableEntriesResponse refreshMountTableEntries = manager + .refreshMountTableEntries( + RefreshMountTableEntriesRequest.newInstance()); + success = refreshMountTableEntries.getResult(); + return true; + }); } catch (IOException e) { LOG.error("Failed to refresh mount table entries cache at router {}", adminAddress, e);