YARN-1938. Added kerberos login for the Timeline Server. Contributed by Zhijie Shen.
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1596710 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
ac23a55547
commit
fdb5870d49
@ -85,6 +85,9 @@ Release 2.5.0 - UNRELEASED
|
||||
YARN-1981. Nodemanager version is not updated when a node reconnects (Jason
|
||||
Lowe via jeagles)
|
||||
|
||||
YARN-1938. Added kerberos login for the Timeline Server. (Zhijie Shen via
|
||||
vinodkv)
|
||||
|
||||
OPTIMIZATIONS
|
||||
|
||||
BUG FIXES
|
||||
|
@ -1196,6 +1196,14 @@ public class YarnConfiguration extends Configuration {
|
||||
public static final long DEFAULT_TIMELINE_SERVICE_LEVELDB_TTL_INTERVAL_MS =
|
||||
1000 * 60 * 5;
|
||||
|
||||
/** The Kerberos principal for the timeline server.*/
|
||||
public static final String TIMELINE_SERVICE_PRINCIPAL =
|
||||
TIMELINE_SERVICE_PREFIX + "principal";
|
||||
|
||||
/** The Kerberos keytab for the timeline server.*/
|
||||
public static final String TIMELINE_SERVICE_KEYTAB =
|
||||
TIMELINE_SERVICE_PREFIX + "keytab";
|
||||
|
||||
////////////////////////////////
|
||||
// Other Configs
|
||||
////////////////////////////////
|
||||
|
@ -1194,6 +1194,18 @@
|
||||
<value>10</value>
|
||||
</property>
|
||||
|
||||
<property>
|
||||
<description>The Kerberos principal for the timeline server.</description>
|
||||
<name>yarn.timeline-service.principal</name>
|
||||
<value></value>
|
||||
</property>
|
||||
|
||||
<property>
|
||||
<description>The Kerberos keytab for the timeline server.</description>
|
||||
<name>yarn.timeline-service.keytab</name>
|
||||
<value>/etc/krb5.keytab</value>
|
||||
</property>
|
||||
|
||||
<property>
|
||||
<description>Indicate to ResourceManager as well as clients whether
|
||||
history-service is enabled or not. If enabled, ResourceManager starts
|
||||
|
@ -18,12 +18,16 @@
|
||||
|
||||
package org.apache.hadoop.yarn.server.applicationhistoryservice;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.InetSocketAddress;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.apache.hadoop.classification.InterfaceAudience.Private;
|
||||
import org.apache.hadoop.conf.Configuration;
|
||||
import org.apache.hadoop.metrics2.lib.DefaultMetricsSystem;
|
||||
import org.apache.hadoop.metrics2.source.JvmMetrics;
|
||||
import org.apache.hadoop.security.SecurityUtil;
|
||||
import org.apache.hadoop.service.CompositeService;
|
||||
import org.apache.hadoop.service.Service;
|
||||
import org.apache.hadoop.util.ExitUtil;
|
||||
@ -33,8 +37,8 @@
|
||||
import org.apache.hadoop.yarn.YarnUncaughtExceptionHandler;
|
||||
import org.apache.hadoop.yarn.conf.YarnConfiguration;
|
||||
import org.apache.hadoop.yarn.exceptions.YarnRuntimeException;
|
||||
import org.apache.hadoop.yarn.server.applicationhistoryservice.timeline.TimelineStore;
|
||||
import org.apache.hadoop.yarn.server.applicationhistoryservice.timeline.LeveldbTimelineStore;
|
||||
import org.apache.hadoop.yarn.server.applicationhistoryservice.timeline.TimelineStore;
|
||||
import org.apache.hadoop.yarn.server.applicationhistoryservice.webapp.AHSWebApp;
|
||||
import org.apache.hadoop.yarn.webapp.WebApp;
|
||||
import org.apache.hadoop.yarn.webapp.WebApps;
|
||||
@ -69,13 +73,19 @@ protected void serviceInit(Configuration conf) throws Exception {
|
||||
addService((Service) historyManager);
|
||||
timelineStore = createTimelineStore(conf);
|
||||
addIfService(timelineStore);
|
||||
|
||||
DefaultMetricsSystem.initialize("ApplicationHistoryServer");
|
||||
JvmMetrics.initSingleton("ApplicationHistoryServer", null);
|
||||
super.serviceInit(conf);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void serviceStart() throws Exception {
|
||||
DefaultMetricsSystem.initialize("ApplicationHistoryServer");
|
||||
JvmMetrics.initSingleton("ApplicationHistoryServer", null);
|
||||
try {
|
||||
doSecureLogin(getConfig());
|
||||
} catch(IOException ie) {
|
||||
throw new YarnRuntimeException("Failed to login", ie);
|
||||
}
|
||||
|
||||
startWebApp();
|
||||
super.serviceStart();
|
||||
@ -177,4 +187,22 @@ protected void startWebApp() {
|
||||
public TimelineStore getTimelineStore() {
|
||||
return timelineStore;
|
||||
}
|
||||
|
||||
private void doSecureLogin(Configuration conf) throws IOException {
|
||||
InetSocketAddress socAddr = getBindAddress(conf);
|
||||
SecurityUtil.login(conf, YarnConfiguration.TIMELINE_SERVICE_KEYTAB,
|
||||
YarnConfiguration.TIMELINE_SERVICE_PRINCIPAL, socAddr.getHostName());
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve the timeline server bind address from configuration
|
||||
*
|
||||
* @param conf
|
||||
* @return InetSocketAddress
|
||||
*/
|
||||
private static InetSocketAddress getBindAddress(Configuration conf) {
|
||||
return conf.getSocketAddr(YarnConfiguration.TIMELINE_SERVICE_ADDRESS,
|
||||
YarnConfiguration.DEFAULT_TIMELINE_SERVICE_ADDRESS,
|
||||
YarnConfiguration.DEFAULT_TIMELINE_SERVICE_PORT);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user