Repository: hive
Updated Branches:
  refs/heads/master f9e6522c9 -> 446cb5da7


HIVE-18919 : remove separate keytab setting for ZK in LLAP (Sergey Shelukhin, 
reviewed by Ashutosh Chauhan)


Project: http://git-wip-us.apache.org/repos/asf/hive/repo
Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/446cb5da
Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/446cb5da
Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/446cb5da

Branch: refs/heads/master
Commit: 446cb5da7c6bdba08db3ab9ecb517bb2c0344bfd
Parents: f9e6522
Author: sergey <ser...@apache.org>
Authored: Tue Mar 13 13:10:25 2018 -0700
Committer: sergey <ser...@apache.org>
Committed: Tue Mar 13 13:10:25 2018 -0700

----------------------------------------------------------------------
 common/src/java/org/apache/hadoop/hive/conf/HiveConf.java    | 7 -------
 .../org/apache/hadoop/hive/llap/security/SecretManager.java  | 8 +++-----
 .../org/apache/hadoop/hive/ql/processors/SetProcessor.java   | 5 ++++-
 3 files changed, 7 insertions(+), 13 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hive/blob/446cb5da/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
----------------------------------------------------------------------
diff --git a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java 
b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
index aedd1ec..30c24d9 100644
--- a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
+++ b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
@@ -360,8 +360,6 @@ public class HiveConf extends Configuration {
     llapDaemonVarsSetLocal.add(ConfVars.LLAP_IO_THREADPOOL_SIZE.varname);
     llapDaemonVarsSetLocal.add(ConfVars.LLAP_KERBEROS_PRINCIPAL.varname);
     llapDaemonVarsSetLocal.add(ConfVars.LLAP_KERBEROS_KEYTAB_FILE.varname);
-    llapDaemonVarsSetLocal.add(ConfVars.LLAP_ZKSM_KERBEROS_PRINCIPAL.varname);
-    
llapDaemonVarsSetLocal.add(ConfVars.LLAP_ZKSM_KERBEROS_KEYTAB_FILE.varname);
     
llapDaemonVarsSetLocal.add(ConfVars.LLAP_ZKSM_ZK_CONNECTION_STRING.varname);
     llapDaemonVarsSetLocal.add(ConfVars.LLAP_SECURITY_ACL.varname);
     llapDaemonVarsSetLocal.add(ConfVars.LLAP_MANAGEMENT_ACL.varname);
@@ -3272,11 +3270,6 @@ public class HiveConf extends Configuration {
         "The name of the LLAP daemon's service principal."),
     LLAP_KERBEROS_KEYTAB_FILE("hive.llap.daemon.keytab.file", "",
         "The path to the Kerberos Keytab file containing the LLAP daemon's 
service principal."),
-    LLAP_ZKSM_KERBEROS_PRINCIPAL("hive.llap.zk.sm.principal", "",
-        "The name of the principal to use to talk to ZooKeeper for ZooKeeper 
SecretManager."),
-    LLAP_ZKSM_KERBEROS_KEYTAB_FILE("hive.llap.zk.sm.keytab.file", "",
-        "The path to the Kerberos Keytab file containing the principal to use 
to talk to\n" +
-        "ZooKeeper for ZooKeeper SecretManager."),
     LLAP_WEBUI_SPNEGO_KEYTAB_FILE("hive.llap.webui.spnego.keytab", "",
         "The path to the Kerberos Keytab file containing the LLAP WebUI SPNEGO 
principal.\n" +
         "Typical value would look like 
/etc/security/keytabs/spnego.service.keytab."),

http://git-wip-us.apache.org/repos/asf/hive/blob/446cb5da/llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java
----------------------------------------------------------------------
diff --git 
a/llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java 
b/llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java
index de38e99..3723608 100644
--- 
a/llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java
+++ 
b/llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java
@@ -165,8 +165,6 @@ public class SecretManager extends 
ZKDelegationTokenSecretManager<LlapTokenIdent
 
   private static LlapZkConf createLlapZkConf(
       Configuration conf, String llapPrincipal, String llapKeytab, String 
clusterId) {
-     String principal = HiveConf.getVar(conf, 
ConfVars.LLAP_ZKSM_KERBEROS_PRINCIPAL, llapPrincipal);
-     String keyTab = HiveConf.getVar(conf, 
ConfVars.LLAP_ZKSM_KERBEROS_KEYTAB_FILE, llapKeytab);
      // Override the default delegation token lifetime for LLAP.
      // Also set all the necessary ZK settings to defaults and LLAP configs, 
if not set.
      final Configuration zkConf = new Configuration(conf);
@@ -176,11 +174,11 @@ public class SecretManager extends 
ZKDelegationTokenSecretManager<LlapTokenIdent
     zkConf.setLong(DelegationTokenManager.RENEW_INTERVAL, tokenLifetime);
     try {
       zkConf.set(ZK_DTSM_ZK_KERBEROS_PRINCIPAL,
-          SecurityUtil.getServerPrincipal(principal, "0.0.0.0"));
+          SecurityUtil.getServerPrincipal(llapPrincipal, "0.0.0.0"));
     } catch (IOException e) {
       throw new RuntimeException(e);
     }
-    zkConf.set(ZK_DTSM_ZK_KERBEROS_KEYTAB, keyTab);
+    zkConf.set(ZK_DTSM_ZK_KERBEROS_KEYTAB, llapKeytab);
     String zkPath = "zkdtsm_" + clusterId;
     LOG.info("Using {} as ZK secret manager path", zkPath);
     zkConf.set(ZK_DTSM_ZNODE_WORKING_PATH, zkPath);
@@ -199,7 +197,7 @@ public class SecretManager extends 
ZKDelegationTokenSecretManager<LlapTokenIdent
 
     UserGroupInformation zkUgi = null;
     try {
-      zkUgi = LlapUtil.loginWithKerberos(principal, keyTab);
+      zkUgi = LlapUtil.loginWithKerberos(llapPrincipal, llapKeytab);
     } catch (IOException e) {
       throw new RuntimeException(e);
     }

http://git-wip-us.apache.org/repos/asf/hive/blob/446cb5da/ql/src/java/org/apache/hadoop/hive/ql/processors/SetProcessor.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/processors/SetProcessor.java 
b/ql/src/java/org/apache/hadoop/hive/ql/processors/SetProcessor.java
index db0fef1..4ede853 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/processors/SetProcessor.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/processors/SetProcessor.java
@@ -58,7 +58,10 @@ public class SetProcessor implements CommandProcessor {
   private static final Set<String> removedConfigs =
       Sets.newHashSet("hive.mapred.supports.subdirectories",
           "hive.enforce.sorting","hive.enforce.bucketing",
-          "hive.outerjoin.supports.filters");
+          "hive.outerjoin.supports.filters",
+          "hive.llap.zk.sm.principal",
+          "hive.llap.zk.sm.keytab.file"
+          );
   // Allow the user to set the ORC properties without getting an error.
   static {
     for(OrcConf var: OrcConf.values()) {

Reply via email to