[26/50] [abbrv] hadoop git commit: YARN-9002. Improve keytab loading for YARN Service. Contributed by Gour Saha

botong Mon, 12 Nov 2018 16:23:17 -0800

YARN-9002.  Improve keytab loading for YARN Service.
            Contributed by Gour Saha



Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/26642487
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/26642487
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/26642487

Branch: refs/heads/YARN-7402
Commit: 2664248797365761089a86d5bd59aa9ac3ebcc28
Parents: 298d250
Author: Eric Yang <ey...@apache.org>
Authored: Sat Nov 10 01:52:19 2018 -0500
Committer: Eric Yang <ey...@apache.org>
Committed: Sat Nov 10 01:52:19 2018 -0500

----------------------------------------------------------------------
 .../yarn/service/client/ServiceClient.java      | 38 ++++++++------------
 .../exceptions/RestApiErrorMessages.java        |  2 --
 .../yarn/service/utils/ServiceApiUtil.java      | 17 ---------
 .../yarn/service/utils/TestServiceApiUtil.java  | 25 +++----------
 4 files changed, 19 insertions(+), 63 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/26642487/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/client/ServiceClient.java
----------------------------------------------------------------------
diff --git 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/client/ServiceClient.java
 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/client/ServiceClient.java
index 91d6367..1158e44 100644
--- 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/client/ServiceClient.java
+++ 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/client/ServiceClient.java
@@ -1392,31 +1392,21 @@ public class ServiceClient extends AppAdminClient 
implements SliderExitCodes,
       throw new YarnException(e);
     }
 
-    if (keytabURI.getScheme() != null) {
-      switch (keytabURI.getScheme()) {
-      case "hdfs":
-        Path keytabOnhdfs = new Path(keytabURI);
-        if (!fileSystem.getFileSystem().exists(keytabOnhdfs)) {
-          LOG.warn(service.getName() + "'s keytab (principalName = "
-              + principalName + ") doesn't exist at: " + keytabOnhdfs);
-          return;
-        }
-        LocalResource keytabRes = fileSystem.createAmResource(keytabOnhdfs,
-            LocalResourceType.FILE);
-        localResource.put(String.format(YarnServiceConstants.KEYTAB_LOCATION,
-            service.getName()), keytabRes);
-        LOG.info("Adding " + service.getName() + "'s keytab for "
-            + "localization, uri = " + keytabOnhdfs);
-        break;
-      case "file":
-        LOG.info("Using a keytab from localhost: " + keytabURI);
-        break;
-      default:
-        LOG.warn("Unsupported keytab URI scheme " + keytabURI);
-        break;
-      }
+    if ("file".equals(keytabURI.getScheme())) {
+      LOG.info("Using a keytab from localhost: " + keytabURI);
     } else {
-      LOG.warn("Unsupported keytab URI scheme " + keytabURI);
+      Path keytabOnhdfs = new Path(keytabURI);
+      if (!fileSystem.getFileSystem().exists(keytabOnhdfs)) {
+        LOG.warn(service.getName() + "'s keytab (principalName = "
+            + principalName + ") doesn't exist at: " + keytabOnhdfs);
+        return;
+      }
+      LocalResource keytabRes = fileSystem.createAmResource(keytabOnhdfs,
+          LocalResourceType.FILE);
+      localResource.put(String.format(YarnServiceConstants.KEYTAB_LOCATION,
+          service.getName()), keytabRes);
+      LOG.info("Adding " + service.getName() + "'s keytab for "
+          + "localization, uri = " + keytabOnhdfs);
     }
   }
 

http://git-wip-us.apache.org/repos/asf/hadoop/blob/26642487/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/exceptions/RestApiErrorMessages.java
----------------------------------------------------------------------
diff --git 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/exceptions/RestApiErrorMessages.java
 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/exceptions/RestApiErrorMessages.java
index 8f831ee..57c6449 100644
--- 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/exceptions/RestApiErrorMessages.java
+++ 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/exceptions/RestApiErrorMessages.java
@@ -117,8 +117,6 @@ public interface RestApiErrorMessages {
       + "expression element name %s specified in placement policy of component 
"
       + "%s. Expression element names should be a valid constraint name or an "
       + "expression name defined for this component only.";
-  String ERROR_KEYTAB_URI_SCHEME_INVALID = "Unsupported keytab URI scheme: %s";
-  String ERROR_KEYTAB_URI_INVALID = "Invalid keytab URI: %s";
 
   String ERROR_COMP_INSTANCE_DOES_NOT_NEED_UPGRADE = "The component instance " 
+
       "(%s) does not need an upgrade.";

http://git-wip-us.apache.org/repos/asf/hadoop/blob/26642487/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/utils/ServiceApiUtil.java
----------------------------------------------------------------------
diff --git 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/utils/ServiceApiUtil.java
 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/utils/ServiceApiUtil.java
index b57e632..27e8caf 100644
--- 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/utils/ServiceApiUtil.java
+++ 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/utils/ServiceApiUtil.java
@@ -56,8 +56,6 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashSet;
@@ -256,21 +254,6 @@ public class ServiceApiUtil {
             kerberosPrincipal.getPrincipalName()));
       }
     }
-    if (!StringUtils.isEmpty(kerberosPrincipal.getKeytab())) {
-      try {
-        // validate URI format
-        URI keytabURI = new URI(kerberosPrincipal.getKeytab());
-        if (keytabURI.getScheme() == null) {
-          throw new IllegalArgumentException(String.format(
-              RestApiErrorMessages.ERROR_KEYTAB_URI_SCHEME_INVALID,
-              kerberosPrincipal.getKeytab()));
-        }
-      } catch (URISyntaxException e) {
-        throw new IllegalArgumentException(
-            String.format(RestApiErrorMessages.ERROR_KEYTAB_URI_INVALID,
-                e.getLocalizedMessage()));
-      }
-    }
   }
 
   private static void validateDockerClientConfiguration(Service service,

http://git-wip-us.apache.org/repos/asf/hadoop/blob/26642487/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/test/java/org/apache/hadoop/yarn/service/utils/TestServiceApiUtil.java
----------------------------------------------------------------------
diff --git 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/test/java/org/apache/hadoop/yarn/service/utils/TestServiceApiUtil.java
 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/test/java/org/apache/hadoop/yarn/service/utils/TestServiceApiUtil.java
index 4940f8b..2bf59b8 100644
--- 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/test/java/org/apache/hadoop/yarn/service/utils/TestServiceApiUtil.java
+++ 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/test/java/org/apache/hadoop/yarn/service/utils/TestServiceApiUtil.java
@@ -49,7 +49,6 @@ import static 
org.apache.hadoop.yarn.service.conf.RestApiConstants.DEFAULT_UNLIM
 import static org.apache.hadoop.yarn.service.exceptions.RestApiErrorMessages.*;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
 
 /**
  * Test for ServiceApiUtil helper methods.
@@ -593,33 +592,19 @@ public class TestServiceApiUtil extends ServiceTestUtils {
     SliderFileSystem sfs = ServiceTestUtils.initMockFs();
     Service app = createValidApplication("comp-a");
     KerberosPrincipal kp = new KerberosPrincipal();
-    kp.setKeytab("/some/path");
+    kp.setKeytab("file:///tmp/a.keytab");
     kp.setPrincipalName("user/_h...@domain.com");
     app.setKerberosPrincipal(kp);
 
+    // This should succeed
     try {
       ServiceApiUtil.validateKerberosPrincipal(app.getKerberosPrincipal());
-      Assert.fail(EXCEPTION_PREFIX + "service with invalid keytab URI scheme");
-    } catch (IllegalArgumentException e) {
-      assertEquals(
-          String.format(RestApiErrorMessages.ERROR_KEYTAB_URI_SCHEME_INVALID,
-              kp.getKeytab()),
-          e.getMessage());
-    }
-
-    kp.setKeytab("/ blank / in / paths");
-    try {
-      ServiceApiUtil.validateKerberosPrincipal(app.getKerberosPrincipal());
-      Assert.fail(EXCEPTION_PREFIX + "service with invalid keytab");
     } catch (IllegalArgumentException e) {
-      // strip out the %s at the end of the RestApiErrorMessages string 
constant
-      assertTrue(e.getMessage().contains(
-          RestApiErrorMessages.ERROR_KEYTAB_URI_INVALID.substring(0,
-              RestApiErrorMessages.ERROR_KEYTAB_URI_INVALID.length() - 2)));
+      Assert.fail(NO_EXCEPTION_PREFIX + e.getMessage());
     }
 
-    kp.setKeytab("file:///tmp/a.keytab");
-    // now it should succeed
+    // Keytab with no URI scheme should succeed too
+    kp.setKeytab("/some/path");
     try {
       ServiceApiUtil.validateKerberosPrincipal(app.getKerberosPrincipal());
     } catch (IllegalArgumentException e) {


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-commits-h...@hadoop.apache.org

[26/50] [abbrv] hadoop git commit: YARN-9002. Improve keytab loading for YARN Service. Contributed by Gour Saha

Reply via email to