lirui-apache commented on a change in pull request #15131:
URL: https://github.com/apache/flink/pull/15131#discussion_r596516402
##########
File path:
flink-yarn/src/main/java/org/apache/flink/yarn/configuration/YarnConfigOptions.java
##########
@@ -344,6 +344,13 @@
.withDescription(
"A comma-separated list of additional
Kerberos-secured Hadoop filesystems Flink is going to access. For example,
yarn.security.kerberos.additionalFileSystems=hdfs://namenode2:9002,hdfs://namenode3:9003.
The client submitting to YARN needs to have access to these file systems to
retrieve the security tokens.");
+ public static final ConfigOption<Boolean> YARN_SECURITY_ENABLED =
Review comment:
I think whether to fetch delegation token and whether "security is
enabled" are different things. So I would suggest rename this option to
something like `KERBEROS_USE_DELEGATION_TOKEN`.
Besides, delegation token is not specific to yarn. I think spark supports
delegation token for both yarn and mesos. So I also suggest move this option to
`SecurityOptions` in flink-core, alongside with other kerberos configurations.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
