[jira] [Comment Edited] (FLINK-27191) Support multi kerberos-enabled Hive clusters

Wed, 13 Apr 2022 21:25:12 -0700 


    [ 
https://issues.apache.org/jira/browse/FLINK-27191?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17522051#comment-17522051
 ] 

luoyuxia edited comment on FLINK-27191 at 4/14/22 4:24 AM:
-----------------------------------------------------------

[~straw] Yes, you are right. I didn't notice that. But I wonder what's the 
problem it may cause.  If run with a kerberos-disabled cluster 

[loginUser.spawnAutoRenewalThreadForUserCreds()|https://github.com/apache/hadoop/blob/1b5c6b3a3b90c6e396e00e991b49d170eb2dac55/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java#L748]
  will be invoked, but from the following code:
{code:java}
if (isSecurityEnabled()) {
   //spawn thread only if we have kerb credentials 
  if (user.getAuthenticationMethod() == AuthenticationMethod.KERBEROS && 
!isKeytab) {
    Thread t;
   t.start()
   }
} {code}
IMO, if it's kerberos-disabled cluster , it won't spawn the renewal thread.

 

I may miss something, please correct me if I have any other miss.

 

 


was (Author: luoyuxia):
[~straw] Yes, you are right. I didn't notice that. But I wonder what's the 
problem it may cause.  If run with a kerberos-disabled cluster 

[loginUser.spawnAutoRenewalThreadForUserCreds()|https://github.com/apache/hadoop/blob/1b5c6b3a3b90c6e396e00e991b49d170eb2dac55/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java#L748]
  will be invoked, but only when 
{code:java}
if (isSecurityEnabled()) {
   //spawn thread only if we have kerb credentials 
  if (user.getAuthenticationMethod() == AuthenticationMethod.KERBEROS && 
!isKeytab) {
    Thread t;
   t.start()
   }
} {code}
IMO, if it's kerberos-disabled cluster , it won't spawn the renewal thread.

 

I may miss something, please correct me if I have any other miss.

 

 

> Support multi kerberos-enabled Hive clusters 
> ---------------------------------------------
>
>                 Key: FLINK-27191
>                 URL: https://issues.apache.org/jira/browse/FLINK-27191
>             Project: Flink
>          Issue Type: Improvement
>          Components: Connectors / Hive
>            Reporter: luoyuxia
>            Priority: Major
>             Fix For: 1.16.0
>
>
> Currently, to access kerberos-enabled Hive cluster, users are expected to add 
> key/secret in flink-conf. But it can only access one Hive cluster in one 
> Flink cluster, we are also expected to support multi kerberos-enabled Hive 
> clusters  in one Flink cluster.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Reply via email to