Github user vanzin commented on a diff in the pull request:
https://github.com/apache/spark/pull/17723#discussion_r114037394
--- Diff:
resource-managers/yarn/src/main/scala/org/apache/spark/deploy/yarn/security/YARNHadoopAccessManager.scala
---
@@ -21,66 +21,47 @@ import scala.collection.JavaConverters._
import scala.util.Try
import org.apache.hadoop.conf.Configuration
-import org.apache.hadoop.fs.{FileSystem, Path}
+import org.apache.hadoop.fs.FileSystem
+import org.apache.hadoop.fs.Path
import org.apache.hadoop.mapred.Master
import org.apache.hadoop.security.Credentials
import
org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier
import org.apache.spark.{SparkConf, SparkException}
+import org.apache.spark.deploy.security.{HadoopAccessManager}
import org.apache.spark.deploy.yarn.config._
import org.apache.spark.internal.Logging
import org.apache.spark.internal.config._
-private[security] class HadoopFSCredentialProvider
- extends ServiceCredentialProvider with Logging {
- // Token renewal interval, this value will be set in the first call,
- // if None means no token renewer specified or no token can be renewed,
- // so cannot get token renewal interval.
- private var tokenRenewalInterval: Option[Long] = null
+private[yarn] class YARNHadoopAccessManager(
+ hadoopConf: Configuration,
+ sparkConf: SparkConf) extends HadoopAccessManager with Logging {
- override val serviceName: String = "hadoopfs"
-
- override def obtainCredentials(
- hadoopConf: Configuration,
- sparkConf: SparkConf,
- creds: Credentials): Option[Long] = {
- // NameNode to access, used to get tokens from different FileSystems
- val tmpCreds = new Credentials()
- val tokenRenewer = getTokenRenewer(hadoopConf)
- hadoopFSsToAccess(hadoopConf, sparkConf).foreach { dst =>
- val dstFs = dst.getFileSystem(hadoopConf)
- logInfo("getting token for: " + dst)
- dstFs.addDelegationTokens(tokenRenewer, tmpCreds)
- }
-
- // Get the token renewal interval if it is not set. It will only be
called once.
- if (tokenRenewalInterval == null) {
- tokenRenewalInterval = getTokenRenewalInterval(hadoopConf, sparkConf)
+ def getTokenRenewer: String = {
+ val delegTokenRenewer = Master.getMasterPrincipal(hadoopConf)
--- End diff --
The previous name (`tokenRenewer`) was more readable.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
