[12/50] [abbrv] hadoop git commit: YARN-2971. RM uses conf instead of token service address to renew timeline delegation tokens (jeagles)
YARN-2971. RM uses conf instead of token service address to renew timeline delegation tokens (jeagles) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/af084258 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/af084258 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/af084258 Branch: refs/heads/YARN-2928 Commit: af0842589359ad800427337ad2c84fac09907f72 Parents: aab459c Author: Jonathan Eagles jeag...@gmail.com Authored: Mon Feb 9 17:56:05 2015 -0600 Committer: Jonathan Eagles jeag...@gmail.com Committed: Mon Feb 9 17:56:05 2015 -0600 -- hadoop-yarn-project/CHANGES.txt | 3 +++ .../client/api/impl/TimelineClientImpl.java | 22 ++-- .../client/api/impl/TestTimelineClient.java | 14 +++-- 3 files changed, 31 insertions(+), 8 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/af084258/hadoop-yarn-project/CHANGES.txt -- diff --git a/hadoop-yarn-project/CHANGES.txt b/hadoop-yarn-project/CHANGES.txt index 578a8cc..634a0e7 100644 --- a/hadoop-yarn-project/CHANGES.txt +++ b/hadoop-yarn-project/CHANGES.txt @@ -519,6 +519,9 @@ Release 2.7.0 - UNRELEASED YARN-3094. Reset timer for liveness monitors after RM recovery. (Jun Gong via jianhe) +YARN-2971. RM uses conf instead of token service address to renew timeline +delegation tokens (jeagles) + Release 2.6.0 - 2014-11-18 INCOMPATIBLE CHANGES http://git-wip-us.apache.org/repos/asf/hadoop/blob/af084258/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java -- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java index de9d8da..0b88632 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java @@ -23,6 +23,7 @@ import java.io.IOException; import java.lang.reflect.UndeclaredThrowableException; import java.net.ConnectException; import java.net.HttpURLConnection; +import java.net.InetSocketAddress; import java.net.URI; import java.net.URL; import java.net.URLConnection; @@ -45,6 +46,7 @@ import org.apache.hadoop.classification.InterfaceAudience.Private; import org.apache.hadoop.classification.InterfaceStability.Unstable; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.security.UserGroupInformation; +import org.apache.hadoop.security.SecurityUtil; import org.apache.hadoop.security.authentication.client.ConnectionConfigurator; import org.apache.hadoop.security.ssl.SSLFactory; import org.apache.hadoop.security.token.Token; @@ -373,12 +375,14 @@ public class TimelineClientImpl extends TimelineClient { == UserGroupInformation.AuthenticationMethod.PROXY; final String doAsUser = isProxyAccess ? UserGroupInformation.getCurrentUser().getShortUserName() : null; +boolean useHttps = YarnConfiguration.useHttps(this.getConfig()); +final String scheme = useHttps ? https : http; +final InetSocketAddress address = SecurityUtil.getTokenServiceAddr(timelineDT); PrivilegedExceptionActionLong renewDTAction = new PrivilegedExceptionActionLong() { @Override - public Long run() - throws Exception { + public Long run() throws Exception { // If the timeline DT to renew is different than cached, replace it. // Token to set every time for retry, because when exception happens, // DelegationTokenAuthenticatedURL will reset it to null; @@ -388,8 +392,10 @@ public class TimelineClientImpl extends TimelineClient { DelegationTokenAuthenticatedURL authUrl = new DelegationTokenAuthenticatedURL(authenticator, connConfigurator); +final URI serviceURI = new URI(scheme, null, address.getHostName(), +address.getPort(), RESOURCE_URI_STR, null, null); return authUrl -.renewDelegationToken(resURI.toURL(), token, doAsUser); +.renewDelegationToken(serviceURI.toURL(), token, doAsUser); } }; return (Long) operateDelegationToken(renewDTAction); @@ -405,12 +411,14 @@ public class TimelineClientImpl extends TimelineClient { ==
hadoop git commit: YARN-2971. RM uses conf instead of token service address to renew timeline delegation tokens (jeagles)
Repository: hadoop Updated Branches: refs/heads/trunk aab459c90 - af0842589 YARN-2971. RM uses conf instead of token service address to renew timeline delegation tokens (jeagles) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/af084258 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/af084258 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/af084258 Branch: refs/heads/trunk Commit: af0842589359ad800427337ad2c84fac09907f72 Parents: aab459c Author: Jonathan Eagles jeag...@gmail.com Authored: Mon Feb 9 17:56:05 2015 -0600 Committer: Jonathan Eagles jeag...@gmail.com Committed: Mon Feb 9 17:56:05 2015 -0600 -- hadoop-yarn-project/CHANGES.txt | 3 +++ .../client/api/impl/TimelineClientImpl.java | 22 ++-- .../client/api/impl/TestTimelineClient.java | 14 +++-- 3 files changed, 31 insertions(+), 8 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/af084258/hadoop-yarn-project/CHANGES.txt -- diff --git a/hadoop-yarn-project/CHANGES.txt b/hadoop-yarn-project/CHANGES.txt index 578a8cc..634a0e7 100644 --- a/hadoop-yarn-project/CHANGES.txt +++ b/hadoop-yarn-project/CHANGES.txt @@ -519,6 +519,9 @@ Release 2.7.0 - UNRELEASED YARN-3094. Reset timer for liveness monitors after RM recovery. (Jun Gong via jianhe) +YARN-2971. RM uses conf instead of token service address to renew timeline +delegation tokens (jeagles) + Release 2.6.0 - 2014-11-18 INCOMPATIBLE CHANGES http://git-wip-us.apache.org/repos/asf/hadoop/blob/af084258/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java -- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java index de9d8da..0b88632 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/client/api/impl/TimelineClientImpl.java @@ -23,6 +23,7 @@ import java.io.IOException; import java.lang.reflect.UndeclaredThrowableException; import java.net.ConnectException; import java.net.HttpURLConnection; +import java.net.InetSocketAddress; import java.net.URI; import java.net.URL; import java.net.URLConnection; @@ -45,6 +46,7 @@ import org.apache.hadoop.classification.InterfaceAudience.Private; import org.apache.hadoop.classification.InterfaceStability.Unstable; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.security.UserGroupInformation; +import org.apache.hadoop.security.SecurityUtil; import org.apache.hadoop.security.authentication.client.ConnectionConfigurator; import org.apache.hadoop.security.ssl.SSLFactory; import org.apache.hadoop.security.token.Token; @@ -373,12 +375,14 @@ public class TimelineClientImpl extends TimelineClient { == UserGroupInformation.AuthenticationMethod.PROXY; final String doAsUser = isProxyAccess ? UserGroupInformation.getCurrentUser().getShortUserName() : null; +boolean useHttps = YarnConfiguration.useHttps(this.getConfig()); +final String scheme = useHttps ? https : http; +final InetSocketAddress address = SecurityUtil.getTokenServiceAddr(timelineDT); PrivilegedExceptionActionLong renewDTAction = new PrivilegedExceptionActionLong() { @Override - public Long run() - throws Exception { + public Long run() throws Exception { // If the timeline DT to renew is different than cached, replace it. // Token to set every time for retry, because when exception happens, // DelegationTokenAuthenticatedURL will reset it to null; @@ -388,8 +392,10 @@ public class TimelineClientImpl extends TimelineClient { DelegationTokenAuthenticatedURL authUrl = new DelegationTokenAuthenticatedURL(authenticator, connConfigurator); +final URI serviceURI = new URI(scheme, null, address.getHostName(), +address.getPort(), RESOURCE_URI_STR, null, null); return authUrl -.renewDelegationToken(resURI.toURL(), token, doAsUser); +.renewDelegationToken(serviceURI.toURL(), token, doAsUser); } }; return (Long) operateDelegationToken(renewDTAction); @@ -405,12 +411,14 @@ public class