Author: vinodkv
Date: Wed May 21 23:20:08 2014
New Revision: 1596710
URL: http://svn.apache.org/r1596710
Log:
YARN-1938. Added kerberos login for the Timeline Server. Contributed by Zhijie
Shen.
Modified:
hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/applicationhistoryservice/ApplicationHistoryServer.java
Modified: hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt
URL:
http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt?rev=1596710&r1=1596709&r2=1596710&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt (original)
+++ hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt Wed May 21 23:20:08 2014
@@ -85,6 +85,9 @@ Release 2.5.0 - UNRELEASED
YARN-1981. Nodemanager version is not updated when a node reconnects (Jason
Lowe via jeagles)
+ YARN-1938. Added kerberos login for the Timeline Server. (Zhijie Shen via
+ vinodkv)
+
OPTIMIZATIONS
BUG FIXES
Modified:
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java
URL:
http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java?rev=1596710&r1=1596709&r2=1596710&view=diff
==============================================================================
---
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java
(original)
+++
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java
Wed May 21 23:20:08 2014
@@ -1196,6 +1196,14 @@ public class YarnConfiguration extends C
public static final long DEFAULT_TIMELINE_SERVICE_LEVELDB_TTL_INTERVAL_MS =
1000 * 60 * 5;
+ /** The Kerberos principal for the timeline server.*/
+ public static final String TIMELINE_SERVICE_PRINCIPAL =
+ TIMELINE_SERVICE_PREFIX + "principal";
+
+ /** The Kerberos keytab for the timeline server.*/
+ public static final String TIMELINE_SERVICE_KEYTAB =
+ TIMELINE_SERVICE_PREFIX + "keytab";
+
////////////////////////////////
// Other Configs
////////////////////////////////
Modified:
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml
URL:
http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml?rev=1596710&r1=1596709&r2=1596710&view=diff
==============================================================================
---
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml
(original)
+++
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml
Wed May 21 23:20:08 2014
@@ -1195,6 +1195,18 @@
</property>
<property>
+ <description>The Kerberos principal for the timeline server.</description>
+ <name>yarn.timeline-service.principal</name>
+ <value></value>
+ </property>
+
+ <property>
+ <description>The Kerberos keytab for the timeline server.</description>
+ <name>yarn.timeline-service.keytab</name>
+ <value>/etc/krb5.keytab</value>
+ </property>
+
+ <property>
<description>Indicate to ResourceManager as well as clients whether
history-service is enabled or not. If enabled, ResourceManager starts
recording historical data that ApplicationHistory service can consume.
Modified:
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/applicationhistoryservice/ApplicationHistoryServer.java
URL:
http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/applicationhistoryservice/ApplicationHistoryServer.java?rev=1596710&r1=1596709&r2=1596710&view=diff
==============================================================================
---
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/applicationhistoryservice/ApplicationHistoryServer.java
(original)
+++
hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/applicationhistoryservice/ApplicationHistoryServer.java
Wed May 21 23:20:08 2014
@@ -18,12 +18,16 @@
package org.apache.hadoop.yarn.server.applicationhistoryservice;
+import java.io.IOException;
+import java.net.InetSocketAddress;
+
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.classification.InterfaceAudience.Private;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.metrics2.lib.DefaultMetricsSystem;
import org.apache.hadoop.metrics2.source.JvmMetrics;
+import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.service.CompositeService;
import org.apache.hadoop.service.Service;
import org.apache.hadoop.util.ExitUtil;
@@ -33,8 +37,8 @@ import org.apache.hadoop.util.StringUtil
import org.apache.hadoop.yarn.YarnUncaughtExceptionHandler;
import org.apache.hadoop.yarn.conf.YarnConfiguration;
import org.apache.hadoop.yarn.exceptions.YarnRuntimeException;
-import
org.apache.hadoop.yarn.server.applicationhistoryservice.timeline.TimelineStore;
import
org.apache.hadoop.yarn.server.applicationhistoryservice.timeline.LeveldbTimelineStore;
+import
org.apache.hadoop.yarn.server.applicationhistoryservice.timeline.TimelineStore;
import
org.apache.hadoop.yarn.server.applicationhistoryservice.webapp.AHSWebApp;
import org.apache.hadoop.yarn.webapp.WebApp;
import org.apache.hadoop.yarn.webapp.WebApps;
@@ -69,13 +73,19 @@ public class ApplicationHistoryServer ex
addService((Service) historyManager);
timelineStore = createTimelineStore(conf);
addIfService(timelineStore);
+
+ DefaultMetricsSystem.initialize("ApplicationHistoryServer");
+ JvmMetrics.initSingleton("ApplicationHistoryServer", null);
super.serviceInit(conf);
}
@Override
protected void serviceStart() throws Exception {
- DefaultMetricsSystem.initialize("ApplicationHistoryServer");
- JvmMetrics.initSingleton("ApplicationHistoryServer", null);
+ try {
+ doSecureLogin(getConfig());
+ } catch(IOException ie) {
+ throw new YarnRuntimeException("Failed to login", ie);
+ }
startWebApp();
super.serviceStart();
@@ -177,4 +187,22 @@ public class ApplicationHistoryServer ex
public TimelineStore getTimelineStore() {
return timelineStore;
}
+
+ private void doSecureLogin(Configuration conf) throws IOException {
+ InetSocketAddress socAddr = getBindAddress(conf);
+ SecurityUtil.login(conf, YarnConfiguration.TIMELINE_SERVICE_KEYTAB,
+ YarnConfiguration.TIMELINE_SERVICE_PRINCIPAL, socAddr.getHostName());
+ }
+
+ /**
+ * Retrieve the timeline server bind address from configuration
+ *
+ * @param conf
+ * @return InetSocketAddress
+ */
+ private static InetSocketAddress getBindAddress(Configuration conf) {
+ return conf.getSocketAddr(YarnConfiguration.TIMELINE_SERVICE_ADDRESS,
+ YarnConfiguration.DEFAULT_TIMELINE_SERVICE_ADDRESS,
+ YarnConfiguration.DEFAULT_TIMELINE_SERVICE_PORT);
+ }
}
