[jira] [Commented] (YARN-50) Implement renewal / cancellation of Delegation Tokens

Thu, 20 Dec 2012 07:23:14 -0800 

    [ 
https://issues.apache.org/jira/browse/YARN-50?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13537075#comment-13537075
 ] 

Daryn Sharp commented on YARN-50:
---------------------------------

A few minor questions/comments:
# Should the ctors for {{RenewDelegationTokenRequestPBImpl(proto}} and 
{{RenewDelegationTokenResponsePBImpl(proto)}} discard the given proto?  I'm not 
fluent in the protobuf implementation.
# Very minor, a comment in {{YarnClientImpl}} has misspelled "ClietnRMProtocol"
# Why do HS parameters need to be in RM config?  It should be sufficient to 
have MR in the class path to pickup the token renewers.

Issues:
# In {{RMDelegationTokenRenewer}}:
## The yarn client should connect to the service address within the token, 
rather than assume all RM tokens are for the local RM.  It's possible that a 
job might have a RM token for a different cluster.
## Are null checks on yarnClient within the try/finally needed?  If 
{{getYarnClient}} can return null, NPEs may be generated on the renew/cancel 
calls which would imply the conditional should replace the try block, or the 
conditional should be removed.
# {{ClientRMService#renewDelegationToken/cancelDelegationToken}} throw an 
exception when the connection is token based, which is correct, but the error 
message says tokens cannot be "issued" instead of cancelled/renewed.
# Based on the SASL work I'm doing, {{isAllowedDelegationTokenOp}} should be 
more like this: {{return 
UserGroupInformation.getCurrentUser().getRealAuthenticationMethod() != 
AuthenticationMethod.TOKEN}}.  (Aside: I've actually been meaning to push this 
check down into the ADTSM but I'll do that on another jira)
                
> Implement renewal / cancellation of Delegation Tokens
> -----------------------------------------------------
>
>                 Key: YARN-50
>                 URL: https://issues.apache.org/jira/browse/YARN-50
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Siddharth Seth
>            Assignee: Siddharth Seth
>         Attachments: YARN-50_wip.txt
>
>
> Currently, delegation tokens issues by the RM and History server cannot be 
> renewed or cancelled. This needs to be implemented.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to