Vinod Kumar Vavilapalli commented on YARN-2743:

Did a quick scan of the patch. We are rewriting parts of YARN-2615, sigh!

 - You now made a custom format for the state-store write - this solution works 
but not ideal. You should create a separate store specific proto for storing 
tokens in the state-store that encompasses the client facing proto.
 -  masterKeyId in yarn_security_token.proto is now missing [default = -1]; 
Actually the original default in AbstractDelegationTokenIdentifier is zero, 
let's use the same (another bug in YARN-2615).
 - I had a bigger question with YARN-2615 - why is RMDelegationTokenIdentifier 
converted to proto? RM is the reader and writer for this ID, so no need for 
this to be a proto?
 - YARNDelegationTokenIdentifier
    -- It is so much cleaner now!
    -- AbstractDTId had a version, we dropped that in the protobuf 
serialization. We should just write it during the serialization and read it 
back? We can separate the JIRA though.
    -- Because of the way all the setters are behaving now, we should 
synchronize readFields, writeFields and all the setters. This is a problem with 
AbstractDelegationTokenIdentifier too, so okay splitting this too into its own 
 - Not related to your patch, but YARNDelegationTokenIdentifier should be 
private, or limited-private?
 - RMDelegationTokenIdentifierForTest is completely unmaintainable, duplicating 
a lot of code. Let's fix it.

> Yarn jobs via oozie fail with failed to renew token (secure) or digest 
> mismatch (unsecure) errors when RM is being killed
> -------------------------------------------------------------------------------------------------------------------------
>                 Key: YARN-2743
>                 URL: https://issues.apache.org/jira/browse/YARN-2743
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: resourcemanager
>    Affects Versions: 2.6.0
>            Reporter: Arpit Gupta
>            Assignee: Jian He
>            Priority: Blocker
>         Attachments: YARN-2743.1.patch
> During our HA testing we have seen yarn jobs run via oozie fail with failed 
> to renew delegation token errors on secure clusters and digest mismatch 
> errors on un secure clusters

This message was sent by Atlassian JIRA

Reply via email to