Example 1 with MRAMPolicyProvider
use of org.apache.hadoop.mapreduce.v2.app.security.authorize.MRAMPolicyProvider in project hadoop by apache.
the class TaskAttemptListenerImpl method startRpcServer.
protected void startRpcServer() {
Configuration conf = getConfig();
try {
server = new RPC.Builder(conf).setProtocol(TaskUmbilicalProtocol.class).setInstance(this).setBindAddress("0.0.0.0").setPortRangeConfig(MRJobConfig.MR_AM_JOB_CLIENT_PORT_RANGE).setNumHandlers(conf.getInt(MRJobConfig.MR_AM_TASK_LISTENER_THREAD_COUNT, MRJobConfig.DEFAULT_MR_AM_TASK_LISTENER_THREAD_COUNT)).setVerbose(false).setSecretManager(jobTokenSecretManager).build();
// Enable service authorization?
if (conf.getBoolean(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHORIZATION, false)) {
refreshServiceAcls(conf, new MRAMPolicyProvider());
}
server.start();
this.address = NetUtils.createSocketAddrForHost(context.getNMHostname(), server.getListenerAddress().getPort());
} catch (IOException e) {
throw new YarnRuntimeException(e);
}
}
Also used :
YarnRuntimeException(org.apache.hadoop.yarn.exceptions.YarnRuntimeException)
Configuration(org.apache.hadoop.conf.Configuration)
RPC(org.apache.hadoop.ipc.RPC)
MRAMPolicyProvider(org.apache.hadoop.mapreduce.v2.app.security.authorize.MRAMPolicyProvider)
IOException(java.io.IOException)
Example 2 with MRAMPolicyProvider
use of org.apache.hadoop.mapreduce.v2.app.security.authorize.MRAMPolicyProvider in project hadoop by apache.
the class MRClientService method serviceStart.
protected void serviceStart() throws Exception {
Configuration conf = getConfig();
YarnRPC rpc = YarnRPC.create(conf);
InetSocketAddress address = new InetSocketAddress(0);
server = rpc.getServer(MRClientProtocol.class, protocolHandler, address, conf, appContext.getClientToAMTokenSecretManager(), conf.getInt(MRJobConfig.MR_AM_JOB_CLIENT_THREAD_COUNT, MRJobConfig.DEFAULT_MR_AM_JOB_CLIENT_THREAD_COUNT), MRJobConfig.MR_AM_JOB_CLIENT_PORT_RANGE);
// Enable service authorization?
if (conf.getBoolean(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHORIZATION, false)) {
refreshServiceAcls(conf, new MRAMPolicyProvider());
}
server.start();
this.bindAddress = NetUtils.createSocketAddrForHost(appContext.getNMHostname(), server.getListenerAddress().getPort());
LOG.info("Instantiated MRClientService at " + this.bindAddress);
try {
// Explicitly disabling SSL for map reduce task as we can't allow MR users
// to gain access to keystore file for opening SSL listener. We can trust
// RM/NM to issue SSL certificates but definitely not MR-AM as it is
// running in user-land.
webApp = WebApps.$for("mapreduce", AppContext.class, appContext, "ws").withHttpPolicy(conf, Policy.HTTP_ONLY).withPortRange(conf, MRJobConfig.MR_AM_WEBAPP_PORT_RANGE).start(new AMWebApp());
} catch (Exception e) {
LOG.error("Webapps failed to start. Ignoring for now:", e);
}
super.serviceStart();
}
Also used :
Configuration(org.apache.hadoop.conf.Configuration)
InetSocketAddress(java.net.InetSocketAddress)
AMWebApp(org.apache.hadoop.mapreduce.v2.app.webapp.AMWebApp)
MRAMPolicyProvider(org.apache.hadoop.mapreduce.v2.app.security.authorize.MRAMPolicyProvider)
YarnRPC(org.apache.hadoop.yarn.ipc.YarnRPC)
YarnException(org.apache.hadoop.yarn.exceptions.YarnException)
IOException(java.io.IOException)
AccessControlException(org.apache.hadoop.security.AccessControlException)
MRClientProtocol(org.apache.hadoop.mapreduce.v2.api.MRClientProtocol)
Aggregations
IOException (java.io.IOException)2
Configuration (org.apache.hadoop.conf.Configuration)2
MRAMPolicyProvider (org.apache.hadoop.mapreduce.v2.app.security.authorize.MRAMPolicyProvider)2
InetSocketAddress (java.net.InetSocketAddress)1
RPC (org.apache.hadoop.ipc.RPC)1
MRClientProtocol (org.apache.hadoop.mapreduce.v2.api.MRClientProtocol)1
AMWebApp (org.apache.hadoop.mapreduce.v2.app.webapp.AMWebApp)1
AccessControlException (org.apache.hadoop.security.AccessControlException)1
YarnException (org.apache.hadoop.yarn.exceptions.YarnException)1
YarnRuntimeException (org.apache.hadoop.yarn.exceptions.YarnRuntimeException)1
YarnRPC (org.apache.hadoop.yarn.ipc.YarnRPC)1
