Example 6 with Credentials
use of org.apache.hadoop.security.Credentials in project weave by continuuity.
the class YarnWeaveRunnerService method updateSecureStores.
private void updateSecureStores(Table<String, RunId, SecureStore> secureStores) {
for (Table.Cell<String, RunId, SecureStore> cell : secureStores.cellSet()) {
Object store = cell.getValue().getStore();
if (!(store instanceof Credentials)) {
LOG.warn("Only Hadoop Credentials is supported. Ignore update for {}.", cell);
continue;
}
Credentials credentials = (Credentials) store;
if (credentials.getAllTokens().isEmpty()) {
// Nothing to update.
continue;
}
try {
updateCredentials(cell.getRowKey(), cell.getColumnKey(), credentials);
synchronized (YarnWeaveRunnerService.this) {
// Notify the application for secure store updates if it is still running.
YarnWeaveController controller = controllers.get(cell.getRowKey(), cell.getColumnKey());
if (controller != null) {
controller.secureStoreUpdated();
}
}
} catch (Throwable t) {
LOG.warn("Failed to update secure store for {}.", cell, t);
}
}
}
Also used :
HashBasedTable(com.google.common.collect.HashBasedTable)
ImmutableTable(com.google.common.collect.ImmutableTable)
Table(com.google.common.collect.Table)
JsonObject(com.google.gson.JsonObject)
RunId(com.continuuity.weave.api.RunId)
SecureStore(com.continuuity.weave.api.SecureStore)
Credentials(org.apache.hadoop.security.Credentials)
Example 7 with Credentials
use of org.apache.hadoop.security.Credentials in project hadoop by apache.
the class AMLauncher method setupTokens.
@Private
@VisibleForTesting
protected void setupTokens(ContainerLaunchContext container, ContainerId containerID) throws IOException {
Map<String, String> environment = container.getEnvironment();
environment.put(ApplicationConstants.APPLICATION_WEB_PROXY_BASE_ENV, application.getWebProxyBase());
// Set AppSubmitTime to be consumable by the AM.
ApplicationId applicationId = application.getAppAttemptId().getApplicationId();
environment.put(ApplicationConstants.APP_SUBMIT_TIME_ENV, String.valueOf(rmContext.getRMApps().get(applicationId).getSubmitTime()));
Credentials credentials = new Credentials();
DataInputByteBuffer dibb = new DataInputByteBuffer();
ByteBuffer tokens = container.getTokens();
if (tokens != null) {
// TODO: Don't do this kind of checks everywhere.
dibb.reset(tokens);
credentials.readTokenStorageStream(dibb);
tokens.rewind();
}
// Add AMRMToken
Token<AMRMTokenIdentifier> amrmToken = createAndSetAMRMToken();
if (amrmToken != null) {
credentials.addToken(amrmToken.getService(), amrmToken);
}
DataOutputBuffer dob = new DataOutputBuffer();
credentials.writeTokenStorageToStream(dob);
container.setTokens(ByteBuffer.wrap(dob.getData(), 0, dob.getLength()));
}
Also used :
AMRMTokenIdentifier(org.apache.hadoop.yarn.security.AMRMTokenIdentifier)
DataInputByteBuffer(org.apache.hadoop.io.DataInputByteBuffer)
DataOutputBuffer(org.apache.hadoop.io.DataOutputBuffer)
ApplicationId(org.apache.hadoop.yarn.api.records.ApplicationId)
ByteBuffer(java.nio.ByteBuffer)
DataInputByteBuffer(org.apache.hadoop.io.DataInputByteBuffer)
Credentials(org.apache.hadoop.security.Credentials)
VisibleForTesting(com.google.common.annotations.VisibleForTesting)
Private(org.apache.hadoop.classification.InterfaceAudience.Private)
Example 8 with Credentials
use of org.apache.hadoop.security.Credentials in project hadoop by apache.
the class TestApplicationMasterLauncher method testSetupTokens.
@Test
public void testSetupTokens() throws Exception {
MockRM rm = new MockRM();
rm.start();
MockNM nm1 = rm.registerNode("h1:1234", 5000);
RMApp app = rm.submitApp(2000);
/// kick the scheduling
nm1.nodeHeartbeat(true);
RMAppAttempt attempt = app.getCurrentAppAttempt();
MyAMLauncher launcher = new MyAMLauncher(rm.getRMContext(), attempt, AMLauncherEventType.LAUNCH, rm.getConfig());
DataOutputBuffer dob = new DataOutputBuffer();
Credentials ts = new Credentials();
ts.writeTokenStorageToStream(dob);
ByteBuffer securityTokens = ByteBuffer.wrap(dob.getData(), 0, dob.getLength());
ContainerLaunchContext amContainer = ContainerLaunchContext.newInstance(null, null, null, null, securityTokens, null);
ContainerId containerId = ContainerId.newContainerId(attempt.getAppAttemptId(), 0L);
try {
launcher.setupTokens(amContainer, containerId);
} catch (Exception e) {
// ignore the first fake exception
}
try {
launcher.setupTokens(amContainer, containerId);
} catch (java.io.EOFException e) {
Assert.fail("EOFException should not happen.");
}
}
Also used :
RMApp(org.apache.hadoop.yarn.server.resourcemanager.rmapp.RMApp)
RMAppAttempt(org.apache.hadoop.yarn.server.resourcemanager.rmapp.attempt.RMAppAttempt)
ContainerLaunchContext(org.apache.hadoop.yarn.api.records.ContainerLaunchContext)
ByteBuffer(java.nio.ByteBuffer)
ApplicationMasterNotRegisteredException(org.apache.hadoop.yarn.exceptions.ApplicationMasterNotRegisteredException)
YarnException(org.apache.hadoop.yarn.exceptions.YarnException)
SerializedException(org.apache.hadoop.yarn.api.records.SerializedException)
IOException(java.io.IOException)
ApplicationAttemptNotFoundException(org.apache.hadoop.yarn.exceptions.ApplicationAttemptNotFoundException)
NMNotYetReadyException(org.apache.hadoop.yarn.exceptions.NMNotYetReadyException)
ContainerId(org.apache.hadoop.yarn.api.records.ContainerId)
DataOutputBuffer(org.apache.hadoop.io.DataOutputBuffer)
Credentials(org.apache.hadoop.security.Credentials)
Test(org.junit.Test)
Example 9 with Credentials
use of org.apache.hadoop.security.Credentials in project hadoop by apache.
the class TestApplicationClientProtocolRecords method testCLCPBImplNullEnv.
/*
* This test validates the scenario in which the client sets a null value for a
* particular environment.
*
*/
@Test
public void testCLCPBImplNullEnv() throws IOException {
Map<String, LocalResource> localResources = Collections.emptyMap();
Map<String, String> environment = new HashMap<String, String>();
List<String> commands = Collections.emptyList();
Map<String, ByteBuffer> serviceData = Collections.emptyMap();
Credentials containerCreds = new Credentials();
DataOutputBuffer dob = new DataOutputBuffer();
containerCreds.writeTokenStorageToStream(dob);
ByteBuffer containerTokens = ByteBuffer.wrap(dob.getData(), 0, dob.getLength());
Map<ApplicationAccessType, String> acls = Collections.emptyMap();
environment.put("testCLCPBImplNullEnv", null);
ContainerLaunchContext clc = ContainerLaunchContext.newInstance(localResources, environment, commands, serviceData, containerTokens, acls);
ContainerLaunchContext clcProto = new ContainerLaunchContextPBImpl(((ContainerLaunchContextPBImpl) clc).getProto());
Assert.assertEquals("", clcProto.getEnvironment().get("testCLCPBImplNullEnv"));
}
Also used :
HashMap(java.util.HashMap)
ContainerLaunchContext(org.apache.hadoop.yarn.api.records.ContainerLaunchContext)
ByteBuffer(java.nio.ByteBuffer)
LocalResource(org.apache.hadoop.yarn.api.records.LocalResource)
ApplicationAccessType(org.apache.hadoop.yarn.api.records.ApplicationAccessType)
DataOutputBuffer(org.apache.hadoop.io.DataOutputBuffer)
Credentials(org.apache.hadoop.security.Credentials)
Test(org.junit.Test)
Example 10 with Credentials
use of org.apache.hadoop.security.Credentials in project hadoop by apache.
the class NodeStatusUpdaterImpl method parseCredentials.
private static Map<ApplicationId, Credentials> parseCredentials(Map<ApplicationId, ByteBuffer> systemCredentials) throws IOException {
Map<ApplicationId, Credentials> map = new HashMap<ApplicationId, Credentials>();
for (Map.Entry<ApplicationId, ByteBuffer> entry : systemCredentials.entrySet()) {
Credentials credentials = new Credentials();
DataInputByteBuffer buf = new DataInputByteBuffer();
ByteBuffer buffer = entry.getValue();
buffer.rewind();
buf.reset(buffer);
credentials.readTokenStorageStream(buf);
map.put(entry.getKey(), credentials);
}
if (LOG.isDebugEnabled()) {
for (Map.Entry<ApplicationId, Credentials> entry : map.entrySet()) {
LOG.debug("Retrieved credentials form RM for " + entry.getKey() + ": " + entry.getValue().getAllTokens());
}
}
return map;
}
Also used :
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
DataInputByteBuffer(org.apache.hadoop.io.DataInputByteBuffer)
ApplicationId(org.apache.hadoop.yarn.api.records.ApplicationId)
Map(java.util.Map)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
ByteBuffer(java.nio.ByteBuffer)
DataInputByteBuffer(org.apache.hadoop.io.DataInputByteBuffer)
Credentials(org.apache.hadoop.security.Credentials)
Aggregations
Credentials (org.apache.hadoop.security.Credentials)351
Test (org.junit.Test)141
Token (org.apache.hadoop.security.token.Token)101
IOException (java.io.IOException)91
Text (org.apache.hadoop.io.Text)85
Configuration (org.apache.hadoop.conf.Configuration)75
Path (org.apache.hadoop.fs.Path)73
HashMap (java.util.HashMap)61
ApplicationId (org.apache.hadoop.yarn.api.records.ApplicationId)58
ByteBuffer (java.nio.ByteBuffer)55
DataOutputBuffer (org.apache.hadoop.io.DataOutputBuffer)49
LocalResource (org.apache.hadoop.yarn.api.records.LocalResource)47
UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)45
File (java.io.File)37
ContainerId (org.apache.hadoop.yarn.api.records.ContainerId)35
YarnConfiguration (org.apache.hadoop.yarn.conf.YarnConfiguration)35
TokenIdentifier (org.apache.hadoop.security.token.TokenIdentifier)32
InetSocketAddress (java.net.InetSocketAddress)31
TezConfiguration (org.apache.tez.dag.api.TezConfiguration)31
FileSystem (org.apache.hadoop.fs.FileSystem)29
