Example 11 with YarnRPC
use of org.apache.hadoop.yarn.ipc.YarnRPC in project hadoop by apache.
the class TestAMAuthorization method testUnauthorizedAccess.
@Test
public void testUnauthorizedAccess() throws Exception {
MyContainerManager containerManager = new MyContainerManager();
rm = new MockRMWithAMS(conf, containerManager);
rm.start();
MockNM nm1 = rm.registerNode("localhost:1234", 5120);
RMApp app = rm.submitApp(1024);
nm1.nodeHeartbeat(true);
int waitCount = 0;
while (containerManager.containerTokens == null && waitCount++ < 40) {
LOG.info("Waiting for AM Launch to happen..");
Thread.sleep(1000);
}
Assert.assertNotNull(containerManager.containerTokens);
RMAppAttempt attempt = app.getCurrentAppAttempt();
ApplicationAttemptId applicationAttemptId = attempt.getAppAttemptId();
waitForLaunchedState(attempt);
final Configuration conf = rm.getConfig();
final YarnRPC rpc = YarnRPC.create(conf);
final InetSocketAddress serviceAddr = conf.getSocketAddr(YarnConfiguration.RM_SCHEDULER_ADDRESS, YarnConfiguration.DEFAULT_RM_SCHEDULER_ADDRESS, YarnConfiguration.DEFAULT_RM_SCHEDULER_PORT);
UserGroupInformation currentUser = UserGroupInformation.createRemoteUser(applicationAttemptId.toString());
// First try contacting NM without tokens
ApplicationMasterProtocol client = currentUser.doAs(new PrivilegedAction<ApplicationMasterProtocol>() {
@Override
public ApplicationMasterProtocol run() {
return (ApplicationMasterProtocol) rpc.getProxy(ApplicationMasterProtocol.class, serviceAddr, conf);
}
});
RegisterApplicationMasterRequest request = Records.newRecord(RegisterApplicationMasterRequest.class);
try {
client.registerApplicationMaster(request);
Assert.fail("Should fail with authorization error");
} catch (Exception e) {
if (isCause(AccessControlException.class, e)) {
// Because there are no tokens, the request should be rejected as the
// server side will assume we are trying simple auth.
String expectedMessage = "";
if (UserGroupInformation.isSecurityEnabled()) {
expectedMessage = "Client cannot authenticate via:[TOKEN]";
} else {
expectedMessage = "SIMPLE authentication is not enabled. Available:[TOKEN]";
}
Assert.assertTrue(e.getCause().getMessage().contains(expectedMessage));
} else {
throw e;
}
}
// TODO: Add validation of invalid authorization when there's more data in
// the AMRMToken
}
Also used :
RMApp(org.apache.hadoop.yarn.server.resourcemanager.rmapp.RMApp)
RMAppAttempt(org.apache.hadoop.yarn.server.resourcemanager.rmapp.attempt.RMAppAttempt)
Configuration(org.apache.hadoop.conf.Configuration)
YarnConfiguration(org.apache.hadoop.yarn.conf.YarnConfiguration)
InetSocketAddress(java.net.InetSocketAddress)
AccessControlException(org.apache.hadoop.security.AccessControlException)
ApplicationMasterProtocol(org.apache.hadoop.yarn.api.ApplicationMasterProtocol)
ApplicationAttemptId(org.apache.hadoop.yarn.api.records.ApplicationAttemptId)
YarnRPC(org.apache.hadoop.yarn.ipc.YarnRPC)
YarnException(org.apache.hadoop.yarn.exceptions.YarnException)
IOException(java.io.IOException)
AccessControlException(org.apache.hadoop.security.AccessControlException)
RegisterApplicationMasterRequest(org.apache.hadoop.yarn.api.protocolrecords.RegisterApplicationMasterRequest)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Test(org.junit.Test)
Example 12 with YarnRPC
use of org.apache.hadoop.yarn.ipc.YarnRPC in project hadoop by apache.
the class TestMRJobsWithHistoryService method instantiateHistoryProxy.
private HSClientProtocol instantiateHistoryProxy() {
final String serviceAddr = mrCluster.getConfig().get(JHAdminConfig.MR_HISTORY_ADDRESS);
final YarnRPC rpc = YarnRPC.create(conf);
HSClientProtocol historyClient = (HSClientProtocol) rpc.getProxy(HSClientProtocol.class, NetUtils.createSocketAddr(serviceAddr), mrCluster.getConfig());
return historyClient;
}
Also used :
HSClientProtocol(org.apache.hadoop.mapreduce.v2.api.HSClientProtocol)
YarnRPC(org.apache.hadoop.yarn.ipc.YarnRPC)
Example 13 with YarnRPC
use of org.apache.hadoop.yarn.ipc.YarnRPC in project hadoop by apache.
the class TestJHSSecurity method getMRClientProtocol.
private MRClientProtocol getMRClientProtocol(Token token, final InetSocketAddress hsAddress, String user, final Configuration conf) {
UserGroupInformation ugi = UserGroupInformation.createRemoteUser(user);
ugi.addToken(ConverterUtils.convertFromYarn(token, hsAddress));
final YarnRPC rpc = YarnRPC.create(conf);
MRClientProtocol hsWithDT = ugi.doAs(new PrivilegedAction<MRClientProtocol>() {
@Override
public MRClientProtocol run() {
return (MRClientProtocol) rpc.getProxy(HSClientProtocol.class, hsAddress, conf);
}
});
return hsWithDT;
}
Also used :
YarnRPC(org.apache.hadoop.yarn.ipc.YarnRPC)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
MRClientProtocol(org.apache.hadoop.mapreduce.v2.api.MRClientProtocol)
Example 14 with YarnRPC
use of org.apache.hadoop.yarn.ipc.YarnRPC in project hadoop by apache.
the class GetGroupsForTesting method getUgmProtocol.
@Override
protected GetUserMappingsProtocol getUgmProtocol() throws IOException {
Configuration conf = getConf();
final InetSocketAddress addr = conf.getSocketAddr(YarnConfiguration.RM_ADMIN_ADDRESS, YarnConfiguration.DEFAULT_RM_ADMIN_ADDRESS, YarnConfiguration.DEFAULT_RM_ADMIN_PORT);
final YarnRPC rpc = YarnRPC.create(conf);
ResourceManagerAdministrationProtocol adminProtocol = (ResourceManagerAdministrationProtocol) rpc.getProxy(ResourceManagerAdministrationProtocol.class, addr, getConf());
return adminProtocol;
}
Also used :
ResourceManagerAdministrationProtocol(org.apache.hadoop.yarn.server.api.ResourceManagerAdministrationProtocol)
YarnConfiguration(org.apache.hadoop.yarn.conf.YarnConfiguration)
Configuration(org.apache.hadoop.conf.Configuration)
InetSocketAddress(java.net.InetSocketAddress)
YarnRPC(org.apache.hadoop.yarn.ipc.YarnRPC)
Example 15 with YarnRPC
use of org.apache.hadoop.yarn.ipc.YarnRPC in project hadoop by apache.
the class TestRPC method testUnknownCall.
@Test
public void testUnknownCall() {
Configuration conf = new Configuration();
conf.set(YarnConfiguration.IPC_RPC_IMPL, HadoopYarnProtoRPC.class.getName());
YarnRPC rpc = YarnRPC.create(conf);
String bindAddr = "localhost:0";
InetSocketAddress addr = NetUtils.createSocketAddr(bindAddr);
Server server = rpc.getServer(ContainerManagementProtocol.class, new DummyContainerManager(), addr, conf, null, 1);
server.start();
// Any unrelated protocol would do
ApplicationClientProtocol proxy = (ApplicationClientProtocol) rpc.getProxy(ApplicationClientProtocol.class, NetUtils.getConnectAddress(server), conf);
try {
proxy.getNewApplication(Records.newRecord(GetNewApplicationRequest.class));
Assert.fail("Excepted RPC call to fail with unknown method.");
} catch (YarnException e) {
Assert.assertTrue(e.getMessage().matches("Unknown method getNewApplication called on.*" + "org.apache.hadoop.yarn.proto.ApplicationClientProtocol" + "\\$ApplicationClientProtocolService\\$BlockingInterface " + "protocol."));
} catch (Exception e) {
e.printStackTrace();
} finally {
server.stop();
}
}
Also used :
Configuration(org.apache.hadoop.conf.Configuration)
YarnConfiguration(org.apache.hadoop.yarn.conf.YarnConfiguration)
Server(org.apache.hadoop.ipc.Server)
InetSocketAddress(java.net.InetSocketAddress)
YarnRPC(org.apache.hadoop.yarn.ipc.YarnRPC)
HadoopYarnProtoRPC(org.apache.hadoop.yarn.ipc.HadoopYarnProtoRPC)
ApplicationClientProtocol(org.apache.hadoop.yarn.api.ApplicationClientProtocol)
YarnException(org.apache.hadoop.yarn.exceptions.YarnException)
YarnException(org.apache.hadoop.yarn.exceptions.YarnException)
IOException(java.io.IOException)
GetNewApplicationRequest(org.apache.hadoop.yarn.api.protocolrecords.GetNewApplicationRequest)
Test(org.junit.Test)
Aggregations
YarnRPC (org.apache.hadoop.yarn.ipc.YarnRPC)54
Configuration (org.apache.hadoop.conf.Configuration)39
YarnConfiguration (org.apache.hadoop.yarn.conf.YarnConfiguration)38
InetSocketAddress (java.net.InetSocketAddress)34
Test (org.junit.Test)18
UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)14
IOException (java.io.IOException)13
ApplicationAttemptId (org.apache.hadoop.yarn.api.records.ApplicationAttemptId)12
NodeId (org.apache.hadoop.yarn.api.records.NodeId)12
ApplicationClientProtocol (org.apache.hadoop.yarn.api.ApplicationClientProtocol)8
ContainerManagementProtocol (org.apache.hadoop.yarn.api.ContainerManagementProtocol)8
ContainerId (org.apache.hadoop.yarn.api.records.ContainerId)8
HashMap (java.util.HashMap)7
Server (org.apache.hadoop.ipc.Server)7
MRClientProtocol (org.apache.hadoop.mapreduce.v2.api.MRClientProtocol)7
ApplicationMasterProtocol (org.apache.hadoop.yarn.api.ApplicationMasterProtocol)7
RegisterApplicationMasterRequest (org.apache.hadoop.yarn.api.protocolrecords.RegisterApplicationMasterRequest)7
YarnException (org.apache.hadoop.yarn.exceptions.YarnException)7
RMApp (org.apache.hadoop.yarn.server.resourcemanager.rmapp.RMApp)7
RMAppAttempt (org.apache.hadoop.yarn.server.resourcemanager.rmapp.attempt.RMAppAttempt)7
