Search in sources :

Example 1 with AMRMTokenSecretManagerState

use of org.apache.hadoop.yarn.server.resourcemanager.recovery.records.AMRMTokenSecretManagerState in project hadoop by apache.

the class AMRMTokenSecretManager method rollMasterKey.

@Private
void rollMasterKey() {
    this.writeLock.lock();
    try {
        LOG.info("Rolling master-key for amrm-tokens");
        this.nextMasterKey = createNewMasterKey();
        AMRMTokenSecretManagerState state = AMRMTokenSecretManagerState.newInstance(this.currentMasterKey.getMasterKey(), this.nextMasterKey.getMasterKey());
        rmContext.getStateStore().storeOrUpdateAMRMTokenSecretManager(state, true);
        this.timer.schedule(new NextKeyActivator(), this.activationDelay);
    } finally {
        this.writeLock.unlock();
    }
}
Also used : AMRMTokenSecretManagerState(org.apache.hadoop.yarn.server.resourcemanager.recovery.records.AMRMTokenSecretManagerState) Private(org.apache.hadoop.classification.InterfaceAudience.Private)

Example 2 with AMRMTokenSecretManagerState

use of org.apache.hadoop.yarn.server.resourcemanager.recovery.records.AMRMTokenSecretManagerState in project hadoop by apache.

the class AMRMTokenSecretManager method activateNextMasterKey.

public void activateNextMasterKey() {
    this.writeLock.lock();
    try {
        LOG.info("Activating next master key with id: " + this.nextMasterKey.getMasterKey().getKeyId());
        this.currentMasterKey = this.nextMasterKey;
        this.nextMasterKey = null;
        AMRMTokenSecretManagerState state = AMRMTokenSecretManagerState.newInstance(this.currentMasterKey.getMasterKey(), null);
        rmContext.getStateStore().storeOrUpdateAMRMTokenSecretManager(state, true);
    } finally {
        this.writeLock.unlock();
    }
}
Also used : AMRMTokenSecretManagerState(org.apache.hadoop.yarn.server.resourcemanager.recovery.records.AMRMTokenSecretManagerState)

Example 3 with AMRMTokenSecretManagerState

use of org.apache.hadoop.yarn.server.resourcemanager.recovery.records.AMRMTokenSecretManagerState in project hadoop by apache.

the class ZKRMStateStore method storeOrUpdateAMRMTokenSecretManagerState.

@Override
protected synchronized void storeOrUpdateAMRMTokenSecretManagerState(AMRMTokenSecretManagerState amrmTokenSecretManagerState, boolean isUpdate) throws Exception {
    AMRMTokenSecretManagerState data = AMRMTokenSecretManagerState.newInstance(amrmTokenSecretManagerState);
    byte[] stateData = data.getProto().toByteArray();
    safeSetData(amrmTokenSecretManagerRoot, stateData, -1);
}
Also used : AMRMTokenSecretManagerState(org.apache.hadoop.yarn.server.resourcemanager.recovery.records.AMRMTokenSecretManagerState)

Example 4 with AMRMTokenSecretManagerState

use of org.apache.hadoop.yarn.server.resourcemanager.recovery.records.AMRMTokenSecretManagerState in project hadoop by apache.

the class AMRMTokenSecretManager method start.

public void start() {
    if (this.currentMasterKey == null) {
        this.currentMasterKey = createNewMasterKey();
        AMRMTokenSecretManagerState state = AMRMTokenSecretManagerState.newInstance(this.currentMasterKey.getMasterKey(), null);
        rmContext.getStateStore().storeOrUpdateAMRMTokenSecretManager(state, false);
    }
    this.timer.scheduleAtFixedRate(new MasterKeyRoller(), rollingInterval, rollingInterval);
}
Also used : AMRMTokenSecretManagerState(org.apache.hadoop.yarn.server.resourcemanager.recovery.records.AMRMTokenSecretManagerState)

Example 5 with AMRMTokenSecretManagerState

use of org.apache.hadoop.yarn.server.resourcemanager.recovery.records.AMRMTokenSecretManagerState in project hadoop by apache.

the class RMStateStoreTestBase method testAMRMTokenSecretManagerStateStore.

public void testAMRMTokenSecretManagerStateStore(RMStateStoreHelper stateStoreHelper) throws Exception {
    System.out.println("Start testing");
    RMStateStore store = stateStoreHelper.getRMStateStore();
    TestDispatcher dispatcher = new TestDispatcher();
    store.setRMDispatcher(dispatcher);
    RMContext rmContext = mock(RMContext.class);
    when(rmContext.getStateStore()).thenReturn(store);
    Configuration conf = new YarnConfiguration();
    AMRMTokenSecretManager appTokenMgr = new AMRMTokenSecretManager(conf, rmContext);
    //create and save the first masterkey
    MasterKeyData firstMasterKeyData = appTokenMgr.createNewMasterKey();
    AMRMTokenSecretManagerState state1 = AMRMTokenSecretManagerState.newInstance(firstMasterKeyData.getMasterKey(), null);
    rmContext.getStateStore().storeOrUpdateAMRMTokenSecretManager(state1, false);
    // load state
    store = stateStoreHelper.getRMStateStore();
    when(rmContext.getStateStore()).thenReturn(store);
    store.setRMDispatcher(dispatcher);
    RMState state = store.loadState();
    Assert.assertNotNull(state.getAMRMTokenSecretManagerState());
    Assert.assertEquals(firstMasterKeyData.getMasterKey(), state.getAMRMTokenSecretManagerState().getCurrentMasterKey());
    Assert.assertNull(state.getAMRMTokenSecretManagerState().getNextMasterKey());
    //create and save the second masterkey
    MasterKeyData secondMasterKeyData = appTokenMgr.createNewMasterKey();
    AMRMTokenSecretManagerState state2 = AMRMTokenSecretManagerState.newInstance(firstMasterKeyData.getMasterKey(), secondMasterKeyData.getMasterKey());
    rmContext.getStateStore().storeOrUpdateAMRMTokenSecretManager(state2, true);
    // load state
    store = stateStoreHelper.getRMStateStore();
    when(rmContext.getStateStore()).thenReturn(store);
    store.setRMDispatcher(dispatcher);
    RMState state_2 = store.loadState();
    Assert.assertNotNull(state_2.getAMRMTokenSecretManagerState());
    Assert.assertEquals(firstMasterKeyData.getMasterKey(), state_2.getAMRMTokenSecretManagerState().getCurrentMasterKey());
    Assert.assertEquals(secondMasterKeyData.getMasterKey(), state_2.getAMRMTokenSecretManagerState().getNextMasterKey());
    // re-create the masterKeyData based on the recovered masterkey
    // should have the same secretKey
    appTokenMgr.recover(state_2);
    Assert.assertEquals(appTokenMgr.getCurrnetMasterKeyData().getSecretKey(), firstMasterKeyData.getSecretKey());
    Assert.assertEquals(appTokenMgr.getNextMasterKeyData().getSecretKey(), secondMasterKeyData.getSecretKey());
    store.close();
}
Also used : RMContext(org.apache.hadoop.yarn.server.resourcemanager.RMContext) AMRMTokenSecretManagerState(org.apache.hadoop.yarn.server.resourcemanager.recovery.records.AMRMTokenSecretManagerState) Configuration(org.apache.hadoop.conf.Configuration) YarnConfiguration(org.apache.hadoop.yarn.conf.YarnConfiguration) YarnConfiguration(org.apache.hadoop.yarn.conf.YarnConfiguration) AMRMTokenSecretManager(org.apache.hadoop.yarn.server.resourcemanager.security.AMRMTokenSecretManager) RMState(org.apache.hadoop.yarn.server.resourcemanager.recovery.RMStateStore.RMState) MasterKeyData(org.apache.hadoop.yarn.server.security.MasterKeyData)

Aggregations

AMRMTokenSecretManagerState (org.apache.hadoop.yarn.server.resourcemanager.recovery.records.AMRMTokenSecretManagerState)7 Private (org.apache.hadoop.classification.InterfaceAudience.Private)1 Configuration (org.apache.hadoop.conf.Configuration)1 Path (org.apache.hadoop.fs.Path)1 YarnConfiguration (org.apache.hadoop.yarn.conf.YarnConfiguration)1 RMContext (org.apache.hadoop.yarn.server.resourcemanager.RMContext)1 RMState (org.apache.hadoop.yarn.server.resourcemanager.recovery.RMStateStore.RMState)1 AMRMTokenSecretManager (org.apache.hadoop.yarn.server.resourcemanager.security.AMRMTokenSecretManager)1 MasterKeyData (org.apache.hadoop.yarn.server.security.MasterKeyData)1