Examples with AppPriorityACLsManager org.apache.hadoop.yarn.server.resourcemanager.security.AppPriorityACLsManager used on opensource projects

Search in sources :

Example 1 with AppPriorityACLsManager

use of org.apache.hadoop.yarn.server.resourcemanager.security.AppPriorityACLsManager in project hadoop by apache.

the class TestParentQueue method testQueueAcl.

@Test
public void testQueueAcl() throws Exception {
    setupMultiLevelQueues(csConf);
    csConf.setAcl(CapacitySchedulerConfiguration.ROOT, QueueACL.SUBMIT_APPLICATIONS, " ");
    csConf.setAcl(CapacitySchedulerConfiguration.ROOT, QueueACL.ADMINISTER_QUEUE, " ");
    final String Q_C = CapacitySchedulerConfiguration.ROOT + "." + C;
    csConf.setAcl(Q_C, QueueACL.ADMINISTER_QUEUE, "*");
    final String Q_C11 = Q_C + "." + C1 + "." + C11;
    csConf.setAcl(Q_C11, QueueACL.SUBMIT_APPLICATIONS, "*");
    Map<String, CSQueue> queues = new HashMap<String, CSQueue>();
    CSQueue root = CapacitySchedulerQueueManager.parseQueue(csContext, csConf, null, CapacitySchedulerConfiguration.ROOT, queues, queues, TestUtils.spyHook);
    YarnAuthorizationProvider authorizer = YarnAuthorizationProvider.getInstance(conf);
    AppPriorityACLsManager appPriorityACLManager = new AppPriorityACLsManager(conf);
    CapacitySchedulerQueueManager.setQueueAcls(authorizer, appPriorityACLManager, queues);
    UserGroupInformation user = UserGroupInformation.getCurrentUser();
    // Setup queue configs
    ParentQueue c = (ParentQueue) queues.get(C);
    ParentQueue c1 = (ParentQueue) queues.get(C1);
    ParentQueue c11 = (ParentQueue) queues.get(C11);
    ParentQueue c111 = (ParentQueue) queues.get(C111);
    assertFalse(root.hasAccess(QueueACL.ADMINISTER_QUEUE, user));
    List<QueueUserACLInfo> aclInfos = root.getQueueUserAclInfo(user);
    assertFalse(hasQueueACL(aclInfos, QueueACL.ADMINISTER_QUEUE, "root"));
    assertFalse(root.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
    assertFalse(hasQueueACL(aclInfos, QueueACL.SUBMIT_APPLICATIONS, "root"));
    // c has no SA, but QA
    assertTrue(c.hasAccess(QueueACL.ADMINISTER_QUEUE, user));
    assertTrue(hasQueueACL(aclInfos, QueueACL.ADMINISTER_QUEUE, "c"));
    assertFalse(c.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
    assertFalse(hasQueueACL(aclInfos, QueueACL.SUBMIT_APPLICATIONS, "c"));
    //Queue c1 has QA, no SA (gotten perm from parent)
    assertTrue(c1.hasAccess(QueueACL.ADMINISTER_QUEUE, user));
    assertTrue(hasQueueACL(aclInfos, QueueACL.ADMINISTER_QUEUE, "c1"));
    assertFalse(c1.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
    assertFalse(hasQueueACL(aclInfos, QueueACL.SUBMIT_APPLICATIONS, "c1"));
    //Queue c11 has permissions from parent queue and SA
    assertTrue(c11.hasAccess(QueueACL.ADMINISTER_QUEUE, user));
    assertTrue(hasQueueACL(aclInfos, QueueACL.ADMINISTER_QUEUE, "c11"));
    assertTrue(c11.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
    assertTrue(hasQueueACL(aclInfos, QueueACL.SUBMIT_APPLICATIONS, "c11"));
    //Queue c111 has SA and AQ, both from parent
    assertTrue(c111.hasAccess(QueueACL.ADMINISTER_QUEUE, user));
    assertTrue(hasQueueACL(aclInfos, QueueACL.ADMINISTER_QUEUE, "c111"));
    assertTrue(c111.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
    assertTrue(hasQueueACL(aclInfos, QueueACL.SUBMIT_APPLICATIONS, "c111"));
    reset(c);
}
Also used : HashMap(java.util.HashMap) YarnAuthorizationProvider(org.apache.hadoop.yarn.security.YarnAuthorizationProvider) QueueUserACLInfo(org.apache.hadoop.yarn.api.records.QueueUserACLInfo) AppPriorityACLsManager(org.apache.hadoop.yarn.server.resourcemanager.security.AppPriorityACLsManager) UserGroupInformation(org.apache.hadoop.security.UserGroupInformation) Test(org.junit.Test)

Example 2 with AppPriorityACLsManager

use of org.apache.hadoop.yarn.server.resourcemanager.security.AppPriorityACLsManager in project hadoop by apache.

the class CapacityScheduler method initScheduler.

@VisibleForTesting
void initScheduler(Configuration configuration) throws IOException {
    try {
        writeLock.lock();
        this.conf = loadCapacitySchedulerConfiguration(configuration);
        validateConf(this.conf);
        this.minimumAllocation = this.conf.getMinimumAllocation();
        initMaximumResourceCapability(this.conf.getMaximumAllocation());
        this.calculator = this.conf.getResourceCalculator();
        this.usePortForNodeName = this.conf.getUsePortForNodeName();
        this.applications = new ConcurrentHashMap<>();
        this.labelManager = rmContext.getNodeLabelManager();
        this.appPriorityACLManager = new AppPriorityACLsManager(conf);
        this.queueManager = new CapacitySchedulerQueueManager(yarnConf, this.labelManager, this.appPriorityACLManager);
        this.queueManager.setCapacitySchedulerContext(this);
        this.activitiesManager = new ActivitiesManager(rmContext);
        activitiesManager.init(conf);
        initializeQueues(this.conf);
        this.isLazyPreemptionEnabled = conf.getLazyPreemptionEnabled();
        scheduleAsynchronously = this.conf.getScheduleAynschronously();
        asyncScheduleInterval = this.conf.getLong(ASYNC_SCHEDULER_INTERVAL, DEFAULT_ASYNC_SCHEDULER_INTERVAL);
        // number of threads for async scheduling
        int maxAsyncSchedulingThreads = this.conf.getInt(CapacitySchedulerConfiguration.SCHEDULE_ASYNCHRONOUSLY_MAXIMUM_THREAD, 1);
        maxAsyncSchedulingThreads = Math.max(maxAsyncSchedulingThreads, 1);
        if (scheduleAsynchronously) {
            asyncSchedulerThreads = new ArrayList<>();
            for (int i = 0; i < maxAsyncSchedulingThreads; i++) {
                asyncSchedulerThreads.add(new AsyncScheduleThread(this));
            }
            resourceCommitterService = new ResourceCommitterService(this);
        }
        // Setup how many containers we can allocate for each round
        offswitchPerHeartbeatLimit = this.conf.getOffSwitchPerHeartbeatLimit();
        LOG.info("Initialized CapacityScheduler with " + "calculator=" + getResourceCalculator().getClass() + ", " + "minimumAllocation=<" + getMinimumResourceCapability() + ">, " + "maximumAllocation=<" + getMaximumResourceCapability() + ">, " + "asynchronousScheduling=" + scheduleAsynchronously + ", " + "asyncScheduleInterval=" + asyncScheduleInterval + "ms");
    } finally {
        writeLock.unlock();
    }
}
Also used : ActivitiesManager(org.apache.hadoop.yarn.server.resourcemanager.scheduler.activities.ActivitiesManager) AppPriorityACLsManager(org.apache.hadoop.yarn.server.resourcemanager.security.AppPriorityACLsManager) VisibleForTesting(com.google.common.annotations.VisibleForTesting)

Aggregations

AppPriorityACLsManager (org.apache.hadoop.yarn.server.resourcemanager.security.AppPriorityACLsManager)2 VisibleForTesting (com.google.common.annotations.VisibleForTesting)1 HashMap (java.util.HashMap)1 UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)1 QueueUserACLInfo (org.apache.hadoop.yarn.api.records.QueueUserACLInfo)1 YarnAuthorizationProvider (org.apache.hadoop.yarn.security.YarnAuthorizationProvider)1 ActivitiesManager (org.apache.hadoop.yarn.server.resourcemanager.scheduler.activities.ActivitiesManager)1 Test (org.junit.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial