Examples with ApplicationACLsManager org.apache.hadoop.yarn.server.security.ApplicationACLsManager used on opensource projects

Example 11 with ApplicationACLsManager

use of org.apache.hadoop.yarn.server.security.ApplicationACLsManager in project hadoop by apache.

the class RMWebServices method dumpSchedulerLogs.

@POST
@Path("/scheduler/logs")
@Produces({ MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, MediaType.APPLICATION_XML + "; " + JettyUtils.UTF_8 })
public String dumpSchedulerLogs(@FormParam("time") String time, @Context HttpServletRequest hsr) throws IOException {
    init();
    UserGroupInformation callerUGI = getCallerUserGroupInformation(hsr, true);
    ApplicationACLsManager aclsManager = rm.getApplicationACLsManager();
    if (aclsManager.areACLsEnabled()) {
        if (callerUGI == null || !aclsManager.isAdmin(callerUGI)) {
            String msg = "Only admins can carry out this operation.";
            throw new ForbiddenException(msg);
        }
    }
    ResourceScheduler rs = rm.getResourceScheduler();
    int period = Integer.parseInt(time);
    if (period <= 0) {
        throw new BadRequestException("Period must be greater than 0");
    }
    final String logHierarchy = "org.apache.hadoop.yarn.server.resourcemanager.scheduler";
    String logfile = "yarn-scheduler-debug.log";
    if (rs instanceof CapacityScheduler) {
        logfile = "yarn-capacity-scheduler-debug.log";
    } else if (rs instanceof FairScheduler) {
        logfile = "yarn-fair-scheduler-debug.log";
    }
    AdHocLogDumper dumper = new AdHocLogDumper(logHierarchy, logfile);
    // time period is sent to us in seconds
    dumper.dumpLogs("DEBUG", period * 1000);
    return "Capacity scheduler logs are being created.";
}

Example 12 with ApplicationACLsManager

use of org.apache.hadoop.yarn.server.security.ApplicationACLsManager in project hadoop by apache.

the class TestApplicationHistoryClientService method testApplications.

@Test
public void testApplications() throws IOException, YarnException {
    ApplicationId appId = null;
    appId = ApplicationId.newInstance(0, 1);
    ApplicationId appId1 = ApplicationId.newInstance(0, 2);
    GetApplicationsRequest request = GetApplicationsRequest.newInstance();
    GetApplicationsResponse response = clientService.getApplications(request);
    List<ApplicationReport> appReport = response.getApplicationList();
    Assert.assertNotNull(appReport);
    Assert.assertEquals(appId, appReport.get(1).getApplicationId());
    Assert.assertEquals(appId1, appReport.get(0).getApplicationId());
    // Create a historyManager, and set the max_apps can be loaded
    // as 1.
    Configuration conf = new YarnConfiguration();
    conf.setLong(YarnConfiguration.APPLICATION_HISTORY_MAX_APPS, 1);
    ApplicationHistoryManagerOnTimelineStore historyManager2 = new ApplicationHistoryManagerOnTimelineStore(dataManager, new ApplicationACLsManager(conf));
    historyManager2.init(conf);
    historyManager2.start();
    @SuppressWarnings("resource") ApplicationHistoryClientService clientService2 = new ApplicationHistoryClientService(historyManager2);
    response = clientService2.getApplications(request);
    appReport = response.getApplicationList();
    Assert.assertNotNull(appReport);
    Assert.assertTrue(appReport.size() == 1);
    // Expected to get the appReport for application with appId1
    Assert.assertEquals(appId1, appReport.get(0).getApplicationId());
}

Example 13 with ApplicationACLsManager

use of org.apache.hadoop.yarn.server.security.ApplicationACLsManager in project hadoop by apache.

the class TestApplicationHistoryManagerOnTimelineStore method setup.

@Before
public void setup() throws Exception {
    // Only test the ACLs of the generic history
    TimelineACLsManager aclsManager = new TimelineACLsManager(new YarnConfiguration());
    aclsManager.setTimelineStore(store);
    TimelineDataManager dataManager = new TimelineDataManager(store, aclsManager);
    dataManager.init(conf);
    ApplicationACLsManager appAclsManager = new ApplicationACLsManager(conf);
    historyManager = new ApplicationHistoryManagerOnTimelineStore(dataManager, appAclsManager);
    historyManager.init(conf);
    historyManager.start();
}

Example 14 with ApplicationACLsManager

use of org.apache.hadoop.yarn.server.security.ApplicationACLsManager in project hadoop by apache.

the class TestAHSWebServices method setupClass.

@BeforeClass
public static void setupClass() throws Exception {
    conf = new YarnConfiguration();
    TimelineStore store = TestApplicationHistoryManagerOnTimelineStore.createStore(MAX_APPS);
    TimelineACLsManager aclsManager = new TimelineACLsManager(conf);
    aclsManager.setTimelineStore(store);
    TimelineDataManager dataManager = new TimelineDataManager(store, aclsManager);
    conf.setBoolean(YarnConfiguration.YARN_ACL_ENABLE, true);
    conf.set(YarnConfiguration.YARN_ADMIN_ACL, "foo");
    conf.setBoolean(YarnConfiguration.LOG_AGGREGATION_ENABLED, true);
    conf.set(YarnConfiguration.NM_REMOTE_APP_LOG_DIR, remoteLogRootDir);
    dataManager.init(conf);
    ApplicationACLsManager appAclsManager = new ApplicationACLsManager(conf);
    ApplicationHistoryManagerOnTimelineStore historyManager = new ApplicationHistoryManagerOnTimelineStore(dataManager, appAclsManager);
    historyManager.init(conf);
    historyClientService = new ApplicationHistoryClientService(historyManager) {

        @Override
        protected void serviceStart() throws Exception {
        // Do Nothing
        }
    };
    historyClientService.init(conf);
    historyClientService.start();
    ahsWebservice = new AHSWebServices(historyClientService, conf) {

        @Override
        public String getNMWebAddressFromRM(Configuration configuration, String nodeId) throws ClientHandlerException, UniformInterfaceException, JSONException {
            if (nodeId.equals(NM_ID)) {
                return NM_WEBADDRESS;
            }
            return null;
        }
    };
    fs = FileSystem.get(conf);
    GuiceServletConfig.setInjector(Guice.createInjector(new WebServletModule()));
}

Example 15 with ApplicationACLsManager

use of org.apache.hadoop.yarn.server.security.ApplicationACLsManager in project hadoop by apache.

the class TestContainerManagerRecovery method createContext.

private NMContext createContext(Configuration conf, NMStateStoreService stateStore) {
    NMContext context = new NMContext(new NMContainerTokenSecretManager(conf), new NMTokenSecretManagerInNM(), null, new ApplicationACLsManager(conf), stateStore, false, conf) {

        public int getHttpPort() {
            return HTTP_PORT;
        }
    };
    // simulate registration with RM
    MasterKey masterKey = new MasterKeyPBImpl();
    masterKey.setKeyId(123);
    masterKey.setBytes(ByteBuffer.wrap(new byte[] { new Integer(123).byteValue() }));
    context.getContainerTokenSecretManager().setMasterKey(masterKey);
    context.getNMTokenSecretManager().setMasterKey(masterKey);
    return context;
}