/** * Returns the minimum update interval for the delegation tokens. * @return The update interval in milliseconds. */ public long getUpdateInterval() { if (updateInterval == null) { // we want to lazily call this (as opposed to in the constructor), because sometimes we use an instance of // TokenSecureStoreRenewer without scheduling updates. For instance, when launching a program or from // ImpersonationHandler. updateInterval = calculateUpdateInterval(); } return updateInterval; }
@Override public Credentials call() throws Exception { return tokenSecureStoreRenewer.createCredentials(); } });
Configuration hiveConf = getHiveConf(); if (hiveConf != null) { renewalTimes.add(hiveConf.getLong("hive.cluster.delegation.token.renew-interval",
secureStoreRenewer.getUpdateInterval(), 30000L, TimeUnit.MILLISECONDS);
Configuration hiveConf = getHiveConf(); if (hiveConf != null) { renewalTimes.add(hiveConf.getLong("hive.cluster.delegation.token.renew-interval",
/** * Returns the minimum update interval for the delegation tokens. * @return The update interval in milliseconds. */ public long getUpdateInterval() { if (updateInterval == null) { // we want to lazily call this (as opposed to in the constructor), because sometimes we use an instance of // TokenSecureStoreRenewer without scheduling updates. For instance, when launching a program or from // ImpersonationHandler. updateInterval = calculateUpdateInterval(); } return updateInterval; }
@Override public Credentials call() throws Exception { return tokenSecureStoreRenewer.createCredentials(); } });
private long calculateUpdateInterval() { return calculateUpdateInterval(yarnConf, secureExplore); }
@Override public void renew(String application, RunId runId, SecureStoreWriter secureStoreWriter) throws IOException { Credentials credentials = createCredentials(); UserGroupInformation currentUser = null; try { currentUser = UserGroupInformation.getCurrentUser(); } catch (IOException e) { // this shouldn't happen LOG.debug("Cannot determine current user", e); } LOG.debug("Updating credentials for application {}, run {}, tokens {}, with current user {}", application, runId, credentials.getAllTokens(), currentUser); secureStoreWriter.write(YarnSecureStore.create(credentials)); }
private long calculateUpdateInterval() { return calculateUpdateInterval(yarnConf, secureExplore); }
@Override public void renew(String application, RunId runId, SecureStoreWriter secureStoreWriter) throws IOException { Credentials credentials = createCredentials(); UserGroupInformation currentUser = null; try { currentUser = UserGroupInformation.getCurrentUser(); } catch (IOException e) { // this shouldn't happen LOG.debug("Cannot determine current user", e); } LOG.debug("Updating credentials for application {}, run {}, tokens {}, with current user {}", application, runId, credentials.getAllTokens(), currentUser); secureStoreWriter.write(YarnSecureStore.create(credentials)); }
/** * Calculates the secure token update interval based on the given configurations. * * @param cConf the CDAP configuration * @param hConf the YARN configuration * @return time in millisecond that the secure token should be updated */ public static long calculateUpdateInterval(CConfiguration cConf, Configuration hConf) { boolean secureExplore = cConf.getBoolean(Constants.Explore.EXPLORE_ENABLED) && UserGroupInformation.isSecurityEnabled(); return calculateUpdateInterval(hConf, secureExplore); }
@Override public TwillController start(final long timeout, final TimeUnit timeoutUnit) { try { return impersonator.doAs(programId, () -> { // Add secure tokens if (User.isHBaseSecurityEnabled(hConf) || UserGroupInformation.isSecurityEnabled()) { addSecureStore(YarnSecureStore.create(secureStoreRenewer.createCredentials())); } return new ImpersonatedTwillController(delegate.start(timeout, timeoutUnit), impersonator, programId); }); } catch (Exception e) { throw Throwables.propagate(e); } } }
/** * Calculates the secure token update interval based on the given configurations. * * @param cConf the CDAP configuration * @param hConf the YARN configuration * @return time in millisecond that the secure token should be updated */ public static long calculateUpdateInterval(CConfiguration cConf, Configuration hConf) { boolean secureExplore = cConf.getBoolean(Constants.Explore.EXPLORE_ENABLED) && UserGroupInformation.isSecurityEnabled(); return calculateUpdateInterval(hConf, secureExplore); }
@Override public TwillController start(final long timeout, final TimeUnit timeoutUnit) { try { return impersonator.doAs(programId, () -> { // Add secure tokens if (User.isHBaseSecurityEnabled(hConf) || UserGroupInformation.isSecurityEnabled()) { addSecureStore(YarnSecureStore.create(secureStoreRenewer.createCredentials())); } return new ImpersonatedTwillController(delegate.start(timeout, timeoutUnit), impersonator, programId); }); } catch (Exception e) { throw Throwables.propagate(e); } } }
long interval = (long) ((TokenSecureStoreRenewer.calculateUpdateInterval(cConf, hConf) + 5000) / 0.8); launchConfig.addExtraSystemArgument(SparkRuntimeContextConfig.CREDENTIALS_UPDATE_INTERVAL_MS, Long.toString(interval));
preparer.addSecureStore(YarnSecureStore.create(secureStoreRenewer.createCredentials()));
long interval = (long) ((TokenSecureStoreRenewer.calculateUpdateInterval(cConf, hConf) + 5000) / 0.8); launchConfig.addExtraSystemArgument(SparkRuntimeContextConfig.CREDENTIALS_UPDATE_INTERVAL_MS, Long.toString(interval));
long interval = (long) ((TokenSecureStoreRenewer.calculateUpdateInterval(cConf, hConf) + 5000) / 0.8); launchConfig.addExtraSystemArgument(SparkRuntimeContextConfig.CREDENTIALS_UPDATE_INTERVAL_MS, Long.toString(interval));