@Override public void transition(RMAppAttemptImpl appAttempt, RMAppAttemptEvent event) { // create AMRMToken appAttempt.amrmToken = appAttempt.rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken( appAttempt.applicationAttemptId); appAttempt.registerClientToken(); super.transition(appAttempt, event); } }
@Override public void transition(RMAppAttemptImpl appAttempt, RMAppAttemptEvent event) { // create AMRMToken appAttempt.amrmToken = appAttempt.rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken( appAttempt.applicationAttemptId); appAttempt.registerClientToken(); super.transition(appAttempt, event); } }
@Override public void transition(RMAppAttemptImpl appAttempt, RMAppAttemptEvent event) { // create AMRMToken appAttempt.amrmToken = appAttempt.rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken( appAttempt.applicationAttemptId); super.transition(appAttempt, event); } }
@VisibleForTesting protected Token<AMRMTokenIdentifier> createAndSetAMRMToken() { Token<AMRMTokenIdentifier> amrmToken = this.rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken( application.getAppAttemptId()); ((RMAppAttemptImpl)application).setAMRMToken(amrmToken); return amrmToken; }
@VisibleForTesting protected Token<AMRMTokenIdentifier> createAndSetAMRMToken() { Token<AMRMTokenIdentifier> amrmToken = this.rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken( application.getAppAttemptId()); ((RMAppAttemptImpl)application).setAMRMToken(amrmToken); return amrmToken; }
@VisibleForTesting protected Token<AMRMTokenIdentifier> createAndSetAMRMToken() { Token<AMRMTokenIdentifier> amrmToken = this.rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken( application.getAppAttemptId()); ((RMAppAttemptImpl)application).setAMRMToken(amrmToken); return amrmToken; }
private void removeCredentials(RMAppAttemptImpl appAttempt) { // Unregister from the ClientToAMTokenSecretManager if (UserGroupInformation.isSecurityEnabled()) { appAttempt.rmContext.getClientToAMTokenSecretManager() .unRegisterApplication(appAttempt.getAppAttemptId()); } // Remove the AppAttempt from the AMRMTokenSecretManager appAttempt.rmContext.getAMRMTokenSecretManager() .applicationMasterFinished(appAttempt.getAppAttemptId()); }
private void removeCredentials(RMAppAttemptImpl appAttempt) { // Unregister from the ClientToAMTokenSecretManager if (UserGroupInformation.isSecurityEnabled()) { appAttempt.rmContext.getClientToAMTokenSecretManager() .unRegisterApplication(appAttempt.getAppAttemptId()); } // Remove the AppAttempt from the AMRMTokenSecretManager appAttempt.rmContext.getAMRMTokenSecretManager() .applicationMasterFinished(appAttempt.getAppAttemptId()); }
private void removeCredentials(RMAppAttemptImpl appAttempt) { // Unregister from the ClientToAMTokenSecretManager if (UserGroupInformation.isSecurityEnabled()) { appAttempt.rmContext.getClientToAMTokenSecretManager() .unRegisterApplication(appAttempt.getAppAttemptId()); } // Remove the AppAttempt from the AMRMTokenSecretManager appAttempt.rmContext.getAMRMTokenSecretManager() .applicationMasterFinished(appAttempt.getAppAttemptId()); }
private void recoverAppAttemptCredentials(Credentials appAttemptTokens, RMAppAttemptState state) { if (appAttemptTokens == null || state == RMAppAttemptState.FAILED || state == RMAppAttemptState.FINISHED || state == RMAppAttemptState.KILLED) { return; } if (UserGroupInformation.isSecurityEnabled()) { byte[] clientTokenMasterKeyBytes = appAttemptTokens.getSecretKey( RMStateStore.AM_CLIENT_TOKEN_MASTER_KEY_NAME); if (clientTokenMasterKeyBytes != null) { clientTokenMasterKey = rmContext.getClientToAMTokenSecretManager() .registerMasterKey(applicationAttemptId, clientTokenMasterKeyBytes); } } setAMRMToken(rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken( applicationAttemptId)); }
private void recoverAppAttemptCredentials(Credentials appAttemptTokens, RMAppAttemptState state) { if (appAttemptTokens == null || state == RMAppAttemptState.FAILED || state == RMAppAttemptState.FINISHED || state == RMAppAttemptState.KILLED) { return; } if (UserGroupInformation.isSecurityEnabled()) { byte[] clientTokenMasterKeyBytes = appAttemptTokens.getSecretKey( RMStateStore.AM_CLIENT_TOKEN_MASTER_KEY_NAME); if (clientTokenMasterKeyBytes != null) { clientTokenMasterKey = rmContext.getClientToAMTokenSecretManager() .registerMasterKey(applicationAttemptId, clientTokenMasterKeyBytes); } } setAMRMToken(rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken( applicationAttemptId)); }
this.server = rpc.getServer(ApplicationMasterProtocol.class, this, masterServiceAddress, serverConf, this.rmContext.getAMRMTokenSecretManager(), serverConf.getInt(YarnConfiguration.RM_SCHEDULER_CLIENT_THREAD_COUNT, YarnConfiguration.DEFAULT_RM_SCHEDULER_CLIENT_THREAD_COUNT));
private void recoverAppAttemptCredentials(Credentials appAttemptTokens, RMAppAttemptState state) { if (appAttemptTokens == null || state == RMAppAttemptState.FAILED || state == RMAppAttemptState.FINISHED || state == RMAppAttemptState.KILLED) { return; } if (UserGroupInformation.isSecurityEnabled()) { byte[] clientTokenMasterKeyBytes = appAttemptTokens.getSecretKey( RMStateStore.AM_CLIENT_TOKEN_MASTER_KEY_NAME); if (clientTokenMasterKeyBytes != null) { clientTokenMasterKey = rmContext.getClientToAMTokenSecretManager() .registerMasterKey(applicationAttemptId, clientTokenMasterKeyBytes); } } setAMRMToken(rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken( applicationAttemptId)); }
this.server = rpc.getServer(ApplicationMasterProtocol.class, this, masterServiceAddress, serverConf, this.rmContext.getAMRMTokenSecretManager(), serverConf.getInt(YarnConfiguration.RM_SCHEDULER_CLIENT_THREAD_COUNT, YarnConfiguration.DEFAULT_RM_SCHEDULER_CLIENT_THREAD_COUNT));
SaslRpcServer.AuthMethod.TOKEN.toString()); this.server = getServer(rpc, serverConf, masterServiceAddress, this.rmContext.getAMRMTokenSecretManager());
this.rmContext.getAMRMTokenSecretManager().getNextMasterKeyData(); LOG.info("The AMRMToken has been rolled-over. Send new AMRMToken back" + " to application: " + appAttemptId.getApplicationId()); amrmToken = rmContext.getAMRMTokenSecretManager() .createAndGetAMRMToken(appAttemptId); appAttemptImpl.setAMRMToken(amrmToken);
rm.getRMContext().getAMRMTokenSecretManager().rollMasterKey(); response = am.allocate(Records.newRecord(AllocateRequest.class)); Assert.assertNotNull(response.getAMRMToken()); .getRMContext().getAMRMTokenSecretManager().getMasterKey().getMasterKey() .getKeyId()); rm.getRMContext().getAMRMTokenSecretManager().activateNextMasterKey(); response = am.allocate(Records.newRecord(AllocateRequest.class)); Assert.assertNull(response.getAMRMToken());
rm.getRMContext().getAMRMTokenSecretManager().rollMasterKey(); response = am.allocate(Records.newRecord(AllocateRequest.class)); Assert.assertNotNull(response.getAMRMToken()); .getRMContext().getAMRMTokenSecretManager().getMasterKey().getMasterKey() .getKeyId()); rm.getRMContext().getAMRMTokenSecretManager().activateNextMasterKey(); response = am.allocate(Records.newRecord(AllocateRequest.class)); Assert.assertNull(response.getAMRMToken());
rm2.getRMContext().getAMRMTokenSecretManager().retrievePassword( amrmToken.decodeIdentifier()));
rm2.getRMContext().getAMRMTokenSecretManager().retrievePassword( amrmToken.decodeIdentifier()));