hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Kanter (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-12954) Add a way to change hadoop.security.token.service.use_ip
Date Tue, 22 Mar 2016 23:20:25 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-12954?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15207503#comment-15207503
] 

Robert Kanter commented on HADOOP-12954:
----------------------------------------

The end problems were different, but it's the same root cause: {{hadoop.security.token.service.use_ip}}
is initialized from the classpath and core-site.xml isn't there.

I think my proposal should work to solve both problems.  The Oozie server can call {{SecurityUtil.setConfiguration(conf)}}
to pass the {{Configuration}} it loaded.  The MR AM could do the same.  Though for MAPREDUCE-6565,
why can't you have a core-site.xml added via {{mapreduce.application.classpath}}?

> Add a way to change hadoop.security.token.service.use_ip
> --------------------------------------------------------
>
>                 Key: HADOOP-12954
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12954
>             Project: Hadoop Common
>          Issue Type: Bug
>    Affects Versions: 2.6.0
>            Reporter: Robert Kanter
>            Assignee: Robert Kanter
>
> Currently, {{hadoop.security.token.service.use_ip}} is set on JVM startup via:
> {code:java}
>   static {
>     Configuration conf = new Configuration();
>     boolean useIp = conf.getBoolean(
>         CommonConfigurationKeys.HADOOP_SECURITY_TOKEN_SERVICE_USE_IP,
>         CommonConfigurationKeys.HADOOP_SECURITY_TOKEN_SERVICE_USE_IP_DEFAULT);
>     setTokenServiceUseIp(useIp);
>   }
> {code}
> This is a problem for clients, such as Oozie, who don't add *-site.xml files to their
classpath.  Oozie normally creates a {{JobClient}} and passes a {{Configuration}} to it with
the proper configs we need.  However, because {{hadoop.security.token.service.use_ip}} is
specified in a static block like this, and there's no API to change it, Oozie has no way to
set it to the non-default value.
> I propose we add a {{setConfiguration}} method which takes a {{Configuration}} and rereads
{{hadoop.security.token.service.use_ip}}.  There's a few other properties that are also loaded
statically on startup that can be reloaded here as well.  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message