hadoop-mapreduce-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vinod Kumar Vavilapalli (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (MAPREDUCE-5199) AppTokens file can/should be removed
Date Wed, 22 May 2013 00:39:20 GMT

     [ https://issues.apache.org/jira/browse/MAPREDUCE-5199?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Vinod Kumar Vavilapalli updated MAPREDUCE-5199:

    Status: Open  (was: Patch Available)

Tx for the update. Uber-AM will definitely cause this. Otherwise not so much.

Anyways, looked at the patch. IIUC, after the patch, jobCredentials doesn't have appToken,
while UGI.getCredentials() has the Token. Right?

Some comments. While I understand the risk-aversion, none of the following suggest anything
really tricky.
 - JobImpl.fsTokens should be renamed too.
 - Jobtoken itself could be set in jobCredentials and passed to TaskImpl etc. Perhaps another
 - initAndStartAppMaster
    -- Adding the credentials to conf is necessary for the sake of MAPREDUCE-5240. Please
remove the comment "        // shouldn't be necessary"
    -- And it is better to add to conf before init() happens. We never know if the original
conf is cached as part of init().
    -- appMasterUgi is useless. Perhaps remove it in a separate ticket.
 - TestMRAppMaster: Wherever you say appToken shouldn't be present, you should explicitly
validate it. Seems like that comment is invalid in some cases.
 - MRJobConf.APPLICATION_TOKENS_FILE should just be removed along with the java comments.
This was supposed to be private anyways.
 - downloadTokensAndSetupUGI -> setupJobCredentialsAndUGI like Sid proposed.
> AppTokens file can/should be removed
> ------------------------------------
>                 Key: MAPREDUCE-5199
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-5199
>             Project: Hadoop Map/Reduce
>          Issue Type: Sub-task
>          Components: security
>    Affects Versions: 3.0.0, 2.0.5-beta
>            Reporter: Vinod Kumar Vavilapalli
>            Assignee: Daryn Sharp
>            Priority: Blocker
>         Attachments: MAPREDUCE-5199.patch
> All the required tokens are propagated to AMs and containers via startContainer(), no
need for explicitly creating the app-token file that we have today..

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message