hadoop-yarn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Kanter <rkan...@cloudera.com>
Subject Re: Incompatible change in Hadoop 2.8.0 (YARN-4126)
Date Thu, 20 Oct 2016 15:18:41 GMT
Good idea Jason.  Thanks for making a comment on YARN-4126.

- Robert

On Thu, Oct 20, 2016 at 7:00 AM, Jason Lowe <jlowe@yahoo-inc.com> wrote:

> You'll probably get better traction by commenting on the offending JIRA.
> I noticed none of the people involved in YARN-4126 are watchers of
> YARN-5750, so I'm guessing they simply missed seeing YARN-5750 when it was
> filed.
>
> I haven't looked into the details of YARN-4126, but on the surface it
> seems appropriate to revert for 2.8 if it broke a major downstream project.
>
> Jason
>
>
> On Wednesday, October 19, 2016 4:18 PM, Robert Kanter <
> rkanter@cloudera.com> wrote:
>
>
> Hi,
>
> Our Oozie team recently found that YARN-4126
> <https://issues.apache.org/jira/browse/YARN-4126> appears to introduce an
> incompatible change into Hadoop 2.8.0.  Namely, it removes delegation
> tokens from being used in a non-secure cluster.  Clients, such as Oozie,
> that were previously using a delegation token regardless of security, now
> fail.  That's okay for Hadoop 3, but this was also committed to Hadoop
> 2.8.0.  Perhaps we should revert this?  YARN-4126 was also not marked as
> incompatible...
>
> Caused by: java.io.IOException: Delegation Token can be issued only with
> kerberos authentication
> at
> org.apache.hadoop.yarn.server.resourcemanager.ClientRMService.
> getDelegationToken(ClientRMService.java:1065)
> ... 10 more
>
>
> There's more details on YARN-5750
> <https://issues.apache.org/jira/browse/YARN-5750>, but I thought I'd try
> to
> bring more attention to this by sending out and email.
>
>
> thanks
> - Robert
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message