/// <exception cref="System.Exception"/>
protected override void ServiceStart()
{
base.ServiceStart();
// ResourceTrackerServer authenticates NodeManager via Kerberos if
// security is enabled, so no secretManager.
Configuration conf = GetConfig();
YarnRPC rpc = YarnRPC.Create(conf);
this.server = rpc.GetServer(typeof(ResourceTracker), this, resourceTrackerAddress
, conf, null, conf.GetInt(YarnConfiguration.RmResourceTrackerClientThreadCount,
YarnConfiguration.DefaultRmResourceTrackerClientThreadCount));
// Enable service authorization?
if (conf.GetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization, false
))
{
InputStream inputStream = this.rmContext.GetConfigurationProvider().GetConfigurationInputStream
(conf, YarnConfiguration.HadoopPolicyConfigurationFile);
if (inputStream != null)
{
conf.AddResource(inputStream);
}
RefreshServiceAcls(conf, RMPolicyProvider.GetInstance());
}
this.server.Start();
conf.UpdateConnectAddr(YarnConfiguration.RmBindHost, YarnConfiguration.RmResourceTrackerAddress
, YarnConfiguration.DefaultRmResourceTrackerAddress, server.GetListenerAddress()
);
}
/// <exception cref="System.Exception"/>
protected internal virtual void StartServer()
{
Configuration conf = GetConfig();
YarnRPC rpc = YarnRPC.Create(conf);
this.server = (RPC.Server)rpc.GetServer(typeof(ResourceManagerAdministrationProtocol
), this, masterServiceBindAddress, conf, null, conf.GetInt(YarnConfiguration.RmAdminClientThreadCount
, YarnConfiguration.DefaultRmAdminClientThreadCount));
// Enable service authorization?
if (conf.GetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization, false
))
{
RefreshServiceAcls(GetConfiguration(conf, YarnConfiguration.HadoopPolicyConfigurationFile
), RMPolicyProvider.GetInstance());
}
if (rmContext.IsHAEnabled())
{
RPC.SetProtocolEngine(conf, typeof(HAServiceProtocolPB), typeof(ProtobufRpcEngine
));
HAServiceProtocolServerSideTranslatorPB haServiceProtocolXlator = new HAServiceProtocolServerSideTranslatorPB
(this);
BlockingService haPbService = HAServiceProtocolProtos.HAServiceProtocolService.NewReflectiveBlockingService
(haServiceProtocolXlator);
server.AddProtocol(RPC.RpcKind.RpcProtocolBuffer, typeof(HAServiceProtocol), haPbService
);
}
this.server.Start();
conf.UpdateConnectAddr(YarnConfiguration.RmBindHost, YarnConfiguration.RmAdminAddress
, YarnConfiguration.DefaultRmAdminAddress, server.GetListenerAddress());
}
/// <exception cref="System.Exception"/>
protected override void ServiceStart()
{
Configuration conf = GetConfig();
YarnRPC rpc = YarnRPC.Create(conf);
IPEndPoint masterServiceAddress = conf.GetSocketAddr(YarnConfiguration.RmBindHost
, YarnConfiguration.RmSchedulerAddress, YarnConfiguration.DefaultRmSchedulerAddress
, YarnConfiguration.DefaultRmSchedulerPort);
Configuration serverConf = conf;
// If the auth is not-simple, enforce it to be token-based.
serverConf = new Configuration(conf);
serverConf.Set(CommonConfigurationKeysPublic.HadoopSecurityAuthentication, SaslRpcServer.AuthMethod
.Token.ToString());
this.server = rpc.GetServer(typeof(ApplicationMasterProtocol), this, masterServiceAddress
, serverConf, this.rmContext.GetAMRMTokenSecretManager(), serverConf.GetInt(YarnConfiguration
.RmSchedulerClientThreadCount, YarnConfiguration.DefaultRmSchedulerClientThreadCount
));
// Enable service authorization?
if (conf.GetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization, false
))
{
InputStream inputStream = this.rmContext.GetConfigurationProvider().GetConfigurationInputStream
(conf, YarnConfiguration.HadoopPolicyConfigurationFile);
if (inputStream != null)
{
conf.AddResource(inputStream);
}
RefreshServiceAcls(conf, RMPolicyProvider.GetInstance());
}
this.server.Start();
this.bindAddress = conf.UpdateConnectAddr(YarnConfiguration.RmBindHost, YarnConfiguration
.RmSchedulerAddress, YarnConfiguration.DefaultRmSchedulerAddress, server.GetListenerAddress
());
base.ServiceStart();
}
/// <exception cref="Org.Apache.Hadoop.Yarn.Exceptions.YarnException"/>
/// <exception cref="System.IO.IOException"/>
public virtual RefreshServiceAclsResponse RefreshServiceAcls(RefreshServiceAclsRequest
request)
{
if (!GetConfig().GetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization
, false))
{
throw RPCUtil.GetRemoteException(new IOException("Service Authorization (" + CommonConfigurationKeysPublic
.HadoopSecurityAuthorization + ") not enabled."));
}
string argName = "refreshServiceAcls";
UserGroupInformation user = CheckAcls(argName);
CheckRMStatus(user.GetShortUserName(), argName, "refresh Service ACLs.");
PolicyProvider policyProvider = RMPolicyProvider.GetInstance();
Configuration conf = GetConfiguration(new Configuration(false), YarnConfiguration
.HadoopPolicyConfigurationFile);
RefreshServiceAcls(conf, policyProvider);
rmContext.GetClientRMService().RefreshServiceAcls(conf, policyProvider);
rmContext.GetApplicationMasterService().RefreshServiceAcls(conf, policyProvider);
rmContext.GetResourceTrackerService().RefreshServiceAcls(conf, policyProvider);
RMAuditLogger.LogSuccess(user.GetShortUserName(), argName, "AdminService");
return(recordFactory.NewRecordInstance <RefreshServiceAclsResponse>());
}
