/// <exception cref="System.Exception"/>
        protected override void ServiceStart()
        {
            base.ServiceStart();
            // ResourceTrackerServer authenticates NodeManager via Kerberos if
            // security is enabled, so no secretManager.
            Configuration conf = GetConfig();
            YarnRPC       rpc  = YarnRPC.Create(conf);

            this.server = rpc.GetServer(typeof(ResourceTracker), this, resourceTrackerAddress
                                        , conf, null, conf.GetInt(YarnConfiguration.RmResourceTrackerClientThreadCount,
                                                                  YarnConfiguration.DefaultRmResourceTrackerClientThreadCount));
            // Enable service authorization?
            if (conf.GetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization, false
                                ))
            {
                InputStream inputStream = this.rmContext.GetConfigurationProvider().GetConfigurationInputStream
                                              (conf, YarnConfiguration.HadoopPolicyConfigurationFile);
                if (inputStream != null)
                {
                    conf.AddResource(inputStream);
                }
                RefreshServiceAcls(conf, RMPolicyProvider.GetInstance());
            }
            this.server.Start();
            conf.UpdateConnectAddr(YarnConfiguration.RmBindHost, YarnConfiguration.RmResourceTrackerAddress
                                   , YarnConfiguration.DefaultRmResourceTrackerAddress, server.GetListenerAddress()
                                   );
        }
Esempio n. 2
0
        /// <exception cref="System.Exception"/>
        protected internal virtual void StartServer()
        {
            Configuration conf = GetConfig();
            YarnRPC       rpc  = YarnRPC.Create(conf);

            this.server = (RPC.Server)rpc.GetServer(typeof(ResourceManagerAdministrationProtocol
                                                           ), this, masterServiceBindAddress, conf, null, conf.GetInt(YarnConfiguration.RmAdminClientThreadCount
                                                                                                                      , YarnConfiguration.DefaultRmAdminClientThreadCount));
            // Enable service authorization?
            if (conf.GetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization, false
                                ))
            {
                RefreshServiceAcls(GetConfiguration(conf, YarnConfiguration.HadoopPolicyConfigurationFile
                                                    ), RMPolicyProvider.GetInstance());
            }
            if (rmContext.IsHAEnabled())
            {
                RPC.SetProtocolEngine(conf, typeof(HAServiceProtocolPB), typeof(ProtobufRpcEngine
                                                                                ));
                HAServiceProtocolServerSideTranslatorPB haServiceProtocolXlator = new HAServiceProtocolServerSideTranslatorPB
                                                                                      (this);
                BlockingService haPbService = HAServiceProtocolProtos.HAServiceProtocolService.NewReflectiveBlockingService
                                                  (haServiceProtocolXlator);
                server.AddProtocol(RPC.RpcKind.RpcProtocolBuffer, typeof(HAServiceProtocol), haPbService
                                   );
            }
            this.server.Start();
            conf.UpdateConnectAddr(YarnConfiguration.RmBindHost, YarnConfiguration.RmAdminAddress
                                   , YarnConfiguration.DefaultRmAdminAddress, server.GetListenerAddress());
        }
        /// <exception cref="System.Exception"/>
        protected override void ServiceStart()
        {
            Configuration conf = GetConfig();
            YarnRPC       rpc  = YarnRPC.Create(conf);
            IPEndPoint    masterServiceAddress = conf.GetSocketAddr(YarnConfiguration.RmBindHost
                                                                    , YarnConfiguration.RmSchedulerAddress, YarnConfiguration.DefaultRmSchedulerAddress
                                                                    , YarnConfiguration.DefaultRmSchedulerPort);
            Configuration serverConf = conf;

            // If the auth is not-simple, enforce it to be token-based.
            serverConf = new Configuration(conf);
            serverConf.Set(CommonConfigurationKeysPublic.HadoopSecurityAuthentication, SaslRpcServer.AuthMethod
                           .Token.ToString());
            this.server = rpc.GetServer(typeof(ApplicationMasterProtocol), this, masterServiceAddress
                                        , serverConf, this.rmContext.GetAMRMTokenSecretManager(), serverConf.GetInt(YarnConfiguration
                                                                                                                    .RmSchedulerClientThreadCount, YarnConfiguration.DefaultRmSchedulerClientThreadCount
                                                                                                                    ));
            // Enable service authorization?
            if (conf.GetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization, false
                                ))
            {
                InputStream inputStream = this.rmContext.GetConfigurationProvider().GetConfigurationInputStream
                                              (conf, YarnConfiguration.HadoopPolicyConfigurationFile);
                if (inputStream != null)
                {
                    conf.AddResource(inputStream);
                }
                RefreshServiceAcls(conf, RMPolicyProvider.GetInstance());
            }
            this.server.Start();
            this.bindAddress = conf.UpdateConnectAddr(YarnConfiguration.RmBindHost, YarnConfiguration
                                                      .RmSchedulerAddress, YarnConfiguration.DefaultRmSchedulerAddress, server.GetListenerAddress
                                                          ());
            base.ServiceStart();
        }
Esempio n. 4
0
        /// <exception cref="Org.Apache.Hadoop.Yarn.Exceptions.YarnException"/>
        /// <exception cref="System.IO.IOException"/>
        public virtual RefreshServiceAclsResponse RefreshServiceAcls(RefreshServiceAclsRequest
                                                                     request)
        {
            if (!GetConfig().GetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization
                                        , false))
            {
                throw RPCUtil.GetRemoteException(new IOException("Service Authorization (" + CommonConfigurationKeysPublic
                                                                 .HadoopSecurityAuthorization + ") not enabled."));
            }
            string argName            = "refreshServiceAcls";
            UserGroupInformation user = CheckAcls(argName);

            CheckRMStatus(user.GetShortUserName(), argName, "refresh Service ACLs.");
            PolicyProvider policyProvider = RMPolicyProvider.GetInstance();
            Configuration  conf           = GetConfiguration(new Configuration(false), YarnConfiguration
                                                             .HadoopPolicyConfigurationFile);

            RefreshServiceAcls(conf, policyProvider);
            rmContext.GetClientRMService().RefreshServiceAcls(conf, policyProvider);
            rmContext.GetApplicationMasterService().RefreshServiceAcls(conf, policyProvider);
            rmContext.GetResourceTrackerService().RefreshServiceAcls(conf, policyProvider);
            RMAuditLogger.LogSuccess(user.GetShortUserName(), argName, "AdminService");
            return(recordFactory.NewRecordInstance <RefreshServiceAclsResponse>());
        }