public virtual void TestZKRootPathAcls()
{
HAServiceProtocol.StateChangeRequestInfo req = new HAServiceProtocol.StateChangeRequestInfo
(HAServiceProtocol.RequestSource.RequestByUser);
string rootPath = YarnConfiguration.DefaultZkRmStateStoreParentPath + "/" + ZKRMStateStore
.RootZnodeName;
// Start RM with HA enabled
Configuration conf = CreateHARMConf("rm1,rm2", "rm1", 1234);
conf.SetBoolean(YarnConfiguration.AutoFailoverEnabled, false);
ResourceManager rm = new MockRM(conf);
rm.Start();
rm.GetRMContext().GetRMAdminService().TransitionToActive(req);
Stat stat = new Stat();
IList <ACL> acls = ((ZKRMStateStore)rm.GetRMContext().GetStateStore()).GetACLWithRetries
(rootPath, stat);
NUnit.Framework.Assert.AreEqual(acls.Count, 2);
// CREATE and DELETE permissions for root node based on RM ID
VerifyZKACL("digest", "localhost", ZooDefs.Perms.Create | ZooDefs.Perms.Delete, acls
);
VerifyZKACL("world", "anyone", ZooDefs.Perms.All ^ (ZooDefs.Perms.Create | ZooDefs.Perms
.Delete), acls);
rm.Close();
// Now start RM with HA disabled. NoAuth Exception should not be thrown.
conf.SetBoolean(YarnConfiguration.RmHaEnabled, false);
rm = new MockRM(conf);
rm.Start();
rm.GetRMContext().GetRMAdminService().TransitionToActive(req);
acls = ((ZKRMStateStore)rm.GetRMContext().GetStateStore()).GetACLWithRetries(rootPath
, stat);
NUnit.Framework.Assert.AreEqual(acls.Count, 1);
VerifyZKACL("world", "anyone", ZooDefs.Perms.All, acls);
rm.Close();
// Start RM with HA enabled.
conf.SetBoolean(YarnConfiguration.RmHaEnabled, true);
rm = new MockRM(conf);
rm.Start();
rm.GetRMContext().GetRMAdminService().TransitionToActive(req);
acls = ((ZKRMStateStore)rm.GetRMContext().GetStateStore()).GetACLWithRetries(rootPath
, stat);
NUnit.Framework.Assert.AreEqual(acls.Count, 2);
VerifyZKACL("digest", "localhost", ZooDefs.Perms.Create | ZooDefs.Perms.Delete, acls
);
VerifyZKACL("world", "anyone", ZooDefs.Perms.All ^ (ZooDefs.Perms.Create | ZooDefs.Perms
.Delete), acls);
rm.Close();
}