Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

YARN-7889. Missing kerberos token when check for RM REST API availability. Contributed by Eric Yang

This commit is contained in:
Jian He 2018-02-05 22:55:56 -08:00
parent a196ee9362
commit 87429affce
1 changed files with 29 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services-api/src/main/java/org/apache/hadoop/yarn/service/client/ApiServiceClient.java
View File

@ -87,21 +87,38 @@ public class ApiServiceClient extends AppAdminClient {
rmAddress = conf
.get("yarn.resourcemanager.webapp.https.address");
}
boolean useKerberos = UserGroupInformation.isSecurityEnabled();
List<String> rmServers = RMHAUtils
.getRMHAWebappAddresses(new YarnConfiguration(conf));
for (String host : rmServers) {
StringBuilder sb = new StringBuilder();
sb.append(scheme);
sb.append(host);
sb.append(path);
Client client = Client.create();
WebResource webResource = client
.resource(sb.toString());
String test = webResource.get(String.class);
if (test.contains("hadoop_version")) {
rmAddress = host;
break;
try {
Client client = Client.create();
StringBuilder sb = new StringBuilder();
sb.append(scheme);
sb.append(host);
sb.append(path);
if (!useKerberos) {
try {
String username = UserGroupInformation.getCurrentUser().getShortUserName();
sb.append("?user.name=");
sb.append(username);
} catch (IOException e) {
LOG.debug("Fail to resolve username: {}", e);
}
}
WebResource webResource = client
.resource(sb.toString());
if (useKerberos) {
AuthenticatedURL.Token token = new AuthenticatedURL.Token();
webResource.header("WWW-Authenticate", token);
}
ClientResponse test = webResource.get(ClientResponse.class);
if (test.getStatus() == 200) {
rmAddress = host;
break;
}
} catch (Exception e) {
LOG.debug("Fail to connect to: "+host, e);
}
}
return scheme+rmAddress;