YARN-3260. AM attempt fail to register before RM processes launch event. Contributed by Bibin A Chundatt
This commit is contained in:
Jason Lowe
parent
75c0220b44
commit
a5ae5ac50e
|
|
@ -1205,6 +1205,8 @@ public class RMAppAttemptImpl implements RMAppAttempt, Recoverable {
|
||||||
@Override
|
@Override
|
||||||
public void transition(RMAppAttemptImpl appAttempt,
|
public void transition(RMAppAttemptImpl appAttempt,
|
||||||
RMAppAttemptEvent event) {
|
RMAppAttemptEvent event) {
|
||||||
|
|
||||||
|
appAttempt.registerClientToken();
|
||||||
appAttempt.launchAttempt();
|
appAttempt.launchAttempt();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -1525,13 +1527,6 @@ public class RMAppAttemptImpl implements RMAppAttempt, Recoverable {
|
||||||
// Register with AMLivelinessMonitor
|
// Register with AMLivelinessMonitor
|
||||||
appAttempt.attemptLaunched();
|
appAttempt.attemptLaunched();
|
||||||
|
|
||||||
// register the ClientTokenMasterKey after it is saved in the store,
|
|
||||||
// otherwise client may hold an invalid ClientToken after RM restarts.
|
|
||||||
if (UserGroupInformation.isSecurityEnabled()) {
|
|
||||||
appAttempt.rmContext.getClientToAMTokenSecretManager()
|
|
||||||
.registerApplication(appAttempt.getAppAttemptId(),
|
|
||||||
appAttempt.getClientTokenMasterKey());
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1598,11 +1593,20 @@ public class RMAppAttemptImpl implements RMAppAttempt, Recoverable {
|
||||||
appAttempt.amrmToken =
|
appAttempt.amrmToken =
|
||||||
appAttempt.rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken(
|
appAttempt.rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken(
|
||||||
appAttempt.applicationAttemptId);
|
appAttempt.applicationAttemptId);
|
||||||
|
appAttempt.registerClientToken();
|
||||||
super.transition(appAttempt, event);
|
super.transition(appAttempt, event);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void registerClientToken() {
|
||||||
|
// register the ClientTokenMasterKey after it is saved in the store,
|
||||||
|
// otherwise client may hold an invalid ClientToken after RM restarts.
|
||||||
|
if (UserGroupInformation.isSecurityEnabled()) {
|
||||||
|
rmContext.getClientToAMTokenSecretManager()
|
||||||
|
.registerApplication(getAppAttemptId(), getClientTokenMasterKey());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
private static final class LaunchFailedTransition extends BaseFinalTransition {
|
private static final class LaunchFailedTransition extends BaseFinalTransition {
|
||||||
|
|
||||||
public LaunchFailedTransition() {
|
public LaunchFailedTransition() {
|
||||||
|
|
|
||||||
|
|
@ -663,21 +663,29 @@ public class TestRMAppAttemptTransitions {
|
||||||
|
|
||||||
assertEquals(RMAppAttemptState.ALLOCATED_SAVING,
|
assertEquals(RMAppAttemptState.ALLOCATED_SAVING,
|
||||||
applicationAttempt.getAppAttemptState());
|
applicationAttempt.getAppAttemptState());
|
||||||
|
|
||||||
|
if (UserGroupInformation.isSecurityEnabled()) {
|
||||||
|
// Before SAVED state, can't create ClientToken as at this time
|
||||||
|
// ClientTokenMasterKey has not been registered in the SecretManager
|
||||||
|
assertNull(applicationAttempt.createClientToken("some client"));
|
||||||
|
}
|
||||||
|
|
||||||
applicationAttempt.handle(
|
applicationAttempt.handle(
|
||||||
new RMAppAttemptEvent(applicationAttempt.getAppAttemptId(),
|
new RMAppAttemptEvent(applicationAttempt.getAppAttemptId(),
|
||||||
RMAppAttemptEventType.ATTEMPT_NEW_SAVED));
|
RMAppAttemptEventType.ATTEMPT_NEW_SAVED));
|
||||||
|
|
||||||
|
if (UserGroupInformation.isSecurityEnabled()) {
|
||||||
|
// Before SAVED state, can't create ClientToken as at this time
|
||||||
|
// ClientTokenMasterKey has not been registered in the SecretManager
|
||||||
|
assertNotNull(applicationAttempt.createClientToken("some client"));
|
||||||
|
}
|
||||||
|
|
||||||
testAppAttemptAllocatedState(container);
|
testAppAttemptAllocatedState(container);
|
||||||
|
|
||||||
return container;
|
return container;
|
||||||
}
|
}
|
||||||
|
|
||||||
private void launchApplicationAttempt(Container container) {
|
private void launchApplicationAttempt(Container container) {
|
||||||
if (UserGroupInformation.isSecurityEnabled()) {
|
|
||||||
// Before LAUNCHED state, can't create ClientToken as at this time
|
|
||||||
// ClientTokenMasterKey has not been registered in the SecretManager
|
|
||||||
assertNull(applicationAttempt.createClientToken("some client"));
|
|
||||||
}
|
|
||||||
applicationAttempt.handle(
|
applicationAttempt.handle(
|
||||||
new RMAppAttemptEvent(applicationAttempt.getAppAttemptId(),
|
new RMAppAttemptEvent(applicationAttempt.getAppAttemptId(),
|
||||||
RMAppAttemptEventType.LAUNCHED));
|
RMAppAttemptEventType.LAUNCHED));
|
||||||
|
|
@ -1477,8 +1485,6 @@ public class TestRMAppAttemptTransitions {
|
||||||
Token<ClientToAMTokenIdentifier> token =
|
Token<ClientToAMTokenIdentifier> token =
|
||||||
applicationAttempt.createClientToken(null);
|
applicationAttempt.createClientToken(null);
|
||||||
Assert.assertNull(token);
|
Assert.assertNull(token);
|
||||||
token = applicationAttempt.createClientToken("clientuser");
|
|
||||||
Assert.assertNull(token);
|
|
||||||
|
|
||||||
launchApplicationAttempt(amContainer);
|
launchApplicationAttempt(amContainer);
|
||||||
// after attempt is launched , can get ClientToken
|
// after attempt is launched , can get ClientToken
|
||||||
|
|
@ -1505,22 +1511,15 @@ public class TestRMAppAttemptTransitions {
|
||||||
public void testApplicationAttemptMasterKey() throws Exception {
|
public void testApplicationAttemptMasterKey() throws Exception {
|
||||||
Container amContainer = allocateApplicationAttempt();
|
Container amContainer = allocateApplicationAttempt();
|
||||||
ApplicationAttemptId appid = applicationAttempt.getAppAttemptId();
|
ApplicationAttemptId appid = applicationAttempt.getAppAttemptId();
|
||||||
boolean isMasterKeyExisted = false;
|
boolean isMasterKeyExisted = clientToAMTokenManager.hasMasterKey(appid);
|
||||||
|
|
||||||
// before attempt is launched, can not get MasterKey
|
|
||||||
isMasterKeyExisted = clientToAMTokenManager.hasMasterKey(appid);
|
|
||||||
Assert.assertFalse(isMasterKeyExisted);
|
|
||||||
|
|
||||||
launchApplicationAttempt(amContainer);
|
|
||||||
// after attempt is launched and in secure mode, can get MasterKey
|
|
||||||
isMasterKeyExisted = clientToAMTokenManager.hasMasterKey(appid);
|
|
||||||
if (isSecurityEnabled) {
|
if (isSecurityEnabled) {
|
||||||
Assert.assertTrue(isMasterKeyExisted);
|
Assert.assertTrue(isMasterKeyExisted);
|
||||||
Assert.assertNotNull(clientToAMTokenManager.getMasterKey(appid));
|
Assert.assertNotNull(clientToAMTokenManager.getMasterKey(appid));
|
||||||
} else {
|
} else {
|
||||||
Assert.assertFalse(isMasterKeyExisted);
|
Assert.assertFalse(isMasterKeyExisted);
|
||||||
}
|
}
|
||||||
|
launchApplicationAttempt(amContainer);
|
||||||
applicationAttempt.handle(new RMAppAttemptEvent(applicationAttempt
|
applicationAttempt.handle(new RMAppAttemptEvent(applicationAttempt
|
||||||
.getAppAttemptId(), RMAppAttemptEventType.KILL));
|
.getAppAttemptId(), RMAppAttemptEventType.KILL));
|
||||||
assertEquals(YarnApplicationAttemptState.LAUNCHED,
|
assertEquals(YarnApplicationAttemptState.LAUNCHED,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue