Repository: hadoop Updated Branches: refs/heads/trunk e3236a968 -> 4827e9a90
YARN-8329. Docker client configuration can still be set incorrectly. Contributed by Shane Kumpf Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/4827e9a9 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/4827e9a9 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/4827e9a9 Branch: refs/heads/trunk Commit: 4827e9a9085b306bc379cb6e0b1fe4b92326edcd Parents: e3236a9 Author: Jason Lowe <jl...@apache.org> Authored: Tue May 29 14:43:17 2018 -0500 Committer: Jason Lowe <jl...@apache.org> Committed: Tue May 29 14:43:17 2018 -0500 ---------------------------------------------------------------------- .../yarn/util/DockerClientConfigHandler.java | 23 +++++++++++--------- .../security/TestDockerClientConfigHandler.java | 4 ++-- .../runtime/DockerLinuxContainerRuntime.java | 7 +++--- 3 files changed, 19 insertions(+), 15 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/4827e9a9/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/util/DockerClientConfigHandler.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/util/DockerClientConfigHandler.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/util/DockerClientConfigHandler.java index 5522cf4..8ec4deb 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/util/DockerClientConfigHandler.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/util/DockerClientConfigHandler.java @@ -154,14 +154,15 @@ public final class DockerClientConfigHandler { * @param outConfigFile the File to write the Docker client configuration to. * @param credentials the populated Credentials object. * @throws IOException if the write fails. + * @return true if a Docker credential is found in the supplied credentials. */ - public static void writeDockerCredentialsToPath(File outConfigFile, + public static boolean writeDockerCredentialsToPath(File outConfigFile, Credentials credentials) throws IOException { - ObjectMapper mapper = new ObjectMapper(); - ObjectNode rootNode = mapper.createObjectNode(); - ObjectNode registryUrlNode = mapper.createObjectNode(); boolean foundDockerCred = false; if (credentials.numberOfTokens() > 0) { + ObjectMapper mapper = new ObjectMapper(); + ObjectNode rootNode = mapper.createObjectNode(); + ObjectNode registryUrlNode = mapper.createObjectNode(); for (Token<? extends TokenIdentifier> tk : credentials.getAllTokens()) { if (tk.getKind().equals(DockerCredentialTokenIdentifier.KIND)) { foundDockerCred = true; @@ -176,12 +177,14 @@ public final class DockerClientConfigHandler { } } } + if (foundDockerCred) { + rootNode.put(CONFIG_AUTHS_KEY, registryUrlNode); + String json = mapper.writerWithDefaultPrettyPrinter() + .writeValueAsString(rootNode); + FileUtils.writeStringToFile( + outConfigFile, json, StandardCharsets.UTF_8); + } } - if (foundDockerCred) { - rootNode.put(CONFIG_AUTHS_KEY, registryUrlNode); - String json = - mapper.writerWithDefaultPrettyPrinter().writeValueAsString(rootNode); - FileUtils.writeStringToFile(outConfigFile, json, StandardCharsets.UTF_8); - } + return foundDockerCred; } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/hadoop/blob/4827e9a9/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/security/TestDockerClientConfigHandler.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/security/TestDockerClientConfigHandler.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/security/TestDockerClientConfigHandler.java index c4cbe45..cfe5a45 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/security/TestDockerClientConfigHandler.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/test/java/org/apache/hadoop/yarn/security/TestDockerClientConfigHandler.java @@ -116,8 +116,8 @@ public class TestDockerClientConfigHandler { Credentials credentials = DockerClientConfigHandler.readCredentialsFromConfigFile( new Path(file.toURI()), conf, APPLICATION_ID); - DockerClientConfigHandler.writeDockerCredentialsToPath(outFile, - credentials); + assertTrue(DockerClientConfigHandler.writeDockerCredentialsToPath(outFile, + credentials)); assertTrue(outFile.exists()); String fileContents = FileUtils.readFileToString(outFile); assertTrue(fileContents.contains("auths")); http://git-wip-us.apache.org/repos/asf/hadoop/blob/4827e9a9/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java index 5e2233b..fc095d5 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java @@ -1299,14 +1299,15 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime { .getParent(); File dockerConfigPath = new File(nmPrivateDir + "/config.json"); try { - DockerClientConfigHandler - .writeDockerCredentialsToPath(dockerConfigPath, credentials); + if (DockerClientConfigHandler + .writeDockerCredentialsToPath(dockerConfigPath, credentials)) { + dockerRunCommand.setClientConfigDir(dockerConfigPath.getParent()); + } } catch (IOException e) { throw new ContainerExecutionException( "Unable to write Docker client credentials to " + dockerConfigPath); } - dockerRunCommand.setClientConfigDir(dockerConfigPath.getParent()); } } } --------------------------------------------------------------------- To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-commits-h...@hadoop.apache.org