[jira] [Commented] (HADOOP-12563) Updated utility to create/modify token files

Fri, 05 Feb 2016 08:21:12 -0800 

    [ 
https://issues.apache.org/jira/browse/HADOOP-12563?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15134394#comment-15134394
 ] 

Steve Loughran commented on HADOOP-12563:
-----------------------------------------

SLIDER-1081 added a similar command, in order to create all the tokens needed 
to simulate launching slider and spark under OOzie. 

{{slider tokens}} lets you create a token file with HDFS, RM and ATS delegation 
tokens, and to list the contents of a file. Tokens will be created as the 
current user unless keytab and principal are defined.

Looking at that code, If I were to evolve it I'd add

# a {{renew}} option: go through the tokens, renew them.
# a way to explicitly list the HDFS, webhdfs, RM, NN, .. endpoints.
# a way to explicitly identify the classname + endpoint of other token 
providers (hbase, hive, ...)

There's a class there, {{CredentialUtils| 
https://github.com/apache/incubator-slider/blob/develop/slider-core/src/main/java/org/apache/slider/core/launch/CredentialUtils.java}}
 which contains core functions usable here and by YARN applications.

> Updated utility to create/modify token files
> --------------------------------------------
>
>                 Key: HADOOP-12563
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12563
>             Project: Hadoop Common
>          Issue Type: New Feature
>    Affects Versions: 3.0.0
>            Reporter: Allen Wittenauer
>            Assignee: Matthew Paduano
>         Attachments: HADOOP-12563.01.patch, HADOOP-12563.02.patch, 
> HADOOP-12563.03.patch, HADOOP-12563.04.patch, HADOOP-12563.05.patch, 
> HADOOP-12563.06.patch, example_dtutil_commands_and_output.txt, 
> generalized_token_case.pdf
>
>
> hdfs fetchdt is missing some critical features and is geared almost 
> exclusively towards HDFS operations.  Additionally, the token files that are 
> created use Java serializations which are hard/impossible to deal with in 
> other languages. It should be replaced with a better utility in common that 
> can read/write protobuf-based token files, has enough flexibility to be used 
> with other services, and offers key functionality such as append and rename. 
> The old version file format should still be supported for backward 
> compatibility, but will be effectively deprecated.
> A follow-on JIRA will deprecrate fetchdt.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to