Robert Kanter created OOZIE-2490:
------------------------------------
Summary: Oozie can't set hadoop.security.token.service.use_ip
Key: OOZIE-2490
URL: https://issues.apache.org/jira/browse/OOZIE-2490
Project: Oozie
Issue Type: Bug
Affects Versions: trunk
Reporter: Robert Kanter
Assignee: Robert Kanter
Fix For: trunk
Currently, Oozie has no way of setting {{hadoop.security.token.service.use_ip}}
to the non-default value, as explained in HADOOP-12954. Once that is resolved,
we should have Oozie set {{hadoop.security.token.service.use_ip}} on startup
via the new method added by HADOOP-12954.
{{hadoop.security.token.service.use_ip}} (default=true) is needed if your
network is setup such that you need to use hostnames in delegation tokens
instead of ip addresses.
e.g.
{noformat}
Kind: HDFS_DELEGATION_TOKEN, Service: 127.0.0.1:8020, Ident:
(HDFS_DELEGATION_TOKEN token 7 for hive)
{noformat}
vs
{noformat}
Kind: HDFS_DELEGATION_TOKEN, Service: foo.bar.cloudera.com:8020, Ident:
(HDFS_DELEGATION_TOKEN token 4 for hive)
{noformat}
Some notes:
- Ideally, {{hadoop.security.token.service.use_ip}} could be set on a
per-cluster basis (because Oozie supports multiple clusters), however, like
many of Hadoop's Security stuff, it's static so we can't. I think we should
have Oozie use the {{Configuration}} associated with the default NN/JT/RM when
setting this.
- We'll have to use reflection to do this because HADOOP-12954 will add a new
method and we can't guarantee the method is there. If the method doesn't
exist, there's no alternative to set {{hadoop.security.token.service.use_ip}},
so we'll just ignore it.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
