[
https://issues.apache.org/jira/browse/OOZIE-2531?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15283327#comment-15283327
]
Robert Kanter commented on OOZIE-2531:
--------------------------------------
We've actually had this on our radar internally for a while. Thanks for taking
care of this [~satishsaley].
I agree with [~rohini] that we should do hbase and hive tokens here.
I can't think of a case where the user would want either of these to be true,
but users are very crafty and I'm sure one of them will come up with something
:)
It's safest to just have the Action only add it if the user didn't explicitly
set it.
> Prevent Spark trying for token which is already available
> ----------------------------------------------------------
>
> Key: OOZIE-2531
> URL: https://issues.apache.org/jira/browse/OOZIE-2531
> Project: Oozie
> Issue Type: Improvement
> Reporter: Satish Subhashrao Saley
> Assignee: Satish Subhashrao Saley
> Attachments: OOZIE-2531-1.patch
>
>
> As per [Apache Spark
> documentation|http://spark.apache.org/docs/latest/running-on-yarn.html#spark-properties]
> :
> The property {{spark.yarn.security.tokens.service.enabled}} in Apache Spark
> which controls whether to retrieve delegation tokens for non-HDFS services
> when security is enabled. By default, delegation tokens for all supported
> services are retrieved when those services are configured, but it's possible
> to disable that behavior if it somehow conflicts with the application being
> run.
> Currently supported services are: hive, hbase
> It would be good to have default as
> {{spark.yarn.security.tokens.hive.enabled=false}} to avoid having Spark
> redundantly retry obtaining a token when it already has one (passed
> originally from Oozie's hcat credentials).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
