[
https://issues.apache.org/jira/browse/OOZIE-2490?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
abhishek bafna updated OOZIE-2490:
----------------------------------
Fix Version/s: (was: trunk)
4.3.0
> Oozie can't set hadoop.security.token.service.use_ip
> ----------------------------------------------------
>
> Key: OOZIE-2490
> URL: https://issues.apache.org/jira/browse/OOZIE-2490
> Project: Oozie
> Issue Type: Bug
> Affects Versions: trunk
> Reporter: Robert Kanter
> Assignee: Robert Kanter
> Fix For: 4.3.0
>
> Attachments: OOZIE-2490.001.patch, OOZIE-2490.002.patch,
> OOZIE-2490.003.patch
>
>
> Currently, Oozie has no way of setting
> {{hadoop.security.token.service.use_ip}} to the non-default value, as
> explained in HADOOP-12954. Once that is resolved, we should have Oozie set
> {{hadoop.security.token.service.use_ip}} on startup via the new method added
> by HADOOP-12954.
> {{hadoop.security.token.service.use_ip}} (default=true) is needed if your
> network is setup such that you need to use hostnames in delegation tokens
> instead of ip addresses.
> e.g.
> {noformat}
> Kind: HDFS_DELEGATION_TOKEN, Service: 127.0.0.1:8020, Ident:
> (HDFS_DELEGATION_TOKEN token 7 for hive)
> {noformat}
> vs
> {noformat}
> Kind: HDFS_DELEGATION_TOKEN, Service: foo.bar.cloudera.com:8020, Ident:
> (HDFS_DELEGATION_TOKEN token 4 for hive)
> {noformat}
> Some notes:
> - Ideally, {{hadoop.security.token.service.use_ip}} could be set on a
> per-cluster basis (because Oozie supports multiple clusters), however, like
> many of Hadoop's Security stuff, it's static so we can't. I think we should
> have Oozie use the {{Configuration}} associated with the default NN/JT/RM
> when setting this.
> - We'll have to use reflection to do this because HADOOP-12954 will add a new
> method and we can't guarantee the method is there. If the method doesn't
> exist, there's no alternative to set
> {{hadoop.security.token.service.use_ip}}, so we'll just ignore it.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
