[ https://issues.apache.org/jira/browse/SLIDER-742?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14269361#comment-14269361 ]
Jonathan Maron commented on SLIDER-742: --------------------------------------- I think you may be confusing some concepts. The Slider AM does not rely on tokens due to the fact that tokens expire after 7 days. Given the need to support long running applications the AM actually requires access to a keytab in order to establish a kerberos authenticated identity. That identity is leveraged to interact with HDFS etc to obtain tokens that are then used for the container launch contexts of spawned application containers. The mechanism is explained in detail here: http://slider.incubator.apache.org/docs/security.html, under the "The Keytab distribution/access Options" heading. > Slider AM secure configuration > ------------------------------ > > Key: SLIDER-742 > URL: https://issues.apache.org/jira/browse/SLIDER-742 > Project: Slider > Issue Type: Bug > Components: appmaster > Affects Versions: Slider 0.60 > Environment: Secured Hadoop > Reporter: Yang Hao > > Running in secured Hadoop cluster, when I don't set secured-related > configuration for SliderAM, an error is out: > "hdfs://lgtst-xiaomi/user/h_yanghao3/.slider/cluster/hbase1/keytabs': No > such file or directory". > For that the token has been sent to SliderAM working dir as file > container_tokens, can we use this, just like what MapReduceAM does? -- This message was sent by Atlassian JIRA (v6.3.4#6332)