[
https://issues.apache.org/jira/browse/SLIDER-742?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14277532#comment-14277532
]
Jonathan Maron commented on SLIDER-742:
---------------------------------------
I'm sorry - I don't exactly understand the first question.
As for the second question: The AM will specify the keytab as a local resource
that will get localized by yarn to the path specified. It is actually up to
the app to read and leverage that keytab. For example, in a secure HBase
deployment, there are HBase specific configuration properties that are set in
appConfig:
"site.hbase-site.hbase.master.kerberos.principal":
"${USER_NAME}/_h...@example.com",
"site.hbase-site.hbase.master.keytab.file":
"${AGENT_WORK_ROOT}/keytabs/${USER_NAME}.HBASE.service.keytab",
Those properties are actually used by HBase, independent of slider, to perform
the authentication the running process requires. So, in the memcached case,
the actual code of memcached would have to be modified to read a property
indicating the keytab and principal and use those for its purposes.
> Slider AM secure configuration
> ------------------------------
>
> Key: SLIDER-742
> URL: https://issues.apache.org/jira/browse/SLIDER-742
> Project: Slider
> Issue Type: Bug
> Components: appmaster
> Affects Versions: Slider 0.60
> Environment: Secured Hadoop
> Reporter: Yang Hao
>
> Running in secured Hadoop cluster, when I don't set secured-related
> configuration for SliderAM, an error is out:
> "hdfs://lgtst-xiaomi/user/h_yanghao3/.slider/cluster/hbase1/keytabs': No
> such file or directory".
> For that the token has been sent to SliderAM working dir as file
> container_tokens, can we use this, just like what MapReduceAM does?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
