[
https://issues.apache.org/jira/browse/FLINK-592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14151054#comment-14151054
]
Robert Metzger commented on FLINK-592:
--------------------------------------
Cool. I'm happy that you are looking into this.
I think the biggest issue about this feature is you need a properly set-up
testing environment (I assume its annoying to set up a kerberos server and
configure hdfs and yarn to properly use it).
While working on it, you'll probably find some code fragments that are required
for this. In particular, the current code should acquire and pass HDFS auth
tokens to the YARN containers. I've read somewhere that these tokens expire
after some time and you'll need to refresh them again from the kerberos server
....
In addition to that, feel free to clean up and refactor the "flink-yarn" code.
It is stable in a sense that it has been tested in many environments and it
covers many corner cases. But the code itself is not very readable.
[~skunert] is working on adding integration tests, with the YarnMiniCluster.
> Add support for secure YARN clusters with Kerberos Auth
> -------------------------------------------------------
>
> Key: FLINK-592
> URL: https://issues.apache.org/jira/browse/FLINK-592
> Project: Flink
> Issue Type: Improvement
> Components: YARN Client
> Reporter: GitHub Import
> Assignee: Daniel Warneke
> Priority: Minor
> Labels: github-import
> Fix For: pre-apache
>
>
> The current YARN client will throw an exception (as of
> https://github.com/stratosphere/stratosphere/pull/591) if it detects a secure
> environment.
> ---------------- Imported from GitHub ----------------
> Url: https://github.com/stratosphere/stratosphere/issues/592
> Created by: [rmetzger|https://github.com/rmetzger]
> Labels: enhancement, YARN,
> Created at: Sun Mar 16 11:05:07 CET 2014
> State: open
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
