[
https://issues.apache.org/jira/browse/SPARK-16363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15432421#comment-15432421
]
Steve Loughran commented on SPARK-16363:
----------------------------------------
S3A uses {{com.amazonaws.auth.InstanceProfileCredentialsProvider}} to talk to
Amazon EC2 Instance Metadata Service. Switch to S3A and Hadoop 2.7+ and you
should be able to do this.
That said, I do want to make some changes to how Spark propagates env vars as
(a) it ignores the AWS_SESSION env var and (b) it stamps on any existing
id/secret. That's not going to help
> Spark-submit doesn't work with IAM Roles
> ----------------------------------------
>
> Key: SPARK-16363
> URL: https://issues.apache.org/jira/browse/SPARK-16363
> Project: Spark
> Issue Type: Bug
> Components: Spark Submit
> Affects Versions: 1.6.2
> Environment: Spark Stand-Alone with EC2 instances configured with IAM
> Roles.
> Reporter: Ashic Mahtab
>
> When running Spark Stand-alone in EC2 boxes,
> spark-submit --master spark://master-ip:7077 --class Foo
> --deploy-mode cluster --verbose s3://bucket/dir/foo/jar
> fails to find the jar even if AWS IAM roles are configured to allow the EC2
> boxes (that are running Spark master, and workers) access to the file in S3.
> The exception is provided below. It's asking us to set keys, etc. when the
> boxes are configured via IAM roles.
> 16/07/04 11:44:09 ERROR ClientEndpoint: Exception from cluster was:
> java.lang.IllegalArgumentException: AWS Access Key ID and Secret Access Key
> must be specified as the username or password (respectively) of a s3 URL, or
> by setting the fs.s3.awsAccessKeyId or fs.s3.awsSecretAccessKey properties
> (respectively).
> java.lang.IllegalArgumentException: AWS Access Key ID and Secret Access Key
> must be specified as the username or password (respectively) of a s3 URL, or
> by setting the fs.s3.awsAccessKeyId or fs.s3.awsSecretAccessKey properties
> (respectively).
> at
> org.apache.hadoop.fs.s3.S3Credentials.initialize(S3Credentials.java:66)
> at
> org.apache.hadoop.fs.s3.Jets3tFileSystemStore.initialize(Jets3tFileSystemStore.java:82)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.apache.hadoop.io.retry.RetryInvocationHandler.invokeMethod(RetryInvocationHandler.java:85)
> at
> org.apache.hadoop.io.retry.RetryInvocationHandler.invoke(RetryInvocationHandler.java:62)
> at com.sun.proxy.$Proxy5.initialize(Unknown Source)
> at
> org.apache.hadoop.fs.s3.S3FileSystem.initialize(S3FileSystem.java:77)
> at
> org.apache.hadoop.fs.FileSystem.createFileSystem(FileSystem.java:1446)
> at org.apache.hadoop.fs.FileSystem.access$200(FileSystem.java:67)
> at org.apache.hadoop.fs.FileSystem$Cache.get(FileSystem.java:1464)
> at org.apache.hadoop.fs.FileSystem.get(FileSystem.java:263)
> at org.apache.spark.util.Utils$.getHadoopFileSystem(Utils.scala:1686)
> at org.apache.spark.util.Utils$.doFetchFile(Utils.scala:598)
> at org.apache.spark.util.Utils$.fetchFile(Utils.scala:395)
> at
> org.apache.spark.deploy.worker.DriverRunner.org$apache$spark$deploy$worker$DriverRunner$$downloadUserJar(DriverRunner.scala:150)
> at
> org.apache.spark.deploy.worker.DriverRunner$$anon$1.run(DriverRunner.scala:79)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
