This is an automated email from the ASF dual-hosted git repository. snemeth pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/trunk by this push: new d9cb76ac985a YARN-11468. Zookeeper SSL/TLS support. Contributed by Ferenc Erdelyi d9cb76ac985a is described below commit d9cb76ac985a1f28208e29a6f1efa6d161720fb0 Author: Szilard Nemeth <snem...@apache.org> AuthorDate: Wed Sep 27 18:21:45 2023 -0400 YARN-11468. Zookeeper SSL/TLS support. Contributed by Ferenc Erdelyi --- .../main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java | 4 ++++ .../hadoop-yarn-common/src/main/resources/yarn-default.xml | 6 ++++++ .../apache/hadoop/yarn/server/resourcemanager/ResourceManager.java | 3 ++- 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java index bbb1ed6f8a7d..13d4c209110e 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java @@ -857,6 +857,10 @@ public class YarnConfiguration extends Configuration { /** Zookeeper interaction configs */ public static final String RM_ZK_PREFIX = RM_PREFIX + "zk-"; + /** Enable Zookeeper SSL/TLS communication. */ + public static final String RM_ZK_CLIENT_SSL_ENABLED = RM_ZK_PREFIX + "client-ssl.enabled"; + public static final boolean DEFAULT_RM_ZK_CLIENT_SSL_ENABLED = false; + public static final String RM_ZK_ADDRESS = RM_ZK_PREFIX + "address"; public static final String RM_ZK_NUM_RETRIES = RM_ZK_PREFIX + "num-retries"; diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml index 9fa600db4b03..2259b73fb651 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml @@ -741,6 +741,12 @@ <value>1048576</value> </property> + <property> + <description>Enable SSL/TLS encryption for the ZooKeeper communication.</description> + <name>yarn.resourcemanager.zk-client-ssl.enabled</name> + <value>false</value> + </property> + <property> <description>Name of the cluster. In a HA setting, this is used to ensure the RM participates in leader diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ResourceManager.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ResourceManager.java index 2730dde72fc1..90eaed3d8a02 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ResourceManager.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ResourceManager.java @@ -427,7 +427,8 @@ public class ResourceManager extends CompositeService authInfos.add(authInfo); } - manager.start(authInfos); + manager.start(authInfos, config.getBoolean(YarnConfiguration.RM_ZK_CLIENT_SSL_ENABLED, + YarnConfiguration.DEFAULT_RM_ZK_CLIENT_SSL_ENABLED)); return manager; } --------------------------------------------------------------------- To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-commits-h...@hadoop.apache.org