This is an automated email from the ASF dual-hosted git repository.
snemeth pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/trunk by this push:
new d9cb76ac985a YARN-11468. Zookeeper SSL/TLS support. Contributed by
Ferenc Erdelyi
d9cb76ac985a is described below
commit d9cb76ac985a1f28208e29a6f1efa6d161720fb0
Author: Szilard Nemeth <snem...@apache.org>
AuthorDate: Wed Sep 27 18:21:45 2023 -0400
YARN-11468. Zookeeper SSL/TLS support. Contributed by Ferenc Erdelyi
---
.../main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java | 4 ++++
.../hadoop-yarn-common/src/main/resources/yarn-default.xml | 6 ++++++
.../apache/hadoop/yarn/server/resourcemanager/ResourceManager.java | 3 ++-
3 files changed, 12 insertions(+), 1 deletion(-)
diff --git
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java
index bbb1ed6f8a7d..13d4c209110e 100644
---
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java
+++
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/main/java/org/apache/hadoop/yarn/conf/YarnConfiguration.java
@@ -857,6 +857,10 @@ public class YarnConfiguration extends Configuration {
/** Zookeeper interaction configs */
public static final String RM_ZK_PREFIX = RM_PREFIX + "zk-";
+ /** Enable Zookeeper SSL/TLS communication. */
+ public static final String RM_ZK_CLIENT_SSL_ENABLED = RM_ZK_PREFIX +
"client-ssl.enabled";
+ public static final boolean DEFAULT_RM_ZK_CLIENT_SSL_ENABLED = false;
+
public static final String RM_ZK_ADDRESS = RM_ZK_PREFIX + "address";
public static final String RM_ZK_NUM_RETRIES = RM_ZK_PREFIX + "num-retries";
diff --git
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml
index 9fa600db4b03..2259b73fb651 100644
---
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml
+++
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/resources/yarn-default.xml
@@ -741,6 +741,12 @@
<value>1048576</value>
</property>
+ <property>
+ <description>Enable SSL/TLS encryption for the ZooKeeper
communication.</description>
+ <name>yarn.resourcemanager.zk-client-ssl.enabled</name>
+ <value>false</value>
+ </property>
+
<property>
<description>Name of the cluster. In a HA setting,
this is used to ensure the RM participates in leader
diff --git
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ResourceManager.java
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ResourceManager.java
index 2730dde72fc1..90eaed3d8a02 100644
---
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ResourceManager.java
+++
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/ResourceManager.java
@@ -427,7 +427,8 @@ public class ResourceManager extends CompositeService
authInfos.add(authInfo);
}
- manager.start(authInfos);
+ manager.start(authInfos,
config.getBoolean(YarnConfiguration.RM_ZK_CLIENT_SSL_ENABLED,
+ YarnConfiguration.DEFAULT_RM_ZK_CLIENT_SSL_ENABLED));
return manager;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-commits-h...@hadoop.apache.org
