[
https://issues.apache.org/jira/browse/RANGER-1738?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16253609#comment-16253609
]
Velmurugan Periasamy edited comment on RANGER-1738 at 11/15/17 3:28 PM:
------------------------------------------------------------------------
bq. Velmurugan Periasamy, It's not possible to have RangerYarnAuthorizer work
with multiple versions, as with Hadoop 3.0.0 you have to implement methods that
take arguments that are only available in Hadoop 3.0.0.
[~coheigea] - Agreed. In that case, I think it is better to keep the
compatibility matrix simple. But I don't think we can make ranger release
depending on a beta hadoop version. Based on this
https://cwiki.apache.org/confluence/display/HADOOP/Hadoop+3.0.0+release Hadoop
3.0 should be GA by now or pretty soon.
was (Author: vperiasamy):
bq. Velmurugan Periasamy, It's not possible to have RangerYarnAuthorizer work
with multiple versions, as with Hadoop 3.0.0 you have to implement methods that
take arguments that are only available in Hadoop 3.0.0.
bq.
[~coheigea] - Agreed. In that case, I think it is better to keep the
compatibility matrix simple. But I don't think we can make ranger release
depending on a beta hadoop version. Based on this
https://cwiki.apache.org/confluence/display/HADOOP/Hadoop+3.0.0+release Hadoop
3.0 should be GA by now or pretty soon.
> RangerYarnAuthorizer not compatible with Hadoop-3.0.0
> -----------------------------------------------------
>
> Key: RANGER-1738
> URL: https://issues.apache.org/jira/browse/RANGER-1738
> Project: Ranger
> Issue Type: Bug
> Components: plugins
> Affects Versions: 0.7.1
> Reporter: Hong Shen
> Assignee: Colm O hEigeartaigh
> Fix For: 1.0.0
>
> Attachments:
> 0001-RANGER-1738-RangerYarnAuthorizer-not-compatible-with.patch
>
>
> In the newest hadoop version 3.0.0, YarnAuthorizationProvider has changed.
> The new YarnAuthorizationProvider.java has change the methods checkPermission
> and setPermission,
> {code:title=YarnAuthorizationProvider.java|borderStyle=solid}
> /**
> * Check if user has the permission to access the target object.
> *
> * @param accessRequest
> * the request object which contains all the access context info.
> * @return true if user can access the object, otherwise false.
> */
> public abstract boolean checkPermission(AccessRequest accessRequest);
> /**
> * Set permissions for the target object.
> *
> * @param permissions
> * A list of permissions on the target object.
> * @param ugi User who sets the permissions.
> */
> public abstract void setPermission(List<Permission> permissions,
> UserGroupInformation ugi);
> {code}
> But the RangerYarnAuthorizer extends YarnAuthorizationProvider impletement
> the old method.
> {code:title=RangerYarnAuthorizer.java|borderStyle=solid}
> @Override
> public void setPermission(PrivilegedEntity entity, Map<AccessType,
> AccessControlList> permission, UserGroupInformation ugi) {
> ...
> @Override
> public boolean checkPermission(AccessType accessType, PrivilegedEntity
> entity, UserGroupInformation ugi) {
> {code}
> I think yarn plugin should also impletement the new method. I will add a
> patch for it.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
