List of usage examples for org.apache.hadoop.hdfs DFSConfigKeys DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY
String DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY
To view the source code for org.apache.hadoop.hdfs DFSConfigKeys DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY.
Click Source Link
From source file:co.cask.cdap.data.runtime.main.TokenSecureStoreUpdater.java
License:Apache License
private long calculateUpdateInterval() { List<Long> renewalTimes = Lists.newArrayList(); renewalTimes.add(hConf.getLong(DFSConfigKeys.DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY, DFSConfigKeys.DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT)); // The value contains in hbase-default.xml, so it should always there. If it is really missing, default it to 1 day. renewalTimes.add(hConf.getLong(Constants.HBase.AUTH_KEY_UPDATE_INTERVAL, TimeUnit.MILLISECONDS.convert(1, TimeUnit.DAYS))); if (secureExplore) { // Renewal interval for YARN renewalTimes.add(hConf.getLong(YarnConfiguration.DELEGATION_TOKEN_RENEW_INTERVAL_KEY, YarnConfiguration.DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT)); // Renewal interval for Hive. Also see: https://issues.apache.org/jira/browse/HIVE-9214 Configuration hiveConf = getHiveConf(); if (hiveConf != null) { renewalTimes.add(hiveConf.getLong(HadoopThriftAuthBridge.Server.DELEGATION_TOKEN_RENEW_INTERVAL_KEY, HadoopThriftAuthBridge.Server.DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT)); } else {// w ww.j a v a 2s. co m renewalTimes.add(HadoopThriftAuthBridge.Server.DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT); } // Renewal interval for JHS renewalTimes.add(hConf.getLong(MRConfig.DELEGATION_TOKEN_RENEW_INTERVAL_KEY, MRConfig.DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT)); } // Set the update interval to the shortest update interval of all required renewals. Long minimumInterval = Collections.min(renewalTimes); // Schedule it 5 min before it expires long delay = minimumInterval - TimeUnit.MINUTES.toMillis(5); // Safeguard: In practice, the value can't be that small, otherwise nothing would work. if (delay <= 0) { delay = (minimumInterval <= 2) ? 1 : minimumInterval / 2; } LOG.info("Setting token renewal time to: {} ms", delay); return delay; }
From source file:org.apache.slider.server.services.security.FsDelegationTokenManager.java
License:Apache License
public void acquireDelegationToken(Configuration configuration) throws IOException, InterruptedException { if (remoteUser == null) { createRemoteUser(configuration); }/*from w ww .ja v a 2s . c o m*/ if (SliderUtils.isHadoopClusterSecure(configuration) && renewingAction == null) { renewInterval = configuration.getLong(DFSConfigKeys.DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY, DFSConfigKeys.DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT); // constructor of action will retrieve initial token. One may already be // associated with user, but its lifecycle/management is not clear so let's // create and manage a token explicitly renewAction = new RenewAction("HDFS renew", configuration); // set retrieved token as the user associated delegation token and // start a renewing action to renew Token<?> token = renewAction.getToken(); currentUser.addToken(token.getService(), token); log.info("HDFS delegation token {} acquired and set as credential for current user", token); renewingAction = new RenewingAction<RenewAction>(renewAction, (int) renewInterval, (int) renewInterval, TimeUnit.MILLISECONDS, getRenewingLimit()); log.info("queuing HDFS delegation token renewal interval of {} milliseconds", renewInterval); queue(renewingAction); } }
From source file:org.apache.twill.yarn.YarnTwillRunnerService.java
License:Apache License
private void startUp() throws Exception { yarnAppClient.startAndWait();//from www . jav a2 s. c om zkClientService.startAndWait(); // Create the root node, so that the namespace root would get created if it is missing // If the exception is caused by node exists, then it's ok. Otherwise propagate the exception. ZKOperations.ignoreError(zkClientService.create("/", null, CreateMode.PERSISTENT), KeeperException.NodeExistsException.class, null).get(); watchCancellable = watchLiveApps(); liveInfos = createLiveInfos(); // Schedule an updater for updating HDFS delegation tokens if (UserGroupInformation.isSecurityEnabled()) { long renewalInterval = yarnConfig.getLong( DFSConfigKeys.DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY, DFSConfigKeys.DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT); // Schedule it five minutes before it expires. long delay = renewalInterval - TimeUnit.MINUTES.toMillis(5); // Just to safeguard. In practice, the value shouldn't be that small, otherwise nothing could work. if (delay <= 0) { delay = (renewalInterval <= 2) ? 1 : renewalInterval / 2; } scheduleSecureStoreUpdate(new LocationSecureStoreUpdater(yarnConfig, locationFactory), delay, delay, TimeUnit.MILLISECONDS); } }