ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Madhan Neethiraj" <mad...@apache.org>
Subject Re: Review Request 40848: Ranger 754 : Ranger YARN Plugin lookup and test connection should support SPENGO enabled HTTP Authentication
Date Wed, 02 Dec 2015 01:33:04 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/40848/#review108588
-----------------------------------------------------------

Ship it!


Please address the issues identified in the comments and commit.


agents-common/src/main/java/org/apache/ranger/plugin/client/HadoopConfigHolder.java (line
286)
<https://reviews.apache.org/r/40848/#comment168039>

    Consider adding an else {} here to set isHadoopHTTPAuthentication = false.
    
    Or initialize isHadoopHTTPAuthentication to false in line# 59.



plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnClient.java (line 101)
<https://reviews.apache.org/r/40848/#comment168041>

    This sets a global authenticator for the entire process; this authenticator will be used
when any server requests for authentication.
    
    One of the implication is the potenial errors in simultaneous lookup on 2 YARN service
instances (or other services that use HTTP for look up). Please look for an alternate way
to set the authenticator, preferrably for the given Client object. If this is not feasible,
at least reset the global authenticator - by setting Authenticator.setDefault(null) in the
finally block.



plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnConnectionMgr.java (line
34)
<https://reviews.apache.org/r/40848/#comment168042>

    Since the URL/username/password is handled within YarnClient constructor, remove this
code from here and let the error handling (of logging error message) be done in the constructor.


- Madhan Neethiraj


On Dec. 2, 2015, 12:53 a.m., Ramesh Mani wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/40848/
> -----------------------------------------------------------
> 
> (Updated Dec. 2, 2015, 12:53 a.m.)
> 
> 
> Review request for ranger, Alok Lal, Abhay Kulkarni, Madhan Neethiraj, and Selvamohan
Neethiraj.
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Ranger 754 : Ranger YARN Plugin lookup and test connection should support SPENGO enabled
HTTP Authentication
> 
> 
> Diffs
> -----
> 
>   agents-common/src/main/java/org/apache/ranger/plugin/client/HadoopConfigHolder.java
f95e10e 
>   agents-common/src/main/resources/service-defs/ranger-servicedef-yarn.json ff1f39f 
>   plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnClient.java fc07760

>   plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnConnectionMgr.java
e2cc2ef 
>   plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnResourceMgr.java
95d29c0 
> 
> Diff: https://reviews.apache.org/r/40848/diff/
> 
> 
> Testing
> -------
> 
> Configure the hadoop for  http Authenticaton https://hadoop.apache.org/docs/r1.2.1/HttpAuthentication.html
> 
> Verified Ranger Yarn Service Test connection successful in the Ranger Admin UI
> Verified Ranger Yarn Service Lookup fetching the yarn resources in Ranger Admin UI
> Verified the same without HTTP authentication in a cluster and secure cluster.
> 
> 
> Thanks,
> 
> Ramesh Mani
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message