Package org.apache.hadoop.yarn.server.nodemanager.amrmproxy

Class AMRMProxyTokenSecretManager

java.lang.Object
org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.yarn.security.AMRMTokenIdentifier>
org.apache.hadoop.yarn.server.nodemanager.amrmproxy.AMRMProxyTokenSecretManager
public class AMRMProxyTokenSecretManager extends org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.yarn.security.AMRMTokenIdentifier>
This secret manager instance is used by the AMRMProxyService to generate and manage tokens.

  • Constructor Details

  • Method Details

    • init

      public void init(org.apache.hadoop.conf.Configuration conf)

    • start

      public void start()

    • stop

      public void stop()

    • setNMStateStoreService

      @VisibleForTesting public void setNMStateStoreService(NMStateStoreService nmStateStoreService)

    • applicationMasterFinished

      public void applicationMasterFinished(org.apache.hadoop.yarn.api.records.ApplicationAttemptId appAttemptId)

    • rollMasterKey

      @Private @VisibleForTesting public void rollMasterKey()

    • activateNextMasterKey

      @Private @VisibleForTesting public void activateNextMasterKey()

    • createNewMasterKey

      @Private @VisibleForTesting public org.apache.hadoop.yarn.server.security.MasterKeyData createNewMasterKey()

    • createAndGetAMRMToken

      public org.apache.hadoop.security.token.Token<org.apache.hadoop.yarn.security.AMRMTokenIdentifier> createAndGetAMRMToken(org.apache.hadoop.yarn.api.records.ApplicationAttemptId appAttemptId)

    • getMasterKey

      @VisibleForTesting public org.apache.hadoop.yarn.server.security.MasterKeyData getMasterKey()

    • retrievePassword

      public byte[] retrievePassword(org.apache.hadoop.yarn.security.AMRMTokenIdentifier identifier) throws org.apache.hadoop.security.token.SecretManager.InvalidToken
      Retrieve the password for the given AMRMTokenIdentifier. Used by RPC layer to validate a remote AMRMTokenIdentifier.
      Specified by:
      retrievePassword in class org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.yarn.security.AMRMTokenIdentifier>
      Throws:
      org.apache.hadoop.security.token.SecretManager.InvalidToken

    • createIdentifier

      public org.apache.hadoop.yarn.security.AMRMTokenIdentifier createIdentifier()
      Creates an empty TokenId to be used for de-serializing an AMRMTokenIdentifier by the RPC layer.
      Specified by:
      createIdentifier in class org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.yarn.security.AMRMTokenIdentifier>

    • getCurrentMasterKeyData

      @Private @VisibleForTesting public org.apache.hadoop.yarn.server.security.MasterKeyData getCurrentMasterKeyData()

    • getNextMasterKeyData

      @Private @VisibleForTesting public org.apache.hadoop.yarn.server.security.MasterKeyData getNextMasterKeyData()

    • createPassword

      @Private protected byte[] createPassword(org.apache.hadoop.yarn.security.AMRMTokenIdentifier identifier)
      Specified by:
      createPassword in class org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.yarn.security.AMRMTokenIdentifier>

    • recover

      public void recover(NMStateStoreService.RecoveredAMRMProxyState state)
      Recover secretManager from state store. Called after serviceInit before serviceStart.
      Parameters:
      state - the state to recover from