Details
-
Sub-task
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
Description
Inspired by the discussion in http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/Yarn-Kerberos-issue-td31894.html#a31933
Currently the security HadoopModule handles delegation token login utilizes 2 different code path.
Flink needs to to ensure delegation token is also a valid format of credential when launching YARN context. See [1] https://github.com/apache/flink/blob/master/flink-yarn/src/main/java/org/apache/flink/yarn/YarnClusterDescriptor.java#L484 and [2] https://github.com/apache/flink/blob/master/flink-runtime/src/main/java/org/apache/flink/runtime/security/modules/HadoopModule.java#L146
Attachments
Issue Links
- causes
-
FLINK-18045 Fix Kerberos credentials checking to unblock Flink on secured MapR
-
- Closed
-
- links to
