Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Fixed
-
1.10.1, 1.11.0
Description
I was not able to run Flink 1.10.1 on YARN on a a secured MapR cluster, but the previous version (1.10.0) works fine.
After some investigation it looks like during some refactoring, checking if the enabled security method is kerberos was removed, effectively reintroducing https://issues.apache.org/jira/browse/FLINK-5949
Refactoring commit: https://github.com/apache/flink/commit/8751e69037d8a9b1756b75eed62a368c3ef29137
My proposal would be to bring back the kerberos check:
loginUser.getAuthenticationMethod() == UserGroupInformation.AuthenticationMethod.KERBEROS
and add an unit test for that case to prevent it from happening again
I'm happy to prepare a PR after reaching consensus
Attachments
Issue Links
- is caused by
-
FLINK-15561 Unify Kerberos credentials checking
- Resolved
- links to