Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-5949

Flink on YARN checks for Kerberos credentials for non-Kerberos authentication methods

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • 1.2.0
    • 1.2.1, 1.3.0
    • Deployment / YARN
    • None

    Description

      Reported in ML: http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/Flink-Yarn-and-MapR-Kerberos-issue-td11996.html

      The problem is that the Flink on YARN client incorrectly assumes UserGroupInformation.isSecurityEnabled() returns true only for Kerberos authentication modes, whereas it actually returns true for other kinds of authentications too.

      We could make use of UserGroupInformation.getAuthenticationMethod() to check for KERBEROS only.

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            tzulitai Tzu-Li (Gordon) Tai
            tzulitai Tzu-Li (Gordon) Tai
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment