diff --git common/src/java/org/apache/hadoop/hive/conf/HiveConf.java common/src/java/org/apache/hadoop/hive/conf/HiveConf.java index aedd1ec975..30c24d90bb 100644 --- common/src/java/org/apache/hadoop/hive/conf/HiveConf.java +++ common/src/java/org/apache/hadoop/hive/conf/HiveConf.java @@ -360,8 +360,6 @@ private static void populateLlapDaemonVarsSet(Set llapDaemonVarsSetLocal llapDaemonVarsSetLocal.add(ConfVars.LLAP_IO_THREADPOOL_SIZE.varname); llapDaemonVarsSetLocal.add(ConfVars.LLAP_KERBEROS_PRINCIPAL.varname); llapDaemonVarsSetLocal.add(ConfVars.LLAP_KERBEROS_KEYTAB_FILE.varname); - llapDaemonVarsSetLocal.add(ConfVars.LLAP_ZKSM_KERBEROS_PRINCIPAL.varname); - llapDaemonVarsSetLocal.add(ConfVars.LLAP_ZKSM_KERBEROS_KEYTAB_FILE.varname); llapDaemonVarsSetLocal.add(ConfVars.LLAP_ZKSM_ZK_CONNECTION_STRING.varname); llapDaemonVarsSetLocal.add(ConfVars.LLAP_SECURITY_ACL.varname); llapDaemonVarsSetLocal.add(ConfVars.LLAP_MANAGEMENT_ACL.varname); @@ -3272,11 +3270,6 @@ private static void populateLlapDaemonVarsSet(Set llapDaemonVarsSetLocal "The name of the LLAP daemon's service principal."), LLAP_KERBEROS_KEYTAB_FILE("hive.llap.daemon.keytab.file", "", "The path to the Kerberos Keytab file containing the LLAP daemon's service principal."), - LLAP_ZKSM_KERBEROS_PRINCIPAL("hive.llap.zk.sm.principal", "", - "The name of the principal to use to talk to ZooKeeper for ZooKeeper SecretManager."), - LLAP_ZKSM_KERBEROS_KEYTAB_FILE("hive.llap.zk.sm.keytab.file", "", - "The path to the Kerberos Keytab file containing the principal to use to talk to\n" + - "ZooKeeper for ZooKeeper SecretManager."), LLAP_WEBUI_SPNEGO_KEYTAB_FILE("hive.llap.webui.spnego.keytab", "", "The path to the Kerberos Keytab file containing the LLAP WebUI SPNEGO principal.\n" + "Typical value would look like /etc/security/keytabs/spnego.service.keytab."), diff --git llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java index de38e99a55..372360897f 100644 --- llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java +++ llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java @@ -165,8 +165,6 @@ public LlapZkConf(Configuration zkConf, UserGroupInformation zkUgi) { private static LlapZkConf createLlapZkConf( Configuration conf, String llapPrincipal, String llapKeytab, String clusterId) { - String principal = HiveConf.getVar(conf, ConfVars.LLAP_ZKSM_KERBEROS_PRINCIPAL, llapPrincipal); - String keyTab = HiveConf.getVar(conf, ConfVars.LLAP_ZKSM_KERBEROS_KEYTAB_FILE, llapKeytab); // Override the default delegation token lifetime for LLAP. // Also set all the necessary ZK settings to defaults and LLAP configs, if not set. final Configuration zkConf = new Configuration(conf); @@ -176,11 +174,11 @@ private static LlapZkConf createLlapZkConf( zkConf.setLong(DelegationTokenManager.RENEW_INTERVAL, tokenLifetime); try { zkConf.set(ZK_DTSM_ZK_KERBEROS_PRINCIPAL, - SecurityUtil.getServerPrincipal(principal, "0.0.0.0")); + SecurityUtil.getServerPrincipal(llapPrincipal, "0.0.0.0")); } catch (IOException e) { throw new RuntimeException(e); } - zkConf.set(ZK_DTSM_ZK_KERBEROS_KEYTAB, keyTab); + zkConf.set(ZK_DTSM_ZK_KERBEROS_KEYTAB, llapKeytab); String zkPath = "zkdtsm_" + clusterId; LOG.info("Using {} as ZK secret manager path", zkPath); zkConf.set(ZK_DTSM_ZNODE_WORKING_PATH, zkPath); @@ -199,7 +197,7 @@ private static LlapZkConf createLlapZkConf( UserGroupInformation zkUgi = null; try { - zkUgi = LlapUtil.loginWithKerberos(principal, keyTab); + zkUgi = LlapUtil.loginWithKerberos(llapPrincipal, llapKeytab); } catch (IOException e) { throw new RuntimeException(e); }