public class NMContainerTokenSecretManager
extends org.apache.hadoop.yarn.server.security.BaseContainerTokenSecretManager
| Constructor and Description | 
|---|
| NMContainerTokenSecretManager(org.apache.hadoop.conf.Configuration conf) | 
| NMContainerTokenSecretManager(org.apache.hadoop.conf.Configuration conf,
                             NMStateStoreService stateStore) | 
| Modifier and Type | Method and Description | 
|---|---|
| boolean | isValidStartContainerRequest(org.apache.hadoop.yarn.security.ContainerTokenIdentifier containerTokenIdentifier)Container will be remembered based on expiration time of the container
 token used for starting the container. | 
| void | recover() | 
| protected void | removeAnyContainerTokenIfExpired() | 
| byte[] | retrievePassword(org.apache.hadoop.yarn.security.ContainerTokenIdentifier identifier)Override of this is to validate ContainerTokens generated by using
 different  MasterKeys. | 
| void | setMasterKey(org.apache.hadoop.yarn.server.api.records.MasterKey masterKeyRecord)Used by NodeManagers to create a token-secret-manager with the key obtained
 from the RM. | 
| void | setNodeId(org.apache.hadoop.yarn.api.records.NodeId nodeId) | 
| void | startContainerSuccessful(org.apache.hadoop.yarn.security.ContainerTokenIdentifier tokenId)Container start has gone through. | 
createIdentifier, createNewMasterKey, createPassword, getCurrentKey, retrievePasswordInternalpublic NMContainerTokenSecretManager(org.apache.hadoop.conf.Configuration conf)
public NMContainerTokenSecretManager(org.apache.hadoop.conf.Configuration conf,
                                     NMStateStoreService stateStore)
public void recover()
             throws IOException
IOException@InterfaceAudience.Private public void setMasterKey(org.apache.hadoop.yarn.server.api.records.MasterKey masterKeyRecord)
masterKeyRecord - public byte[] retrievePassword(org.apache.hadoop.yarn.security.ContainerTokenIdentifier identifier)
                        throws org.apache.hadoop.security.token.SecretManager.InvalidToken
MasterKeys.retrievePassword in class org.apache.hadoop.yarn.server.security.BaseContainerTokenSecretManagerorg.apache.hadoop.security.token.SecretManager.InvalidTokenpublic void startContainerSuccessful(org.apache.hadoop.yarn.security.ContainerTokenIdentifier tokenId)
protected void removeAnyContainerTokenIfExpired()
public boolean isValidStartContainerRequest(org.apache.hadoop.yarn.security.ContainerTokenIdentifier containerTokenIdentifier)
public void setNodeId(org.apache.hadoop.yarn.api.records.NodeId nodeId)
Copyright © 2008–2023 Apache Software Foundation. All rights reserved.