001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements. See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership. The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License. You may obtain a copy of the License at
009 *
010 * http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018
019 package org.apache.hadoop.yarn.security;
020
021 import java.io.DataInput;
022 import java.io.DataOutput;
023 import java.io.IOException;
024
025 import org.apache.commons.logging.Log;
026 import org.apache.commons.logging.LogFactory;
027 import org.apache.hadoop.classification.InterfaceAudience;
028 import org.apache.hadoop.classification.InterfaceAudience.Public;
029 import org.apache.hadoop.classification.InterfaceStability.Evolving;
030 import org.apache.hadoop.io.Text;
031 import org.apache.hadoop.security.UserGroupInformation;
032 import org.apache.hadoop.security.token.Token;
033 import org.apache.hadoop.security.token.TokenIdentifier;
034 import org.apache.hadoop.yarn.api.records.ApplicationAttemptId;
035 import org.apache.hadoop.yarn.api.records.ApplicationId;
036 import org.apache.hadoop.yarn.api.records.ContainerId;
037 import org.apache.hadoop.yarn.api.records.Resource;
038
039 /**
040 * TokenIdentifier for a container. Encodes {@link ContainerId},
041 * {@link Resource} needed by the container and the target NMs host-address.
042 *
043 */
044 @Public
045 @Evolving
046 public class ContainerTokenIdentifier extends TokenIdentifier {
047
048 private static Log LOG = LogFactory.getLog(ContainerTokenIdentifier.class);
049
050 public static final Text KIND = new Text("ContainerToken");
051
052 private ContainerId containerId;
053 private String nmHostAddr;
054 private String appSubmitter;
055 private Resource resource;
056 private long expiryTimeStamp;
057 private int masterKeyId;
058 private long rmIdentifier;
059
060 public ContainerTokenIdentifier(ContainerId containerID, String hostName,
061 String appSubmitter, Resource r, long expiryTimeStamp, int masterKeyId,
062 long rmIdentifier) {
063 this.containerId = containerID;
064 this.nmHostAddr = hostName;
065 this.appSubmitter = appSubmitter;
066 this.resource = r;
067 this.expiryTimeStamp = expiryTimeStamp;
068 this.masterKeyId = masterKeyId;
069 this.rmIdentifier = rmIdentifier;
070 }
071
072 /**
073 * Default constructor needed by RPC layer/SecretManager.
074 */
075 public ContainerTokenIdentifier() {
076 }
077
078 public ContainerId getContainerID() {
079 return this.containerId;
080 }
081
082 public String getApplicationSubmitter() {
083 return this.appSubmitter;
084 }
085
086 public String getNmHostAddress() {
087 return this.nmHostAddr;
088 }
089
090 public Resource getResource() {
091 return this.resource;
092 }
093
094 public long getExpiryTimeStamp() {
095 return this.expiryTimeStamp;
096 }
097
098 public int getMasterKeyId() {
099 return this.masterKeyId;
100 }
101
102 /**
103 * Get the RMIdentifier of RM in which containers are allocated
104 * @return RMIdentifier
105 */
106 public long getRMIdentifer() {
107 return this.rmIdentifier;
108 }
109
110 @Override
111 public void write(DataOutput out) throws IOException {
112 LOG.debug("Writing ContainerTokenIdentifier to RPC layer: " + this);
113 ApplicationAttemptId applicationAttemptId = this.containerId
114 .getApplicationAttemptId();
115 ApplicationId applicationId = applicationAttemptId.getApplicationId();
116 out.writeLong(applicationId.getClusterTimestamp());
117 out.writeInt(applicationId.getId());
118 out.writeInt(applicationAttemptId.getAttemptId());
119 out.writeInt(this.containerId.getId());
120 out.writeUTF(this.nmHostAddr);
121 out.writeUTF(this.appSubmitter);
122 out.writeInt(this.resource.getMemory());
123 out.writeInt(this.resource.getVirtualCores());
124 out.writeLong(this.expiryTimeStamp);
125 out.writeInt(this.masterKeyId);
126 out.writeLong(this.rmIdentifier);
127 }
128
129 @Override
130 public void readFields(DataInput in) throws IOException {
131 ApplicationId applicationId =
132 ApplicationId.newInstance(in.readLong(), in.readInt());
133 ApplicationAttemptId applicationAttemptId =
134 ApplicationAttemptId.newInstance(applicationId, in.readInt());
135 this.containerId =
136 ContainerId.newInstance(applicationAttemptId, in.readInt());
137 this.nmHostAddr = in.readUTF();
138 this.appSubmitter = in.readUTF();
139 int memory = in.readInt();
140 int vCores = in.readInt();
141 this.resource = Resource.newInstance(memory, vCores);
142 this.expiryTimeStamp = in.readLong();
143 this.masterKeyId = in.readInt();
144 this.rmIdentifier = in.readLong();
145 }
146
147 @Override
148 public Text getKind() {
149 return KIND;
150 }
151
152 @Override
153 public UserGroupInformation getUser() {
154 return UserGroupInformation.createRemoteUser(this.containerId.toString());
155 }
156
157 // TODO: Needed?
158 @InterfaceAudience.Private
159 public static class Renewer extends Token.TrivialRenewer {
160 @Override
161 protected Text getKind() {
162 return KIND;
163 }
164 }
165 }