Skip to content

Commit a867a06

Browse files
committed
MapR [SPARK-1108] Parallel jobs running causes errors with manageSSLKeys.sh (Permission denied) (apache#1049)
Co-authored-by: Egor Krivokon <>
1 parent 1787933 commit a867a06

File tree

1 file changed

+22
-8
lines changed

1 file changed

+22
-8
lines changed

core/src/main/scala/org/apache/spark/SecurityManager.scala

Lines changed: 22 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -24,11 +24,9 @@ import java.util.Base64
2424

2525
import scala.sys.process._
2626
import scala.language.postfixOps
27-
2827
import org.apache.hadoop.fs.{FileSystem, Path}
2928
import org.apache.hadoop.io.Text
3029
import org.apache.hadoop.security.{Credentials, UserGroupInformation}
31-
3230
import org.apache.spark.deploy.SparkHadoopUtil
3331
import org.apache.spark.internal.Logging
3432
import org.apache.spark.internal.config._
@@ -37,6 +35,9 @@ import org.apache.spark.launcher.SparkLauncher
3735
import org.apache.spark.network.sasl.SecretKeyHolder
3836
import org.apache.spark.util.Utils
3937

38+
import scala.annotation.tailrec
39+
import scala.util.{Failure, Try}
40+
4041
/**
4142
* Spark class responsible for security.
4243
*
@@ -133,6 +134,22 @@ private[spark] class SecurityManager(
133134
s"$sparkBase/spark-$sparkVersion"
134135
}
135136

137+
@tailrec
138+
private def genViaManageSSLScript(stdWriter: PrintWriter,
139+
manageSslKeysScriptLocal: String,
140+
sslKeyStorePass: String,
141+
count: Int): Int = {
142+
Try(s"$manageSslKeysScriptLocal $sslKeyStorePass" ! ProcessLogger(stdWriter println, stdWriter println)) match {
143+
case Failure(_) =>
144+
if (count == 0) -1 else {
145+
logInfo("manageSSLKeys.sh script is busy, waiting...")
146+
Thread.sleep(5000)
147+
genViaManageSSLScript(stdWriter, manageSslKeysScriptLocal, sslKeyStorePass, count - 1)
148+
}
149+
case _ => 0
150+
}
151+
}
152+
136153
def genSSLCertsIfNeededAndPushToMapRFS(): Unit = {
137154
if (isSSLCertGenerationNeededForWebUI(getSSLOptions("ui"))) {
138155
val username = UserGroupInformation.getCurrentUser.getShortUserName
@@ -143,7 +160,7 @@ private[spark] class SecurityManager(
143160
val fs = FileSystem.get(hadoopConf)
144161

145162
// If the manageSSLKeys.sh script is not present, copy it from local spark folder
146-
if (! fs.exists(new Path(mfsManageSslKeysScriptRemote))) {
163+
if (!fs.exists(new Path(mfsManageSslKeysScriptRemote))) {
147164
val mfsBaseDirPath = new Path(mfsBaseDir)
148165
if (!fs.exists(mfsBaseDirPath)) {
149166
fs.mkdirs(mfsBaseDirPath)
@@ -155,6 +172,7 @@ private[spark] class SecurityManager(
155172
val manageSslKeysScriptLocal = s"$localBaseDir/$certGeneratorName"
156173

157174
fs.copyToLocalFile(new Path(mfsManageSslKeysScriptRemote), new Path(manageSslKeysScriptLocal))
175+
158176
val manageSslKeysLocalFile = new File(manageSslKeysScriptLocal)
159177

160178
manageSslKeysLocalFile.setExecutable(true)
@@ -165,11 +183,7 @@ private[spark] class SecurityManager(
165183
val stdStream = new OutputStreamWriter(new FileOutputStream(file), UTF_8)
166184
val stdWriter = new PrintWriter(stdStream)
167185

168-
while (s"pgrep -fl $certGeneratorName".lineStream_!.nonEmpty) {
169-
logInfo("manageSSLKeys.sh script is busy, waiting...")
170-
Thread.sleep(500)
171-
}
172-
val res = s"$manageSslKeysScriptLocal $sslKeyStorePass" ! ProcessLogger(stdWriter println, stdWriter println)
186+
val res = genViaManageSSLScript(stdWriter, manageSslKeysScriptLocal, sslKeyStorePass, 10)
173187
stdWriter.close()
174188

175189
val certGeneratorLogMfsLocation = s"/apps/spark/$certGeneratorLog"

0 commit comments

Comments
 (0)