Command Line Installation
Also available as:
PDF
loading table of contents...

YARN Configuration

[Note]Note

The following steps must be performed on all nodes that launch the ResourceManager.

  1. Create a new configuration file called yarn_jaas.conf in the directory that contains the Hadoop Core configurations (typically, /etc/hadoop/conf).

    Client {
    com.sun.security.auth.module.Krb5LoginModule required
    useKeyTab=true
    storeKey=true
    useTicketCache=false
    keyTab="$PATH_TO_RM_KEYTAB"
    (such as "/etc/security/keytabs/rm.service.keytab")
    principal="rm/$HOST";
    (such as "rm/xuan-sec-yarn-ha-1.novalocal@EXAMPLE.COM";)
    };
  2. Add a new property to the yarn-site.xml file.

    <property>
    <name>yarn.resourcemanager.zk-acl</name>
    <value>sasl:rm:rwcda</value>
    </property>
    [Note]Note

    Because yarn-resourcemanager.zk-acl is set to sasl, you do not need to set any value for yarn.resourcemanager.zk-auth. Setting the value to sasl also means that you cannot run the command addauth<scheme><auth> in the zkclient CLI.

  3. Add a new YARN_OPTS to the yarn-env.sh file and make sure this YARN_OPTS is picked up when you start your ResourceManagers.

    YARN_OPTS="$YARN_OPTS -Dzookeeper.sasl.client=true
    -Dzookeeper.sasl.client.username=zookeeper
    -Djava.security.auth.login.config=/etc/hadoop/conf/yarn_jaas.conf
    -Dzookeeper.sasl.clientconfig=Client"