HDP 3.1.0.0-78升级后无法使用ResourceManager UI杀死YARN应用 [英] Can't kill YARN apps using ResourceManager UI after HDP 3.1.0.0-78 upgrade

问题描述

我最近将HDP从2.6.5升级到了运行YARN 3.1.0的3.1.0，并且我无法再使用旧版本的(:8088/cluster/apps)或新版本从YARN ResourceManager UI中终止应用程序(:8088/ui2/index.html#/yarn-apps/apps)版本.我仍然可以使用RHEL 7中的shell和yarn app -kill {app-id}

I recently upgraded HDP from 2.6.5 to 3.1.0, which runs YARN 3.1.0, and I can no longer kill applications from the YARN ResourceManager UI, using either the old (:8088/cluster/apps) or new (:8088/ui2/index.html#/yarn-apps/apps) version. I can still kill them using the shell in RHEL 7 with yarn app -kill {app-id}

这些申请是通过Livy提交的.这是我的工作流程:

These applications are submitted via Livy. Here is my workflow:

打开ResourceManagerUI，打开应用程序，单击设置"，然后选择杀死应用程序".注意，登录为:"设置为UNKNOWN_USER:

Open the ResourceManagerUI, open the Application, click Settings and choose Kill Application. Notice, the 'Logged in as:' is set to UNKNOWN_USER:

确认我要终止该应用程序:

Confirm that I want to kill the Application:

我在用户界面中遇到以下错误:

I get the following error in the UI:

在Chrome中打开控制台，我看到401(未经授权)错误.

Opening the console in Chrome, I see a 401 (Unauthorized) error.

如果我从旧版UI尝试此操作，则可以展开错误消息，并显示以下内容:

If I try this from the old UI I am able to expand the error message and it shows the following:

{"RemoteException":{"exception":"AuthorizationException","message":"Unable to obtain user name, user not authenticated","javaClassName":"org.apache.hadoop.security.authorize.AuthorizationException"}}

我阅读了很多帖子，进行了验证并更改了一些设置，以设法解决这一问题.以下是我研究后检查或更改的一些设置:

I've read lots of posts, verified and changed several settings to try to fix this with no luck. Here are some of the settings I checked or changed as a result of my research:

hadoop.http.filter.initializers=org.apache.hadoop.security.HttpCrossOriginFilterInitializer,org.apache.hadoop.http.lib.StaticUserWebFilter
hbase.security.authentication=simple
hbase.security.authorization=false
yarn.nodemanager.webapp.cross-origin.enabled=true
yarn.resourcemanager.webapp.cross-origin.enabled=true
yarn.resourcemanager.webapp.delegation-token-auth-filter.enabled=false
yarn.resourcemanager.webapp.ui-actions.enabled=true
yarn.timeline-service.http-authentication.simple.anonymous.allowed=true
yarn.timeline-service.http-authentication.type=simple
yarn.webapp.api-service.enable=true
yarn.webapp.ui2.enable=true
ranger.add-yarn-authorization=false

其中一些对我来说似乎是基础知识，例如hbase的东西，因为我认为这与我所看到的没有任何关系.但是，有些用户在其他情况下可以使用它们，因此我想尝试一下.

Some of these seem way off base to me, like the hbase stuff, since I don't think that has anything to do with what I'm seeing. However, some users, in other situations, had it work for them so I wanted to try it.

在浏览文档时，似乎需要进行身份验证才能调用API.但是，2.6.5的文档中使用了相同的语言，这是我在此之前运行的YARN的版本.

Digging through the documentation it seems like you need to be authenticated before you can call the API. However, that same language was in the documentation for 2.6.5, which is the version of YARN I was running before where this worked.

希望有人可以指出我的文档，该文档更清楚地概述了我可以解决该问题的方法.

Hopefully someone can point me to documentation that more clearly outlines what I can do to resolve the issue.

谢谢.

推荐答案

嘿，我知道这不是解决方案(升级后遇到同样的问题)，但是我发现在添加?user.name ="指向旧资源管理器url的url末尾将以该用户的身份登录到两个页面.我发现旧的RM页面是唯一杀死工作的方法.

Hey I know this isn't solution (I'm experiencing the same issue post-upgrade), but I found adding "?user.name=" at the end of the url to the old resource manager url will log you in as that user on both pages. I've found the old RM page as the only way to kill jobs though.

这篇关于HDP 3.1.0.0-78升级后无法使用ResourceManager UI杀死YARN应用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！