So, I was able to circumvent this issue. This is in no way a permanent solution, but I thought I should let you (and anybody who encounters this problem in future) know some of my observations. What I fount out was that, 1. In Mapr's version of hadoop, they do the authentication inside initialize() method of UserGroupInformation.java. 2. So, we would not need to check for kerberos credentials in flink's deploy() method of AbstractYarnClusterDescriptor.java (atleast for MapR's Hadoop version). 3. Also, the authentication method returned by MapR (via getAuthenticationMethod()) is CUSTOM. 4. I added a check for authenticationMethod, so that flink will check for hasKerberosAuthentication() ONLY if the authentication method is Kerberos. 5. After doing this change, and building flink, I was able to confirm that indeed a user with appropriate MapR credentials was able to login without issues and an error was raised for an user without credentials. This is the desired behavior that we wanted.
-- View this message in context: http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/Flink-Yarn-and-MapR-Kerberos-issue-tp11996p12194.html Sent from the Apache Flink User Mailing List archive. mailing list archive at Nabble.com.
