Support Questions
Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Advanced Search

How to assigned capacity scheduler queue based on AD group.

Solved Go to solution

How to assigned capacity scheduler queue based on AD group.

SK1
Guru

Created ‎02-12-2016 01:50 PM

HI,

I have a requirement where we have to assign our CS queues based on ad groups.

For example our ad users are using cluster and running jobs under defined queue but I want that is there any way to configure their AD group with queue so that each member of that queue will go only to a specific queue.

Reply
2,785 Views
1 ACCEPTED SOLUTION

Accepted Solutions

Re: How to assigned capacity scheduler queue based on AD group.

nsabharwal
Mentor

Created ‎02-15-2016 08:14 PM

@Saurabh Kumar[root@phdns02 scripts]# id neeraj

uid=29800018(neeraj) gid=29800018(neeraj) groups=29800018(neeraj),29800017(hdpadmin)

[root@phdns02 scripts]#

See this

View solution in original post

Reply
1,002 Views
17 REPLIES 17

Re: How to assigned capacity scheduler queue based on AD group.

nsabharwal
Mentor

Created ‎02-12-2016 01:55 PM

@Saurabh Kumar

For this you have to make sure that Ambari (If you are using CS view) is in synch with AD. You have to import users and groups that you want to map with queues.

See this demo on queue mapping.

As long as user id matches with CS setup, queues will be in effect.

Reply
1,002 Views

Re: How to assigned capacity scheduler queue based on AD group.

SK1
Guru

Created ‎02-15-2016 01:59 PM

Hello @Neeraj Sabharwal: Thanks for the above explanation. I have configured CS view which is working fine for local unix group and users. But when I configured for Ldap or AD group it does not work and fail with below error.

org.apache.tez.dag.api.TezException: org.apache.hadoop.yarn.exceptions.YarnException: Failed to submit application_1455533826426_0018 to YARN : Failed to submit application application_1455533826426_0018 submitted by user saurkuma reason: No groups found for user saurkuma

Reply
1,002 Views

Re: How to assigned capacity scheduler queue based on AD group.

nsabharwal
Mentor

Created ‎02-15-2016 02:02 PM

@Saurabh Kumar See this "submitted by user saurkuma reason: No groups found for user saurkuma"

Start with user level mapping and then see if your user is part of the group or not.

Reply
1,002 Views

Re: How to assigned capacity scheduler queue based on AD group.

SK1
Guru

Created on ‎02-15-2016 02:27 PM - edited ‎08-19-2019 01:27 AM

@Neeraj Sabharwal: Yes I am a part of the AD group(adhdpadm) and when I configure u:saurkuma:default then it is working fine but when I do g:adhdpadm:default then it is failing with above error.

2112-screen-shot-2016-02-15-at-75702-pm.png

Reply
1,002 Views

Re: How to assigned capacity scheduler queue based on AD group.

nsabharwal
Mentor

Created ‎02-15-2016 02:31 PM

@Saurabh Kumar https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.3.2/bk_yarn_resource_mgt/content/default_queue_...

My only concern is if user is part of that group or not. 

<property>
  <name>yarn.scheduler.capacity.queue-mappings</name>
  <value>u:maria:engineering,g:webadmins:weblog</value>
</property>
Reply
1,002 Views

Re: How to assigned capacity scheduler queue based on AD group.

SK1
Guru

Created ‎02-15-2016 04:40 PM

Hi @Neeraj Sabharwal: when configured ad group mapping then I don't defined any user mapping.And yes user saurkuma is a part of adhdpadm group.

My first point is does it supports ldap groups(Active directory) or not ?

I checked with local unix groups and found them working.

Reply
1,002 Views
0 Kudos

Re: How to assigned capacity scheduler queue based on AD group.

nsabharwal
Mentor

Created ‎02-15-2016 04:58 PM

@Saurabh Kumar

Let me run a test And get back to you .

Reply
1,002 Views

Re: How to assigned capacity scheduler queue based on AD group.

nsabharwal
Mentor

Created ‎02-15-2016 08:14 PM

@Saurabh Kumar[root@phdns02 scripts]# id neeraj

uid=29800018(neeraj) gid=29800018(neeraj) groups=29800018(neeraj),29800017(hdpadmin)

[root@phdns02 scripts]#

See this

View solution in original post

Reply
1,003 Views

Re: How to assigned capacity scheduler queue based on AD group.

nsabharwal
Mentor

Created ‎02-15-2016 08:15 PM

@Saurabh Kumar You can see that I have mapped hdpadmin group to queue hadoopadmin

user neeraj is part of the group and when I run yarn job, it executes against hdpadmin queue

[root@phdns02 ~]# cat /etc/group | grep hdpadmin

[root@phdns02 ~]# su - neeraj

su: warning: cannot change directory to /home/neeraj: No such file or directory

-sh-4.1$ id

exituid=29800018(neeraj) gid=29800018(neeraj) groups=29800018(neeraj),29800017(hdpadmin) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

-sh-4.1$ exit

logout

[root@phdns02 ~]# id neeraj

uid=29800018(neeraj) gid=29800018(neeraj) groups=29800018(neeraj),29800017(hdpadmin)

[root@phdns02 ~]#

Reply
1,002 Views
Don't have an account?
Register
Announcements
What's New @ Cloudera
CDP Operational Database enables customers to use Spark with database through both SQL & NoSQL interfaces
What's New @ Cloudera
[Preview] Accelerate data pipelines by more than 30% with Apache Spark 3 in Cloudera Data Engineering (CDE)
What's New @ Cloudera
Cloudera Data Engineering (CDE) supports deployment of containerized data pipelines on Azure
What's New @ Cloudera
CDP makes it easy to deploy an edge node in AWS & Microsoft Azure to support CDP Operational Database Experience
Product Announcements
[ANNOUNCE] Cloudera JDBC Driver 2.6.15 for Apache Hive Released
View More Announcements