update to latest configs; install sudo

Author: jeevbid

spark-jupyter/Dockerfile

@@ -34,6 +34,7 @@ RUN apt-get update -y \
     && apt-get upgrade -y \
     && apt-get -y install openjdk-8-jdk wget openssh-server sshpass supervisor \
     && apt-get -y install nano net-tools lynx \
+    && apt-get -y install sudo \
     && apt-get clean
 
 # setup ssh

spark-jupyter/build.sh

@@ -1,3 +1,3 @@
 #!/bin/bash
 
-docker build --no-cache -t spark-jupyter:local .
+docker build --no-cache --platform=linux/amd64 -t spark-jupyter:local .

spark-jupyter/run.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+docker run -it \
+    -p 9870:9870 \
+    -p 8088:8088 \
+    -p 8080:8080 \
+    -p 18080:18080 \
+    -p 9000:9000 \
+    -p 8888:8888 \
+    -p 9864:9864 \
+    -e PYSPARK_MASTER=spark://localhost:7077 \
+    spark-jupyter:local

spark-jupyter/ubuntu/usr/local/hadoop/etc/hadoop/capacity-scheduler.xml

@@ -217,4 +217,28 @@
     </description>
   </property>
 
+  <property>
+    <name>yarn.scheduler.capacity.workflow-priority-mappings</name>
+    <value></value>
+    <description>
+      A list of mappings that will be used to override application priority.
+      The syntax for this list is
+      [workflowId]:[full_queue_name]:[priority][,next mapping]*
+      where an application submitted (or mapped to) queue "full_queue_name"
+      and workflowId "workflowId" (as specified in application submission
+      context) will be given priority "priority".
+    </description>
+  </property>
+
+  <property>
+    <name>yarn.scheduler.capacity.workflow-priority-mappings-override.enable</name>
+    <value>false</value>
+    <description>
+      If a priority mapping is present, will it override the value specified
+      by the user? This can be used by administrators to give applications a
+      priority that is different than the one specified by the user.
+      The default is false.
+    </description>
+  </property>
+
 </configuration>

spark-jupyter/ubuntu/usr/local/hadoop/etc/hadoop/container-executor.cfg

@@ -8,18 +8,27 @@ feature.tc.enabled=false
 #[docker]
 #  module.enabled=## enable/disable the module. set to "true" to enable, disabled by default
 #  docker.binary=/usr/bin/docker
-#  docker.allowed.capabilities=## comma seperated capabilities that can be granted, e.g CHOWN,DAC_OVERRIDE,FSETID,FOWNER,MKNOD,NET_RAW,SETGID,SETUID,SETFCAP,SETPCAP,NET_BIND_SERVICE,SYS_CHROOT,KILL,AUDIT_WRITE
-#  docker.allowed.devices=## comma seperated list of devices that can be mounted into a container
-#  docker.allowed.networks=## comma seperated networks that can be used. e.g bridge,host,none
-#  docker.allowed.ro-mounts=## comma seperated volumes that can be mounted as read-only
-#  docker.allowed.rw-mounts=## comma seperate volumes that can be mounted as read-write, add the yarn local and log dirs to this list to run Hadoop jobs
+#  docker.allowed.capabilities=## comma separated capabilities that can be granted, e.g CHOWN,DAC_OVERRIDE,FSETID,FOWNER,MKNOD,NET_RAW,SETGID,SETUID,SETFCAP,SETPCAP,NET_BIND_SERVICE,SYS_CHROOT,KILL,AUDIT_WRITE
+#  docker.allowed.devices=## comma separated list of devices that can be mounted into a container
+#  docker.allowed.networks=## comma separated networks that can be used. e.g bridge,host,none
+#  docker.allowed.ro-mounts=## comma separated volumes that can be mounted as read-only
+#  docker.allowed.rw-mounts=## comma separate volumes that can be mounted as read-write, add the yarn local and log dirs to this list to run Hadoop jobs
 #  docker.privileged-containers.enabled=false
-#  docker.allowed.volume-drivers=## comma seperated list of allowed volume-drivers
+#  docker.allowed.volume-drivers=## comma separated list of allowed volume-drivers
 #  docker.no-new-privileges.enabled=## enable/disable the no-new-privileges flag for docker run. Set to "true" to enable, disabled by default
-#  docker.allowed.runtimes=## comma seperated runtimes that can be used.
+#  docker.allowed.runtimes=## comma separated runtimes that can be used.
 
 # The configs below deal with settings for FPGA resource
 #[fpga]
 #  module.enabled=## Enable/Disable the FPGA resource handler module. set to "true" to enable, disabled by default
 #  fpga.major-device-number=## Major device number of FPGA, by default is 246. Strongly recommend setting this
-#  fpga.allowed-device-minor-numbers=## Comma separated allowed minor device numbers, empty means all FPGA devices managed by YARN.
+#  fpga.allowed-device-minor-numbers=## Comma separated allowed minor device numbers, empty means all FPGA devices managed by YARN.
+
+# The configs below deal with settings for resource handled by pluggable device plugin framework
+#[devices]
+#  module.enabled=## Enable/Disable the device resource handler module for isolation. Disabled by default.
+#  devices.denied-numbers=## Blacklisted devices not permitted to use. The format is comma separated "majorNumber:minorNumber". For instance, "195:1,195:2". Leave it empty means default devices reported by device plugin are all allowed.
+
+# The configs below deal with settings for GPU resource
+#[gpu]
+#  module.enabled=## Enable/Disable GPU resource handler module. Set to "true" to enable, disabled by default

spark-jupyter/ubuntu/usr/local/hadoop/etc/hadoop/hadoop-env.sh

@@ -53,6 +53,10 @@
 # variable is REQUIRED on ALL platforms except OS X!
 export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
 
+# The language environment in which Hadoop runs. Use the English
+# environment to ensure that logs are printed as expected.
+export LANG=en_US.UTF-8
+
 # Location of Hadoop.  By default, Hadoop will attempt to determine
 # this location based upon its execution path.
 export HADOOP_HOME=/usr/local/hadoop

spark-jupyter/ubuntu/usr/local/hadoop/etc/hadoop/hadoop-policy.xml

@@ -63,6 +63,16 @@
     A special value of "*" means all users are allowed.</description>
   </property>
 
+  <property>
+    <name>security.datanode.lifeline.protocol.acl</name>
+    <value>*</value>
+    <description>ACL for DatanodeLifelineProtocol, which is used by a
+    DataNode to send lifeline messages to the NameNode.
+    The ACL is a comma-separated list of user and group names. The user and
+    group list is separated by a blank. For e.g. "alice,bob users,wheel".
+    A special value of "*" means all users are allowed.</description>
+  </property>
+
   <property>
     <name>security.namenode.protocol.acl</name>
     <value>*</value>
@@ -82,6 +92,16 @@
     A special value of "*" means all users are allowed.</description>
   </property>
 
+  <property>
+    <name>security.get.user.mappings.protocol.acl</name>
+    <value>*</value>
+    <description>ACL for GetUserMappingsProtocol, implemented by the NameNode
+    and Job Tracker which maps users to groups.
+    The ACL is a comma-separated list of user and group names. The user and
+    group list is separated by a blank. For e.g. "alice,bob users,wheel".
+    A special value of "*" means all users are allowed.</description>
+  </property>
+
   <property>
     <name>security.refresh.user.mappings.protocol.acl</name>
     <value>*</value>
@@ -92,6 +112,16 @@
     users are allowed.</description>
   </property>
 
+  <property>
+    <name>security.reconfiguration.protocol.acl</name>
+    <value>*</value>
+    <description>ACL for ReconfigurationProtocol, used by HDFS admin to
+    reload configuration for NameNode/DataNode without restarting them.
+    The ACL is a comma-separated list of user and group names. The user and
+    group list is separated by a blank. For e.g. "alice,bob users,wheel".
+    A special value of "*" means all users are allowed.</description>
+  </property>
+
   <property>
     <name>security.refresh.policy.protocol.acl</name>
     <value>*</value>
@@ -102,13 +132,43 @@
     A special value of "*" means all users are allowed.</description>
   </property>
 
+  <property>
+    <name>security.refresh.callqueue.protocol.acl</name>
+    <value>*</value>
+    <description>ACL for RefreshCallQueueProtocol, which is used to refresh
+    the call queue in use currently.
+    The ACL is a comma-separated list of user and group names. The user and
+    group list is separated by a blank. For e.g. "alice,bob users,wheel".
+    A special value of "*" means all users are allowed.</description>
+  </property>
+
+  <property>
+    <name>security.refresh.generic.protocol.acl</name>
+    <value>*</value>
+    <description>ACL for GenericRefreshProtocol, which is used to refresh
+    arbitrary things at runtime.
+    The ACL is a comma-separated list of user and group names. The user and
+    group list is separated by a blank. For e.g. "alice,bob users,wheel".
+    A special value of "*" means all users are allowed.</description>
+  </property>
+
   <property>
     <name>security.ha.service.protocol.acl</name>
     <value>*</value>
     <description>ACL for HAService protocol used by HAAdmin to manage the
       active and stand-by states of namenode.</description>
   </property>
 
+  <property>
+    <name>security.router.admin.protocol.acl</name>
+    <value>*</value>
+    <description>ACL for RouterAdmin Protocol. The ACL is a comma-separated
+    list of user and group names. The user and
+    group list is separated by a blank. For e.g. "alice,bob users,wheel".
+    A special value of "*" means all users are allowed.
+    </description>
+  </property>
+
   <property>
     <name>security.zkfc.protocol.acl</name>
     <value>*</value>

spark-jupyter/ubuntu/usr/local/hadoop/etc/hadoop/hdfs-rbf-site.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+  https://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+
+<!-- Put site-specific property overrides in this file. -->
+
+<configuration>
+
+</configuration>