flink-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FLINK-3929) Support for Kerberos Authentication with Keytab Credential
Date Wed, 27 Jul 2016 13:16:20 GMT

    [ https://issues.apache.org/jira/browse/FLINK-3929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15395650#comment-15395650
] 

ASF GitHub Bot commented on FLINK-3929:
---------------------------------------

Github user mxm commented on a diff in the pull request:

    https://github.com/apache/flink/pull/2275#discussion_r72436325
  
    --- Diff: flink-dist/src/main/resources/flink-conf.yaml ---
    @@ -146,3 +146,18 @@ jobmanager.web.port: 8081
     # directory (see above) before configuring the storageDir.
     #
     # recovery.zookeeper.storageDir: hdfs:///recovery
    +
    +
    +#==============================================================================
    +# Flink Cluster Security Configuration (optional configuration)
    +#==============================================================================
    +
    +# Kerberos security for the connectors can be enabled by providing below configurations
    +# Security works in two modes - keytab/principal combination or using the Kerberos token
cache
    +# If keytab and principal are not provided, token cache (manual kinit) will be used
    +# The security configurations can also be supplied through command line arguments which
takes precedence
    +# over the configuration file entries
    +# command line parameters flags: --keytab, --principal
    +
    +#security.keytab: /path/to/kerberos/keytab
    +#security.principal: flink-user
    --- End diff --
    
    These also have to be added to the configuration page of the documentation.


> Support for Kerberos Authentication with Keytab Credential
> ----------------------------------------------------------
>
>                 Key: FLINK-3929
>                 URL: https://issues.apache.org/jira/browse/FLINK-3929
>             Project: Flink
>          Issue Type: New Feature
>            Reporter: Eron Wright 
>            Assignee: Vijay Srinivasaraghavan
>              Labels: kerberos, security
>   Original Estimate: 672h
>  Remaining Estimate: 672h
>
> _This issue is part of a series of improvements detailed in the [Secure Data Access|https://docs.google.com/document/d/1-GQB6uVOyoaXGwtqwqLV8BHDxWiMO2WnVzBoJ8oPaAs/edit?usp=sharing]
design doc._
> Add support for a keytab credential to be associated with the Flink cluster, to facilitate:
> - Kerberos-authenticated data access for connectors
> - Kerberos-authenticated ZooKeeper access
> Support both the standalone and YARN deployment modes.
>  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message