flink-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FLINK-3929) Support for Kerberos Authentication with Keytab Credential
Date Thu, 11 Aug 2016 15:30:20 GMT

    [ https://issues.apache.org/jira/browse/FLINK-3929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15417431#comment-15417431

ASF GitHub Bot commented on FLINK-3929:

Github user mxm commented on the issue:

    >HDFS and Yarn are handled through the @BeforeClass and @AfterClass style and they
do not use custom JRunner implementation. As you have suggested, I could keep just one or
two tests for each of the modules to cut down the running time, if that's okay with you?
    Thanks! Yes, please just one test per entity (HDFS, Yarn, Kafka/Zookeeper). Could you
also convert the Kafka test to using `@BeforeClass` and `@AfterClass`? You don't necessarily
have to duplicate code. How about changing the test base to include a method to instantiate
the secure settings? I think you'll need to add an abstract method in `KafkaTestEnvironment`,
e.g. loadSecureSettings(), then add another one in `KafkaTestBase`, e.g. getTestEnvironmentClass(),
to load the appropriate test environment (secure/non-secure). You will have additional classes
that implement these two methods. These classes will be very short as they just overload the
method. This is cleaner although a bit more verbose.
    >I am open to keep just 3 classes for each scenarios (HDFS, Yarn & Kafka) as you
have suggested but in my opinion that will defeat the idea of reusing existing test program.
    I understand but we're actually just increasing the testing time and not gaining much
from running multiple security tests for the same component.

> Support for Kerberos Authentication with Keytab Credential
> ----------------------------------------------------------
>                 Key: FLINK-3929
>                 URL: https://issues.apache.org/jira/browse/FLINK-3929
>             Project: Flink
>          Issue Type: New Feature
>            Reporter: Eron Wright 
>            Assignee: Vijay Srinivasaraghavan
>              Labels: kerberos, security
>   Original Estimate: 672h
>  Remaining Estimate: 672h
> _This issue is part of a series of improvements detailed in the [Secure Data Access|https://docs.google.com/document/d/1-GQB6uVOyoaXGwtqwqLV8BHDxWiMO2WnVzBoJ8oPaAs/edit?usp=sharing]
design doc._
> Add support for a keytab credential to be associated with the Flink cluster, to facilitate:
> - Kerberos-authenticated data access for connectors
> - Kerberos-authenticated ZooKeeper access
> Support both the standalone and YARN deployment modes.

This message was sent by Atlassian JIRA

View raw message