ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alok Lal" <a...@hortonworks.com>
Subject Re: Review Request 42063: Enable tagsync to run in secure mode
Date Mon, 11 Jan 2016 08:53:14 GMT


> On Jan. 8, 2016, 9:13 a.m., Abhay Kulkarni wrote:
> > tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSynchronizer.java, line
89
> > <https://reviews.apache.org/r/42063/diff/1/?file=1187240#file1187240line89>
> >
> >     "Server"->"ranger-tagsync" ?

I had offline conversation about this with @Bosco.  Looks like the names need to be what Zookeeper
and Kafka clients expect.  I have made this value configurable, though, so it can be changed,
if needed.


> On Jan. 8, 2016, 9:13 a.m., Abhay Kulkarni wrote:
> > tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSynchronizer.java, line
112
> > <https://reviews.apache.org/r/42063/diff/1/?file=1187240#file1187240line112>
> >
> >     What if the Kerberos login fails for some reason?

The called function catches Throwable.  So the main loop should work.  If login fails and
cluster is secure then kafka connection will fail.  But there shoudl be error messages in
log file even when running at INFO level.


- Alok


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/42063/#review113491
-----------------------------------------------------------


On Jan. 8, 2016, 12:21 a.m., Alok Lal wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/42063/
> -----------------------------------------------------------
> 
> (Updated Jan. 8, 2016, 12:21 a.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni and Madhan Neethiraj.
> 
> 
> Bugs: RANGER-801
>     https://issues.apache.org/jira/browse/RANGER-801
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Enable tagsync to run in secure mode.  Please ignore prior review request for this change.
> - Since kafka clients only work with jass files, this change does authentication only
using jass files.  Thanks @Abhay for that feedback during my offline discussion.
> - service command passes the jass file argument during startup.
> 
> 
> Diffs
> -----
> 
>   src/main/assembly/tagsync.xml 8adc5cc 
>   tagsync/conf.dist/ranger-tagsync-env-setup-hadoop-home.sh c171d2a 
>   tagsync/scripts/install.properties b5ad580 
>   tagsync/scripts/ranger-tagsync-services.sh ca82ead 
>   tagsync/scripts/setup.py f7455b8 
>   tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSyncConfig.java e1b5130

>   tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSynchronizer.java 7bae973

> 
> Diff: https://reviews.apache.org/r/42063/diff/
> 
> 
> Testing
> -------
> 
> - Modified the tagsync code by hand to write to hdfs in a secure cluster.
> - Current junits all work.
> 
> 
> Thanks,
> 
> Alok Lal
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message