def hdfs_client(kerberos, hdfs_server): try: client = config.get_hdfs_client_app(hdfs_server["service"]["name"], kerberos) sdk_marathon.install_app(client) krb5.write_krb5_config_file(client["id"], "/etc/krb5.conf", kerberos) yield client finally: sdk_marathon.destroy_app(client["id"])
def hdfs_client(kerberos, hdfs_server): try: client_id = "hdfs-client" client = { "id": client_id, "mem": 1024, "user": "******", "container": { "type": "MESOS", "docker": { "image": "nvaziri/hdfs-client:stable", "forcePullImage": True }, "volumes": [{ "containerPath": "/{}/hdfs.keytab".format(config.HADOOP_VERSION), "secret": "hdfs_keytab" }] }, "secrets": { "hdfs_keytab": { "source": kerberos.get_keytab_path() } }, "networks": [{ "mode": "host" }], "env": { "REALM": kerberos.get_realm(), "KDC_ADDRESS": kerberos.get_kdc_address(), "JAVA_HOME": "/usr/lib/jvm/default-java", "KRB5_CONFIG": "/etc/krb5.conf", "HDFS_SERVICE_NAME": sdk_hosts._safe_name(config.FOLDERED_SERVICE_NAME), "HADOOP_VERSION": config.HADOOP_VERSION } } sdk_marathon.install_app(client) krb5.write_krb5_config_file(client_id, "/etc/krb5.conf", kerberos) yield client finally: sdk_marathon.destroy_app(client_id)
def hdfs_client(kerberos, hdfs_server): try: client_id = "hdfs-client" client = { "id": client_id, "mem": 1024, "user": "******", "container": { "type": "MESOS", "docker": { "image": "elezar/hdfs-client:dev", "forcePullImage": True }, "volumes": [ { "containerPath": "/hadoop-2.6.0-cdh5.9.1/hdfs.keytab", "secret": "hdfs_keytab" } ] }, "secrets": { "hdfs_keytab": { "source": kerberos.get_keytab_path() } }, "networks": [ { "mode": "host" } ], "env": { "REALM": kerberos.get_realm(), "KDC_ADDRESS": kerberos.get_kdc_address(), "JAVA_HOME": "/usr/lib/jvm/default-java", "KRB5_CONFIG": "/etc/krb5.conf", "HDFS_SERVICE_NAME": config.SERVICE_NAME, "HADOOP_VERSION": config.HADOOP_VERSION } } sdk_marathon.install_app(client) krb5.write_krb5_config_file(client_id, "/etc/krb5.conf", kerberos) dcos_ca_bundle = transport_encryption.fetch_dcos_ca_bundle(client_id) yield {**client, **{"dcos_ca_bundle": dcos_ca_bundle}} finally: sdk_marathon.destroy_app(client_id)
def hdfs_client(kerberos, hdfs_server): try: client_id = "hdfs-client" client = { "id": client_id, "mem": 1024, "user": "******", "container": { "type": "MESOS", "docker": { "image": "elezar/hdfs-client:dev", "forcePullImage": True }, "volumes": [ { "containerPath": "/hadoop-2.6.0-cdh5.9.1/hdfs.keytab", "secret": "hdfs_keytab" } ] }, "secrets": { "hdfs_keytab": { "source": kerberos.get_keytab_path() } }, "networks": [ { "mode": "host" } ], "env": { "REALM": kerberos.get_realm(), "KDC_ADDRESS": kerberos.get_kdc_address(), "JAVA_HOME": "/usr/lib/jvm/default-java", "KRB5_CONFIG": "/etc/krb5.conf", "HDFS_SERVICE_NAME": config.SERVICE_NAME, } } sdk_marathon.install_app(client) krb5.write_krb5_config_file(client_id, "/etc/krb5.conf", kerberos) dcos_ca_bundle = transport_encryption.fetch_dcos_ca_bundle(client_id) yield {**client, **{"dcos_ca_bundle": dcos_ca_bundle}} finally: sdk_marathon.destroy_app(client_id)
def setup_krb5_env(primary: str, marathon_task: str, krb5: object) -> str: env_setup_string = "export KAFKA_OPTS=\\\"" \ "-Djava.security.auth.login.config={} " \ "-Djava.security.krb5.conf={}" \ "\\\"".format(write_jaas_config_file(primary, marathon_task, krb5), kerberos.write_krb5_config_file(marathon_task, "krb5.config", krb5)) LOG.info("Setting environment to %s", env_setup_string) return env_setup_string
def setup_krb5_env(primary: str, task: str, krb5: object) -> str: env_setup_string = "export KAFKA_OPTS=\\\"" \ "-Djava.security.auth.login.config={} " \ "-Djava.security.krb5.conf={}" \ "\\\"".format(write_jaas_config_file(primary, task, krb5), kerberos.write_krb5_config_file(task, "krb5.config", krb5)) LOG.info("Setting environment to %s", env_setup_string) return env_setup_string