def hdfs_client(kerberos, hdfs_server):
try:
client = config.get_hdfs_client_app(hdfs_server["service"]["name"], kerberos)
sdk_marathon.install_app(client)
krb5.write_krb5_config_file(client["id"], "/etc/krb5.conf", kerberos)
yield client
finally:
sdk_marathon.destroy_app(client["id"])
def hdfs_client(kerberos, hdfs_server):
try:
client = config.get_hdfs_client_app(hdfs_server["service"]["name"], kerberos)
sdk_marathon.install_app(client)
krb5.write_krb5_config_file(client["id"], "/etc/krb5.conf", kerberos)
yield client
finally:
sdk_marathon.destroy_app(client["id"])
def hdfs_client(kerberos, hdfs_server):
try:
client_id = "hdfs-client"
client = {
"id": client_id,
"mem": 1024,
"user": "******",
"container": {
"type":
"MESOS",
"docker": {
"image": "nvaziri/hdfs-client:stable",
"forcePullImage": True
},
"volumes": [{
"containerPath":
"/{}/hdfs.keytab".format(config.HADOOP_VERSION),
"secret":
"hdfs_keytab"
}]
},
"secrets": {
"hdfs_keytab": {
"source": kerberos.get_keytab_path()
}
},
"networks": [{
"mode": "host"
}],
"env": {
"REALM":
kerberos.get_realm(),
"KDC_ADDRESS":
kerberos.get_kdc_address(),
"JAVA_HOME":
"/usr/lib/jvm/default-java",
"KRB5_CONFIG":
"/etc/krb5.conf",
"HDFS_SERVICE_NAME":
sdk_hosts._safe_name(config.FOLDERED_SERVICE_NAME),
"HADOOP_VERSION":
config.HADOOP_VERSION
}
}
sdk_marathon.install_app(client)
krb5.write_krb5_config_file(client_id, "/etc/krb5.conf", kerberos)
yield client
finally:
sdk_marathon.destroy_app(client_id)
def hdfs_client(kerberos, hdfs_server):
try:
client_id = "hdfs-client"
client = {
"id": client_id,
"mem": 1024,
"user": "******",
"container": {
"type": "MESOS",
"docker": {
"image": "elezar/hdfs-client:dev",
"forcePullImage": True
},
"volumes": [
{
"containerPath": "/hadoop-2.6.0-cdh5.9.1/hdfs.keytab",
"secret": "hdfs_keytab"
}
]
},
"secrets": {
"hdfs_keytab": {
"source": kerberos.get_keytab_path()
}
},
"networks": [
{
"mode": "host"
}
],
"env": {
"REALM": kerberos.get_realm(),
"KDC_ADDRESS": kerberos.get_kdc_address(),
"JAVA_HOME": "/usr/lib/jvm/default-java",
"KRB5_CONFIG": "/etc/krb5.conf",
"HDFS_SERVICE_NAME": config.SERVICE_NAME,
"HADOOP_VERSION": config.HADOOP_VERSION
}
}
sdk_marathon.install_app(client)
krb5.write_krb5_config_file(client_id, "/etc/krb5.conf", kerberos)
dcos_ca_bundle = transport_encryption.fetch_dcos_ca_bundle(client_id)
yield {**client, **{"dcos_ca_bundle": dcos_ca_bundle}}
finally:
sdk_marathon.destroy_app(client_id)
def hdfs_client(kerberos, hdfs_server):
try:
client_id = "hdfs-client"
client = {
"id": client_id,
"mem": 1024,
"user": "******",
"container": {
"type": "MESOS",
"docker": {
"image": "elezar/hdfs-client:dev",
"forcePullImage": True
},
"volumes": [
{
"containerPath": "/hadoop-2.6.0-cdh5.9.1/hdfs.keytab",
"secret": "hdfs_keytab"
}
]
},
"secrets": {
"hdfs_keytab": {
"source": kerberos.get_keytab_path()
}
},
"networks": [
{
"mode": "host"
}
],
"env": {
"REALM": kerberos.get_realm(),
"KDC_ADDRESS": kerberos.get_kdc_address(),
"JAVA_HOME": "/usr/lib/jvm/default-java",
"KRB5_CONFIG": "/etc/krb5.conf",
"HDFS_SERVICE_NAME": config.SERVICE_NAME,
}
}
sdk_marathon.install_app(client)
krb5.write_krb5_config_file(client_id, "/etc/krb5.conf", kerberos)
dcos_ca_bundle = transport_encryption.fetch_dcos_ca_bundle(client_id)
yield {**client, **{"dcos_ca_bundle": dcos_ca_bundle}}
finally:
sdk_marathon.destroy_app(client_id)
def setup_krb5_env(primary: str, marathon_task: str, krb5: object) -> str:
env_setup_string = "export KAFKA_OPTS=\\\"" \
"-Djava.security.auth.login.config={} " \
"-Djava.security.krb5.conf={}" \
"\\\"".format(write_jaas_config_file(primary, marathon_task, krb5),
kerberos.write_krb5_config_file(marathon_task, "krb5.config", krb5))
LOG.info("Setting environment to %s", env_setup_string)
return env_setup_string
def setup_krb5_env(primary: str, task: str, krb5: object) -> str:
env_setup_string = "export KAFKA_OPTS=\\\"" \
"-Djava.security.auth.login.config={} " \
"-Djava.security.krb5.conf={}" \
"\\\"".format(write_jaas_config_file(primary, task, krb5),
kerberos.write_krb5_config_file(task, "krb5.config", krb5))
LOG.info("Setting environment to %s", env_setup_string)
return env_setup_string