def hdfs_server(kerberos): """ A pytest fixture that installs a Kerberized HDFS service. On teardown, the service is uninstalled. """ service_options = { "service": { "name": config.SERVICE_NAME, "security": { "kerberos": { "enabled": True, "kdc": {"hostname": kerberos.get_host(), "port": int(kerberos.get_port())}, "realm": kerberos.get_realm(), "keytab_secret": kerberos.get_keytab_path(), } }, }, "hdfs": {"security_auth_to_local": auth.get_principal_to_user_mapping()}, } sdk_install.uninstall(config.PACKAGE_NAME, config.SERVICE_NAME) try: sdk_install.install( config.PACKAGE_NAME, config.SERVICE_NAME, config.DEFAULT_TASK_COUNT, additional_options=service_options, timeout_seconds=30 * 60, ) yield {**service_options, **{"package_name": config.PACKAGE_NAME}} finally: sdk_install.uninstall(config.PACKAGE_NAME, config.SERVICE_NAME)
def hdfs_server(kerberos, service_account): """ A pytest fixture that installs a Kerberized HDFS service. On teardown, the service is uninstalled. """ service_kerberos_options = { "service": { "name": config.SERVICE_NAME, "service_account": service_account["name"], "service_account_secret": service_account["secret"], "security": { "kerberos": { "enabled": True, "kdc": { "hostname": kerberos.get_host(), "port": int(kerberos.get_port()) }, "realm": kerberos.get_realm(), "keytab_secret": kerberos.get_keytab_path(), }, "transport_encryption": { "enabled": True } } }, "hdfs": { "security_auth_to_local": auth.get_principal_to_user_mapping() } } sdk_install.uninstall(config.PACKAGE_NAME, config.SERVICE_NAME) try: sdk_install.install(config.PACKAGE_NAME, config.SERVICE_NAME, config.DEFAULT_TASK_COUNT, additional_options=service_kerberos_options, timeout_seconds=30 * 60) yield { **service_kerberos_options, **{ "package_name": config.PACKAGE_NAME } } finally: sdk_install.uninstall(config.PACKAGE_NAME, config.SERVICE_NAME)
def kerberos(configure_security): try: kerberos_env = sdk_auth.KerberosEnvironment() principals = auth.get_service_principals(config.FOLDERED_SERVICE_NAME, kerberos_env.get_realm()) kerberos_env.add_principals(principals) kerberos_env.finalize() service_kerberos_options = { "service": { "name": config.FOLDERED_SERVICE_NAME, "security": { "kerberos": { "enabled": True, "kdc": { "hostname": kerberos_env.get_host(), "port": int(kerberos_env.get_port()) }, "keytab_secret": kerberos_env.get_keytab_path(), "realm": kerberos.get_realm() } } }, "hdfs": { "security_auth_to_local": auth.get_principal_to_user_mapping() } } sdk_install.uninstall(config.PACKAGE_NAME, config.SERVICE_NAME) sdk_install.install(config.PACKAGE_NAME, config.FOLDERED_SERVICE_NAME, config.DEFAULT_TASK_COUNT, additional_options=service_kerberos_options, timeout_seconds=30 * 60) yield kerberos_env finally: sdk_install.uninstall(config.PACKAGE_NAME, config.FOLDERED_SERVICE_NAME) if kerberos_env: kerberos_env.cleanup()