Exemplo n.º 1
0
def get_service_principals(service_name: str,
                           realm: str,
                           custom_domain: str = None) -> list:
    """
    Sets up the appropriate principals needed for a kerberized deployment of HDFS.
    :return: A list of said principals
    """
    primaries = [
        "kafka",
    ]

    tasks = [
        "kafka-0-broker",
        "kafka-1-broker",
        "kafka-2-broker",
    ]

    if custom_domain:
        instances = map(
            lambda task: sdk_hosts.custom_host(service_name, task,
                                               custom_domain), tasks)
    else:
        instances = map(lambda task: sdk_hosts.autoip_host(service_name, task),
                        tasks)

    principals = kerberos.generate_principal_list(primaries, instances, realm)
    principals.extend(kerberos.generate_principal_list(USERS, [
        None,
    ], realm))

    return principals
def test_verify_https_ports(hdfs_client, node_type, port):
    """
    Verify that HTTPS port is open name, journal and data node types.
    """

    task_id = "{}-0-node".format(node_type)
    host = sdk_hosts.custom_host(
        config.SERVICE_NAME, task_id, sdk_hosts.get_crypto_id_domain(), port
    )

    ca_bundle = transport_encryption.fetch_dcos_ca_bundle(hdfs_client["id"])

    config.verify_https_ports(ca_bundle, host, task_id)
Exemplo n.º 3
0
def get_service_principals(service_name: str,
                           realm: str,
                           custom_domain: str = None) -> list:
    """
    Sets up the appropriate principals needed for a kerberized deployment of HDFS.
    :return: A list of said principals
    """
    primaries = ["hdfs", "HTTP"]

    tasks = [
        "name-0-node",
        "name-0-zkfc",
        "name-1-node",
        "name-1-zkfc",
        "journal-0-node",
        "journal-1-node",
        "journal-2-node",
        "data-0-node",
        "data-1-node",
        "data-2-node",
    ]

    if custom_domain:
        instances = map(
            lambda task: sdk_hosts.custom_host(service_name, task,
                                               custom_domain), tasks)
    else:
        instances = map(lambda task: sdk_hosts.autoip_host(service_name, task),
                        tasks)

    principals = kerberos.generate_principal_list(primaries, instances, realm)
    principals.extend(kerberos.generate_principal_list(USERS, [None], realm))

    http_instance = sdk_hosts.vip_host("marathon",
                                       ".".join(["api", service_name]))
    http_principal = kerberos.genererate_principal("HTTP", http_instance,
                                                   realm)
    principals.append(http_principal)

    return principals
Exemplo n.º 4
0
def get_service_principals(service_name: str, realm: str, custom_domain: str = None) -> list:
    """
    Sets up the appropriate principals needed for a kerberized deployment of HDFS.
    :return: A list of said principals
    """
    primaries = ["kafka", ]

    tasks = [
        "kafka-0-broker",
        "kafka-1-broker",
        "kafka-2-broker",
    ]

    if custom_domain:
        instances = map(lambda task: sdk_hosts.custom_host(service_name, task, custom_domain), tasks)
    else:
        instances = map(lambda task: sdk_hosts.autoip_host(service_name, task), tasks)

    principals = kerberos.generate_principal_list(primaries, instances, realm)
    principals.extend(kerberos.generate_principal_list(USERS, [None, ], realm))

    return principals