def hdfs_server(kerberos):
"""
A pytest fixture that installs a Kerberized HDFS service.
On teardown, the service is uninstalled.
"""
service_options = {
"service": {
"name": config.SERVICE_NAME,
"security": {
"kerberos": {
"enabled": True,
"kdc": {"hostname": kerberos.get_host(), "port": int(kerberos.get_port())},
"realm": kerberos.get_realm(),
"keytab_secret": kerberos.get_keytab_path(),
}
},
},
"hdfs": {"security_auth_to_local": auth.get_principal_to_user_mapping()},
}
sdk_install.uninstall(config.PACKAGE_NAME, config.SERVICE_NAME)
try:
sdk_install.install(
config.PACKAGE_NAME,
config.SERVICE_NAME,
config.DEFAULT_TASK_COUNT,
additional_options=service_options,
timeout_seconds=30 * 60,
)
yield {**service_options, **{"package_name": config.PACKAGE_NAME}}
finally:
sdk_install.uninstall(config.PACKAGE_NAME, config.SERVICE_NAME)
def hdfs_server(kerberos, service_account):
"""
A pytest fixture that installs a Kerberized HDFS service.
On teardown, the service is uninstalled.
"""
service_kerberos_options = {
"service": {
"name": config.SERVICE_NAME,
"service_account": service_account["name"],
"service_account_secret": service_account["secret"],
"security": {
"kerberos": {
"enabled": True,
"kdc": {
"hostname": kerberos.get_host(),
"port": int(kerberos.get_port())
},
"realm": kerberos.get_realm(),
"keytab_secret": kerberos.get_keytab_path(),
},
"transport_encryption": {
"enabled": True
}
}
},
"hdfs": {
"security_auth_to_local": auth.get_principal_to_user_mapping()
}
}
sdk_install.uninstall(config.PACKAGE_NAME, config.SERVICE_NAME)
try:
sdk_install.install(config.PACKAGE_NAME,
config.SERVICE_NAME,
config.DEFAULT_TASK_COUNT,
additional_options=service_kerberos_options,
timeout_seconds=30 * 60)
yield {
**service_kerberos_options,
**{
"package_name": config.PACKAGE_NAME
}
}
finally:
sdk_install.uninstall(config.PACKAGE_NAME, config.SERVICE_NAME)
def kerberos(configure_security):
try:
kerberos_env = sdk_auth.KerberosEnvironment()
principals = auth.get_service_principals(config.FOLDERED_SERVICE_NAME,
kerberos_env.get_realm())
kerberos_env.add_principals(principals)
kerberos_env.finalize()
service_kerberos_options = {
"service": {
"name": config.FOLDERED_SERVICE_NAME,
"security": {
"kerberos": {
"enabled": True,
"kdc": {
"hostname": kerberos_env.get_host(),
"port": int(kerberos_env.get_port())
},
"keytab_secret": kerberos_env.get_keytab_path(),
"realm": kerberos.get_realm()
}
}
},
"hdfs": {
"security_auth_to_local": auth.get_principal_to_user_mapping()
}
}
sdk_install.uninstall(config.PACKAGE_NAME, config.SERVICE_NAME)
sdk_install.install(config.PACKAGE_NAME,
config.FOLDERED_SERVICE_NAME,
config.DEFAULT_TASK_COUNT,
additional_options=service_kerberos_options,
timeout_seconds=30 * 60)
yield kerberos_env
finally:
sdk_install.uninstall(config.PACKAGE_NAME,
config.FOLDERED_SERVICE_NAME)
if kerberos_env:
kerberos_env.cleanup()