You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by Hemanth Yamijala <yh...@gmail.com> on 2016/04/06 01:35:33 UTC

Re: Review Request 45750: ATLAS-572: Handle secure instance of Zookeeper for leader election.


> On April 5, 2016, 7:18 p.m., Suma Shivaprasad wrote:
> > webapp/src/main/java/org/apache/atlas/web/service/AtlasZookeeperSecurityProperties.java, line 42
> > <https://reviews.apache.org/r/45750/diff/1/?file=1326015#file1326015line42>
> >
> >     Wanted to understand the difference between Perm.ADMIN and Perm.ALL ? Which one do other components use?

Suma: Perm.ADMIN only relates to being able to set permissions. Perm.ALL includes that along with read, write, create, delete.


- Hemanth


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/45750/#review127190
-----------------------------------------------------------


On April 5, 2016, 4:35 p.m., Hemanth Yamijala wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/45750/
> -----------------------------------------------------------
> 
> (Updated April 5, 2016, 4:35 p.m.)
> 
> 
> Review request for atlas.
> 
> 
> Bugs: ATLAS-572
>     https://issues.apache.org/jira/browse/ATLAS-572
> 
> 
> Repository: atlas
> 
> 
> Description
> -------
> 
> Patch implements setting ACLs for nodes created as part of the HA process. Takes relevant information about ACL scheme, id and Auth scheme, id from configuration. Defines an ACLProvider for curator and also sets acls for paths created directly via Curator.
> 
> 
> Diffs
> -----
> 
>   common/src/main/java/org/apache/atlas/ha/HAConfiguration.java 2e86a19 
>   common/src/test/java/org/apache/atlas/ha/HAConfigurationTest.java 8f0b9c5 
>   distro/src/conf/atlas-application.properties 29df5b3 
>   webapp/src/main/java/org/apache/atlas/web/service/ActiveInstanceElectorService.java 8ee3db0 
>   webapp/src/main/java/org/apache/atlas/web/service/ActiveInstanceState.java 88c3adb 
>   webapp/src/main/java/org/apache/atlas/web/service/AtlasZookeeperSecurityProperties.java PRE-CREATION 
>   webapp/src/main/java/org/apache/atlas/web/service/CuratorFactory.java 052deba 
>   webapp/src/test/java/org/apache/atlas/web/service/ActiveInstanceElectorServiceTest.java e6a46f7 
>   webapp/src/test/java/org/apache/atlas/web/service/ActiveInstanceStateTest.java 939d0ca 
>   webapp/src/test/java/org/apache/atlas/web/service/AtlasZookeeperSecurityPropertiesTest.java PRE-CREATION 
>   webapp/src/test/java/org/apache/atlas/web/service/CuratorFactoryTest.java PRE-CREATION 
> 
> Diff: https://reviews.apache.org/r/45750/diff/
> 
> 
> Testing
> -------
> 
> * Tested with setting up ACLs and auth as follows: atlas.server.ha.zookeeper.acl=auth:username:password and atlas.server.ha.zookeeper.auth=digest:username:password. Verified nodes created by Atlas services cannot be accessed from zkCli.
> * Unit tests added and all existing tests pass.
> 
> 
> Thanks,
> 
> Hemanth Yamijala
> 
>