You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by mo...@apache.org on 2018/12/07 16:14:29 UTC

knox git commit: KNOX-1623 - Fix jenkins build - 2

Repository: knox
Updated Branches:
  refs/heads/master 9c7a806d1 -> 00dcbeab4


KNOX-1623 - Fix jenkins build - 2


Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/00dcbeab
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/00dcbeab
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/00dcbeab

Branch: refs/heads/master
Commit: 00dcbeab4ae54ea0b3cbe24fcceb5d750cacfc8a
Parents: 9c7a806
Author: Sandeep More <mo...@apache.org>
Authored: Fri Dec 7 11:13:01 2018 -0500
Committer: Sandeep More <mo...@apache.org>
Committed: Fri Dec 7 11:14:16 2018 -0500

----------------------------------------------------------------------
 .../knox/gateway/SecureKnoxShellTest.java       | 50 +++++++++++++++++++-
 1 file changed, 48 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/00dcbeab/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/knox/gateway/SecureKnoxShellTest.java
----------------------------------------------------------------------
diff --git a/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/knox/gateway/SecureKnoxShellTest.java b/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/knox/gateway/SecureKnoxShellTest.java
index d562e46..7ac7cc8 100644
--- a/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/knox/gateway/SecureKnoxShellTest.java
+++ b/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/knox/gateway/SecureKnoxShellTest.java
@@ -25,6 +25,7 @@ import org.apache.hadoop.fs.permission.FsPermission;
 import org.apache.hadoop.hdfs.DistributedFileSystem;
 import org.apache.hadoop.hdfs.HdfsConfiguration;
 import org.apache.hadoop.hdfs.MiniDFSCluster;
+import org.apache.hadoop.http.HttpConfig;
 import org.apache.hadoop.minikdc.MiniKdc;
 import org.apache.hadoop.security.UserGroupInformation;
 import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
@@ -46,6 +47,23 @@ import java.nio.charset.StandardCharsets;
 import java.util.Locale;
 import java.util.Properties;
 
+import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.IPC_CLIENT_CONNECT_MAX_RETRIES_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_BLOCK_ACCESS_TOKEN_ENABLE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_CLIENT_HTTPS_KEYSTORE_RESOURCE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_DATANODE_HTTPS_ADDRESS_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_DATANODE_KERBEROS_PRINCIPAL_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_DATANODE_KEYTAB_FILE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_DATA_ENCRYPTION_ALGORITHM_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HTTP_POLICY_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_JOURNALNODE_HTTPS_ADDRESS_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_JOURNALNODE_KERBEROS_INTERNAL_SPNEGO_PRINCIPAL_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_JOURNALNODE_KERBEROS_PRINCIPAL_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_JOURNALNODE_KEYTAB_FILE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_HTTPS_ADDRESS_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_KEYTAB_FILE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_SERVER_HTTPS_KEYSTORE_RESOURCE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_WEB_AUTHENTICATION_KERBEROS_PRINCIPAL_KEY;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 
@@ -89,16 +107,17 @@ public class SecureKnoxShellTest {
     System.setProperty(MiniDFSCluster.PROP_TEST_BUILD_DATA,
         baseDir.getAbsolutePath());
 
+    initKdc();
     miniDFSCluster = new MiniDFSCluster.Builder(configuration)
         .nameNodePort(TestUtils.findFreePort())
         .nameNodeHttpPort(nameNodeHttpPort).numDataNodes(2).format(true)
         .racks(null).build();
 
-    initKdc();
     setupKnox(keytab, hdfsPrincipal);
   }
 
   private static void initKdc() throws Exception {
+
     final Properties kdcConf = MiniKdc.createConf();
     kdc = new MiniKdc(kdcConf, baseDir);
     kdc.start();
@@ -116,8 +135,35 @@ public class SecureKnoxShellTest {
         userName + "/" + krbInstance + "@" + kdc.getRealm();
     spnegoPrincipal = "HTTP/" + krbInstance + "@" + kdc.getRealm();
 
-    krb5conf = kdc.getKrb5conf().getAbsolutePath();
+    configuration.set(DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
+    configuration.set(DFS_NAMENODE_KEYTAB_FILE_KEY, keytab);
+    configuration.set(DFS_DATANODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
+    configuration.set(DFS_DATANODE_KEYTAB_FILE_KEY, keytab);
+    configuration.set(DFS_WEB_AUTHENTICATION_KERBEROS_PRINCIPAL_KEY, spnegoPrincipal);
+    configuration.set(DFS_JOURNALNODE_KEYTAB_FILE_KEY, keytab);
+    configuration.set(DFS_JOURNALNODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
+    configuration.set(DFS_JOURNALNODE_KERBEROS_INTERNAL_SPNEGO_PRINCIPAL_KEY, spnegoPrincipal);
+    configuration.setBoolean(DFS_BLOCK_ACCESS_TOKEN_ENABLE_KEY, true);
+    configuration.set(DFS_DATA_ENCRYPTION_ALGORITHM_KEY, "authentication");
+    configuration.set(DFS_HTTP_POLICY_KEY, HttpConfig.Policy.HTTP_AND_HTTPS.name());
+    configuration.set(DFS_NAMENODE_HTTPS_ADDRESS_KEY, "localhost:0");
+    configuration.set(DFS_DATANODE_HTTPS_ADDRESS_KEY, "localhost:0");
+    configuration.set(DFS_JOURNALNODE_HTTPS_ADDRESS_KEY, "localhost:0");
+    configuration.setInt(IPC_CLIENT_CONNECT_MAX_RETRIES_KEY, 10);
+    configuration.set("hadoop.proxyuser." + userName + ".hosts", "*");
+    configuration.set("hadoop.proxyuser." + userName + ".groups", "*");
+    configuration.setBoolean("dfs.permissions", true);
+
+    String keystoresDir = baseDir.getAbsolutePath();
+    File sslClientConfFile = new File(keystoresDir + "/ssl-client.xml");
+    File sslServerConfFile = new File(keystoresDir + "/ssl-server.xml");
+    KeyStoreTestUtil.setupSSLConfig(keystoresDir, keystoresDir, configuration, false);
+    configuration.set(DFS_CLIENT_HTTPS_KEYSTORE_RESOURCE_KEY,
+        sslClientConfFile.getName());
+    configuration.set(DFS_SERVER_HTTPS_KEYSTORE_RESOURCE_KEY,
+        sslServerConfFile.getName());
 
+    krb5conf = kdc.getKrb5conf().getAbsolutePath();
   }
 
   @AfterClass