You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by mo...@apache.org on 2018/12/07 16:14:29 UTC
knox git commit: KNOX-1623 - Fix jenkins build - 2
Repository: knox
Updated Branches:
refs/heads/master 9c7a806d1 -> 00dcbeab4
KNOX-1623 - Fix jenkins build - 2
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/00dcbeab
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/00dcbeab
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/00dcbeab
Branch: refs/heads/master
Commit: 00dcbeab4ae54ea0b3cbe24fcceb5d750cacfc8a
Parents: 9c7a806
Author: Sandeep More <mo...@apache.org>
Authored: Fri Dec 7 11:13:01 2018 -0500
Committer: Sandeep More <mo...@apache.org>
Committed: Fri Dec 7 11:14:16 2018 -0500
----------------------------------------------------------------------
.../knox/gateway/SecureKnoxShellTest.java | 50 +++++++++++++++++++-
1 file changed, 48 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/00dcbeab/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/knox/gateway/SecureKnoxShellTest.java
----------------------------------------------------------------------
diff --git a/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/knox/gateway/SecureKnoxShellTest.java b/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/knox/gateway/SecureKnoxShellTest.java
index d562e46..7ac7cc8 100644
--- a/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/knox/gateway/SecureKnoxShellTest.java
+++ b/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/knox/gateway/SecureKnoxShellTest.java
@@ -25,6 +25,7 @@ import org.apache.hadoop.fs.permission.FsPermission;
import org.apache.hadoop.hdfs.DistributedFileSystem;
import org.apache.hadoop.hdfs.HdfsConfiguration;
import org.apache.hadoop.hdfs.MiniDFSCluster;
+import org.apache.hadoop.http.HttpConfig;
import org.apache.hadoop.minikdc.MiniKdc;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
@@ -46,6 +47,23 @@ import java.nio.charset.StandardCharsets;
import java.util.Locale;
import java.util.Properties;
+import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.IPC_CLIENT_CONNECT_MAX_RETRIES_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_BLOCK_ACCESS_TOKEN_ENABLE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_CLIENT_HTTPS_KEYSTORE_RESOURCE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_DATANODE_HTTPS_ADDRESS_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_DATANODE_KERBEROS_PRINCIPAL_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_DATANODE_KEYTAB_FILE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_DATA_ENCRYPTION_ALGORITHM_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HTTP_POLICY_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_JOURNALNODE_HTTPS_ADDRESS_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_JOURNALNODE_KERBEROS_INTERNAL_SPNEGO_PRINCIPAL_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_JOURNALNODE_KERBEROS_PRINCIPAL_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_JOURNALNODE_KEYTAB_FILE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_HTTPS_ADDRESS_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_KEYTAB_FILE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_SERVER_HTTPS_KEYSTORE_RESOURCE_KEY;
+import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_WEB_AUTHENTICATION_KERBEROS_PRINCIPAL_KEY;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
@@ -89,16 +107,17 @@ public class SecureKnoxShellTest {
System.setProperty(MiniDFSCluster.PROP_TEST_BUILD_DATA,
baseDir.getAbsolutePath());
+ initKdc();
miniDFSCluster = new MiniDFSCluster.Builder(configuration)
.nameNodePort(TestUtils.findFreePort())
.nameNodeHttpPort(nameNodeHttpPort).numDataNodes(2).format(true)
.racks(null).build();
- initKdc();
setupKnox(keytab, hdfsPrincipal);
}
private static void initKdc() throws Exception {
+
final Properties kdcConf = MiniKdc.createConf();
kdc = new MiniKdc(kdcConf, baseDir);
kdc.start();
@@ -116,8 +135,35 @@ public class SecureKnoxShellTest {
userName + "/" + krbInstance + "@" + kdc.getRealm();
spnegoPrincipal = "HTTP/" + krbInstance + "@" + kdc.getRealm();
- krb5conf = kdc.getKrb5conf().getAbsolutePath();
+ configuration.set(DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
+ configuration.set(DFS_NAMENODE_KEYTAB_FILE_KEY, keytab);
+ configuration.set(DFS_DATANODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
+ configuration.set(DFS_DATANODE_KEYTAB_FILE_KEY, keytab);
+ configuration.set(DFS_WEB_AUTHENTICATION_KERBEROS_PRINCIPAL_KEY, spnegoPrincipal);
+ configuration.set(DFS_JOURNALNODE_KEYTAB_FILE_KEY, keytab);
+ configuration.set(DFS_JOURNALNODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
+ configuration.set(DFS_JOURNALNODE_KERBEROS_INTERNAL_SPNEGO_PRINCIPAL_KEY, spnegoPrincipal);
+ configuration.setBoolean(DFS_BLOCK_ACCESS_TOKEN_ENABLE_KEY, true);
+ configuration.set(DFS_DATA_ENCRYPTION_ALGORITHM_KEY, "authentication");
+ configuration.set(DFS_HTTP_POLICY_KEY, HttpConfig.Policy.HTTP_AND_HTTPS.name());
+ configuration.set(DFS_NAMENODE_HTTPS_ADDRESS_KEY, "localhost:0");
+ configuration.set(DFS_DATANODE_HTTPS_ADDRESS_KEY, "localhost:0");
+ configuration.set(DFS_JOURNALNODE_HTTPS_ADDRESS_KEY, "localhost:0");
+ configuration.setInt(IPC_CLIENT_CONNECT_MAX_RETRIES_KEY, 10);
+ configuration.set("hadoop.proxyuser." + userName + ".hosts", "*");
+ configuration.set("hadoop.proxyuser." + userName + ".groups", "*");
+ configuration.setBoolean("dfs.permissions", true);
+
+ String keystoresDir = baseDir.getAbsolutePath();
+ File sslClientConfFile = new File(keystoresDir + "/ssl-client.xml");
+ File sslServerConfFile = new File(keystoresDir + "/ssl-server.xml");
+ KeyStoreTestUtil.setupSSLConfig(keystoresDir, keystoresDir, configuration, false);
+ configuration.set(DFS_CLIENT_HTTPS_KEYSTORE_RESOURCE_KEY,
+ sslClientConfFile.getName());
+ configuration.set(DFS_SERVER_HTTPS_KEYSTORE_RESOURCE_KEY,
+ sslServerConfFile.getName());
+ krb5conf = kdc.getKrb5conf().getAbsolutePath();
}
@AfterClass