You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by GitBox <gi...@apache.org> on 2022/06/23 06:45:35 UTC
[GitHub] [ozone-docker-runner] kerneltime opened a new pull request, #14: HDDS-6929. Create local users and groups for Ozone Services
kerneltime opened a new pull request, #14:
URL: https://github.com/apache/ozone-docker-runner/pull/14
## What changes were proposed in this pull request?
Create local users and groups for Ozone services to allow for proper Kerberos setup for smoke tests.
## What is the link to the Apache JIRA
https://issues.apache.org/jira/browse/HDDS-6929
## How was this patch tested?
Ozone smoke tests.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org
[GitHub] [ozone-docker-runner] kerneltime commented on a diff in pull request #14: HDDS-6929. Create local users and groups for Ozone Services
Posted by GitBox <gi...@apache.org>.
kerneltime commented on code in PR #14:
URL: https://github.com/apache/ozone-docker-runner/pull/14#discussion_r905002945
##########
Dockerfile:
##########
@@ -138,12 +138,44 @@ ENV LD_LIBRARY_PATH=/usr/local/lib
ENV PATH=/opt/hadoop/libexec:$PATH:/opt/hadoop/bin
RUN groupadd --gid 1000 hadoop
-RUN useradd --uid 1000 hadoop --gid 100 --home /opt/hadoop
+RUN useradd --uid 1000 hadoop --gid 1000 --home /opt/hadoop
RUN chmod 755 /opt/hadoop
RUN echo "hadoop ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
RUN chown hadoop /opt
+RUN groupadd --gid 1001 om
+RUN useradd --uid 1001 om --gid 1001 --home /opt/om
+RUN chmod 755 /opt/om
+
+RUN groupadd --gid 1002 dn
+RUN useradd --uid 1002 dn --gid 1002 --home /opt/dn
+RUN chmod 755 /opt/dn
+
+RUN groupadd --gid 1003 scm
+RUN useradd --uid 1003 scm --gid 1003 --home /opt/scm
+RUN chmod 755 /opt/scm
+
+RUN groupadd --gid 1004 s3g
+RUN useradd --uid 1004 s3g --gid 1004 --home /opt/s3g
+RUN chmod 755 /opt/s3g
+
+RUN groupadd --gid 1005 rm
+RUN useradd --uid 1005 rm --gid 1005 --home /opt/rm
+RUN chmod 755 /opt/rm
Review Comment:
Makes sense.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org
[GitHub] [ozone-docker-runner] adoroszlai commented on a diff in pull request #14: HDDS-6929. Create local users and groups for Ozone Services
Posted by GitBox <gi...@apache.org>.
adoroszlai commented on code in PR #14:
URL: https://github.com/apache/ozone-docker-runner/pull/14#discussion_r904790584
##########
Dockerfile:
##########
@@ -138,12 +138,44 @@ ENV LD_LIBRARY_PATH=/usr/local/lib
ENV PATH=/opt/hadoop/libexec:$PATH:/opt/hadoop/bin
RUN groupadd --gid 1000 hadoop
-RUN useradd --uid 1000 hadoop --gid 100 --home /opt/hadoop
+RUN useradd --uid 1000 hadoop --gid 1000 --home /opt/hadoop
RUN chmod 755 /opt/hadoop
RUN echo "hadoop ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
RUN chown hadoop /opt
+RUN groupadd --gid 1001 om
+RUN useradd --uid 1001 om --gid 1001 --home /opt/om
+RUN chmod 755 /opt/om
+
+RUN groupadd --gid 1002 dn
+RUN useradd --uid 1002 dn --gid 1002 --home /opt/dn
+RUN chmod 755 /opt/dn
+
+RUN groupadd --gid 1003 scm
+RUN useradd --uid 1003 scm --gid 1003 --home /opt/scm
+RUN chmod 755 /opt/scm
+
+RUN groupadd --gid 1004 s3g
+RUN useradd --uid 1004 s3g --gid 1004 --home /opt/s3g
+RUN chmod 755 /opt/s3g
+
+RUN groupadd --gid 1005 rm
+RUN useradd --uid 1005 rm --gid 1005 --home /opt/rm
+RUN chmod 755 /opt/rm
Review Comment:
Why do we need user and home for `rm`? AFAIK it's a Hadoop component and it runs in Hadoop image.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org
[GitHub] [ozone-docker-runner] adoroszlai commented on a diff in pull request #14: HDDS-6929. Create local users and groups for Ozone Services
Posted by GitBox <gi...@apache.org>.
adoroszlai commented on code in PR #14:
URL: https://github.com/apache/ozone-docker-runner/pull/14#discussion_r904957728
##########
Dockerfile:
##########
@@ -138,12 +138,44 @@ ENV LD_LIBRARY_PATH=/usr/local/lib
ENV PATH=/opt/hadoop/libexec:$PATH:/opt/hadoop/bin
RUN groupadd --gid 1000 hadoop
-RUN useradd --uid 1000 hadoop --gid 100 --home /opt/hadoop
+RUN useradd --uid 1000 hadoop --gid 1000 --home /opt/hadoop
RUN chmod 755 /opt/hadoop
RUN echo "hadoop ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
RUN chown hadoop /opt
+RUN groupadd --gid 1001 om
+RUN useradd --uid 1001 om --gid 1001 --home /opt/om
+RUN chmod 755 /opt/om
+
+RUN groupadd --gid 1002 dn
+RUN useradd --uid 1002 dn --gid 1002 --home /opt/dn
+RUN chmod 755 /opt/dn
+
+RUN groupadd --gid 1003 scm
+RUN useradd --uid 1003 scm --gid 1003 --home /opt/scm
+RUN chmod 755 /opt/scm
+
+RUN groupadd --gid 1004 s3g
+RUN useradd --uid 1004 s3g --gid 1004 --home /opt/s3g
+RUN chmod 755 /opt/s3g
+
+RUN groupadd --gid 1005 rm
+RUN useradd --uid 1005 rm --gid 1005 --home /opt/rm
+RUN chmod 755 /opt/rm
Review Comment:
So we create a principal in the Kerberos server for `rm`. That doesn't mean we'll ever login as `rm` from an Ozone container, as Resource Manager is run in [Hadoop container](https://hub.docker.com/r/flokkr/hadoop). The local user added here for `rm` in the Ozone runner image is not applicable to Ozone.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org
[GitHub] [ozone-docker-runner] adoroszlai merged pull request #14: HDDS-6929. Create local users and groups for Ozone Services
Posted by GitBox <gi...@apache.org>.
adoroszlai merged PR #14:
URL: https://github.com/apache/ozone-docker-runner/pull/14
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org
[GitHub] [ozone-docker-runner] kerneltime commented on a diff in pull request #14: HDDS-6929. Create local users and groups for Ozone Services
Posted by GitBox <gi...@apache.org>.
kerneltime commented on code in PR #14:
URL: https://github.com/apache/ozone-docker-runner/pull/14#discussion_r904940846
##########
Dockerfile:
##########
@@ -138,12 +138,44 @@ ENV LD_LIBRARY_PATH=/usr/local/lib
ENV PATH=/opt/hadoop/libexec:$PATH:/opt/hadoop/bin
RUN groupadd --gid 1000 hadoop
-RUN useradd --uid 1000 hadoop --gid 100 --home /opt/hadoop
+RUN useradd --uid 1000 hadoop --gid 1000 --home /opt/hadoop
RUN chmod 755 /opt/hadoop
RUN echo "hadoop ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
RUN chown hadoop /opt
+RUN groupadd --gid 1001 om
+RUN useradd --uid 1001 om --gid 1001 --home /opt/om
+RUN chmod 755 /opt/om
+
+RUN groupadd --gid 1002 dn
+RUN useradd --uid 1002 dn --gid 1002 --home /opt/dn
+RUN chmod 755 /opt/dn
+
+RUN groupadd --gid 1003 scm
+RUN useradd --uid 1003 scm --gid 1003 --home /opt/scm
+RUN chmod 755 /opt/scm
+
+RUN groupadd --gid 1004 s3g
+RUN useradd --uid 1004 s3g --gid 1004 --home /opt/s3g
+RUN chmod 755 /opt/s3g
+
+RUN groupadd --gid 1005 rm
+RUN useradd --uid 1005 rm --gid 1005 --home /opt/rm
+RUN chmod 755 /opt/rm
Review Comment:
This corresponds to the key tabs we create here https://github.com/apache/ozone-docker-testkrb5/blob/master/init.sh
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org