You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@storm.apache.org by GitBox <gi...@apache.org> on 2020/12/22 21:33:47 UTC

[GitHub] [storm] Ethanlm commented on a change in pull request #3367: [STORM-3728] Fix Worker LoginException issue with pacemaker when pacemaker.auth.method is KERBEROS

Ethanlm commented on a change in pull request #3367:
URL: https://github.com/apache/storm/pull/3367#discussion_r547517421



##########
File path: storm-client/src/jvm/org/apache/storm/daemon/worker/Worker.java
##########
@@ -121,6 +121,10 @@ public Worker(Map<String, Object> conf, IContext context, String topologyId, Str
 
         this.topologyConf = ConfigUtils.overrideLoginConfigWithSystemProperty(ConfigUtils.readSupervisorStormConf(conf, topologyId));
 
+        // see STORM-3728.

Review comment:
       It is a little more than that.
   
   Currently no matter what value `pacemaker.auth.method` is, write to pacemaker is always allowed. see https://github.com/apache/storm/blob/master/docs/Pacemaker.md#security.
   
   Workers only write to pacemaker, so it can be just "NONE". 
   
   So I figured to use a JIRA ID to explain it.
   
   In the future, we want to 
   1) fix worker authentication with pacemaker
   2) secure write access on pacemaker
   
   
   




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org