Examples with Gateway com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway used on opensource projects

Example 6 with Gateway

use of com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway in project cloudbreak by hortonworks.

the class KnoxGatewayConfigProviderTest method roleConfigsWithGatewayWithLdapConfig.

@Test
public void roleConfigsWithGatewayWithLdapConfig() {
    Gateway gateway = new Gateway();
    gateway.setKnoxMasterSecret("admin");
    gateway.setPath("/a/b/c");
    IdBroker idBroker = new IdBroker();
    idBroker.setMasterSecret("supersecret");
    BlueprintTextProcessor blueprintTextProcessor = mock(BlueprintTextProcessor.class);
    LdapView ldapConfig = LdapViewBuilder.aLdapView().build();
    BlueprintView blueprintView = new BlueprintView("text", "7.2.11", "CDH", blueprintTextProcessor);
    GeneralClusterConfigs generalClusterConfigs = new GeneralClusterConfigs();
    generalClusterConfigs.setAccountId(Optional.of("1234"));
    TemplatePreparationObject source = Builder.builder().withGateway(gateway, "key", new HashSet<>()).withLdapConfig(ldapConfig).withGeneralClusterConfigs(generalClusterConfigs).withBlueprintView(blueprintView).withVirtualGroupView(new VirtualGroupRequest(TestConstants.CRN, "")).withProductDetails(new ClouderaManagerRepo().withVersion("7.4.2"), List.of(new ClouderaManagerProduct().withVersion("7.2.10").withName("CDH"))).withIdBroker(idBroker).build();
    when(virtualGroupService.createOrGetVirtualGroup(source.getVirtualGroupRequest(), UmsVirtualGroupRight.KNOX_ADMIN)).thenReturn("knox_admins");
    when(entitlementService.isOjdbcTokenDhOneHour(anyString())).thenReturn(true);
    assertEquals(List.of(config("idbroker_master_secret", "supersecret"), config("idbroker_gateway_knox_admin_groups", "knox_admins"), config("idbroker_gateway_signing_keystore_name", "signing.jks"), config("idbroker_gateway_signing_keystore_type", "JKS"), config("idbroker_gateway_signing_key_alias", "signing-identity")), underTest.getRoleConfigs(KnoxRoles.IDBROKER, source));
    assertEquals(List.of(config("gateway_master_secret", gateway.getKnoxMasterSecret()), config("gateway_default_topology_name", "cdp-proxy"), config("gateway_knox_admin_groups", "knox_admins"), config("gateway_auto_discovery_enabled", "false"), config("gateway_path", gateway.getPath()), config("gateway_signing_keystore_name", "signing.jks"), config("gateway_signing_keystore_type", "JKS"), config("gateway_signing_key_alias", "signing-identity"), config("gateway_dispatch_whitelist", "^*.*$"), config("gateway_service_tokenstate_impl", "org.apache.knox.gateway.services.token.impl.JDBCTokenStateService")), ThreadBasedUserCrnProvider.doAs(TEST_USER_CRN, () -> underTest.getRoleConfigs(KnoxRoles.KNOX_GATEWAY, source)));
    assertEquals(List.of(), underTest.getRoleConfigs("NAMENODE", source));
}

Example 7 with Gateway

use of com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway in project cloudbreak by hortonworks.

the class KnoxGatewayConfigProviderTest method roleConfigsWithGateway.

@Test
public void roleConfigsWithGateway() {
    GatewayTopology topology = new GatewayTopology();
    topology.setTopologyName("my-topology");
    topology.setExposedServices(Json.silent(new ExposedServices()));
    Gateway gateway = new Gateway();
    gateway.setKnoxMasterSecret("admin");
    gateway.setPath("/a/b/c");
    gateway.setTopologies(Set.of(topology));
    GeneralClusterConfigs generalClusterConfigs = new GeneralClusterConfigs();
    generalClusterConfigs.setAccountId(Optional.of("1234"));
    IdBroker idBroker = new IdBroker();
    idBroker.setMasterSecret("supersecret");
    BlueprintTextProcessor blueprintTextProcessor = mock(BlueprintTextProcessor.class);
    BlueprintView blueprintView = new BlueprintView("text", "7.2.11", "CDH", blueprintTextProcessor);
    TemplatePreparationObject source = Builder.builder().withGateway(gateway, "key", new HashSet<>()).withGeneralClusterConfigs(generalClusterConfigs).withBlueprintView(blueprintView).withVirtualGroupView(new VirtualGroupRequest(TestConstants.CRN, "")).withProductDetails(new ClouderaManagerRepo().withVersion("7.4.2"), List.of(new ClouderaManagerProduct().withVersion("7.2.10").withName("CDH"))).withIdBroker(idBroker).build();
    when(virtualGroupService.createOrGetVirtualGroup(source.getVirtualGroupRequest(), UmsVirtualGroupRight.KNOX_ADMIN)).thenReturn("");
    when(entitlementService.isOjdbcTokenDhOneHour(anyString())).thenReturn(true);
    assertEquals(List.of(config("idbroker_master_secret", "supersecret"), config("idbroker_gateway_knox_admin_groups", ""), config("idbroker_gateway_signing_keystore_name", "signing.jks"), config("idbroker_gateway_signing_keystore_type", "JKS"), config("idbroker_gateway_signing_key_alias", "signing-identity")), underTest.getRoleConfigs(KnoxRoles.IDBROKER, source));
    assertEquals(List.of(config("gateway_master_secret", gateway.getKnoxMasterSecret()), config("gateway_default_topology_name", gateway.getTopologies().iterator().next().getTopologyName()), config("gateway_knox_admin_groups", ""), config("gateway_auto_discovery_enabled", "false"), config("gateway_path", gateway.getPath()), config("gateway_signing_keystore_name", "signing.jks"), config("gateway_signing_keystore_type", "JKS"), config("gateway_signing_key_alias", "signing-identity"), config("gateway_dispatch_whitelist", "^*.*$"), config("gateway_service_tokenstate_impl", "org.apache.knox.gateway.services.token.impl.JDBCTokenStateService")), ThreadBasedUserCrnProvider.doAs(TEST_USER_CRN, () -> underTest.getRoleConfigs(KnoxRoles.KNOX_GATEWAY, source)));
    assertEquals(List.of(), underTest.getRoleConfigs("NAMENODE", source));
}

Example 8 with Gateway

use of com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway in project cloudbreak by hortonworks.

the class KnoxGatewayConfigProviderTest method testGetAdditionalServicesWhenKnoxRequestedAndBlueprintDoesNoContainKnox.

@Test
public void testGetAdditionalServicesWhenKnoxRequestedAndBlueprintDoesNoContainKnox() {
    HostgroupView master = new HostgroupView("master", 1, InstanceGroupType.GATEWAY, 1);
    HostgroupView worker = new HostgroupView("worker", 2, InstanceGroupType.CORE, 2);
    Gateway gateway = new Gateway();
    TemplatePreparationObject preparationObject = Builder.builder().withHostgroupViews(Set.of(master, worker)).withGateway(gateway, "key", new HashSet<>()).build();
    String inputJson = getBlueprintText("input/clouderamanager.bp");
    CmTemplateProcessor cmTemplateProcessor = new CmTemplateProcessor(inputJson);
    Map<String, ApiClusterTemplateService> additionalServices = underTest.getAdditionalServices(cmTemplateProcessor, preparationObject);
    ApiClusterTemplateService knox = additionalServices.get("master");
    assertEquals(1, additionalServices.size());
    assertNotNull(knox);
    assertEquals("KNOX", knox.getServiceType());
    assertEquals("knox", knox.getRefName());
    ApiClusterTemplateRoleConfigGroup roleConfigGroup = knox.getRoleConfigGroups().get(0);
    assertEquals("KNOX_GATEWAY", roleConfigGroup.getRoleType());
    assertTrue(roleConfigGroup.getBase());
}

Example 9 with Gateway

use of com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway in project cloudbreak by hortonworks.

the class S3ConfigProviderTest method getTemplatePreparationObject.

private TemplatePreparationObject getTemplatePreparationObject(boolean useS3FileSystem, boolean fillDynamoTableName, boolean includeLocations) {
    HostgroupView master = new HostgroupView("master", 1, InstanceGroupType.GATEWAY, 1);
    HostgroupView worker = new HostgroupView("worker", 2, InstanceGroupType.CORE, 2);
    List<StorageLocationView> locations = new ArrayList<>();
    if (includeLocations) {
        locations.add(new StorageLocationView(getStorageLocation("hive.metastore.warehouse.dir", "s3a://bucket-first/warehouse/managed")));
        locations.add(new StorageLocationView(getStorageLocation("hive.metastore.warehouse.external.dir", "s3a://bucket-first/warehouse/external")));
        locations.add(new StorageLocationView(getStorageLocation("ranger_plugin_hdfs_audit_url", "s3a://bucket-second/ranger/audit")));
    }
    BaseFileSystemConfigurationsView fileSystemConfigurationsView;
    if (useS3FileSystem) {
        S3FileSystem s3FileSystem = new S3FileSystem();
        if (fillDynamoTableName) {
            s3FileSystem.setS3GuardDynamoTableName("dynamoTable");
        }
        fileSystemConfigurationsView = new S3FileSystemConfigurationsView(s3FileSystem, locations, false);
    } else {
        fileSystemConfigurationsView = new AdlsFileSystemConfigurationsView(new AdlsFileSystem(), locations, false);
    }
    Gateway gateway = TestUtil.gatewayEnabledWithExposedKnoxServices("NAMENODE");
    PlacementView placementView = new PlacementView("region", "az");
    return Builder.builder().withFileSystemConfigurationView(fileSystemConfigurationsView).withHostgroupViews(Set.of(master, worker)).withGateway(gateway, "/cb/secret/signkey", new HashSet<>()).withPlacementView(placementView).withDefaultTags(Map.of("apple", "apple1")).build();
}

Example 10 with Gateway

use of com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway in project cloudbreak by hortonworks.

the class HueConfigProviderTest method getProxyHostsWhenLoadBalancerConfigured.

@Test
public void getProxyHostsWhenLoadBalancerConfigured() {
    BlueprintView blueprintView = getMockBlueprintView("7.0.1", "7.0.1");
    RDSConfig rdsConfig = new RDSConfig();
    rdsConfig.setType(HUE);
    rdsConfig.setConnectionURL(String.format("jdbc:%s://%s:%s/%s", DB_PROVIDER, HOST, PORT, DB_NAME));
    rdsConfig.setConnectionUserName(USER_NAME);
    rdsConfig.setConnectionPassword(PASSWORD);
    String expectedExternalFQDN = "myaddress.cloudera.site";
    String expectedLBFQDN = "loadbalancer-gateway.cloudera.site";
    GeneralClusterConfigs generalClusterConfigs = new GeneralClusterConfigs();
    generalClusterConfigs.setExternalFQDN(expectedExternalFQDN);
    generalClusterConfigs.setKnoxUserFacingCertConfigured(true);
    generalClusterConfigs.setPrimaryGatewayInstanceDiscoveryFQDN(Optional.empty());
    generalClusterConfigs.setLoadBalancerGatewayFqdn(Optional.of(expectedLBFQDN));
    TemplatePreparationObject tpo = new Builder().withGeneralClusterConfigs(generalClusterConfigs).withGateway(new Gateway(), "", new HashSet<>()).withBlueprintView(blueprintView).withRdsConfigs(Set.of(rdsConfig)).build();
    List<ApiClusterTemplateVariable> result = underTest.getServiceConfigVariables(tpo);
    Map<String, String> paramToVariable = result.stream().collect(Collectors.toMap(ApiClusterTemplateVariable::getName, ApiClusterTemplateVariable::getValue));
    String proxyHostsExpected1 = String.join(",", expectedExternalFQDN, expectedLBFQDN);
    String proxyHostsExpected2 = String.join(",", expectedLBFQDN, expectedExternalFQDN);
    String expectedSafetyValveValue1 = "[desktop]\n[[knox]]\nknox_proxyhosts=".concat(proxyHostsExpected1);
    String expectedSafetyValveValue2 = "[desktop]\n[[knox]]\nknox_proxyhosts=".concat(proxyHostsExpected2);
    assertThat(paramToVariable).containsAnyOf(new SimpleEntry<>("hue-hue_service_safety_valve", expectedSafetyValveValue1), new SimpleEntry<>("hue-hue_service_safety_valve", expectedSafetyValveValue2));
}