Example 1 with ServiceKeytabRequest
use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest in project cloudbreak by hortonworks.
the class CmServiceKeytabRequestFactory method create.
public ServiceKeytabRequest create(Stack stack, GatewayConfig primaryGatewayConfig) {
ServiceKeytabRequest request = new ServiceKeytabRequest();
request.setEnvironmentCrn(stack.getEnvironmentCrn());
request.setClusterCrn(stack.getResourceCrn());
String fqdn = primaryGatewayConfig.getHostname();
request.setServerHostName(fqdn);
String hostname = StringUtils.substringBefore(fqdn, ".");
if (!fqdn.equals(hostname)) {
request.setServerHostNameAlias(hostname);
}
request.setServiceName("CM");
request.setDoNotRecreateKeytab(Boolean.TRUE);
RoleRequest roleRequest = new RoleRequest();
roleRequest.setRoleName("hadoopadminrole-" + stack.getName());
roleRequest.setPrivileges(Set.of("Service Administrators", "Certificate Administrators", "Host Administrators", "CA Administrator"));
request.setRoleRequest(roleRequest);
return request;
}
Also used :
ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest)
RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)
Example 2 with ServiceKeytabRequest
use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest in project cloudbreak by hortonworks.
the class FreeIpaUpgradeTests method generateServiceKeytab.
private void generateServiceKeytab(com.sequenceiq.freeipa.api.client.FreeIpaClient ipaClient, String environmentCrn) {
try {
ServiceKeytabRequest serviceKeytabRequest = new ServiceKeytabRequest();
serviceKeytabRequest.setEnvironmentCrn(environmentCrn);
serviceKeytabRequest.setServiceName("test");
serviceKeytabRequest.setServerHostName("test.local");
serviceKeytabRequest.setDoNotRecreateKeytab(Boolean.FALSE);
ipaClient.getKerberosMgmtV1Endpoint().generateServiceKeytab(serviceKeytabRequest, null);
} catch (Exception e) {
logger.error("Generate Service keytab test failed during upgrade", e);
throw new TestFailException("Generate Service keytab test failed during upgrade with: " + e.getMessage(), e);
}
}
Also used :
ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest)
TestFailException(com.sequenceiq.it.cloudbreak.exception.TestFailException)
WebApplicationException(javax.ws.rs.WebApplicationException)
TestFailException(com.sequenceiq.it.cloudbreak.exception.TestFailException)
Example 3 with ServiceKeytabRequest
use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest in project cloudbreak by hortonworks.
the class CmServiceKeytabRequestFactoryTest method testAliasCreationWithFQDN.
@Test
public void testAliasCreationWithFQDN() {
Stack stack = TestUtil.stack();
GatewayConfig primaryGatewayConfig = create("fqdn.stest.cloudera.site");
ServiceKeytabRequest request = underTest.create(stack, primaryGatewayConfig);
assertEquals("CM", request.getServiceName());
assertEquals("fqdn.stest.cloudera.site", request.getServerHostName());
assertEquals("fqdn", request.getServerHostNameAlias());
}
Also used :
ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest)
Stack(com.sequenceiq.cloudbreak.domain.stack.Stack)
GatewayConfig(com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)
Test(org.junit.Test)
Example 4 with ServiceKeytabRequest
use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest in project cloudbreak by hortonworks.
the class CmServiceKeytabRequestFactoryTest method testAliasCreationWithHostname.
@Test
public void testAliasCreationWithHostname() {
Stack stack = TestUtil.stack();
GatewayConfig primaryGatewayConfig = create("fqdn");
ServiceKeytabRequest request = underTest.create(stack, primaryGatewayConfig);
assertEquals("CM", request.getServiceName());
assertEquals("fqdn", request.getServerHostName());
assertNull("Alias shall be null if it is identical with fqdn", request.getServerHostNameAlias());
}
Also used :
ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest)
Stack(com.sequenceiq.cloudbreak.domain.stack.Stack)
GatewayConfig(com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)
Test(org.junit.Test)
Example 5 with ServiceKeytabRequest
use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest in project cloudbreak by hortonworks.
the class ServiceKeytabServiceTest method testGetExistingWithRoleRequest.
@Test
public void testGetExistingWithRoleRequest() {
ServiceKeytabRequest request = new ServiceKeytabRequest();
request.setEnvironmentCrn(ENVIRONMENT_CRN);
request.setServiceName(SERVICE_NAME);
request.setServerHostName(HOST);
request.setRoleRequest(new RoleRequest());
assertThrows(KeytabCreationException.class, () -> underTest.getExistingServiceKeytab(request, ACCOUNT_ID));
}
Also used :
ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest)
RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)
Test(org.junit.jupiter.api.Test)
Aggregations
ServiceKeytabRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest)16
Test (org.junit.jupiter.api.Test)12
RoleRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)8
ServiceKeytabResponse (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse)8
FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)7
Service (com.sequenceiq.freeipa.client.model.Service)5
JsonRpcClientException (com.googlecode.jsonrpc4j.JsonRpcClientException)3
FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)3
Stack (com.sequenceiq.cloudbreak.domain.stack.Stack)2
GatewayConfig (com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)2
SecretResponse (com.sequenceiq.cloudbreak.service.secret.model.SecretResponse)2
Test (org.junit.Test)2
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)2
TestFailException (com.sequenceiq.it.cloudbreak.exception.TestFailException)1
WebApplicationException (javax.ws.rs.WebApplicationException)1
