Search in sources :

Example 11 with SecurityConfiguration

use of org.apache.flink.runtime.security.SecurityConfiguration in project flink by apache.

the class YarnTaskExecutorRunnerTest method testDefaultKerberosKeytabConfiguration.

@Test
public void testDefaultKerberosKeytabConfiguration() throws Exception {
    final String resourceDirPath = Paths.get("src", "test", "resources").toAbsolutePath().toString();
    final Map<String, String> envs = new HashMap<>(2);
    envs.put(YarnConfigKeys.KEYTAB_PRINCIPAL, "testuser1@domain");
    envs.put(YarnConfigKeys.REMOTE_KEYTAB_PATH, resourceDirPath);
    // Local keytab path will be populated from default YarnConfigOptions.LOCALIZED_KEYTAB_PATH
    envs.put(YarnConfigKeys.LOCAL_KEYTAB_PATH, YarnConfigOptions.LOCALIZED_KEYTAB_PATH.defaultValue());
    Configuration configuration = new Configuration();
    YarnTaskExecutorRunner.setupAndModifyConfiguration(configuration, resourceDirPath, envs);
    // the SecurityContext is installed on TaskManager startup
    SecurityUtils.install(new SecurityConfiguration(configuration));
    final List<SecurityModule> modules = SecurityUtils.getInstalledModules();
    Optional<SecurityModule> moduleOpt = modules.stream().filter(module -> module instanceof HadoopModule).findFirst();
    if (moduleOpt.isPresent()) {
        HadoopModule hadoopModule = (HadoopModule) moduleOpt.get();
        assertThat(hadoopModule.getSecurityConfig().getPrincipal(), is("testuser1@domain"));
        assertThat(hadoopModule.getSecurityConfig().getKeytab(), is(new File(resourceDirPath, YarnConfigOptions.LOCALIZED_KEYTAB_PATH.defaultValue()).getAbsolutePath()));
    } else {
        fail("Can not find HadoopModule!");
    }
    assertThat(configuration.getString(SecurityOptions.KERBEROS_LOGIN_KEYTAB), is(new File(resourceDirPath, YarnConfigOptions.LOCALIZED_KEYTAB_PATH.defaultValue()).getAbsolutePath()));
    assertThat(configuration.getString(SecurityOptions.KERBEROS_LOGIN_PRINCIPAL), is("testuser1@domain"));
}
Also used : SecurityOptions(org.apache.flink.configuration.SecurityOptions) SecurityModule(org.apache.flink.runtime.security.modules.SecurityModule) Configuration(org.apache.flink.configuration.Configuration) Test(org.junit.Test) HashMap(java.util.HashMap) SecurityConfiguration(org.apache.flink.runtime.security.SecurityConfiguration) File(java.io.File) YarnConfigOptions(org.apache.flink.yarn.configuration.YarnConfigOptions) HadoopModule(org.apache.flink.runtime.security.modules.HadoopModule) Assert.assertThat(org.junit.Assert.assertThat) List(java.util.List) Paths(java.nio.file.Paths) Map(java.util.Map) SecurityUtils(org.apache.flink.runtime.security.SecurityUtils) TestLogger(org.apache.flink.util.TestLogger) Optional(java.util.Optional) Matchers.is(org.hamcrest.Matchers.is) Assert.fail(org.junit.Assert.fail) Matchers.containsString(org.hamcrest.Matchers.containsString) Configuration(org.apache.flink.configuration.Configuration) SecurityConfiguration(org.apache.flink.runtime.security.SecurityConfiguration) HashMap(java.util.HashMap) HadoopModule(org.apache.flink.runtime.security.modules.HadoopModule) Matchers.containsString(org.hamcrest.Matchers.containsString) SecurityConfiguration(org.apache.flink.runtime.security.SecurityConfiguration) File(java.io.File) SecurityModule(org.apache.flink.runtime.security.modules.SecurityModule) Test(org.junit.Test)

Aggregations

SecurityConfiguration (org.apache.flink.runtime.security.SecurityConfiguration)11 Configuration (org.apache.flink.configuration.Configuration)9 GlobalConfiguration (org.apache.flink.configuration.GlobalConfiguration)4 File (java.io.File)3 UndeclaredThrowableException (java.lang.reflect.UndeclaredThrowableException)3 Test (org.junit.Test)3 Paths (java.nio.file.Paths)2 HashMap (java.util.HashMap)2 List (java.util.List)2 Map (java.util.Map)2 Optional (java.util.Optional)2 SecurityOptions (org.apache.flink.configuration.SecurityOptions)2 SecurityUtils (org.apache.flink.runtime.security.SecurityUtils)2 HadoopModule (org.apache.flink.runtime.security.modules.HadoopModule)2 SecurityModule (org.apache.flink.runtime.security.modules.SecurityModule)2 TestLogger (org.apache.flink.util.TestLogger)2 YarnConfigOptions (org.apache.flink.yarn.configuration.YarnConfigOptions)2 Matchers.containsString (org.hamcrest.Matchers.containsString)2 Matchers.is (org.hamcrest.Matchers.is)2 Assert.assertThat (org.junit.Assert.assertThat)2