use of org.apache.flink.runtime.security.SecurityConfiguration in project flink by apache.
the class YarnTaskExecutorRunnerTest method testDefaultKerberosKeytabConfiguration.
@Test
public void testDefaultKerberosKeytabConfiguration() throws Exception {
final String resourceDirPath = Paths.get("src", "test", "resources").toAbsolutePath().toString();
final Map<String, String> envs = new HashMap<>(2);
envs.put(YarnConfigKeys.KEYTAB_PRINCIPAL, "testuser1@domain");
envs.put(YarnConfigKeys.REMOTE_KEYTAB_PATH, resourceDirPath);
// Local keytab path will be populated from default YarnConfigOptions.LOCALIZED_KEYTAB_PATH
envs.put(YarnConfigKeys.LOCAL_KEYTAB_PATH, YarnConfigOptions.LOCALIZED_KEYTAB_PATH.defaultValue());
Configuration configuration = new Configuration();
YarnTaskExecutorRunner.setupAndModifyConfiguration(configuration, resourceDirPath, envs);
// the SecurityContext is installed on TaskManager startup
SecurityUtils.install(new SecurityConfiguration(configuration));
final List<SecurityModule> modules = SecurityUtils.getInstalledModules();
Optional<SecurityModule> moduleOpt = modules.stream().filter(module -> module instanceof HadoopModule).findFirst();
if (moduleOpt.isPresent()) {
HadoopModule hadoopModule = (HadoopModule) moduleOpt.get();
assertThat(hadoopModule.getSecurityConfig().getPrincipal(), is("testuser1@domain"));
assertThat(hadoopModule.getSecurityConfig().getKeytab(), is(new File(resourceDirPath, YarnConfigOptions.LOCALIZED_KEYTAB_PATH.defaultValue()).getAbsolutePath()));
} else {
fail("Can not find HadoopModule!");
}
assertThat(configuration.getString(SecurityOptions.KERBEROS_LOGIN_KEYTAB), is(new File(resourceDirPath, YarnConfigOptions.LOCALIZED_KEYTAB_PATH.defaultValue()).getAbsolutePath()));
assertThat(configuration.getString(SecurityOptions.KERBEROS_LOGIN_PRINCIPAL), is("testuser1@domain"));
}
Aggregations