SLIDER-801 use AM cert generation for accumulo app package and its SSL funtests
Project: http://git-wip-us.apache.org/repos/asf/incubator-slider/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-slider/commit/cdda804a Tree: http://git-wip-us.apache.org/repos/asf/incubator-slider/tree/cdda804a Diff: http://git-wip-us.apache.org/repos/asf/incubator-slider/diff/cdda804a Branch: refs/heads/feature/package_simplification_II Commit: cdda804a5043793e2b8acfdcf359e2a498926d91 Parents: bf293b9 Author: Billie Rinaldi <billie.rina...@gmail.com> Authored: Tue Feb 24 07:13:11 2015 -0800 Committer: Billie Rinaldi <billie.rina...@gmail.com> Committed: Tue Mar 10 08:54:29 2015 -0700 ---------------------------------------------------------------------- app-packages/accumulo/appConfig-default.json | 1 - .../accumulo/appConfig-secured-default.json | 1 - .../accumulo/appConfig-ssl-default.json | 99 +++++++ .../accumulo/configuration/accumulo-env.xml | 2 +- app-packages/accumulo/configuration/client.xml | 5 - .../package/scripts/accumulo_configuration.py | 73 ++--- app-packages/accumulo/package/scripts/params.py | 21 +- .../package/templates/accumulo-env.sh.j2 | 42 --- app-packages/accumulo/pom.xml | 1 + app-packages/accumulo/src/assembly/accumulo.xml | 7 + .../funtest/accumulo/AccumuloBasicIT.groovy | 6 +- .../accumulo/AccumuloMonitorSSLIT.groovy | 8 + .../funtest/accumulo/AccumuloReadWriteIT.groovy | 3 +- .../accumulo/AccumuloReadWriteSSLIT.groovy | 27 +- .../funtest/accumulo/AccumuloSSLTestBase.groovy | 86 +----- .../slider/funtest/accumulo/CertUtil.java | 275 ------------------- pom.xml | 2 +- .../providers/agent/AgentProviderService.java | 6 +- 18 files changed, 176 insertions(+), 489 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/appConfig-default.json ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/appConfig-default.json b/app-packages/accumulo/appConfig-default.json index d3f963e..85c6985 100644 --- a/app-packages/accumulo/appConfig-default.json +++ b/app-packages/accumulo/appConfig-default.json @@ -28,7 +28,6 @@ "site.proxy.port": "${ACCUMULO_PROXY.ALLOCATED_PORT}{PER_CONTAINER}", "site.global.accumulo_root_password": "NOT_USED", - "site.global.ssl_cert_dir": "ssl", "site.global.monitor_protocol": "http", "site.accumulo-site.instance.volumes": "${DEFAULT_DATA_DIR}/data", http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/appConfig-secured-default.json ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/appConfig-secured-default.json b/app-packages/accumulo/appConfig-secured-default.json index 3332662..6d8abaa 100644 --- a/app-packages/accumulo/appConfig-secured-default.json +++ b/app-packages/accumulo/appConfig-secured-default.json @@ -29,7 +29,6 @@ "site.proxy.port": "${ACCUMULO_PROXY.ALLOCATED_PORT}{PER_CONTAINER}", "site.global.accumulo_root_password": "NOT_USED", - "site.global.ssl_cert_dir": "ssl", "site.global.monitor_protocol": "http", "site.accumulo-site.instance.volumes": "${DEFAULT_DATA_DIR}/data", http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/appConfig-ssl-default.json ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/appConfig-ssl-default.json b/app-packages/accumulo/appConfig-ssl-default.json new file mode 100644 index 0000000..9781e5f --- /dev/null +++ b/app-packages/accumulo/appConfig-ssl-default.json @@ -0,0 +1,99 @@ +{ + "schema": "http://example.org/specification/v2.0.0", + "metadata": { + }, + "global": { + "application.def": ".slider/package/ACCUMULO/${app.package.name}.zip", + "java_home": "${app.java.home}", + + "slider.component.keystore.credential.alias.property": "rpc.javax.net.ssl.keyStorePassword", + "slider.component.truststore.credential.alias.property": "rpc.javax.net.ssl.trustStorePassword", + + "site.global.app_root": "${AGENT_WORK_ROOT}/app/install/accumulo-${accumulo.version}", + "site.global.app_user": "${app.user}", + "site.global.user_group": "${app.user.group}", + + "site.global.metric_collector_host": "${NN_HOST}", + "site.global.metric_collector_port": "6188", + "site.global.metric_collector_lib": "", + + "site.accumulo-env.java_home": "${JAVA_HOME}", + "site.accumulo-env.tserver_heapsize": "256m", + "site.accumulo-env.master_heapsize": "128m", + "site.accumulo-env.monitor_heapsize": "64m", + "site.accumulo-env.gc_heapsize": "64m", + "site.accumulo-env.other_heapsize": "128m", + "site.accumulo-env.hadoop_prefix": "${hadoop.dir}", + "site.accumulo-env.hadoop_conf_dir": "/etc/hadoop/conf", + "site.accumulo-env.zookeeper_home": "${zk.dir}", + + "site.client.instance.name": "${USER}-${CLUSTER_NAME}", + + "site.proxy.port": "${ACCUMULO_PROXY.ALLOCATED_PORT}{PER_CONTAINER}", + + "site.global.accumulo_root_password": "NOT_USED", + "site.global.monitor_protocol": "http", + + "site.accumulo-site.instance.volumes": "${DEFAULT_DATA_DIR}/data", + "site.accumulo-site.instance.zookeeper.host": "${ZK_HOST}", + "site.accumulo-site.instance.security.authenticator": "org.apache.slider.accumulo.CustomAuthenticator", + + "site.accumulo-site.general.security.credential.provider.paths": "jceks://hdfs/user/${USER}/accumulo-${CLUSTER_NAME}.jceks", + "site.accumulo-site.instance.rpc.ssl.enabled": "true", + "site.accumulo-site.instance.rpc.ssl.clientAuth": "true", + "site.accumulo-site.general.kerberos.keytab": "${accumulo.keytab}", + "site.accumulo-site.general.kerberos.principal": "${accumulo.principal}", + "site.accumulo-site.rpc.javax.net.ssl.keyStore": "${AGENT_WORK_ROOT}/secstores/keystore-${COMPONENT_NAME}.p12", + "site.accumulo-site.rpc.javax.net.ssl.keyStoreType": "PKCS12", + "site.accumulo-site.rpc.javax.net.ssl.trustStore": "${AGENT_WORK_ROOT}/secstores/truststore-${COMPONENT_NAME}.p12", + "site.accumulo-site.rpc.javax.net.ssl.trustStoreType": "PKCS12", + + "site.accumulo-site.tserver.memory.maps.native.enabled": "false", + "site.accumulo-site.tserver.memory.maps.max": "80M", + "site.accumulo-site.tserver.cache.data.size": "7M", + "site.accumulo-site.tserver.cache.index.size": "20M", + "site.accumulo-site.tserver.sort.buffer.size": "50M", + "site.accumulo-site.tserver.walog.max.size": "40M", + + "site.accumulo-site.trace.user": "root", + + "site.accumulo-site.master.port.client": "0", + "site.accumulo-site.trace.port.client": "0", + "site.accumulo-site.tserver.port.client": "0", + "site.accumulo-site.gc.port.client": "0", + "site.accumulo-site.monitor.port.client": "${ACCUMULO_MONITOR.ALLOCATED_PORT}", + "site.accumulo-site.monitor.port.log4j": "0", + "site.accumulo-site.master.replication.coordinator.port": "0", + "site.accumulo-site.replication.receipt.service.port": "0", + + "site.accumulo-site.general.classpaths": "$ACCUMULO_HOME/lib/accumulo-server.jar,\n$ACCUMULO_HOME/lib/accumulo-core.jar,\n$ACCUMULO_HOME/lib/accumulo-start.jar,\n$ACCUMULO_HOME/lib/accumulo-fate.jar,\n$ACCUMULO_HOME/lib/accumulo-proxy.jar,\n$ACCUMULO_HOME/lib/[^.].*.jar,\n$ZOOKEEPER_HOME/zookeeper[^.].*.jar,\n$HADOOP_CONF_DIR,\n${@//site/accumulo-env/hadoop_conf_dir},\n$HADOOP_PREFIX/[^.].*.jar,\n$HADOOP_PREFIX/lib/[^.].*.jar,\n$HADOOP_PREFIX/share/hadoop/common/.*.jar,\n$HADOOP_PREFIX/share/hadoop/common/lib/.*.jar,\n$HADOOP_PREFIX/share/hadoop/hdfs/.*.jar,\n$HADOOP_PREFIX/share/hadoop/mapreduce/.*.jar,\n$HADOOP_PREFIX/share/hadoop/yarn/.*.jar,\n${hadoop.dir}/.*.jar,\n${hadoop.dir}/lib/.*.jar,\n${hdfs.dir}/.*.jar,\n${mapred.dir}/.*.jar,\n${yarn.dir}/.*.jar," + }, + "credentials": { + "jceks://hdfs/user/${USER}/accumulo-${CLUSTER_NAME}.jceks": ["root.initial.password", "instance.secret", "trace.token.property.password", "rpc.javax.net.ssl.keyStorePassword", "rpc.javax.net.ssl.trustStorePassword"] + }, + "components": { + "slider-appmaster": { + "jvm.heapsize": "256M", + "slider.am.keytab.local.path": "${accumulo.headless.keytab}", + "slider.keytab.principal.name": "${accumulo.headless.principal}" + }, + "ACCUMULO_MASTER": { + "slider.component.security.stores.required": "true" + }, + "ACCUMULO_TSERVER": { + "slider.component.security.stores.required": "true" + }, + "ACCUMULO_MONITOR": { + "slider.component.security.stores.required": "true" + }, + "ACCUMULO_GC": { + "slider.component.security.stores.required": "true" + }, + "ACCUMULO_TRACER": { + "slider.component.security.stores.required": "true" + }, + "ACCUMULO_PROXY": { + "slider.component.security.stores.required": "true" + } + } +} http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/configuration/accumulo-env.xml ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/configuration/accumulo-env.xml b/app-packages/accumulo/configuration/accumulo-env.xml index 65b6804..b993a5c 100644 --- a/app-packages/accumulo/configuration/accumulo-env.xml +++ b/app-packages/accumulo/configuration/accumulo-env.xml @@ -75,7 +75,7 @@ export HADOOP_PREFIX=${@//site/accumulo-env/hadoop_prefix} export HADOOP_CONF_DIR=${@//site/accumulo-env/hadoop_conf_dir} export JAVA_HOME=${@//site/accumulo-env/java_home} export ZOOKEEPER_HOME=${@//site/accumulo-env/zookeeper_home} -export ACCUMULO_LOG_DIR=$ACCUMULO_HOME/logs +export ACCUMULO_LOG_DIR=${@//site/global/app_log_dir} export ACCUMULO_TSERVER_OPTS="-Xmx${@//site/accumulo-env/tserver_heapsize} -Xms${@//site/accumulo-env/tserver_heapsize}" export ACCUMULO_MASTER_OPTS="-Xmx${@//site/accumulo-env/master_heapsize} -Xms${@//site/accumulo-env/master_heapsize}" export ACCUMULO_MONITOR_OPTS="-Xmx${@//site/accumulo-env/monitor_heapsize} -Xms${@//site/accumulo-env/monitor_heapsize}" http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/configuration/client.xml ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/configuration/client.xml b/app-packages/accumulo/configuration/client.xml index 481b7d1..313f6b6 100644 --- a/app-packages/accumulo/configuration/client.xml +++ b/app-packages/accumulo/configuration/client.xml @@ -41,9 +41,4 @@ <value>${@//site/accumulo-site/instance.rpc.ssl.clientAuth}</value> <description>SSL client auth enabled.</description> </property> - <property> - <name>general.security.credential.provider.paths</name> - <value>${@//site/accumulo-site/general.security.credential.provider.paths}</value> - <description>Client credential provider containing cert passwords.</description> - </property> </configuration> http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/package/scripts/accumulo_configuration.py ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/package/scripts/accumulo_configuration.py b/app-packages/accumulo/package/scripts/accumulo_configuration.py index c55994c..3a0e2ed 100644 --- a/app-packages/accumulo/package/scripts/accumulo_configuration.py +++ b/app-packages/accumulo/package/scripts/accumulo_configuration.py @@ -30,43 +30,6 @@ def setup_conf_dir(name=None): # 'master' or 'tserver' or 'monitor' or 'gc' or ' recursive = True ) - ssl_params = False - if params.ssl_enabled or (params.monitor_security_enabled and - name == 'monitor'): - import os - - ssl_params = True - if os.path.exists(params.keystore_path) or os.path.exists(params.truststore_path): - if os.path.exists(params.keystore_path) and os.path.exists(params.truststore_path): - # assume keystores were already set up properly - pass - else: - self.fail_with_error("something went wrong when certs were created") - - Directory( format("{params.conf_dir}/ssl"), - owner = params.accumulo_user, - group = params.user_group, - recursive = True - ) - if not os.path.exists(params.truststore_path): - Execute( format("{hadoop_prefix}/bin/hadoop fs -get {params.ssl_cert_dir}/truststore.jks " - "{params.truststore_path}"), - user=params.accumulo_user) - File( params.truststore_path, - mode=0600, - group=params.user_group, - owner=params.accumulo_user, - replace=False) - if not os.path.exists(params.keystore_path): - Execute( format("{hadoop_prefix}/bin/hadoop fs -get {params.ssl_cert_dir}/{params.hostname}.jks " - "{params.keystore_path}"), - user=params.accumulo_user) - File( params.keystore_path, - mode=0600, - group=params.user_group, - owner=params.accumulo_user, - replace=False) - jarname = "SliderAccumuloUtils.jar" File(format("{params.accumulo_root}/lib/{jarname}"), mode=0644, @@ -90,22 +53,10 @@ def setup_conf_dir(name=None): # 'master' or 'tserver' or 'monitor' or 'gc' or ' recursive = True ) - configs = {} - if ssl_params: - configs.update(params.config['configurations']['accumulo-site']) - if (params.monitor_security_enabled and name == 'monitor'): - configs[params.monitor_keystore_property] = params.keystore_path - configs[params.monitor_truststore_property] = params.truststore_path - if params.ssl_enabled: - configs[params.ssl_keystore_file_property] = params.keystore_path - configs[params.ssl_truststore_file_property] = params.truststore_path - else: - configs = params.config['configurations']['accumulo-site'] - # create a site file for server processes XmlConfig( "accumulo-site.xml", conf_dir = params.conf_dir, - configurations = configs, + configurations = params.config['configurations']['accumulo-site'], owner = params.accumulo_user, group = params.user_group, mode=0600 @@ -124,11 +75,23 @@ def setup_conf_dir(name=None): # 'master' or 'tserver' or 'monitor' or 'gc' or ' ) # create env file - accumulo_TemplateConfig( 'accumulo-env.sh') + File(format("{params.conf_dir}/accumulo-env.sh"), + mode=0644, + group=params.user_group, + owner=params.accumulo_user, + content=InlineTemplate(params.env_sh_template) + ) # create client.conf file + configs = {} + configs.update(params.config['configurations']['client']) + update_site_config(configs, 'general.security.credential.provider.paths') + update_site_config(configs, 'rpc.javax.net.ssl.trustStore') + update_site_config(configs, 'rpc.javax.net.ssl.trustStoreType') + update_site_config(configs, 'rpc.javax.net.ssl.keyStore') + update_site_config(configs, 'rpc.javax.net.ssl.keyStoreType') PropertiesFile(format("{params.conf_dir}/client.conf"), - properties = params.config['configurations']['client'], + properties = configs, owner = params.accumulo_user, group = params.user_group ) @@ -175,6 +138,12 @@ def setup_conf_dir(name=None): # 'master' or 'tserver' or 'monitor' or 'gc' or ' group = params.user_group ) +# update configs +def update_site_config(configs, name): + import params + if name in params.config['configurations']['accumulo-site']: + configs[name] = params.config['configurations']['accumulo-site'][name] + # create file 'name' from template def accumulo_TemplateConfig(name, tag=None http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/package/scripts/params.py b/app-packages/accumulo/package/scripts/params.py index 3a53cd6..11bcbd9 100644 --- a/app-packages/accumulo/package/scripts/params.py +++ b/app-packages/accumulo/package/scripts/params.py @@ -51,29 +51,10 @@ log_dir = config['configurations']['global']['app_log_dir'] daemon_script = format("{accumulo_root}/bin/accumulo") proxy_conf = format("{conf_dir}/proxy.properties") -# accumulo monitor certificate properties -monitor_security_enabled = config['configurations']['global']['monitor_protocol'] == "https" -monitor_keystore_property = "monitor.ssl.keyStore" -monitor_truststore_property = "monitor.ssl.trustStore" - -# accumulo ssl properties -ssl_enabled = False -if 'instance.rpc.ssl.enabled' in config['configurations']['accumulo-site']: - ssl_enabled = config['configurations']['accumulo-site']['instance.rpc.ssl.enabled'] +# accumulo clientauth clientauth_enabled = False if 'instance.rpc.ssl.clientAuth' in config['configurations']['accumulo-site']: clientauth_enabled = config['configurations']['accumulo-site']['instance.rpc.ssl.clientAuth'] -ssl_cert_dir = config['configurations']['global']['ssl_cert_dir'] -keystore_path = format("{conf_dir}/ssl/keystore.jks") -truststore_path = format("{conf_dir}/ssl/truststore.jks") -ssl_keystore_file_property = "rpc.javax.net.ssl.keyStore" -ssl_truststore_file_property = "rpc.javax.net.ssl.trustStore" -credential_provider = config['configurations']['accumulo-site']["general.security.credential.provider.paths"] -#credential_provider = credential_provider.replace("${HOST}", hostname) # if enabled, must propagate to configuration -if ssl_keystore_file_property in config['configurations']['accumulo-site']: - keystore_path = config['configurations']['accumulo-site'][ssl_keystore_file_property] -if ssl_truststore_file_property in config['configurations']['accumulo-site']: - truststore_path = config['configurations']['accumulo-site'][ssl_truststore_file_property] # accumulo initialization parameters accumulo_instance_name = config['configurations']['client']['instance.name'] http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/package/templates/accumulo-env.sh.j2 ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/package/templates/accumulo-env.sh.j2 b/app-packages/accumulo/package/templates/accumulo-env.sh.j2 deleted file mode 100755 index 9e365af..0000000 --- a/app-packages/accumulo/package/templates/accumulo-env.sh.j2 +++ /dev/null @@ -1,42 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -### -### Configure these environment variables to point to your local installations. -### -### The functional tests require conditional values, so keep this style: -### -### test -z "$JAVA_HOME" && export JAVA_HOME=/usr/local/lib/jdk-1.6.0 -### -### -### Note that the -Xmx -Xms settings below require substantial free memory: -### you may want to use smaller values, especially when running everything -### on a single machine. -### - -export HADOOP_PREFIX={{hadoop_prefix}} -export HADOOP_CONF_DIR={{hadoop_conf_dir}} -export JAVA_HOME={{java64_home}} -export ZOOKEEPER_HOME={{zookeeper_home}} -export ACCUMULO_LOG_DIR={{log_dir}} -export ACCUMULO_CONF_DIR={{conf_dir}} -export ACCUMULO_TSERVER_OPTS="-Xmx{{tserver_heapsize}} -Xms{{tserver_heapsize}}" -export ACCUMULO_MASTER_OPTS="-Xmx{{master_heapsize}} -Xms{{master_heapsize}}" -export ACCUMULO_MONITOR_OPTS="-Xmx{{monitor_heapsize}} -Xms{{monitor_heapsize}}" -export ACCUMULO_GC_OPTS="-Xmx{{gc_heapsize}} -Xms{{gc_heapsize}}" -export ACCUMULO_GENERAL_OPTS="-XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -Djava.net.preferIPv4Stack=true" -export ACCUMULO_OTHER_OPTS="-Xmx{{other_heapsize}} -Xms{{other_heapsize}}" -# what do when the JVM runs out of heap memory -export ACCUMULO_KILL_CMD='kill -9 %p' http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/pom.xml ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/pom.xml b/app-packages/accumulo/pom.xml index 678ace5..a04a2b0 100644 --- a/app-packages/accumulo/pom.xml +++ b/app-packages/accumulo/pom.xml @@ -242,6 +242,7 @@ <targetPath>${test.app.resources.dir}</targetPath> <includes> <include>appConfig-default.json</include> + <include>appConfig-ssl-default.json</include> </includes> </resource> </resources> http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/src/assembly/accumulo.xml ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/src/assembly/accumulo.xml b/app-packages/accumulo/src/assembly/accumulo.xml index d63fb28..14993a0 100644 --- a/app-packages/accumulo/src/assembly/accumulo.xml +++ b/app-packages/accumulo/src/assembly/accumulo.xml @@ -42,6 +42,12 @@ <fileMode>0755</fileMode> </file> <file> + <source>appConfig-ssl-default.json</source> + <outputDirectory>/</outputDirectory> + <filtered>true</filtered> + <fileMode>0755</fileMode> + </file> + <file> <source>clientInstallConfig-default.json</source> <outputDirectory>/</outputDirectory> <filtered>true</filtered> @@ -78,6 +84,7 @@ <exclude>target/**</exclude> <exclude>appConfig-default.json</exclude> <exclude>appConfig-secured-default.json</exclude> + <exclude>appConfig-ssl-default.json</exclude> <exclude>clientInstallConfig-default.json</exclude> <exclude>metainfo.xml</exclude> </excludes> http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloBasicIT.groovy ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloBasicIT.groovy b/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloBasicIT.groovy index 4f6d6da..2d137be 100644 --- a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloBasicIT.groovy +++ b/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloBasicIT.groovy @@ -53,11 +53,15 @@ class AccumuloBasicIT extends AccumuloAgentCommandTestBase { return sysprop("test.app.resources.dir") + "/resources.json" } + protected String getDefaultTemplate() { + return sysprop("test.app.resources.dir") + "/appConfig-default.json" + } + protected String getAppTemplate() { String appTemplateFile = templateName() Configuration conf = new Configuration() FileSystem fs = FileSystem.getLocal(conf) - InputStream stream = new FileInputStream(sysprop("test.app.resources.dir") + "/appConfig-default.json") + InputStream stream = new FileInputStream(getDefaultTemplate()) assert stream!=null, "Couldn't pull appConfig.json from app pkg" ConfTreeSerDeser c = new ConfTreeSerDeser() ConfTree t = c.fromStream(stream) http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloMonitorSSLIT.groovy ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloMonitorSSLIT.groovy b/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloMonitorSSLIT.groovy index 12f89e0..73cfda7 100644 --- a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloMonitorSSLIT.groovy +++ b/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloMonitorSSLIT.groovy @@ -30,6 +30,14 @@ class AccumuloMonitorSSLIT extends AccumuloSSLTestBase { protected ConfTree modifyTemplate(ConfTree confTree) { confTree.global.put("site.global.monitor_protocol", "https") + confTree.global.put("site.accumulo-site.monitor.ssl.keyStore", + confTree.global.get("site.accumulo-site.rpc.javax.net.ssl.keyStore")) + confTree.global.put("site.accumulo-site.monitor.ssl.keyStoreType", + confTree.global.get("site.accumulo-site.rpc.javax.net.ssl.keyStoreType")) + confTree.global.put("site.accumulo-site.monitor.ssl.trustStore", + confTree.global.get("site.accumulo-site.rpc.javax.net.ssl.trustStore")) + confTree.global.put("site.accumulo-site.monitor.ssl.trustStoreType", + confTree.global.get("site.accumulo-site.rpc.javax.net.ssl.trustStoreType")) String jks = confTree.global.get(PROVIDER_PROPERTY) def keys = confTree.credentials.get(jks) keys.add("monitor.ssl.keyStorePassword") http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloReadWriteIT.groovy ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloReadWriteIT.groovy b/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloReadWriteIT.groovy index b4118d2..0b9fd9a 100644 --- a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloReadWriteIT.groovy +++ b/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloReadWriteIT.groovy @@ -28,7 +28,6 @@ import org.apache.accumulo.test.VerifyIngest import org.apache.hadoop.registry.client.api.RegistryConstants import org.apache.slider.api.ClusterDescription import org.apache.slider.client.SliderClient -import org.apache.slider.common.SliderXmlConfKeys import org.apache.slider.funtest.framework.FuntestProperties import java.util.concurrent.atomic.AtomicBoolean @@ -71,6 +70,7 @@ class AccumuloReadWriteIT extends AccumuloBasicIT { public static void ingest(Connector connector, int rows, int cols, int width, int offset) throws Exception { TestIngest.Opts opts = new TestIngest.Opts(); + opts.setPrincipal(USER); opts.rows = rows; opts.cols = cols; opts.dataSize = width; @@ -83,6 +83,7 @@ class AccumuloReadWriteIT extends AccumuloBasicIT { public static void verify(Connector connector, int rows, int cols, int width, int offset) throws Exception { ScannerOpts scannerOpts = new ScannerOpts(); VerifyIngest.Opts opts = new VerifyIngest.Opts(); + opts.setPrincipal(USER); opts.rows = rows; opts.cols = cols; opts.dataSize = width; http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloReadWriteSSLIT.groovy ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloReadWriteSSLIT.groovy b/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloReadWriteSSLIT.groovy index 0464cec..b67cd5c 100644 --- a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloReadWriteSSLIT.groovy +++ b/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloReadWriteSSLIT.groovy @@ -24,7 +24,6 @@ import org.apache.accumulo.core.client.security.tokens.PasswordToken import org.apache.hadoop.registry.client.api.RegistryConstants import org.apache.slider.api.ClusterDescription import org.apache.slider.client.SliderClient -import org.apache.slider.common.SliderXmlConfKeys import org.apache.slider.funtest.framework.FuntestProperties import static org.apache.slider.funtest.accumulo.AccumuloReadWriteIT.ingest @@ -32,6 +31,10 @@ import static org.apache.slider.funtest.accumulo.AccumuloReadWriteIT.interleaveT import static org.apache.slider.funtest.accumulo.AccumuloReadWriteIT.verify class AccumuloReadWriteSSLIT extends AccumuloSSLTestBase { + protected static final File trustStoreFile = new File(TEST_APP_PKG_DIR, "truststore.p12") + protected static final File clientKeyStoreFile = new File(TEST_APP_PKG_DIR, "keystore.p12") + public static final String STORE_TYPE = "PKCS12" + @Override public String getClusterName() { return "test_read_write_ssl"; @@ -50,13 +53,31 @@ class AccumuloReadWriteSSLIT extends AccumuloSSLTestBase { .withInstance(tree.global.get("site.client.instance.name")) .withZkHosts(zookeepers) .withSsl(true) - .withKeystore(clientKeyStoreFile.toString(), KEY_PASS, null) - .withTruststore(trustStoreFile.toString(), TRUST_PASS, null) + .withKeystore(clientKeyStoreFile.toString(), KEY_PASS, STORE_TYPE) + .withTruststore(trustStoreFile.toString(), TRUST_PASS, STORE_TYPE) return new ZooKeeperInstance(conf) } @Override public void clusterLoadOperations(ClusterDescription cd, SliderClient sliderClient) { + slider(EXIT_SUCCESS, + [ + ACTION_CLIENT, + ARG_GETCERTSTORE, + ARG_KEYSTORE, clientKeyStoreFile.getCanonicalPath(), + ARG_NAME, getClusterName(), + ARG_PASSWORD, KEY_PASS + ]) + + slider(EXIT_SUCCESS, + [ + ACTION_CLIENT, + ARG_GETCERTSTORE, + ARG_TRUSTSTORE, trustStoreFile.getCanonicalPath(), + ARG_NAME, getClusterName(), + ARG_PASSWORD, TRUST_PASS + ]) + try { ZooKeeperInstance instance = getInstance() Connector connector = instance.getConnector(USER, new PasswordToken(PASSWORD)) http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloSSLTestBase.groovy ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloSSLTestBase.groovy b/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloSSLTestBase.groovy index cea28b1..240aad1 100644 --- a/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloSSLTestBase.groovy +++ b/app-packages/accumulo/src/test/groovy/org/apache/slider/funtest/accumulo/AccumuloSSLTestBase.groovy @@ -17,14 +17,6 @@ */ package org.apache.slider.funtest.accumulo -import groovy.json.JsonSlurper -import org.apache.accumulo.core.conf.Property -import org.apache.hadoop.conf.Configuration -import org.apache.hadoop.fs.Path -import org.apache.hadoop.yarn.conf.YarnConfiguration -import org.apache.slider.core.conf.ConfTree -import org.apache.slider.funtest.framework.AgentUploads -import org.junit.Before import org.junit.BeforeClass import javax.net.ssl.KeyManager @@ -36,21 +28,13 @@ import java.security.cert.CertificateException import java.security.cert.X509Certificate class AccumuloSSLTestBase extends AccumuloBasicIT { - protected static final File trustStoreFile = new File(TEST_APP_PKG_DIR, "truststore.jks") - protected static final File clientKeyStoreFile = new File(TEST_APP_PKG_DIR, "keystore.jks") protected String templateName() { return sysprop("test.app.resources.dir") + "/appConfig_ssl.json" } - protected ConfTree modifyTemplate(ConfTree confTree) { - confTree.global.put("site.accumulo-site.instance.rpc.ssl.enabled", "true") - confTree.global.put("site.accumulo-site.instance.rpc.ssl.clientAuth", "true") - String jks = confTree.global.get(PROVIDER_PROPERTY) - def keys = confTree.credentials.get(jks) - keys.add("rpc.javax.net.ssl.keyStorePassword") - keys.add("rpc.javax.net.ssl.trustStorePassword") - return confTree + protected String getDefaultTemplate() { + return sysprop("test.app.resources.dir") + "/appConfig-ssl-default.json" } @Override @@ -72,72 +56,6 @@ class AccumuloSSLTestBase extends AccumuloBasicIT { SSLContext.setDefault(ctx); } - @Before - public void createCerts() { - Path certDir = new Path(clusterFS.homeDirectory, - tree.global.get("site.global.ssl_cert_dir")) - if (clusterFS.exists(certDir)) { - clusterFS.delete(certDir, true) - } - clusterFS.mkdirs(certDir) - - Configuration conf = loadSliderConf() - String provider = tree.global.get(PROVIDER_PROPERTY) - provider = provider.replace("hdfs/user", - conf.get("fs.defaultFS").replace("://", "@") + "/user") - File rootKeyStoreFile = new File(TEST_APP_PKG_DIR, "root.jks") - - if (!rootKeyStoreFile.exists() && !trustStoreFile.exists()) { - CertUtil.createRootKeyPair(rootKeyStoreFile.toString(), - Property.INSTANCE_SECRET.toString(), trustStoreFile.toString(), - Property.RPC_SSL_TRUSTSTORE_PASSWORD.toString(), provider); - } - - AgentUploads agentUploads = new AgentUploads(SLIDER_CONFIG) - agentUploads.uploader.copyIfOutOfDate(trustStoreFile, new Path(certDir, - "truststore.jks"), false) - - for (node in getNodeList(conf)) { - File keyStoreFile = new File(TEST_APP_PKG_DIR, node + ".jks") - if (!keyStoreFile.exists()) { - CertUtil.createServerKeyPair(keyStoreFile.toString(), - Property.RPC_SSL_KEYSTORE_PASSWORD.toString(), - rootKeyStoreFile.toString(), Property.INSTANCE_SECRET.toString(), - provider, node); - } - agentUploads.uploader.copyIfOutOfDate(keyStoreFile, new Path(certDir, - node + ".jks"), false) - } - - if (!clientKeyStoreFile.exists()) { - CertUtil.createServerKeyPair(clientKeyStoreFile.toString(), - Property.RPC_SSL_KEYSTORE_PASSWORD.toString(), - rootKeyStoreFile.toString(), Property.INSTANCE_SECRET.toString(), - provider, InetAddress.getLocalHost().getHostName()); - } - } - - def getNodeList(Configuration conf) { - String address - if (YarnConfiguration.useHttps(conf)) { - address = "https://" + conf.get(YarnConfiguration.RM_WEBAPP_HTTPS_ADDRESS, - YarnConfiguration.DEFAULT_RM_WEBAPP_HTTPS_ADDRESS); - } else { - address = "http://" + conf.get(YarnConfiguration.RM_WEBAPP_ADDRESS, - YarnConfiguration.DEFAULT_RM_WEBAPP_ADDRESS); - } - address = address.replace("0.0.0.0", conf.get(YarnConfiguration.RM_ADDRESS) - .split(":")[0]) - address = address + "/ws/v1/cluster/nodes" - def slurper = new JsonSlurper() - def result = slurper.parse(new URL(address)) - def hosts = [] - for (host in result.nodes.node) { - hosts.add(host.nodeHostName) - } - return hosts.unique() - } - private static class DefaultTrustManager implements X509TrustManager { @Override public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {} http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/app-packages/accumulo/src/test/java/org/apache/slider/funtest/accumulo/CertUtil.java ---------------------------------------------------------------------- diff --git a/app-packages/accumulo/src/test/java/org/apache/slider/funtest/accumulo/CertUtil.java b/app-packages/accumulo/src/test/java/org/apache/slider/funtest/accumulo/CertUtil.java deleted file mode 100644 index 8bac58f..0000000 --- a/app-packages/accumulo/src/test/java/org/apache/slider/funtest/accumulo/CertUtil.java +++ /dev/null @@ -1,275 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.slider.funtest.accumulo; - - -import org.apache.slider.accumulo.ProviderUtil; -import sun.security.x509.AlgorithmId; -import sun.security.x509.CertificateAlgorithmId; -import sun.security.x509.CertificateIssuerName; -import sun.security.x509.CertificateSerialNumber; -import sun.security.x509.CertificateSubjectName; -import sun.security.x509.CertificateValidity; -import sun.security.x509.CertificateVersion; -import sun.security.x509.CertificateX509Key; -import sun.security.x509.X500Name; -import sun.security.x509.X509CertImpl; -import sun.security.x509.X509CertInfo; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.InvalidKeyException; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.SecureRandom; -import java.security.SignatureException; -import java.security.UnrecoverableKeyException; -import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.util.Date; -import java.util.Enumeration; - -public class CertUtil { - - public static void createRootKeyPair(String keyStoreFile, - String keyStorePasswordProperty, String trustStoreFile, - String trustStorePasswordProperty, String credentialProvider) - throws Exception { - char[] keyStorePassword = ProviderUtil.getPassword(credentialProvider, - keyStorePasswordProperty); - char[] trustStorePassword = ProviderUtil.getPassword(credentialProvider, - trustStorePasswordProperty); - - createSelfSignedCert(keyStoreFile, "root", keyStorePassword); - createPublicCert(trustStoreFile, "root", keyStoreFile, keyStorePassword, - trustStorePassword); - } - - public static void createServerKeyPair(String keyStoreFile, - String keyStorePasswordProperty, String rootKeyStoreFile, - String rootKeyStorePasswordProperty, String credentialProvider, - String hostname) - throws Exception { - char[] keyStorePassword = ProviderUtil.getPassword(credentialProvider, - keyStorePasswordProperty); - char[] rootKeyStorePassword = ProviderUtil.getPassword(credentialProvider, - rootKeyStorePasswordProperty); - - createSignedCert(keyStoreFile, "server", hostname, keyStorePassword, - rootKeyStoreFile, rootKeyStorePassword); - } - - - private static final String keystoreType = "JKS"; - private static final int keysize = 2048; - private static final String encryptionAlgorithm = "RSA"; - private static final String signingAlgorithm = "SHA256WITHRSA"; - private static final String issuerDirString = ",O=Apache Slider"; - - public static void createPublicCert(String targetKeystoreFile, String keyName, - String rootKeystorePath, char[] rootKeystorePassword, - char[] truststorePassword) throws KeyStoreException, - IOException, CertificateException, NoSuchAlgorithmException { - KeyStore signerKeystore = KeyStore.getInstance(keystoreType); - char[] signerPasswordArray = rootKeystorePassword; - FileInputStream rootKeystoreInputStream = null; - try{ - rootKeystoreInputStream = new FileInputStream(rootKeystorePath); - signerKeystore.load(rootKeystoreInputStream, signerPasswordArray); - } finally { - if(rootKeystoreInputStream != null) { - rootKeystoreInputStream.close(); - } - } - Certificate rootCert = findCert(signerKeystore); - - KeyStore keystore = KeyStore.getInstance(keystoreType); - keystore.load(null, null); - keystore.setCertificateEntry(keyName + "Cert", rootCert); - FileOutputStream targetKeystoreOutputStream = null; - try{ - targetKeystoreOutputStream = new FileOutputStream(targetKeystoreFile); - keystore.store(targetKeystoreOutputStream, truststorePassword); - } finally { - if(targetKeystoreOutputStream != null) { - targetKeystoreOutputStream.close(); - } - } - } - - public static void createSignedCert(String targetKeystoreFile, - String keyName, String hostname, char[] keystorePassword, - String signerKeystorePath, char[] signerKeystorePassword) - throws Exception { - KeyStore signerKeystore = KeyStore.getInstance(keystoreType); - char[] signerPasswordArray = signerKeystorePassword; - FileInputStream signerKeystoreInputStream = null; - try{ - signerKeystoreInputStream = new FileInputStream(signerKeystorePath); - signerKeystore.load(signerKeystoreInputStream, signerPasswordArray); - } finally { - if (signerKeystoreInputStream != null) { - signerKeystoreInputStream.close(); - } - } - Certificate signerCert = findCert(signerKeystore); - PrivateKey signerKey = findPrivateKey(signerKeystore, signerPasswordArray); - - KeyPair kp = generateKeyPair(); - Certificate cert = generateCert(hostname, kp, false, - signerCert.getPublicKey(), signerKey); - - char[] password = keystorePassword; - KeyStore keystore = KeyStore.getInstance(keystoreType); - keystore.load(null, null); - keystore.setCertificateEntry(keyName + "Cert", cert); - keystore.setKeyEntry(keyName + "Key", kp.getPrivate(), password, new Certificate[] {cert, signerCert}); - FileOutputStream targetKeystoreOutputStream = null; - try{ - targetKeystoreOutputStream = new FileOutputStream(targetKeystoreFile); - keystore.store(targetKeystoreOutputStream, password); - } finally { - if (targetKeystoreOutputStream != null){ - targetKeystoreOutputStream.close(); - } - } - } - - public static void createSelfSignedCert(String targetKeystoreFileName, - String keyName, char[] keystorePassword) - throws IOException, NoSuchAlgorithmException, CertificateException, - NoSuchProviderException, InvalidKeyException, SignatureException, - KeyStoreException { - File targetKeystoreFile = new File(targetKeystoreFileName); - if (targetKeystoreFile.exists()) { - throw new IOException("File exists: "+targetKeystoreFile); - } - - KeyPair kp = generateKeyPair(); - - Certificate cert = generateCert(null, kp, true, - kp.getPublic(), kp.getPrivate()); - - char[] password = keystorePassword; - KeyStore keystore = KeyStore.getInstance(keystoreType); - keystore.load(null, null); - keystore.setCertificateEntry(keyName + "Cert", cert); - keystore.setKeyEntry(keyName + "Key", kp.getPrivate(), password, new Certificate[] {cert}); - FileOutputStream targetKeystoreOutputStream = null; - try{ - targetKeystoreOutputStream = new FileOutputStream(targetKeystoreFile); - keystore.store(targetKeystoreOutputStream, password); - } finally { - if (targetKeystoreOutputStream != null) { - targetKeystoreOutputStream.close(); - } - } - } - - private static KeyPair generateKeyPair() throws NoSuchAlgorithmException { - KeyPairGenerator gen = KeyPairGenerator.getInstance(encryptionAlgorithm); - gen.initialize(keysize); - return gen.generateKeyPair(); - } - - private static X509Certificate generateCert( - String hostname, KeyPair kp, boolean isCertAuthority, - PublicKey signerPublicKey, PrivateKey signerPrivateKey) - throws IOException, CertificateException, NoSuchProviderException, - NoSuchAlgorithmException, InvalidKeyException, SignatureException { - X500Name issuer = new X500Name("CN=root" + issuerDirString); - X500Name subject; - if (hostname == null) { - subject = issuer; - } else { - subject = new X500Name("CN=" + hostname + issuerDirString); - } - - X509CertInfo info = new X509CertInfo(); - Date from = new Date(); - Date to = new Date(from.getTime() + 365 * 86400000l); - CertificateValidity interval = new CertificateValidity(from, to); - BigInteger sn = new BigInteger(64, new SecureRandom()); - - info.set(X509CertInfo.VALIDITY, interval); - info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn)); - info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(subject)); - info.set(X509CertInfo.ISSUER, new CertificateIssuerName(issuer)); - info.set(X509CertInfo.KEY, new CertificateX509Key(kp.getPublic())); - info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3)); - AlgorithmId algo = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid); - info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo)); - - // Sign the cert to identify the algorithm that's used. - X509CertImpl cert = new X509CertImpl(info); - cert.sign(signerPrivateKey, signingAlgorithm); - - // Update the algorithm, and resign. - algo = (AlgorithmId)cert.get(X509CertImpl.SIG_ALG); - info.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, algo); - cert = new X509CertImpl(info); - cert.sign(signerPrivateKey, signingAlgorithm); - return cert; - } - - private static Certificate findCert(KeyStore keyStore) throws KeyStoreException { - Enumeration<String> aliases = keyStore.aliases(); - Certificate cert = null; - while (aliases.hasMoreElements()) { - String alias = aliases.nextElement(); - if (keyStore.isCertificateEntry(alias)) { - // assume only one cert - cert = keyStore.getCertificate(alias); - break; - } - } - if (cert == null) { - throw new KeyStoreException("Could not find cert in keystore"); - } - return cert; - } - - private static PrivateKey findPrivateKey(KeyStore keyStore, char[] keystorePassword) - throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException { - Enumeration<String> aliases = keyStore.aliases(); - PrivateKey key = null; - while (aliases.hasMoreElements()) { - String alias = aliases.nextElement(); - if (keyStore.isKeyEntry(alias)) { - // assume only one key - key = (PrivateKey) keyStore.getKey(alias, keystorePassword); - break; - } - } - if (key == null) { - throw new KeyStoreException("Could not find private key in keystore"); - } - return key; - } - -} http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index 0d58b2b..16bdd72 100644 --- a/pom.xml +++ b/pom.xml @@ -135,7 +135,7 @@ <hadoop.version>2.6.0</hadoop.version> <hbase.version>0.99.0</hbase.version> - <accumulo.version>1.6.1</accumulo.version> + <accumulo.version>1.7.0-SNAPSHOT</accumulo.version> <!-- artifact versions --> http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/cdda804a/slider-core/src/main/java/org/apache/slider/providers/agent/AgentProviderService.java ---------------------------------------------------------------------- diff --git a/slider-core/src/main/java/org/apache/slider/providers/agent/AgentProviderService.java b/slider-core/src/main/java/org/apache/slider/providers/agent/AgentProviderService.java index 1eeb8e5..bdf168e 100644 --- a/slider-core/src/main/java/org/apache/slider/providers/agent/AgentProviderService.java +++ b/slider-core/src/main/java/org/apache/slider/providers/agent/AgentProviderService.java @@ -1858,7 +1858,7 @@ public class AgentProviderService extends AbstractProviderService implements Map<String, Map<String, String>> configurations = new TreeMap<String, Map<String, String>>(); - Map<String, String> tokens = getStandardTokenMap(appConf); + Map<String, String> tokens = getStandardTokenMap(appConf, componentName); Set<String> configs = new HashSet<String>(); configs.addAll(getApplicationConfigurationTypes()); @@ -1900,7 +1900,8 @@ public class AgentProviderService extends AbstractProviderService implements } } - private Map<String, String> getStandardTokenMap(ConfTreeOperations appConf) throws SliderException { + private Map<String, String> getStandardTokenMap(ConfTreeOperations appConf, + String componentName) throws SliderException { Map<String, String> tokens = new HashMap<String, String>(); String nnuri = appConf.get("site.fs.defaultFS"); tokens.put("${NN_URI}", nnuri); @@ -1912,6 +1913,7 @@ public class AgentProviderService extends AbstractProviderService implements .getGlobalOptions() .getMandatoryOption(InternalKeys.INTERNAL_DATA_DIR_PATH)); tokens.put("${JAVA_HOME}", appConf.get(AgentKeys.JAVA_HOME)); + tokens.put("${COMPONENT_NAME}", componentName); return tokens; }