[
https://issues.apache.org/jira/browse/APEXCORE-712?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15980261#comment-15980261
]
Sanjay M Pujare edited comment on APEXCORE-712 at 4/24/17 7:23 PM:
-------------------------------------------------------------------
This is to support the automatic mode i.e. the user doesn't need to
pre-populate security material on cluster nodes. The user only installs the
SSL config files on the Apex CLI machine from where the client packages it up
and deploys it on the App master node before the app master starts. It also
provides the path to the apex-ssl-server.xml file on the app-master.
The code in com.datatorrent.stram.StramClient.startApplication() needs to be
enhanced to support this functionality. The App master launch context is set
// Set up the container launch context for the application master
ContainerLaunchContext amContainer =
Records.newRecord(ContainerLaunchContext.class);
and the resources to be sent to the app master are set here:
// Set local resource info into app master container launch context
amContainer.setLocalResources(localResources);
The new code will look at the command line options (or other context depending
on how we implement the user interface for the feature) and populate the
localResources to include the 2 files mentioned below.
Stram needs the path to the Apex ssl-server.xml file and the path to apex
custom keystore file. The keystore password and key password are included in
the ssl-server.xml file. We will need to document the requirement/structure of
apex ssl-server.xml file.
was (Author: sanjaypujare):
Should follow
> Support distribution of custom SSL material to the Stram node while launch
> the app
> ----------------------------------------------------------------------------------
>
> Key: APEXCORE-712
> URL: https://issues.apache.org/jira/browse/APEXCORE-712
> Project: Apache Apex Core
> Issue Type: Improvement
> Reporter: Sanjay M Pujare
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This JIRA is dependent on APEXCORE-711. APEXCORE-711 talks about using a
> custom SSL configuration but assumes the SSL files (ssl-server.xml and the
> keystore) are already available on any cluster node so when the Stram starts
> it is able to find them. There are cases where users don't want to do this
> and they expect the Apex client to package these files so that they are
> copied to the App master node so when Stram starts it will find them in the
> expected location.
> Enhance the Apex client/launcher to distribute the custom SSL files (XML and
> the keystore) along with the application jars/resources so the user does not
> need to pre-distribute the custom SSL files.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
