[
https://issues.apache.org/jira/browse/WHIRR-642?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Steve Loughran updated WHIRR-642:
---------------------------------
Attachment: whirr-642.diff
This patch omits the configuration dump and so keeps secrets secret:
{code}
Started cluster of 2 instances
Cluster{instances=[Instance{roles=[hadoop-datanode, hadoop-tasktracker],
publicIp=54.245.30.157, privateIp=10.252.34.203, id=us-west-2/i-79d3aa4a,
nodeMetadata={id=us-west-2/i-79d3aa4a, providerId=i-79d3aa4a,
name=hdp1-79d3aa4a, location={scope=ZONE, id=us-west-2b,
description=us-west-2b, parent=us-west-2, iso3166Codes=[US-OR]}, group=hdp1,
imageId=us-west-2/ami-3659d706, os={family=unrecognized, arch=paravirtual,
version=, description=597934776782/HDP node, is64Bit=true},
status=RUNNING[running], loginPort=22, hostname=ip-10-252-34-203,
privateAddresses=[10.252.34.203], publicAddresses=[54.245.30.157],
hardware={id=t1.micro, providerId=t1.micro, processors=[{cores=1.0,
speed=1.0}], ram=630, volumes=[{id=vol-c999e7ef, type=SAN, device=/dev/sda1,
bootDevice=true, durable=true}], hypervisor=xen,
supportsImage=And(requiresRootDeviceType(ebs),Or(isWindows(),requiresVirtualizationType(paravirtual)),ALWAYS_TRUE,ALWAYS_TRUE)},
loginUser=ec2-user, userMetadata={Name=hdp1-79d3aa4a}}},
Instance{roles=[hadoop-namenode, hadoop-jobtracker, hadoop-datanode,
hadoop-tasktracker], publicIp=50.112.35.185, privateIp=10.252.48.62,
id=us-west-2/i-63d3aa50, nodeMetadata={id=us-west-2/i-63d3aa50,
providerId=i-63d3aa50, name=hdp1-63d3aa50, location={scope=ZONE, id=us-west-2b,
description=us-west-2b, parent=us-west-2, iso3166Codes=[US-OR]}, group=hdp1,
imageId=us-west-2/ami-3659d706, os={family=unrecognized, arch=paravirtual,
version=, description=597934776782/HDP node, is64Bit=true},
status=RUNNING[running], loginPort=22, hostname=ip-10-252-48-62,
privateAddresses=[10.252.48.62], publicAddresses=[50.112.35.185],
hardware={id=t1.micro, providerId=t1.micro, processors=[{cores=1.0,
speed=1.0}], ram=630, volumes=[{id=vol-d499e7f2, type=SAN, device=/dev/sda1,
bootDevice=true, durable=true}], hypervisor=xen,
supportsImage=And(requiresRootDeviceType(ebs),Or(isWindows(),requiresVirtualizationType(paravirtual)),ALWAYS_TRUE,ALWAYS_TRUE)},
loginUser=ec2-user, userMetadata={Name=hdp1-63d3aa50}}}]}
{code}
> Whirr writes the AWS Secret key to the stdout. is it an unforeseen byproduct
> or intended behavior?
> --------------------------------------------------------------------------------------------------
>
> Key: WHIRR-642
> URL: https://issues.apache.org/jira/browse/WHIRR-642
> Project: Whirr
> Issue Type: Bug
> Components: cli
> Affects Versions: 0.7.1
> Environment: OSX Mountain Lion
> Reporter: P Mohan
> Attachments: whirr-642.diff
>
>
> I used Whirr to launch a CDH cluster. Towards the end the whirr output has
> the AWS secret key in plain text as shown below.
> fs.s3.awsSecretAccessKey=qBqa*********************************, fs.s3.a
> wsAccessKeyId=AKIA*****************,
> hadoop.rpc.socket.factory.class.default=org.apache.hadoop.net.SocksSocketFactory,
> fs.default.name=hdfs://ec2-**********.compute-1.amazonaws.c
> om:8020/, fs.s3n.awsSecretAccessKey=qBqaott5*************************}}
> is this intended behavior. Would it be not better to mask or not print the
> AWS Secret key to the stdout.
> One gd thing i noticed is that the AWS Secret Key is not written to the
> whirr.log file. Can we not have the same behavior for the stdout as well ?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
