Ethan Li created FLINK-9685:
-------------------------------
Summary: Flink should support hostname-substitution for
security.kerberos.login.principal
Key: FLINK-9685
URL: https://issues.apache.org/jira/browse/FLINK-9685
Project: Flink
Issue Type: Improvement
Reporter: Ethan Li
[https://github.com/apache/flink/blob/master/flink-runtime/src/main/java/org/apache/flink/runtime/security/SecurityConfiguration.java#L83]
We can have something like this
{code:java}
String rawPrincipal =
flinkConf.getString(SecurityOptions.KERBEROS_LOGIN_PRINCIPAL);
if (rawPrincipal != null) {
try {
rawPrincipal = rawPrincipal.replace("HOSTNAME",
InetAddress.getLocalHost().getCanonicalHostName());
} catch (UnknownHostException e) {
LOG.error("Failed to replace HOSTNAME with localhost because {}", e);
}
}
this.principal = rawPrincipal;
{code}
So it will be easier to deploy flink to cluster. Instead of setting different
principal on every node, we can have the same principal
headless_user/HOSTNAME@DOMAIN .
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
