Hello Will Berkeley, Alexey Serbin, Kudu Jenkins,
I'd like you to reexamine a change. Please visit
http://gerrit.cloudera.org:8080/4765
to look at the new patch set (#5).
Change subject: Enable GSSAPI for servers and ExternalMiniCluster
......................................................................
Enable GSSAPI for servers and ExternalMiniCluster
This adds a flag --server_require_kerberos, which makes the server only
advertise the GSSAPI mechanism. It also adds the appropriate hook to the
client to enable GSSAPI as a supported GSSAPI mechanism.
With this I was able to start a kudu master with the new flag enabled,
and then use Kerberos to authenticate a client.
This also adds some basic support to ExternalMiniCluster to start a
kerberized cluster. This involves starting a KDC, creating keytabs for
each server, passing the appropriate environment down as environment
variables, and setting up a client principal for the test itself.
Change-Id: I595469e9cc8b2b2f57e9726014eeeb8112595801
---
M src/kudu/integration-tests/CMakeLists.txt
M src/kudu/integration-tests/external_mini_cluster-test.cc
M src/kudu/integration-tests/external_mini_cluster.cc
M src/kudu/integration-tests/external_mini_cluster.h
M src/kudu/rpc/connection.cc
M src/kudu/security/mini_kdc.cc
M src/kudu/security/mini_kdc.h
M src/kudu/util/subprocess-test.cc
M src/kudu/util/subprocess.cc
M src/kudu/util/subprocess.h
10 files changed, 159 insertions(+), 15 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/65/4765/5
--
To view, visit http://gerrit.cloudera.org:8080/4765
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I595469e9cc8b2b2f57e9726014eeeb8112595801
Gerrit-PatchSet: 5
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Todd Lipcon <t...@apache.org>
Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com>
Gerrit-Reviewer: Dan Burkert <danburk...@apache.org>
Gerrit-Reviewer: Kudu Jenkins
Gerrit-Reviewer: Will Berkeley <wdberke...@gmail.com>
