elek opened a new pull request #1: URL: https://github.com/apache/ozone-docker-testkrb5/pull/1
Today ozonesecure compose clusters (and ozonesecure-ha and ozonesecure-mr) use an adhoc keytab issuer. The issuer is download during the [image creation](https://github.com/apache/ozone/blob/master/hadoop-ozone/dist/src/main/compose/common/docker-image/docker-krb5/Dockerfile-krb5) and uses a [third party](https://github.com/flokkr/issuer) go lang application to create the keytabs on-demand. As discussed earlier, it would be faster to use a dedicacated, pre-built container image which includes the pre-created keytabs instead of issuing them on-the fly. For each of the tagged images we can export to current keytabs to `hadoop-ozone/dist/src/main/compose/` which can be mounted to the compose clusters. It makes the overall acceptance test faster (instead of creating keytab, which is quite slow, we can start the cluster immediately). And we don't need to depend on an external utility app. Pre-created keytabs are also more similar to production environment... ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@ozone.apache.org For additional commands, e-mail: dev-h...@ozone.apache.org
