[GitHub] samza pull request #72: SAMZA-1085 add CertFSFileSystem and SimpleCertFSFile...

Thu, 02 Mar 2017 11:47:34 -0800 

GitHub user fredji97 opened a pull request:

    https://github.com/apache/samza/pull/72

    SAMZA-1085 add CertFSFileSystem and SimpleCertFSFileSystem for handling 
certificate localization from CSR in yarn

    This is the implementation used during the experiment and testing. will add 
more unit tests and improve the TODO section in later PRs. 
    Currently implementation is tested manually with the following yarn 
configuration (yarn core-site.xml):
      <property>
        <name>fs.certfs.impl</name>
        <value>org.apache.samza.util.hadoop.CertFSFileSystem</value>
      </property>
    
      <property>
        <name>csr.ssl.truststore.type</name>
        <value>${csr.ssl.truststore.type}</value>
      </property>
    
      <property>
        <name>csr.ssl.truststore.location</name>
        <value>${csr.ssl.truststore.location}</value>
      </property>
    
      <property>
        <name>csr.ssl.truststore.password</name>
        <value>${csr.ssl.truststore.password}</value>
      </property>
    
      <property>
        <name>csr.ssl.keystore.type</name>
        <value>${csr.ssl.keystore.type}</value>
      </property>
    
      <property>
        <name>csr.ssl.keystore.location</name>
        <value>${csr.ssl.keystore.location}</value>
      </property>
    
      <property>
        <name>csr.ssl.keystore.password</name>
        <value>${csr.ssl.keystore.password}</value>
      </property>
    
      <property>
        <name>csr.ssl.key.password</name>
        <value>${csr.ssl.key.password}</value>
      </property>
    
      <property>
        <name>csr.ssl.bcstyle.x500name</name>
        <value>${csr.ssl.bcstyle.x500name}</value>
      </property>
    
    The tested uri is 
certfs://lca1-app0739.corp.linkedin.com:10180/grestin/request_service_certificate?fabric=dev&application=test_application&instance=i001
    The generated certificate is found in the corresponding application cache 
for the specific application. (in my testing env, it is 
export/content/data/samsa-yarn/usercache/samza-ji/ap461_0093/container_e03_1487135111461_0093_02_000001/identity.p12)

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/fredji97/samza certfs

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/samza/pull/72.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #72
    
----
commit d46b5371e8a3c2001d5d346d93617a921ab8fd1f
Author: Fred Ji <f...@linkedin.com>
Date:   2017-03-02T18:24:06Z

    SAMZA-1085: adding the samza-yarn dependency on httpClient and 
bouncyCastle, which are used for https post request and json parsing on CSR 
request/response

commit f1a196d1b25d0192bf086c71e72d683ce2cae674
Author: Fred Ji <f...@linkedin.com>
Date:   2017-03-02T19:41:28Z

    SAMZA-1085 add CertFSFileSystem and SimpleCertFSFileSystem for handling 
certificate localization from CSR in yarn

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Reply via email to