apex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sanjay M Pujare (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (APEXCORE-712) Support distribution of custom SSL material to the Stram node while launch the app
Date Mon, 24 Apr 2017 19:24:04 GMT

    [ https://issues.apache.org/jira/browse/APEXCORE-712?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15980261#comment-15980261

Sanjay M Pujare edited comment on APEXCORE-712 at 4/24/17 7:23 PM:

This is to support the automatic mode i.e. the user doesn't need to pre-populate security
material on cluster nodes.  The user only installs the SSL config files on the Apex CLI machine
from where the client packages it up and deploys it on the App master node before the app
master starts. It also provides the path to the apex-ssl-server.xml file on the app-master.

The code in com.datatorrent.stram.StramClient.startApplication() needs to be enhanced to support
this functionality.  The App master launch context is set 

    // Set up the container launch context for the application master
    ContainerLaunchContext amContainer = Records.newRecord(ContainerLaunchContext.class);

and the resources to be sent to the app master are set here:

      // Set local resource info into app master container launch context

The new code will look at the command line options (or other context depending on how we implement
the user interface for the feature) and populate the localResources to include the 2 files
mentioned below. 

Stram needs the path to the Apex ssl-server.xml file and the path to apex custom keystore
file. The keystore password and key password are included in the ssl-server.xml file. We will
need to document the requirement/structure of apex  ssl-server.xml file.

was (Author: sanjaypujare):
Should follow

> Support distribution of custom SSL material to the Stram node while launch the app
> ----------------------------------------------------------------------------------
>                 Key: APEXCORE-712
>                 URL: https://issues.apache.org/jira/browse/APEXCORE-712
>             Project: Apache Apex Core
>          Issue Type: Improvement
>            Reporter: Sanjay M Pujare
>   Original Estimate: 168h
>  Remaining Estimate: 168h
> This JIRA is dependent on APEXCORE-711. APEXCORE-711 talks about using a custom SSL configuration
but assumes the SSL files (ssl-server.xml and the keystore) are already available on any cluster
node so when the Stram starts it is able to find them. There are cases where users don't want
to do this and they expect the Apex client to package these files so that they are copied
to the App master node so when Stram starts it will find them in the expected location.
> Enhance the Apex client/launcher to distribute the custom SSL files (XML and the keystore)
along with the application jars/resources so the user does not need to pre-distribute the
custom SSL files.

This message was sent by Atlassian JIRA

View raw message