aurora-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wfar...@apache.org
Subject aurora git commit: Add flag to set FrameworkInfo.principal
Date Thu, 17 Dec 2015 22:36:16 GMT
Repository: aurora
Updated Branches:
  refs/heads/master 3c33f663f -> 1b0ce86cf


Add flag to set FrameworkInfo.principal

Bugs closed: AURORA-687

Reviewed at https://reviews.apache.org/r/41525/


Project: http://git-wip-us.apache.org/repos/asf/aurora/repo
Commit: http://git-wip-us.apache.org/repos/asf/aurora/commit/1b0ce86c
Tree: http://git-wip-us.apache.org/repos/asf/aurora/tree/1b0ce86c
Diff: http://git-wip-us.apache.org/repos/asf/aurora/diff/1b0ce86c

Branch: refs/heads/master
Commit: 1b0ce86cfaae07275c83f79819baf641952617c8
Parents: 3c33f66
Author: R.B. Boyer <arebee@nexusvector.net>
Authored: Thu Dec 17 14:36:11 2015 -0800
Committer: Bill Farner <wfarner@apache.org>
Committed: Thu Dec 17 14:36:11 2015 -0800

----------------------------------------------------------------------
 NEWS                                            |  2 ++
 .../mesos/CommandLineDriverSettingsModule.java  | 19 ++++++++++++-
 .../CommandLineDriverSettingsModuleTest.java    | 28 ++++++++++++++++++++
 3 files changed, 48 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/aurora/blob/1b0ce86c/NEWS
----------------------------------------------------------------------
diff --git a/NEWS b/NEWS
index 066925e..79d8668 100644
--- a/NEWS
+++ b/NEWS
@@ -19,6 +19,8 @@
 - Log rotation has been added to the thermos runner. See the configuration reference for
details
   on how configure rotation per-process. Command line options may also be passed through
the
   scheduler in order to configure the global default behavior.
+- Added a new scheduler flag 'framework_announce_principal' to support use of authorization
and
+  rate limiting in Mesos.
 
 0.10.0
 ------

http://git-wip-us.apache.org/repos/asf/aurora/blob/1b0ce86c/src/main/java/org/apache/aurora/scheduler/mesos/CommandLineDriverSettingsModule.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/aurora/scheduler/mesos/CommandLineDriverSettingsModule.java
b/src/main/java/org/apache/aurora/scheduler/mesos/CommandLineDriverSettingsModule.java
index 68aeda1..5c6f6a4 100644
--- a/src/main/java/org/apache/aurora/scheduler/mesos/CommandLineDriverSettingsModule.java
+++ b/src/main/java/org/apache/aurora/scheduler/mesos/CommandLineDriverSettingsModule.java
@@ -68,6 +68,13 @@ public class CommandLineDriverSettingsModule extends AbstractModule {
   private static final Arg<Amount<Long, Time>> FRAMEWORK_FAILOVER_TIMEOUT =
       Arg.create(Amount.of(21L, Time.DAYS));
 
+  @CmdLine(name = "framework_announce_principal",
+      help = "When 'framework_authentication_file' flag is set, the FrameworkInfo "
+          + "registered with the mesos master will also contain the principal. This is "
+          + "necessary if you intend to use mesos authorization via mesos ACLs. "
+          + "The default will change in a future release.")
+  private static final Arg<Boolean> FRAMEWORK_ANNOUNCE_PRINCIPAL = Arg.create(false);
+
   @CmdLine(name = "executor_user",
       help = "User to start the executor. Defaults to \"root\". "
           + "Set this to an unprivileged user if the mesos master was started with "
@@ -86,11 +93,17 @@ public class CommandLineDriverSettingsModule extends AbstractModule {
 
   @Override
   protected void configure() {
+    Optional<Protos.Credential> credentials = getCredentials();
+    Optional<String> principal = Optional.absent();
+    if (FRAMEWORK_ANNOUNCE_PRINCIPAL.get() && credentials.isPresent()) {
+      principal = Optional.of(credentials.get().getPrincipal());
+    }
     DriverSettings settings = new DriverSettings(
         MESOS_MASTER_ADDRESS.get(),
-        getCredentials(),
+        credentials,
         buildFrameworkInfo(
             EXECUTOR_USER.get(),
+            principal,
             FRAMEWORK_FAILOVER_TIMEOUT.get(),
             RECEIVE_REVOCABLE_RESOURCES.get()));
     bind(DriverSettings.class).toInstance(settings);
@@ -121,6 +134,7 @@ public class CommandLineDriverSettingsModule extends AbstractModule {
   @VisibleForTesting
   static FrameworkInfo buildFrameworkInfo(
       String executorUser,
+      Optional<String> principal,
       Amount<Long, Time> failoverTimeout,
       boolean revocable) {
 
@@ -130,6 +144,9 @@ public class CommandLineDriverSettingsModule extends AbstractModule {
             // Require slave checkpointing.  Assumes slaves have '--checkpoint=true' arg
set.
         .setCheckpoint(true)
         .setFailoverTimeout(failoverTimeout.as(Time.SECONDS));
+    if (principal.isPresent()) {
+      infoBuilder.setPrincipal(principal.get());
+    }
 
     if (revocable) {
       infoBuilder.addCapabilities(Capability.newBuilder().setType(REVOCABLE_RESOURCES));

http://git-wip-us.apache.org/repos/asf/aurora/blob/1b0ce86c/src/test/java/org/apache/aurora/scheduler/mesos/CommandLineDriverSettingsModuleTest.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/aurora/scheduler/mesos/CommandLineDriverSettingsModuleTest.java
b/src/test/java/org/apache/aurora/scheduler/mesos/CommandLineDriverSettingsModuleTest.java
index 513391f..33149ab 100644
--- a/src/test/java/org/apache/aurora/scheduler/mesos/CommandLineDriverSettingsModuleTest.java
+++ b/src/test/java/org/apache/aurora/scheduler/mesos/CommandLineDriverSettingsModuleTest.java
@@ -18,6 +18,7 @@ import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.util.Properties;
 
+import com.google.common.base.Optional;
 import com.google.common.base.Throwables;
 
 import org.apache.aurora.common.quantity.Amount;
@@ -69,8 +70,10 @@ public class CommandLineDriverSettingsModuleTest {
   public void testFrameworkInfoNoRevocable() {
     Protos.FrameworkInfo info = CommandLineDriverSettingsModule.buildFrameworkInfo(
         "user",
+        Optional.absent(),
         Amount.of(1L, Time.MINUTES),
         false);
+    assertEquals("", info.getPrincipal());
     assertEquals(0, info.getCapabilitiesCount());
   }
 
@@ -78,8 +81,33 @@ public class CommandLineDriverSettingsModuleTest {
   public void testFrameworkInfoRevocable() {
     Protos.FrameworkInfo info = CommandLineDriverSettingsModule.buildFrameworkInfo(
         "user",
+        Optional.absent(),
         Amount.of(1L, Time.MINUTES),
         true);
+    assertEquals("", info.getPrincipal());
+    assertEquals(1, info.getCapabilitiesCount());
+    assertEquals(REVOCABLE_RESOURCES, info.getCapabilities(0).getType());
+  }
+
+  @Test
+  public void testFrameworkInfoNoRevocableWithAnnouncedPrincipal() {
+    Protos.FrameworkInfo info = CommandLineDriverSettingsModule.buildFrameworkInfo(
+        "user",
+        Optional.of("auroraprincipal"),
+        Amount.of(1L, Time.MINUTES),
+        false);
+    assertEquals("auroraprincipal", info.getPrincipal());
+    assertEquals(0, info.getCapabilitiesCount());
+  }
+
+  @Test
+  public void testFrameworkInfoRevocableWithAnnouncedPrincipal() {
+    Protos.FrameworkInfo info = CommandLineDriverSettingsModule.buildFrameworkInfo(
+        "user",
+            Optional.of("auroraprincipal"),
+        Amount.of(1L, Time.MINUTES),
+        true);
+    assertEquals("auroraprincipal", info.getPrincipal());
     assertEquals(1, info.getCapabilitiesCount());
     assertEquals(REVOCABLE_RESOURCES, info.getCapabilities(0).getType());
   }


Mime
View raw message