Repository: aurora Updated Branches: refs/heads/master a3f8aef6b -> b6e898b5e
End to end tests bugfix * Fixing kerberos end to end test. Previous version had it's signing key revoked resulting in the test failing. * Excluding kerberos unit file from being copied on provision as it's later copied and deleted by the end to end test. * Bypass leader redirect changed from upstart to systemd. This test wasn't being run because the kerberos test was failing. * Changing docker image to slim-stretch in docker aurora tests to address AURORA-1974. * Added daemon-reload to aurorabuild whenever the daemons are restarted. Bugs closed: AURORA-1974 Reviewed at https://reviews.apache.org/r/66269/ Project: http://git-wip-us.apache.org/repos/asf/aurora/repo Commit: http://git-wip-us.apache.org/repos/asf/aurora/commit/b6e898b5 Tree: http://git-wip-us.apache.org/repos/asf/aurora/tree/b6e898b5 Diff: http://git-wip-us.apache.org/repos/asf/aurora/diff/b6e898b5 Branch: refs/heads/master Commit: b6e898b5e9f70b13db42db366b6d98c5baadcb57 Parents: a3f8aef Author: Renan DelValle <[email protected]> Authored: Tue Mar 27 14:12:16 2018 -0700 Committer: Renan DelValle <[email protected]> Committed: Tue Mar 27 14:12:16 2018 -0700 ---------------------------------------------------------------------- examples/jobs/hello_docker_engine.aurora | 4 +-- examples/jobs/hello_docker_image.aurora | 2 +- examples/vagrant/aurorabuild.sh | 4 +-- examples/vagrant/provision-dev-cluster.sh | 4 +-- .../systemd/aurora-scheduler-kerberos.service | 5 ++-- .../test_bypass_leader_redirect_end_to_end.sh | 6 ++-- .../aurora/e2e/test_kerberos_end_to_end.sh | 30 ++++++++++---------- 7 files changed, 28 insertions(+), 27 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/aurora/blob/b6e898b5/examples/jobs/hello_docker_engine.aurora ---------------------------------------------------------------------- diff --git a/examples/jobs/hello_docker_engine.aurora b/examples/jobs/hello_docker_engine.aurora index 99d99a2..69658a5 100644 --- a/examples/jobs/hello_docker_engine.aurora +++ b/examples/jobs/hello_docker_engine.aurora @@ -34,7 +34,7 @@ jobs = [ role = 'www-data', name = 'hello_docker_engine', task = task, - container = Docker(image = 'python:2.7') + container = Docker(image = 'python:2.7-slim-stretch') ), Service( cluster = 'devcluster', @@ -42,6 +42,6 @@ jobs = [ role = 'www-data', name = 'hello_docker_engine_binding', task = task, - container = Docker(image = '{{docker.image[library/python][2.7]}}') + container = Docker(image = '{{docker.image[library/python][2.7-slim-stretch]}}') ) ] http://git-wip-us.apache.org/repos/asf/aurora/blob/b6e898b5/examples/jobs/hello_docker_image.aurora ---------------------------------------------------------------------- diff --git a/examples/jobs/hello_docker_image.aurora b/examples/jobs/hello_docker_image.aurora index 049a147..2d0abb3 100644 --- a/examples/jobs/hello_docker_image.aurora +++ b/examples/jobs/hello_docker_image.aurora @@ -34,7 +34,7 @@ jobs = [ role = 'www-data', name = 'hello_docker_image', task = task, - container = Mesos(image=DockerImage(name='debian', tag='stretch')) + container = Mesos(image=DockerImage(name='debian', tag='slim-stretch')) ) ] http://git-wip-us.apache.org/repos/asf/aurora/blob/b6e898b5/examples/vagrant/aurorabuild.sh ---------------------------------------------------------------------- diff --git a/examples/vagrant/aurorabuild.sh b/examples/vagrant/aurorabuild.sh index c39388f..d6ae556 100755 --- a/examples/vagrant/aurorabuild.sh +++ b/examples/vagrant/aurorabuild.sh @@ -54,7 +54,7 @@ function build_scheduler { else echo "Replicated log initialization failed with code $? (likely already initialized)." fi - sudo systemctl restart aurora-scheduler + sudo systemctl daemon-reload && sudo systemctl restart aurora-scheduler } function build_executor { @@ -71,7 +71,7 @@ function build_observer { ./pants binary src/main/python/apache/aurora/tools:thermos_observer ./pants binary src/main/python/apache/aurora/tools:thermos sudo ln -sf $DIST_DIR/thermos.pex /usr/local/bin/thermos - sudo systemctl restart thermos + sudo systemctl daemon-reload && sudo systemctl restart thermos } function build_all { http://git-wip-us.apache.org/repos/asf/aurora/blob/b6e898b5/examples/vagrant/provision-dev-cluster.sh ---------------------------------------------------------------------- diff --git a/examples/vagrant/provision-dev-cluster.sh b/examples/vagrant/provision-dev-cluster.sh index fe3281f..89c716c 100755 --- a/examples/vagrant/provision-dev-cluster.sh +++ b/examples/vagrant/provision-dev-cluster.sh @@ -86,7 +86,7 @@ function prepare_sources { systemctl start mesos-master systemctl start mesos-slave - sudo cp /vagrant/examples/vagrant/systemd/*.service /etc/systemd/system + sudo cp /vagrant/examples/vagrant/systemd/{aurora-scheduler,thermos}.service /etc/systemd/system cat > /usr/local/bin/update-sources <<EOF #!/bin/bash rsync -urzvhl /vagrant/ /home/vagrant/aurora \ @@ -95,7 +95,7 @@ rsync -urzvhl /vagrant/ /home/vagrant/aurora \ --exclude=/third_party \ --delete # Install/update the upstart configurations. -sudo cp /vagrant/examples/vagrant/systemd/*.service /etc/systemd/system +sudo cp /vagrant/examples/vagrant/systemd/{aurora-scheduler,thermos}.service /etc/systemd/system EOF chmod +x /usr/local/bin/update-sources update-sources > /dev/null http://git-wip-us.apache.org/repos/asf/aurora/blob/b6e898b5/examples/vagrant/systemd/aurora-scheduler-kerberos.service ---------------------------------------------------------------------- diff --git a/examples/vagrant/systemd/aurora-scheduler-kerberos.service b/examples/vagrant/systemd/aurora-scheduler-kerberos.service index 10e4f2c..9a717bc 100644 --- a/examples/vagrant/systemd/aurora-scheduler-kerberos.service +++ b/examples/vagrant/systemd/aurora-scheduler-kerberos.service @@ -22,6 +22,7 @@ Environment="LIBPROCESS_PORT=8083" Environment="LIBPROCESS_IP=192.168.33.7" Environment="MESOS_NATIVE_JAVA_LIBRARY=/usr/lib/libmesos.so" Environment="DIST_DIR=/home/vagrant/aurora/dist" +Environment="KRB5_MAJOR_MINOR=1.16" # Identifier for rsyslog redirect (see `install_rsyslog_config` in `provision-dev-cluster.sh`). SyslogIdentifier=aurora-scheduler @@ -30,7 +31,7 @@ SyslogIdentifier=aurora-scheduler Environment="JAVA_OPTS='-Djava.library.path=/usr/lib \ -Xdebug \ -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 \ - -Djava.security.krb5.conf=/home/vagrant/src/krb5-1.13.1/build/testdir/krb5.conf \ + -Djava.security.krb5.conf=/home/vagrant/src/krb5-${KRB5_MAJOR_MINOR}/build/testdir/krb5.conf \ -Dsun.security.krb5.debug=true \ -Dsun.security.jgss.debug=true \ -Djavax.net.debug=all'" @@ -52,7 +53,7 @@ ExecStart=/home/vagrant/aurora/dist/install/aurora-scheduler/bin/aurora-schedule -shiro_realm_modules=KERBEROS5_AUTHN,INI_AUTHNZ \ -shiro_ini_path=/home/vagrant/aurora/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-example.ini \ -http_authentication_mechanism=NEGOTIATE \ - -kerberos_server_keytab=/home/vagrant/krb5-1.13.1/build/testdir/HTTP-aurora.local.keytab \ + -kerberos_server_keytab=/home/vagrant/krb5-${KRB5_MAJOR_MINOR}/build/testdir/HTTP-aurora.local.keytab \ -kerberos_server_principal=HTTP/[email protected] \ -tier_config=/home/vagrant/aurora/src/main/resources/org/apache/aurora/scheduler/tiers.json \ -offer_filter_duration=0secs http://git-wip-us.apache.org/repos/asf/aurora/blob/b6e898b5/src/test/sh/org/apache/aurora/e2e/test_bypass_leader_redirect_end_to_end.sh ---------------------------------------------------------------------- diff --git a/src/test/sh/org/apache/aurora/e2e/test_bypass_leader_redirect_end_to_end.sh b/src/test/sh/org/apache/aurora/e2e/test_bypass_leader_redirect_end_to_end.sh index 5c0f12b..f9a6c07 100755 --- a/src/test/sh/org/apache/aurora/e2e/test_bypass_leader_redirect_end_to_end.sh +++ b/src/test/sh/org/apache/aurora/e2e/test_bypass_leader_redirect_end_to_end.sh @@ -31,8 +31,8 @@ function await_scheduler_ready { function setup { aurorabuild all sudo cp /vagrant/examples/vagrant/clusters_direct.json /etc/aurora/clusters.json - sudo stop mesos-master || true - sudo restart aurora-scheduler + sudo systemctl stop mesos-master || true + sudo systemctl restart aurora-scheduler await_scheduler_ready } @@ -43,7 +43,7 @@ function test_bypass_leader_redirect { function tear_down { local retcode=$1 sudo cp /vagrant/examples/vagrant/clusters.json /etc/aurora/clusters.json - sudo start mesos-master || true + sudo systemctl start mesos-master || true if [[ $retcode -ne 0 ]]; then echo echo '!!! FAILED' http://git-wip-us.apache.org/repos/asf/aurora/blob/b6e898b5/src/test/sh/org/apache/aurora/e2e/test_kerberos_end_to_end.sh ---------------------------------------------------------------------- diff --git a/src/test/sh/org/apache/aurora/e2e/test_kerberos_end_to_end.sh b/src/test/sh/org/apache/aurora/e2e/test_kerberos_end_to_end.sh index 646c213..32cb870 100755 --- a/src/test/sh/org/apache/aurora/e2e/test_kerberos_end_to_end.sh +++ b/src/test/sh/org/apache/aurora/e2e/test_kerberos_end_to_end.sh @@ -16,12 +16,11 @@ # An integration test for the client, using the vagrant environment as a testbed. set -eux -readonly KRB5_MAJOR_MINOR=1.13 -readonly KRB5_VERSION=1.13.1 +readonly KRB5_MAJOR_MINOR=1.16 +readonly KRB5_VERSION=1.16 readonly KRB5_URL_BASE=http://web.mit.edu/kerberos/dist/krb5/ -readonly KRB5_SIGNED_TARBALL=krb5-$KRB5_VERSION-signed.tar -readonly KRB5_TARBALL=krb5-$KRB5_VERSION.tar.gz -readonly KRB5_KEY_ID=0x749D7889 +readonly KRB5_TARBALL=krb5-$KRB5_MAJOR_MINOR.tar.gz +readonly KRB5_KEY_IDS=(5F8372DF 253AAB87 0055C305) readonly SCHEDULER_HOSTNAME=aurora.local function enter_vagrant { @@ -30,9 +29,9 @@ function enter_vagrant { function enter_testrealm { cd $HOME - [[ -f $KRB5_SIGNED_TARBALL ]] || wget "$KRB5_URL_BASE/$KRB5_MAJOR_MINOR/$KRB5_SIGNED_TARBALL" - [[ -f $KRB5_TARBALL.asc ]] || tar xvf $KRB5_SIGNED_TARBALL - gpg --list-keys $KRB5_KEY_ID &>/dev/null || gpg --keyserver pgp.mit.edu --recv-keys $KRB5_KEY_ID + [[ -f $KRB5_TARBALL ]] || wget "$KRB5_URL_BASE/$KRB5_VERSION/$KRB5_TARBALL" + [[ -f $KRB5_TARBALL.asc ]] || wget "$KRB5_URL_BASE/$KRB5_VERSION/$KRB5_TARBALL.asc" + gpg --list-keys ${KRB5_KEY_IDS[@]} &>/dev/null || gpg --keyserver pgp.mit.edu --recv-keys ${KRB5_KEY_IDS[@]} gpg --verify $KRB5_TARBALL.asc [[ -d `basename $KRB5_TARBALL .tar.gz` ]] || tar zxvf $KRB5_TARBALL cd `basename $KRB5_TARBALL .tar.gz` @@ -70,10 +69,11 @@ function setup { EOF aurorabuild all - sudo cp /vagrant/examples/vagrant/upstart/aurora-scheduler-kerberos.conf \ - /etc/init/aurora-scheduler-kerberos.conf - sudo stop aurora-scheduler || true - sudo start aurora-scheduler-kerberos + sudo cp /vagrant/examples/vagrant/systemd/aurora-scheduler-kerberos.service \ + /etc/systemd/system/aurora-scheduler-kerberos.service + sudo systemctl stop aurora-scheduler || true + sudo systemctl daemon-reload + sudo systemctl start aurora-scheduler-kerberos await_scheduler_ready kadmin.local -q "addprinc -randkey HTTP/$SCHEDULER_HOSTNAME" @@ -117,9 +117,9 @@ function test_clients { function tear_down { local retcode=$1 sudo cp /vagrant/examples/vagrant/clusters.json /etc/aurora/clusters.json - sudo stop aurora-scheduler-kerberos || true - sudo rm -f /etc/init/aurora-scheduler-kerberos.conf - sudo start aurora-scheduler || true + sudo systemctl stop aurora-scheduler-kerberos || true + sudo rm -f /etc/systemd/system/aurora-scheduler-kerberos.service + sudo systemctl start aurora-scheduler || true if [[ $retcode -ne 0 ]]; then echo echo '!!! FAILED'
