IGNITE-4052 Add ability to set up users for MESOS. Signed-off-by: nikolay_tikhonov <[email protected]>
Project: http://git-wip-us.apache.org/repos/asf/ignite/repo Commit: http://git-wip-us.apache.org/repos/asf/ignite/commit/7db2d63e Tree: http://git-wip-us.apache.org/repos/asf/ignite/tree/7db2d63e Diff: http://git-wip-us.apache.org/repos/asf/ignite/diff/7db2d63e Branch: refs/heads/ignite-5075 Commit: 7db2d63efc4e4e8100dd7c7d9ff4be5503b689a2 Parents: 402154c Author: vadopolski <[email protected]> Authored: Thu Apr 27 19:21:01 2017 +0300 Committer: nikolay_tikhonov <[email protected]> Committed: Thu Apr 27 19:21:01 2017 +0300 ---------------------------------------------------------------------- .../apache/ignite/mesos/IgniteFramework.java | 111 ++++++++++++++----- .../ignite/mesos/IgniteSchedulerSelfTest.java | 39 ++++++- 2 files changed, 123 insertions(+), 27 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ignite/blob/7db2d63e/modules/mesos/src/main/java/org/apache/ignite/mesos/IgniteFramework.java ---------------------------------------------------------------------- diff --git a/modules/mesos/src/main/java/org/apache/ignite/mesos/IgniteFramework.java b/modules/mesos/src/main/java/org/apache/ignite/mesos/IgniteFramework.java index 6054302..451d870 100644 --- a/modules/mesos/src/main/java/org/apache/ignite/mesos/IgniteFramework.java +++ b/modules/mesos/src/main/java/org/apache/ignite/mesos/IgniteFramework.java @@ -38,6 +38,24 @@ public class IgniteFramework { /** Framework name. */ private static final String IGNITE_FRAMEWORK_NAME = "Ignite"; + /** MESOS system environment name */ + private static final String MESOS_USER_NAME = "MESOS_USER"; + + /** MESOS system environment role */ + private static final String MESOS_ROLE = "MESOS_ROLE"; + + /** */ + private static final String MESOS_AUTHENTICATE = "MESOS_AUTHENTICATE"; + + /** */ + private static final String DEFAULT_PRINCIPAL = "DEFAULT_PRINCIPAL"; + + /** */ + private static final String DEFAULT_SECRET = "DEFAULT_SECRET"; + + /** */ + private static final String MESOS_CHECKPOINT = "MESOS_CHECKPOINT"; + /** * Main methods has only one optional parameter - path to properties files. * @@ -45,19 +63,7 @@ public class IgniteFramework { * @throws Exception If failed. */ public static void main(String[] args) throws Exception { - final int frameworkFailoverTimeout = 0; - - // Have Mesos fill in the current user. - Protos.FrameworkInfo.Builder frameworkBuilder = Protos.FrameworkInfo.newBuilder() - .setName(IGNITE_FRAMEWORK_NAME) - .setUser("") - .setFailoverTimeout(frameworkFailoverTimeout); - - if (System.getenv("MESOS_CHECKPOINT") != null) { - log.info("Enabling checkpoint for the framework"); - - frameworkBuilder.setCheckpoint(true); - } + IgniteFramework igniteFramework = new IgniteFramework(); ClusterProperties clusterProps = ClusterProperties.from(args.length >= 1 ? args[0] : null); @@ -82,36 +88,31 @@ public class IgniteFramework { // Create the driver. MesosSchedulerDriver driver; - if (System.getenv("MESOS_AUTHENTICATE") != null) { + if (System.getenv(MESOS_AUTHENTICATE) != null) { log.info("Enabling authentication for the framework"); - if (System.getenv("DEFAULT_PRINCIPAL") == null) { + if (System.getenv(DEFAULT_PRINCIPAL) == null) { log.log(Level.SEVERE, "Expecting authentication principal in the environment"); System.exit(1); } - if (System.getenv("DEFAULT_SECRET") == null) { + if (System.getenv(DEFAULT_SECRET) == null) { log.log(Level.SEVERE, "Expecting authentication secret in the environment"); System.exit(1); } Protos.Credential cred = Protos.Credential.newBuilder() - .setPrincipal(System.getenv("DEFAULT_PRINCIPAL")) - .setSecret(ByteString.copyFrom(System.getenv("DEFAULT_SECRET").getBytes())) + .setPrincipal(System.getenv(DEFAULT_PRINCIPAL)) + .setSecret(ByteString.copyFrom(System.getenv(DEFAULT_SECRET).getBytes())) .build(); - frameworkBuilder.setPrincipal(System.getenv("DEFAULT_PRINCIPAL")); - - driver = new MesosSchedulerDriver(scheduler, frameworkBuilder.build(), clusterProps.masterUrl(), + driver = new MesosSchedulerDriver(scheduler, igniteFramework.getFrameworkInfo(), clusterProps.masterUrl(), cred); } - else { - frameworkBuilder.setPrincipal("ignite-framework-java"); - - driver = new MesosSchedulerDriver(scheduler, frameworkBuilder.build(), clusterProps.masterUrl()); - } + else + driver = new MesosSchedulerDriver(scheduler, igniteFramework.getFrameworkInfo(), clusterProps.masterUrl()); int status = driver.run() == Protos.Status.DRIVER_STOPPED ? 0 : 1; @@ -122,4 +123,62 @@ public class IgniteFramework { System.exit(status); } + + /** + * @return Mesos Protos FrameworkInfo. + */ + public Protos.FrameworkInfo getFrameworkInfo() throws Exception { + final int frameworkFailoverTimeout = 0; + + Protos.FrameworkInfo.Builder frameworkBuilder = Protos.FrameworkInfo.newBuilder() + .setName(IGNITE_FRAMEWORK_NAME) + .setUser(getUser()) + .setRole(getRole()) + .setFailoverTimeout(frameworkFailoverTimeout); + + if (System.getenv(MESOS_CHECKPOINT) != null) { + log.info("Enabling checkpoint for the framework"); + + frameworkBuilder.setCheckpoint(true); + } + + if (System.getenv(MESOS_AUTHENTICATE) != null) + frameworkBuilder.setPrincipal(System.getenv(DEFAULT_PRINCIPAL)); + else + frameworkBuilder.setPrincipal("ignite-framework-java"); + + return frameworkBuilder.build(); + } + + /** + * @return Mesos user name value. + */ + protected String getUser() { + String userName = System.getenv(MESOS_USER_NAME); + + return userName != null ? userName : ""; + } + + /** + * @return Mesos role value. + */ + protected String getRole() { + String mesosRole = System.getenv(MESOS_ROLE); + + return isRoleValid(mesosRole) ? mesosRole : "*"; + } + + /** + * @return Result of Mesos role validation. + */ + static boolean isRoleValid(String mRole) { + if (mRole == null || mRole.isEmpty() || mRole.equals(".") || mRole.equals("..") || + mRole.startsWith("-") || mRole.contains("/") || mRole.contains("\\") || mRole.contains(" ")) { + log.severe("Provided mesos role is not valid:" + mRole + + ". Mesos role should be a valid directory name."); + + return false; + } + return true; + } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ignite/blob/7db2d63e/modules/mesos/src/test/java/org/apache/ignite/mesos/IgniteSchedulerSelfTest.java ---------------------------------------------------------------------- diff --git a/modules/mesos/src/test/java/org/apache/ignite/mesos/IgniteSchedulerSelfTest.java b/modules/mesos/src/test/java/org/apache/ignite/mesos/IgniteSchedulerSelfTest.java index d4e7ecb..099daa2 100644 --- a/modules/mesos/src/test/java/org/apache/ignite/mesos/IgniteSchedulerSelfTest.java +++ b/modules/mesos/src/test/java/org/apache/ignite/mesos/IgniteSchedulerSelfTest.java @@ -17,6 +17,7 @@ package org.apache.ignite.mesos; +import java.util.Arrays; import java.util.Collection; import java.util.Collections; import java.util.List; @@ -111,7 +112,6 @@ public class IgniteSchedulerSelfTest extends TestCase { assertEquals(offer.getId(), declinedOffer); } - /** * @throws Exception If failed. */ @@ -302,6 +302,43 @@ public class IgniteSchedulerSelfTest extends TestCase { } /** + * @throws Exception If failed. + */ + public void testIgniteFramework() throws Exception { + final String mesosUserValue = "userAAAAA"; + final String mesosRoleValue = "role1"; + + IgniteFramework igniteFramework = new IgniteFramework() { + @Override protected String getUser() { + return mesosUserValue; + } + + @Override protected String getRole() { + return mesosRoleValue; + } + }; + + Protos.FrameworkInfo info = igniteFramework.getFrameworkInfo(); + + String actualUserValue = info.getUser(); + String actualRoleValue = info.getRole(); + + assertEquals(actualUserValue, mesosUserValue); + assertEquals(actualRoleValue, mesosRoleValue); + } + + /** + * @throws Exception If failed. + */ + public void testMesosRoleValidation() throws Exception { + List<String> failedRoleValues = Arrays.asList("", ".", "..", "-testRole", + "test/Role", "test\\Role", "test Role", null); + + for (String failedRoleValue : failedRoleValues) + assertFalse(IgniteFramework.isRoleValid(failedRoleValue)); + } + + /** * @param resourceType Resource type. * @return Value. */
