[jira] [Commented] (HADOOP-15456) create base image for running secure ozone cluster

[Ajay Kumar (JIRA)]

    [ 
https://issues.apache.org/jira/browse/HADOOP-15456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16475005#comment-16475005
 ] 

Ajay Kumar commented on HADOOP-15456:
-------------------------------------

[~elek] thanks for reviewing this. My initial thoughts to have separate image 
of ozone security was to remove any dependency on hadoop-runner image. It will 
allow us to modify ozone image if required more freely but i am open to merging 
this with hadoop-runner branch for time being and fork it later if required.

{quote}As I see the only non compatible change between the existing 
apache/hadoop-runner and your base image is that you removed the 'USER hadoop'. 
Is there any reason for that?{quote}
{quote}Datanode needs to be started with root user. since it is for testing 
purpose only i think its ok to run with default user without doing sudo.
There are some commented out code in the starter.sh. (eg. keystore download). 
If we don't need the wire encryptiom yet, we can simply just remove those 
lines. Also there are other disabled lines (sleep, volume permission fix). I am 
just wondering if they ara intentional{quote}
Will remove them. 
{quote}You have a loop to wait for the KDC server. I really like it as it makes 
it more safe to start the kerberized containers. Just two note: The loop should 
be executed IMHO only if KERBEROS SERVER is set. + You can add the 'KDC' word 
to the print out in the else case to make it easier to understand that we are 
waiting for the KDC...{quote}
done
{quote}If it will be a shared runner image for both hadoop/hdds/hdfs/yarn, the 
readme should be adjusted a little.{quote}
I think its better to have separate image for hadoop and hdds but if we choose 
to have one i can update readme.

> create base image for running secure ozone cluster
> --------------------------------------------------
>
>                 Key: HADOOP-15456
>                 URL: https://issues.apache.org/jira/browse/HADOOP-15456
>             Project: Hadoop Common
>          Issue Type: Sub-task
>            Reporter: Ajay Kumar
>            Assignee: Ajay Kumar
>            Priority: Major
>         Attachments: HADOOP-15456-docker-hadoop-runner.001.patch, 
> secure-ozone.tar
>
>
> Create docker image to run secure ozone cluster.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org