-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74047/
-----------------------------------------------------------
(Updated July 7, 2022, 7:21 a.m.)
Review request for atlas, Jayendra Parab, Mandar Ambawane, Radhika Kundam, and
Sidharth Mishra.
Changes
-------
added document
Bugs: ATLAS-4558
https://issues.apache.org/jira/browse/ATLAS-4558
Repository: atlas
Description
-------
**Issue :** When tls is enabled, while running atlasrepair tool, it couldn't
connect to solr because it is unable to find valid certification
**Fix :** By creating SSLContext
**Steps :**
If Kerberos is enabled,
- kinit -kt /etc/security/keytabs/atlas.service.keytab atlas/fqdn@DOMAIN
- Add below to DEFAULT_JVM_OPTS in repair_index.py
-Djavax.security.auth.useSubjectCredsOnly=false
-Djava.security.auth.login.config=atlas_jaas.conf
If SSL is enabled, we need to make sure Solr cert or RootCA certificate is
added hence use below atlas-application properties
- keystore.file <path to keystore jks file>
- truststore.file <path to truststore jks file>
- cert.stores.credential.provider.path <path to jceks file>
Diffs (updated)
-----
docs/src/documents/Tools/AtlasRepairIndex.md 416d58a89
intg/src/main/java/org/apache/atlas/utils/SSLUtil.java PRE-CREATION
tools/atlas-index-repair/src/main/java/org/apache/atlas/tools/RepairIndex.java
37565188e
Diff: https://reviews.apache.org/r/74047/diff/2/
Changes: https://reviews.apache.org/r/74047/diff/1-2/
Testing
-------
Manually tested on SSL enabled cluster
Thanks,
Pinal Shah
