[
https://issues.apache.org/jira/browse/BIGTOP-1670?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14345468#comment-14345468
]
Michael Weiser commented on BIGTOP-1670:
----------------------------------------
That's exactly the reason why I made the use of trocla an optional
functionality that is disabled by default. Only after
hadoop::common_hdfs::generate_secrets has been explicitly set to true all of
this is necessary. If not, the secret can and must be supplied using
hadoop::common_hdfs::hadoop_http_authentication_signature_secret as with all
the other secrets. We could even have an insecure default value in the code for
it, if we wanted (I wouldn't). So puppet apply will still work if you provide
the password e.g. via hiera. Should I try to more clearly reflect that default
behaviour in the README?
Also, I am actively trying to get trocla and puppet-module-trocla packages into
Debian. They already have all the dependencies as binary packages so that the
whole installation process comes down to "apt-get install
puppet-module-duritong-trocla".
> puppet: Support Kerberos authentication on Hadoop component web GUIs
> --------------------------------------------------------------------
>
> Key: BIGTOP-1670
> URL: https://issues.apache.org/jira/browse/BIGTOP-1670
> Project: Bigtop
> Issue Type: Improvement
> Components: deployment
> Affects Versions: 0.8.0
> Reporter: Michael Weiser
> Assignee: Michael Weiser
> Fix For: 0.9.0
>
> Attachments:
> 0001-BIGTOP-1670-puppet-Support-Kerberos-authentication-o-2.patch,
> 0001-BIGTOP-1670-puppet-Support-Kerberos-authentication-o-3.patch,
> 0001-BIGTOP-1670-puppet-Support-Kerberos-authentication-o.patch
>
>
> Support configuration of Kerberos authentication on Hadoop component web
> GUIs. Also introduce support for trocla for randomly generating secrets that
> are stored on the master, don't change after creation and can be the same
> across hosts.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
