That is an interesting point. I'm not sure that I see this file as such a canonical artifact as you do. It has always been assumed that it would have to be possible to derive the topology from any number of other formats. Cluster topology as seen by Ambari as an example.
Admins would have to explicitly indicate that it should be rewritten - so it would be doing exactly and only what they indicate. There is nothing keeping an admin from using this mechanism in a non-production environment as a master gateway instance and then propagating the results to production instances - topology files and credential stores. In this case, nothing would need to be rewritten. We could also introduce another stage to deployment where an admin stages a topology that needs to be transformed in deployments as "sandbox.xxx" with some extension that indicates it can't be deployed alone. The deployment machinery can process it, write the actual topology file and delete the temp one. I do believe that there will be a need for additional tooling at some point. I could see this tooling manifest as a few different options: REST service, cmdline, server startup mode, etc. I guess the question becomes whether we want to create a new Jira for rewriting clear text passwords in config files and defer this general tooling jira until later when we know more about the HA requirements and keystore locations. Which is the biggest question mark in my mind right now. On Tue, Dec 10, 2013 at 5:06 PM, Dilli Arumugam (JIRA) <[email protected]>wrote: > > [ > https://issues.apache.org/jira/browse/KNOX-105?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13844728#comment-13844728] > > Dilli Arumugam commented on KNOX-105: > ------------------------------------- > > Topology file is provided by an admin. Right? > I think gateway server should not modify the topology file. > > > Command line tooling for CMF provisioning > > ----------------------------------------- > > > > Key: KNOX-105 > > URL: https://issues.apache.org/jira/browse/KNOX-105 > > Project: Apache Knox > > Issue Type: Bug > > Components: Server > > Affects Versions: 0.3.0 > > Reporter: Larry McCay > > Assignee: Larry McCay > > Fix For: 0.4.0 > > > > > > We need to be able to create CMF artifacts that can be provisioned to an > installation and discovered on startup. This will include: master secret > file, credential and key stores. Initial deliverable needs to address > master file. This will allow cluster provisioning to discover a master > secret without a need for a console for the user to provide one. The rest > of the artifacts can be generated at runtime for dev/test environments. > Subsequently, we will need the key and credential stores for production > environment discovery. > > > > -- > This message was sent by Atlassian JIRA > (v6.1.4#6159) >
