Thanks Bobby. And as I mentioned earlier, I’m working on a Vagrant-based setup for creating a secure storm cluster (Kerberos, DNS, secure ZooKeeper, etc.) that should make it easier to setup and evaluate.
I hope to make that available in the next few days. - Taylor On May 21, 2014, at 12:14 PM, Bobby Evans <[email protected]> wrote: > I just put up the security branch > > https://github.com/apache/incubator-storm/tree/security > > And a pull request for the security branch > > https://github.com/apache/incubator-storm/pull/121 > > If others would like to play around with it that would be great the > SECURITY.md file has been updated with documentation on how to set it up. > If you run into any issues or areas where the documentation is unclear > please comment on the pull request and I will update it. I also plan to > keep it in sync with master as much as possible. > > - Bobby > > > On 5/16/14, 6:14 PM, "P. Taylor Goetz" <[email protected]> wrote: > >> Wow. ASF mail problems are still pretty pervasive. I got Derek's reply >> but never got Bobby's original email. >> >> Anyway I'm +1 for a branch and two weeks for review. >> >> This work is not trivial to test and evaluate. I've been working on a >> vagrant setup that has all the infrastructure needed to test this >> (Kerberos server, keytab files, DNS, etc.). I will make that available >> when it is complete, or at least workable. I can also make nightly builds >> of that branch available to facilitate evaluation. >> >> This is an important feature that a lot of companies are eager for. >> >> Many thanks to Bobby, Derek, Andy, and Yahoo for their willingness to >> contribute their work to the Storm community. >> >> -Taylor >> >> P.S. I'm CC'ing Bobby and Derek in case this doesn't make it through to >> the list. Please forward to the list if you don't receive it through that >> channel. >> >> >>> On May 16, 2014, at 5:18 PM, Derek Dagit <[email protected]> wrote: >>> >>> +1 for the branch >>> >>> I agree that at least two weeks should be given, considering the size >>> of the changes. >>> >>> Hopefully there would be more than two +1's before merging the branch >>> to master. >>> >>> -- >>> Derek >>> >>>> On 5/12/14, 10:56, Bobby Evans wrote: >>>> Originally I had planned to push the security features that we have >>>> been working on back into storm piece meal through many different JIRA >>>> linked under https://issues.apache.org/jira/browse/STORM-216. >>>> >>>> This is proving to be rather difficult because the core of the changes >>>> were written quite a while ago, and pulling them back apart after up >>>> merging is a time consuming task. I propose instead a feature branch >>>> in the main storm repository. I would initially create the branch >>>> based on an up merged version of what is currently under >>>> >>>> https://github.com/yahoo/incubator-storm/tree/security >>>> >>>> The branch would only be merged back into master after 2 +1¹s from >>>> committers, with my vote not counting as the ³author", like any other >>>> pull request. However, because of its size and complexity I would >>>> expect leave it up for a minimum of 2 weeks. I am very flexible on >>>> this if other feel they want more time or more commuters to sign off of >>>> it. Alternatively I could do one really large pull request if that is >>>> preferable to a feature branch. >>>> >>>> - Bobby
signature.asc
Description: Message signed with OpenPGP using GPGMail
