[
https://issues.apache.org/jira/browse/FLINK-12130?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17243067#comment-17243067
]
lingyajia commented on FLINK-12130:
-----------------------------------
[~victor-wong] i build FLINK-12130-DEV branch , run . /bin/flink run -m
yarn-cluster -p 4 -yjm 4096m -ytm 4096m -yat rts_service -ynm t1 -yD
security.kerberos.login.keytab=/home/key_tab/admin_mxw_keytab.keytab -yD
security.kerberos.login.principal=admin/[email protected]
./examples/batch/WordCount.jar , it work (y)
> Apply command line options to configuration before installing security modules
> ------------------------------------------------------------------------------
>
> Key: FLINK-12130
> URL: https://issues.apache.org/jira/browse/FLINK-12130
> Project: Flink
> Issue Type: Improvement
> Components: Command Line Client
> Reporter: Victor Wong
> Assignee: Victor Wong
> Priority: Major
> Labels: pull-request-available
>
> Currently if the user configures Kerberos credentials through command line,
> it won't work.
> {code:java}
> // flink run -m yarn-cluster -yD
> security.kerberos.login.keytab=/path/to/keytab -yD
> security.kerberos.login.principal=xxx /path/to/test.jar
> {code}
> Above command would cause security failure if you do not have a ticket cache
> w/ kinit.
> Maybe we could call
> _org.apache.flink.client.cli.AbstractCustomCommandLine#applyCommandLineOptionsToConfiguration_
> before _SecurityUtils.install(new
> SecurityConfiguration(cli.configuration));_
> Here is a demo patch:
> [https://github.com/jiasheng55/flink/commit/ef6880dba8a1f36849f5d1bb308405c421b29986]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
