[jira] [Commented] (FLINK-5091) Formalize the AppMaster environment for docker compability

[ASF GitHub Bot (JIRA)]

    [ 
https://issues.apache.org/jira/browse/FLINK-5091?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15715491#comment-15715491
 ] 

ASF GitHub Bot commented on FLINK-5091:
---------------------------------------

Github user mxm commented on a diff in the pull request:

    https://github.com/apache/flink/pull/2915#discussion_r90664938
  
    --- Diff: 
flink-runtime/src/main/java/org/apache/flink/runtime/clusterframework/overlays/SSLStoreOverlay.java
 ---
    @@ -0,0 +1,124 @@
    +/*
    + * Licensed to the Apache Software Foundation (ASF) under one
    + * or more contributor license agreements.  See the NOTICE file
    + * distributed with this work for additional information
    + * regarding copyright ownership.  The ASF licenses this file
    + * to you under the Apache License, Version 2.0 (the
    + * "License"); you may not use this file except in compliance
    + * with the License.  You may obtain a copy of the License at
    + *
    + *     http://www.apache.org/licenses/LICENSE-2.0
    + *
    + * Unless required by applicable law or agreed to in writing, software
    + * distributed under the License is distributed on an "AS IS" BASIS,
    + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    + * See the License for the specific language governing permissions and
    + * limitations under the License.
    + */
    +
    +package org.apache.flink.runtime.clusterframework.overlays;
    +
    +import org.apache.flink.configuration.ConfigConstants;
    +import org.apache.flink.configuration.Configuration;
    +import org.apache.flink.core.fs.Path;
    +import org.apache.flink.runtime.clusterframework.ContainerSpecification;
    +import org.slf4j.Logger;
    +import org.slf4j.LoggerFactory;
    +
    +import javax.annotation.Nullable;
    +import java.io.File;
    +import java.io.IOException;
    +
    +
    +/**
    + * Overlays an SSL keystore/truststore into a container.
    + *
    + * The following files are placed into the container:
    + *  - keystore.jks
    + *  - truststore.jks
    + *
    + * The following Flink configuration entries are set:
    + *  - security.ssl.keystore
    + *  - security.ssl.truststore
    + */
    +public class SSLStoreOverlay extends AbstractContainerOverlay {
    +
    +   private static final Logger LOG = 
LoggerFactory.getLogger(SSLStoreOverlay.class);
    +
    +   static final Path TARGET_KEYSTORE_PATH = new Path("keystore.jks");
    +   static final Path TARGET_TRUSTSTORE_PATH = new Path("truststore.jks");
    +
    +   final Path keystore;
    +   final Path truststore;
    +
    +   public SSLStoreOverlay(@Nullable File keystoreFile, @Nullable File 
truststoreFile) {
    +           this.keystore = keystoreFile != null ? new 
Path(keystoreFile.toURI()) : null;
    +           this.truststore = truststoreFile != null ? new 
Path(truststoreFile.toURI()) : null;
    +   }
    +
    +   @Override
    +   public void configure(ContainerSpecification container) throws 
IOException {
    +           if(keystore != null) {
    +                   
container.getArtifacts().add(ContainerSpecification.Artifact.newBuilder()
    +                           .setSource(keystore)
    +                           .setDest(TARGET_KEYSTORE_PATH)
    +                           .setCachable(false)
    +                           .build());
    +                   
container.getDynamicConfiguration().setString(ConfigConstants.SECURITY_SSL_KEYSTORE,
 TARGET_KEYSTORE_PATH.getPath());
    +           }
    +           if(truststore != null) {
    +                   
container.getArtifacts().add(ContainerSpecification.Artifact.newBuilder()
    +                           .setSource(truststore)
    +                           .setDest(TARGET_TRUSTSTORE_PATH)
    +                           .setCachable(false)
    +                           .build());
    +                   
container.getDynamicConfiguration().setString(ConfigConstants.SECURITY_SSL_TRUSTSTORE,
 TARGET_TRUSTSTORE_PATH.getPath());
    +           }
    +   }
    +
    +   public static Builder newBuilder() {
    +           return new Builder();
    +   }
    +
    +   /**
    +    * A builder for the {@link Krb5ConfOverlay}.
    +    */
    +   public static class Builder {
    +
    +           File keystorePath;
    +
    +           File truststorePath;
    +
    +           /**
    +            * Configures the overlay using the current environment (and 
global configuration).
    +            *
    +            * The following Flink configuration settings are used to 
source the keystore and truststore:
    +            *  - security.ssl.keystore
    +            *  - security.ssl.truststore
    +         */
    --- End diff --
    
    indention is off here


> Formalize the AppMaster environment for docker compability
> ----------------------------------------------------------
>
>                 Key: FLINK-5091
>                 URL: https://issues.apache.org/jira/browse/FLINK-5091
>             Project: Flink
>          Issue Type: Sub-task
>          Components: Cluster Management, Mesos
>            Reporter: Eron Wright 
>            Assignee: Eron Wright 
>             Fix For: 1.2.0
>
>
> For scenarios where the AppMaster is launched from a docker image, it would 
> be ideal to use the installed Flink rather than rely on a special file layout 
> in the sandbox directory.
> This is related to DCOS integration, which (in 1.2) will launch the AppMaster 
> via Marathon (as a top-level DCOS service).  The existing code assumed that 
> only the dispatcher (coming in 1.3) would launch the AppMaster.  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)