[jira] [Resolved] (AURORA-1104) Upgrade to pants 0.0.28
[ https://issues.apache.org/jira/browse/AURORA-1104?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joe Smith resolved AURORA-1104. --- Resolution: Fixed {noformat} commit 0f40612cbfc8b08fa4838be876119d1082c3d79f Author: Joe Smith yasumo...@gmail.com Date: Fri Feb 6 10:04:01 2015 -0800 Upgrade pants to 0.0.28 pants = [0.0.28 changelog](https://pypi.python.org/pypi/pantsbuild.pants/0.0.28) and selected highlights: * bump virtualenv version to 12.0.5 RB #1621 * Make ‘setup-py’ show up in ‘./pants goal goals’ RB #1466 * Support use of pytest’s –pdb mode RB #1570 * Upgrade pex dependency to 0.8.4 Pick up several perf wins Pick up fix that allows pex to read older pexes RB #1648 RB #1693 * Refactor setting of PYTHONPATH in pants.ini RB #1586 Testing Done: Reviewed the diff for twitter/commons https://github.com/twitter/commons/commit/574d79891d74a3a142e1db6b085b4c7e13c67659 ``` $ ./pants test.pytest --no-fast ./src/test/python/apache/aurora:all ``` Bugs closed: AURORA-1104 Reviewed at https://reviews.apache.org/r/30649/ {noformat} Upgrade to pants 0.0.28 --- Key: AURORA-1104 URL: https://issues.apache.org/jira/browse/AURORA-1104 Project: Aurora Issue Type: Story Components: Build Reporter: Joe Smith Assignee: Joe Smith Upgrade to new pants 0.0.28: https://pypi.python.org/pypi/pantsbuild.pants/0.0.28 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Assigned] (AURORA-1291) Replace enable_api_security arg with a value for http_authentication_mechanism
[ https://issues.apache.org/jira/browse/AURORA-1291?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bill Farner reassigned AURORA-1291: --- Assignee: Bill Farner (was: Kevin Sweeney) Replace enable_api_security arg with a value for http_authentication_mechanism -- Key: AURORA-1291 URL: https://issues.apache.org/jira/browse/AURORA-1291 Project: Aurora Issue Type: Story Components: Scheduler, Security Reporter: Bill Farner Assignee: Bill Farner Enabling API security involves minimally setting 2 args: {noformat} -enable_api_security=true -http_authentication_mechanism=BASIC {noformat} This could open the possibility of confusing combinations of arguments that may behave in unexpected ways, or not work at all. Remove {{enable_api_security}} in favor of {{-http_authentication_mechanism=NONE}}, to be the default value. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (AURORA-1291) Replace enable_api_security arg with a value for http_authentication_mechanism
[ https://issues.apache.org/jira/browse/AURORA-1291?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bill Farner updated AURORA-1291: Sprint: Twitter Aurora Q2'15 Sprint 2 Replace enable_api_security arg with a value for http_authentication_mechanism -- Key: AURORA-1291 URL: https://issues.apache.org/jira/browse/AURORA-1291 Project: Aurora Issue Type: Story Components: Scheduler, Security Reporter: Bill Farner Assignee: Bill Farner Enabling API security involves minimally setting 2 args: {noformat} -enable_api_security=true -http_authentication_mechanism=BASIC {noformat} This could open the possibility of confusing combinations of arguments that may behave in unexpected ways, or not work at all. Remove {{enable_api_security}} in favor of {{-http_authentication_mechanism=NONE}}, to be the default value. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (AURORA-1290) Allow specifying a shorthand for well-known Module FQCNs
[ https://issues.apache.org/jira/browse/AURORA-1290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bill Farner updated AURORA-1290: Sprint: Twitter Aurora Q2'15 Sprint 2 Allow specifying a shorthand for well-known Module FQCNs -- Key: AURORA-1290 URL: https://issues.apache.org/jira/browse/AURORA-1290 Project: Aurora Issue Type: Story Components: Scheduler Reporter: Kevin Sweeney Assignee: Bill Farner Right now you have to type some pretty verbose stuff to setup security. {noformat} -shiro_realm_modules=org.apache.aurora.scheduler.http.api.security.Kerberos5ShiroRealmModule,org.apache.aurora.scheduler.http.api.security.IniShiroRealmModule,com.example.CustomRealmModule {noformat} This is ugly and not very refactor-safe. Consider adding mappings for well-known names, with fallback to FQCNs. Thus, the previous example could become {noformat} -shiro_realm_modules=KERBEROS5_AUTHN,INI_AUTHZ,com.example.CustomRealmModule {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Assigned] (AURORA-1290) Allow specifying a shorthand for well-known Module FQCNs
[ https://issues.apache.org/jira/browse/AURORA-1290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bill Farner reassigned AURORA-1290: --- Assignee: Bill Farner Allow specifying a shorthand for well-known Module FQCNs -- Key: AURORA-1290 URL: https://issues.apache.org/jira/browse/AURORA-1290 Project: Aurora Issue Type: Story Components: Scheduler Reporter: Kevin Sweeney Assignee: Bill Farner Right now you have to type some pretty verbose stuff to setup security. {noformat} -shiro_realm_modules=org.apache.aurora.scheduler.http.api.security.Kerberos5ShiroRealmModule,org.apache.aurora.scheduler.http.api.security.IniShiroRealmModule,com.example.CustomRealmModule {noformat} This is ugly and not very refactor-safe. Consider adding mappings for well-known names, with fallback to FQCNs. Thus, the previous example could become {noformat} -shiro_realm_modules=KERBEROS5_AUTHN,INI_AUTHZ,com.example.CustomRealmModule {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (AURORA-1291) Replace enable_api_security arg with a value for http_authentication_mechanism
[ https://issues.apache.org/jira/browse/AURORA-1291?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bill Farner updated AURORA-1291: Story Points: 1 Replace enable_api_security arg with a value for http_authentication_mechanism -- Key: AURORA-1291 URL: https://issues.apache.org/jira/browse/AURORA-1291 Project: Aurora Issue Type: Story Components: Scheduler, Security Reporter: Bill Farner Assignee: Bill Farner Enabling API security involves minimally setting 2 args: {noformat} -enable_api_security=true -http_authentication_mechanism=BASIC {noformat} This could open the possibility of confusing combinations of arguments that may behave in unexpected ways, or not work at all. Remove {{enable_api_security}} in favor of {{-http_authentication_mechanism=NONE}}, to be the default value. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (AURORA-1248) Client retries 4xx errors
[ https://issues.apache.org/jira/browse/AURORA-1248?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bill Farner updated AURORA-1248: Sprint: Twitter Aurora Q2'15 Sprint 2 Client retries 4xx errors - Key: AURORA-1248 URL: https://issues.apache.org/jira/browse/AURORA-1248 Project: Aurora Issue Type: Bug Components: Client Reporter: Kevin Sweeney Assignee: Bill Farner Looks like the client currently retries all client errors, including 4xx ones. For example, using a client against a scheduler that requires Kerberos there's a series of lines like: {noformat} WARN] Connection error with scheduler: Unknown error talking to http://192.168.33.7:8081/api: 401 Client Error: Unauthorized, reconnecting... WARN] Connection error with scheduler: Unknown error talking to http://192.168.33.7:8081/api: 401 Client Error: Unauthorized, reconnecting... WARN] Connection error with scheduler: Unknown error talking to http://192.168.33.7:8081/api: 401 Client Error: Unauthorized, reconnecting... ... {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (AURORA-1290) Allow specifying a shorthand for well-known Module FQCNs
[ https://issues.apache.org/jira/browse/AURORA-1290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bill Farner updated AURORA-1290: Story Points: 1 Allow specifying a shorthand for well-known Module FQCNs -- Key: AURORA-1290 URL: https://issues.apache.org/jira/browse/AURORA-1290 Project: Aurora Issue Type: Story Components: Scheduler Reporter: Kevin Sweeney Assignee: Bill Farner Right now you have to type some pretty verbose stuff to setup security. {noformat} -shiro_realm_modules=org.apache.aurora.scheduler.http.api.security.Kerberos5ShiroRealmModule,org.apache.aurora.scheduler.http.api.security.IniShiroRealmModule,com.example.CustomRealmModule {noformat} This is ugly and not very refactor-safe. Consider adding mappings for well-known names, with fallback to FQCNs. Thus, the previous example could become {noformat} -shiro_realm_modules=KERBEROS5_AUTHN,INI_AUTHZ,com.example.CustomRealmModule {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Assigned] (AURORA-1248) Client retries 4xx errors
[ https://issues.apache.org/jira/browse/AURORA-1248?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bill Farner reassigned AURORA-1248: --- Assignee: Bill Farner Client retries 4xx errors - Key: AURORA-1248 URL: https://issues.apache.org/jira/browse/AURORA-1248 Project: Aurora Issue Type: Bug Components: Client Reporter: Kevin Sweeney Assignee: Bill Farner Looks like the client currently retries all client errors, including 4xx ones. For example, using a client against a scheduler that requires Kerberos there's a series of lines like: {noformat} WARN] Connection error with scheduler: Unknown error talking to http://192.168.33.7:8081/api: 401 Client Error: Unauthorized, reconnecting... WARN] Connection error with scheduler: Unknown error talking to http://192.168.33.7:8081/api: 401 Client Error: Unauthorized, reconnecting... WARN] Connection error with scheduler: Unknown error talking to http://192.168.33.7:8081/api: 401 Client Error: Unauthorized, reconnecting... ... {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (AURORA-1295) Support security for the ReadOnlyScheduler API
Kevin Sweeney created AURORA-1295: - Summary: Support security for the ReadOnlyScheduler API Key: AURORA-1295 URL: https://issues.apache.org/jira/browse/AURORA-1295 Project: Aurora Issue Type: Story Components: Scheduler, Security, UI Reporter: Kevin Sweeney Support turning on security for the ReadOnlyScheduler service. This will require verifying that the UI can prompt for login credentials and make authenticated requests when necessary. -- This message was sent by Atlassian JIRA (v6.3.4#6332)