From 03272efbb5f474f6f0a99b392e366fdcc5cffecc Mon Sep 17 00:00:00 2001 From: gavgitid <grigorios.avgitidis@cern.ch> Date: Fri, 6 Jul 2018 11:59:15 +0200 Subject: [PATCH] NXCALS-1739 Adds option to enable kerberos properties on spark defaults config --- ansible/group_vars/all/all.yml | 2 +- ansible/integration-tests-install.yml | 2 +- ansible/roles/spark/defaults/main.yml | 2 +- ansible/roles/spark/templates/config/spark-defaults.conf | 7 ++++++- 4 files changed, 9 insertions(+), 4 deletions(-) diff --git a/ansible/group_vars/all/all.yml b/ansible/group_vars/all/all.yml index 371e2d8978..d665541a82 100644 --- a/ansible/group_vars/all/all.yml +++ b/ansible/group_vars/all/all.yml @@ -183,7 +183,7 @@ spark_yarn_extra_classpath: /usr/lib/hadoop/lib/native spark_driver_extra_classpath: '{%if use_absolute_paths %}{{spark_home_dir}}/{% endif %}{{hadoop_config_jar}}' -spark_driver_java_opts: '{{service_url_java_opt}} {{cert_java_opt}} {%if with_kerberos_opts %}{{kerberos_jvm_opts}}{% endif %}' +spark_driver_java_opts: '{{service_url_java_opt}} {{cert_java_opt}} {%if with_kerberos_properties %}{{kerberos_jvm_opts}}{% endif %}' spark_nxcals_python_artifact: 'nxcals-data-access-python3' diff --git a/ansible/integration-tests-install.yml b/ansible/integration-tests-install.yml index eddb88043a..c431a3794e 100644 --- a/ansible/integration-tests-install.yml +++ b/ansible/integration-tests-install.yml @@ -20,5 +20,5 @@ roles: - { role: common-keytab, kerberos_encrypted_location: "./files/keytab-{{kerberos_principal}}-encrypted"} # The absolute path for the keystore file is needed, cause spark-defaults.conf will not otherwise locate the file - - { role: spark, with_kerberos_opts: true, cert_keystore_name: '{{spark_home_dir}}/nxcals_cacerts' } + - { role: spark, with_kerberos_properties: true, cert_keystore_name: '{{spark_home_dir}}/nxcals_cacerts' } - { role: integration-tests } diff --git a/ansible/roles/spark/defaults/main.yml b/ansible/roles/spark/defaults/main.yml index e3dac6df1f..fda315199c 100644 --- a/ansible/roles/spark/defaults/main.yml +++ b/ansible/roles/spark/defaults/main.yml @@ -1,2 +1,2 @@ use_absolute_paths: true -with_kerberos_opts: false \ No newline at end of file +with_kerberos_properties: false \ No newline at end of file diff --git a/ansible/roles/spark/templates/config/spark-defaults.conf b/ansible/roles/spark/templates/config/spark-defaults.conf index 19ed35545d..92c8ee2918 100644 --- a/ansible/roles/spark/templates/config/spark-defaults.conf +++ b/ansible/roles/spark/templates/config/spark-defaults.conf @@ -71,8 +71,13 @@ spark.executor.extraClassPath {{spark_yarn_extra_classpath}} # # spark.master +{%if with_kerberos_properties %} +spark.yarn.keytab {{kerberos_keytab_location}} +spark.yarn.principal {{kerberos_principal}} +{% else %} # You can uncomment the following kerberos properties to directly # configure spark against a kerberos keytab/principal entry -# + # spark.yarn.keytab # spark.yarn.principal +{% endif %} \ No newline at end of file -- GitLab