Images from Dockerfile will now have a forwardable keytab by default. This...

Images from Dockerfile will now have a forwardable keytab by default. This won't have backward compatibility implications.

Images from Dockerfile will now have a forwardable keytab by default. This...
Images from Dockerfile will now have a forwardable keytab by default. This won't have backward compatibility implications.
30e2573f · Fabio Luchetti · 375592f9 · 30e2573f · 375592f9
Commit 30e2573f authored Mar 05, 2019 by Fabio Luchetti
--- a/Dockerfile
+++ b/Dockerfile
@@ -48,4 +48,13 @@ RUN createrepo ${EOSREPODIR}; \
    eos-server eos-testkeytab eos-archive eos-client \
    eos-debuginfo eos-fuse eos-fusex eos-test

+# Generate a new forwardable keytab 'eos-test+' to replace the not-forwardable one (installed by the eos-testkeytab package).
+# This is useful to deploy EOS on Kubernetes clusters running on CERN's Cloud Infrastructure; you can remove these lines if you don't need one.
+RUN mkdir /root/.xrd; \
+    mv /etc/eos.keytab /root/.xrd/sss.keytab; \
+    xrdsssadmin -k eos-test del; \
+    xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add; \
+    mv /root/.xrd/sss.keytab  /etc/eos.keytab; \
+    chown daemon:daemon /etc/eos.keytab
+
 ENTRYPOINT ["/bin/bash"]
--- a/Dockerfile_forwardable-key
+++ b/Dockerfile_forwardable-key
-#
-# Simple EOS Docker file
-#
-# Version 0.2
-
-FROM centos:7
-MAINTAINER Elvin Sindrilaru, esindril@cern.ch, CERN 2017
-
-# Add extra repositories
-ADD eos-docker/*.repo /etc/yum.repos.d/
-
-# Add helper scripts
-ADD eos-docker/image_scripts/*.sh /
-
-# Add configuration files for EOS instance
-ADD eos-docker/eos.sysconfig /etc/sysconfig/eos
-ADD eos-docker/xrd.cf.* eos-docker/krb5.conf /etc/
-ADD eos-docker/fuse.conf /etc/eos/fuse.conf
-ADD eos-docker/fstfmd.dict /var/eos/md/
-
-RUN mkdir /var/tmp/eosxd-cache/ /var/tmp/eosxd-journal/
-RUN useradd eos-user
-
-# Docker will aggressively cache the following command, but this is fine, since
-# these packages are not updated often.
-RUN yum -y --nogpg install \
-    heimdal-server heimdal-workstation \
-    krb5-workstation yum-plugin-priorities \
-    createrepo initscripts less nano \
-    git parallel compat-libf2c-34 libgfortran \
-    gdb gcc-c++ cmake3 libacl-devel perl-Test-Harness \
-    rpm-build bzip2 automake autoconf libtool sudo vim \
-    centos-release-scl-rh
-
-# Special packages, must be installed un-cached.
-RUN yum clean all; \
-    yum -y --nogpg install \
-    quarkdb grid-hammer davix
-    
-# Install new EOS from created repo - the ADD command will reset the docker cache,
-# and any commands after that point will be uncached.
-ENV EOSREPODIR="/repo/eos"
-ADD cc7_artifacts ${EOSREPODIR}
-
-RUN createrepo ${EOSREPODIR}; \
-    echo -e "[eos-artifacts]\nname=EOS artifacts\nbaseurl=file://${EOSREPODIR}\ngpgcheck=0\nenabled=1\npriority=1" >> /etc/yum.repos.d/eos.repo; \
-    yum -y --nogpg install \
-    eos-server eos-testkeytab eos-archive eos-client \
-    eos-debuginfo eos-fuse eos-fusex eos-test
-
-RUN mkdir /root/.xrd; \
-    mv /etc/eos.keytab /root/.xrd/sss.keytab; \
-    xrdsssadmin -k eos-test del; \
-    xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add; \
-    mv /root/.xrd/sss.keytab  /etc/eos.keytab; \
-    chown daemon:daemon /etc/eos.keytab
-
-ENTRYPOINT ["/bin/bash"]