org.apache.mesos.Protos.Credential Java Examples

The following examples show how to use org.apache.mesos.Protos.Credential. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SchedulerDriverFactoryTest.java    From dcos-commons with Apache License 2.0 6 votes vote down vote up 
/**
 * Avoid calls to the MesosSchedulerDriver constructor, which triggers errors about libmesos not
 * being present.
 */
@Override
protected MesosSchedulerDriver createInternal(
        final Scheduler scheduler,
        final FrameworkInfo frameworkInfo,
        final String masterUrl,
        final Credential credential,
        final String mesosAPIVersion) {
    createCalls++;
    if (credential != null) {
        lastCallHadCredential = true;
        lastCallHadSecret = credential.hasSecret();
    } else {
        lastCallHadCredential = false;
        lastCallHadSecret = false;
    }
    return null; // avoid requiring a NoOpSchedulerDriver
}
Example #2
Source File: DriverFactoryImpl.java    From attic-aurora with Apache License 2.0 6 votes vote down vote up 
@Override
public SchedulerDriver create(
    Scheduler scheduler,
    Optional<Protos.Credential> credentials,
    Protos.FrameworkInfo frameworkInfo,
    String master) {

  FrameworkInfo convertedFrameworkInfo = convert(frameworkInfo);
  Optional<Credential> convertedCredentials = credentials.map(ProtosConversion::convert);

  if (credentials.isPresent()) {
    return new MesosSchedulerDriver(
        scheduler,
        convertedFrameworkInfo,
        master,
        false, // Disable implicit acknowledgements.
        convertedCredentials.get());
  } else {
    return new MesosSchedulerDriver(
        scheduler,
        convertedFrameworkInfo,
        master,
        false); // Disable implicit acknowledgements.
  }
}
Example #3
Source File: SchedulerDriverFactory.java    From dcos-commons with Apache License 2.0 5 votes vote down vote up 
Mesos startInternalCustom(
    MesosToSchedulerDriverAdapter adapter,
    final Capabilities capabilities,
    final FrameworkInfo frameworkInfo,
    final String masterUrl,
    final Credential credential,
    final String mesosAPIVersion)
{
  LOGGER.info("Trying to use Mesos {} API, isCredentialNull: {}",
      mesosAPIVersion,
      credential == null);
  if (mesosAPIVersion.equals(SchedulerConfig.MESOS_API_VERSION_V1)) {
    if (capabilities.supportsV1APIByDefault()) {
      LOGGER.info("Using Mesos {} API", SchedulerConfig.MESOS_API_VERSION_V1);
      return new V1Mesos(
          adapter,
          masterUrl,
          credential == null ? null : EvolverDevolver.evolve(credential));
    } else {
      LOGGER.info("Current DC/OS cluster doesn't support the Mesos {} API",
          SchedulerConfig.MESOS_API_VERSION_V1);
    }
  }
  LOGGER.info("Using Mesos V0 API");
  return new V0Mesos(
      adapter,
      EvolverDevolver.evolve(frameworkInfo),
      masterUrl,
      credential == null ? null : EvolverDevolver.evolve(credential));
}
Example #4
Source File: SchedulerDriverFactory.java    From dcos-commons with Apache License 2.0 5 votes vote down vote up 
/**
 * Broken out into a separate function to allow testing with custom SchedulerDrivers.
 */
protected SchedulerDriver createInternal(
    final Scheduler scheduler,
    final FrameworkInfo frameworkInfo,
    final String masterUrl,
    @Nullable final Credential credential,
    final String mesosAPIVersion)
{
  Capabilities capabilities = Capabilities.getInstance();
  // TODO(DCOS-29172): This can be removed if/when we switch to using our own Mesos Client
  // Love to work around the fact that the MesosToSchedulerDriverAdapter both depends directly on the
  // process environment *and* uses two unrelated constructors for the case of credential being null
  return credential == null ?
      new MesosToSchedulerDriverAdapter(scheduler, frameworkInfo, masterUrl, true) {
        @Override
        protected Mesos startInternal() {
          return startInternalCustom(
              this,
              capabilities,
              frameworkInfo,
              masterUrl,
              null,
              mesosAPIVersion
          );
        }
      } :
      new MesosToSchedulerDriverAdapter(scheduler, frameworkInfo, masterUrl, true, credential) {
        @Override
        protected Mesos startInternal() {
          return startInternalCustom(
              this,
              capabilities,
              frameworkInfo,
              masterUrl,
              credential,
              mesosAPIVersion
          );
        }
      };
}
Example #5
Source File: JesosSchedulerDriver.java    From jesos with Apache License 2.0 5 votes vote down vote up 
public JesosSchedulerDriver(final Scheduler scheduler,
                            final FrameworkInfo frameworkInfo,
                            final String master,
                            final Credential credential)
                throws IOException
{
    super(scheduler, frameworkInfo, master, true, credential);
}
Example #6
Source File: JesosSchedulerDriver.java    From jesos with Apache License 2.0 5 votes vote down vote up 
public JesosSchedulerDriver(final Scheduler scheduler,
                            final FrameworkInfo frameworkInfo,
                            final String master,
                            boolean implicitAcknowledges,
                            final Credential credential)
                throws IOException
{
    super(scheduler, frameworkInfo, master, implicitAcknowledges, credential);
}
Example #7
Source File: Main.java    From cassandra-mesos-deprecated with Apache License 2.0 5 votes vote down vote up 
static Optional<Credential> getCredential() {
    final boolean auth = Boolean.valueOf(Env.option("MESOS_AUTHENTICATE").or("false"));
    if (auth){
        LOGGER.info("Enabling authentication for the framework");

        final String principal = Env.get("DEFAULT_PRINCIPAL");
        final Optional<String> secret = Env.option("DEFAULT_SECRET");

        return Optional.of(ProtoUtils.getCredential(principal, secret));
    } else {
        return Optional.absent();
    }
}
Example #8
Source File: SchedulerDriverFactory.java    From dcos-commons with Apache License 2.0 4 votes vote down vote up 
/**
 * Creates and returns a new {@link SchedulerDriver} with the provided credential secret.
 *
 * @param scheduler        The Framework {@link Scheduler} implementation which should receive callbacks
 *                         from the {@link SchedulerDriver}
 * @param frameworkInfo    The {@link FrameworkInfo} which describes the framework implementation.
 *                         The 'principal' field MUST be populated and non-empty
 * @param masterUrl        The URL of the currently active Mesos Master, of the form "zk://host/mesos"
 * @param credentialSecret The secret to be included in the framework
 *                         {@link org.apache.mesos.Protos.Credential}, ignored if {@code null}/empty
 * @return A {@link SchedulerDriver} configured with the provided info
 * @throws IllegalArgumentException if {@link FrameworkInfo}.principal is unset or empty when
 *                                  authentication is needed
 */
public SchedulerDriver create(
    final Scheduler scheduler,
    final FrameworkInfo frameworkInfo,
    final String masterUrl,
    final SchedulerConfig schedulerConfig,
    final byte[] credentialSecret)
{
  Credential credential;
  if (credentialSecret != null && credentialSecret.length > 0) {
    // User has manually provided a Secret. Provide a Credential with Principal + Secret.
    // (note: we intentionally avoid logging the content of the credential secret, just in case)
    LOGGER.info("Creating secret authenticated MesosSchedulerDriver for "
            + "scheduler[{}], frameworkInfo[{}], masterUrl[{}], credentialSecret[{} bytes]",
        scheduler.getClass().getSimpleName(),
        TextFormat.shortDebugString(frameworkInfo),
        masterUrl,
        credentialSecret.length);
    credential = Credential.newBuilder()
        .setPrincipal(getPrincipal(frameworkInfo, "secret"))
        .setSecretBytes(ByteString.copyFrom(credentialSecret))
        .build();
  } else if (schedulerConfig.isSideChannelActive()) {
    // Sidechannel auth is enabled. Provide a Credential with only the Principal set.
    LOGGER.info("Creating sidechannel authenticated MesosSchedulerDriver for "
            // SUPPRESS CHECKSTYLE MultipleStringLiteralsCheck
            + "scheduler[{}], frameworkInfo[{}], masterUrl[{}]",
        scheduler.getClass().getSimpleName(),
        TextFormat.shortDebugString(frameworkInfo),
        masterUrl);
    credential = Credential.newBuilder()
        .setPrincipal(getPrincipal(frameworkInfo, "sidechannel"))
        .build();
  } else {
    // No auth. Provide no credential.
    LOGGER.info("Creating unauthenticated MesosSchedulerDriver for "
            + "scheduler[{}], frameworkInfo[{}], masterUrl[{}]",
        scheduler.getClass().getSimpleName(),
        TextFormat.shortDebugString(frameworkInfo),
        masterUrl);
    credential = null;
  }
  return createInternal(
      scheduler,
      frameworkInfo,
      masterUrl,
      credential,
      schedulerConfig.getMesosApiVersion());
}
Example #9
Source File: InternalSchedulerDriver.java    From jesos with Apache License 2.0 4 votes vote down vote up 
/**
 * Creates a new driver for the specified scheduler. The master
 * must be specified as
 *
 *     zk://host1:port1,host2:port2,.../path
 *     zk://username:password@host1:port1,host2:port2,.../path
 *
 * The driver will attempt to "failover" if the specified
 * FrameworkInfo includes a valid FrameworkID.
 */
protected InternalSchedulerDriver(final Scheduler scheduler,
                                  final FrameworkInfo frameworkInfo,
                                  final String master,
                                  boolean implicitAcknowledges,
                                  final Credential credential)
                throws IOException
{
    this.scheduler = checkNotNull(scheduler, "scheduler is null");
    checkNotNull(frameworkInfo, "frameworkInfo is null");
    checkNotNull(master, "master is null");
    this.implicitAcknowledges = implicitAcknowledges;
    this.credential = credential;

    checkState(!master.equals("local"), "Java client can not launch a local cluster!");

    // TODO - Any volunteers to do the SASL dance?
    checkState(this.credential == null, "Credential is not supported yet.");

    final FrameworkInfo.Builder frameworkInfoBuilder = FrameworkInfo.newBuilder(frameworkInfo);

    if (!frameworkInfo.hasHostname()) {
        frameworkInfoBuilder.setHostname(NetworkUtil.findPublicIp());
    }

    if (!frameworkInfo.hasUser() || "".equals(frameworkInfo.getUser())) {
        frameworkInfoBuilder.setUser(System.getProperty("user.name"));
    }

    context = new SchedulerDriverContext(frameworkInfoBuilder.build());

    this.eventBus = new ManagedEventBus("scheduler");

    this.localMessageProcessor = new LocalSchedulerMessageProcessor(context, eventBus, implicitAcknowledges);

    // Closer closes in reverse registration order.

    // Close the callback executor last, so that everything that was still scheduled to be delivered to the framework still has a chance.
    this.callbackExecutor = closer.register(CloseableExecutors.decorate(Executors.newScheduledThreadPool(5, new ThreadFactoryBuilder().setDaemon(true).setNameFormat("scheduler-callback-%d").build())));

    this.receiver = closer.register(new HttpProtocolReceiver(context.getDriverUPID(), SchedulerMessageEnvelope.class, eventBus));

    // The sender is closed before the receiver, so that possible responses are still caught
    this.sender = closer.register(new HttpProtocolSender(context.getDriverUPID()));

    // Make sure that the event bus is drained next at shutdown.
    closer.register(eventBus);

    // Close the master detector first. No more master changes required.
    this.detector = closer.register(new ZookeeperMasterDetector(master, eventBus));

}