Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
doujutun3207
flink
提交
e2e090b1
F
flink
项目概览
doujutun3207
/
flink
与 Fork 源项目一致
从无法访问的项目Fork
通知
24
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
F
flink
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
e2e090b1
编写于
7月 16, 2018
作者:
N
Nico Kruber
提交者:
zentol
7月 16, 2018
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
[FLINK-9839][tests] Add support for SSL to e2e-tests
This closes #6327.
上级
0a5aebb0
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
51 addition
and
1 deletion
+51
-1
flink-end-to-end-tests/test-scripts/common.sh
flink-end-to-end-tests/test-scripts/common.sh
+47
-1
flink-end-to-end-tests/test-scripts/test_batch_allround.sh
flink-end-to-end-tests/test-scripts/test_batch_allround.sh
+2
-0
flink-end-to-end-tests/test-scripts/test_streaming_bucketing.sh
...end-to-end-tests/test-scripts/test_streaming_bucketing.sh
+2
-0
未找到文件。
flink-end-to-end-tests/test-scripts/common.sh
浏览文件 @
e2e090b1
...
...
@@ -36,6 +36,7 @@ export EXIT_CODE=0
echo
"Flink dist directory:
$FLINK_DIR
"
USE_SSL
=
OFF
# set via set_conf_ssl(), reset via revert_default_config()
TEST_ROOT
=
`
pwd
`
TEST_INFRA_DIR
=
"
$END_TO_END_DIR
/test-scripts/"
cd
$TEST_INFRA_DIR
...
...
@@ -80,6 +81,8 @@ function revert_default_config() {
if
[
-f
$FLINK_DIR
/conf/flink-conf.yaml.bak
]
;
then
mv
-f
$FLINK_DIR
/conf/flink-conf.yaml.bak
$FLINK_DIR
/conf/flink-conf.yaml
fi
USE_SSL
=
OFF
}
function
set_conf
()
{
...
...
@@ -143,6 +146,43 @@ function create_ha_config() {
EOL
}
function
set_conf_ssl
{
# clean up the dir that will be used for SSL certificates and trust stores
if
[
-e
"
${
TEST_DATA_DIR
}
/ssl"
]
;
then
echo
"File
${
TEST_DATA_DIR
}
/ssl exists. Deleting it..."
rm
-rf
"
${
TEST_DATA_DIR
}
/ssl"
fi
mkdir
-p
"
${
TEST_DATA_DIR
}
/ssl"
NODENAME
=
`
hostname
-f
`
SANSTRING
=
"dns:
${
NODENAME
}
"
for
NODEIP
in
`
hostname
-I
|
cut
-d
' '
-f1
`
;
do
SANSTRING
=
"
${
SANSTRING
}
,ip:
${
NODEIP
}
"
done
# create certificates
keytool
-genkeypair
-alias
ca
-keystore
"
${
TEST_DATA_DIR
}
/ssl/ca.keystore"
-dname
"CN=Sample CA"
-storepass
password
-keypass
password
-keyalg
RSA
-ext
bc
=
ca:true
keytool
-keystore
"
${
TEST_DATA_DIR
}
/ssl/ca.keystore"
-storepass
password
-alias
ca
-exportcert
>
"
${
TEST_DATA_DIR
}
/ssl/ca.cer"
keytool
-importcert
-keystore
"
${
TEST_DATA_DIR
}
/ssl/ca.truststore"
-alias
ca
-storepass
password
-noprompt
-file
"
${
TEST_DATA_DIR
}
/ssl/ca.cer"
keytool
-genkeypair
-alias
node
-keystore
"
${
TEST_DATA_DIR
}
/ssl/node.keystore"
-dname
"CN=
${
NODENAME
}
"
-ext
SAN
=
${
SANSTRING
}
-storepass
password
-keypass
password
-keyalg
RSA
keytool
-certreq
-keystore
"
${
TEST_DATA_DIR
}
/ssl/node.keystore"
-storepass
password
-alias
node
-file
"
${
TEST_DATA_DIR
}
/ssl/node.csr"
keytool
-gencert
-keystore
"
${
TEST_DATA_DIR
}
/ssl/ca.keystore"
-storepass
password
-alias
ca
-ext
SAN
=
${
SANSTRING
}
-infile
"
${
TEST_DATA_DIR
}
/ssl/node.csr"
-outfile
"
${
TEST_DATA_DIR
}
/ssl/node.cer"
keytool
-importcert
-keystore
"
${
TEST_DATA_DIR
}
/ssl/node.keystore"
-storepass
password
-file
"
${
TEST_DATA_DIR
}
/ssl/ca.cer"
-alias
ca
-noprompt
keytool
-importcert
-keystore
"
${
TEST_DATA_DIR
}
/ssl/node.keystore"
-storepass
password
-file
"
${
TEST_DATA_DIR
}
/ssl/node.cer"
-alias
node
-noprompt
# adapt config
# (here we rely on security.ssl.enabled enabling SSL for all components and internal as well as
# external communication channels)
set_conf security.ssl.enabled
true
set_conf security.ssl.keystore
${
TEST_DATA_DIR
}
/ssl/node.keystore
set_conf security.ssl.keystore-password password
set_conf security.ssl.key-password password
set_conf security.ssl.truststore
${
TEST_DATA_DIR
}
/ssl/ca.truststore
set_conf security.ssl.truststore-password password
USE_SSL
=
ON
}
function
start_ha_cluster
{
create_ha_config
start_local_zk
...
...
@@ -178,9 +218,15 @@ function start_cluster {
"
$FLINK_DIR
"
/bin/start-cluster.sh
# wait at most 10 seconds until the dispatcher is up
local
QUERY_URL
if
[
"x
$USE_SSL
"
=
"xON"
]
;
then
QUERY_URL
=
"http://localhost:8081/taskmanagers"
else
QUERY_URL
=
"https://localhost:8081/taskmanagers"
fi
for
i
in
{
1..10
}
;
do
# without the || true this would exit our script if the JobManager is not yet up
QUERY_RESULT
=
$(
curl
"
http://localhost:8081/taskmanagers
"
2> /dev/null
||
true
)
QUERY_RESULT
=
$(
curl
"
$QUERY_URL
"
2> /dev/null
||
true
)
# ensure the taskmanagers field is there at all and is not empty
if
[[
${
QUERY_RESULT
}
=
~
\{\"
taskmanagers
\"
:
\[
.+
\]\}
]]
;
then
...
...
flink-end-to-end-tests/test-scripts/test_batch_allround.sh
浏览文件 @
e2e090b1
...
...
@@ -28,6 +28,8 @@ cp $FLINK_DIR/conf/flink-conf.yaml $FLINK_DIR/conf/flink-conf.yaml.bak
echo
"taskmanager.network.memory.min: 10485760"
>>
$FLINK_DIR
/conf/flink-conf.yaml
echo
"taskmanager.network.memory.max: 10485760"
>>
$FLINK_DIR
/conf/flink-conf.yaml
backup_config
set_conf_ssl
start_cluster
$FLINK_DIR
/bin/taskmanager.sh start
$FLINK_DIR
/bin/taskmanager.sh start
...
...
flink-end-to-end-tests/test-scripts/test_streaming_bucketing.sh
浏览文件 @
e2e090b1
...
...
@@ -24,6 +24,8 @@ TEST_PROGRAM_JAR=${END_TO_END_DIR}/flink-bucketing-sink-test/target/BucketingSin
# enable DEBUG logging level to retrieve truncate length later
sed
-i
-e
's/#log4j.logger.org.apache.flink=INFO/log4j.logger.org.apache.flink=DEBUG/g'
$FLINK_DIR
/conf/log4j.properties
backup_config
set_conf_ssl
start_cluster
$FLINK_DIR
/bin/taskmanager.sh start
$FLINK_DIR
/bin/taskmanager.sh start
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录