add kerberos docker

This commit is contained in:
LingZhaoHui 2022-07-15 23:42:47 +08:00
parent f3f5b2709b
commit efdbb344db
4 changed files with 31 additions and 21 deletions

View File

@ -4,7 +4,7 @@ kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = HADOOP.COM
default_realm = TEST.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
@ -12,7 +12,7 @@ renew_lifetime = 7d
forwardable = true
[realms]
HADOOP.COM = {
TEST.COM = {
kdc = krb5-kdc-server:88
admin_server = krb5-kdc-server
}

View File

@ -1 +1 @@
*/admin@HADOOP.COM *
*/admin@TEST.COM *

View File

@ -3,7 +3,7 @@ kdc_ports = 88
kdc_tcp_ports = 88
[realms]
HADOOP.COM = {
TEST.COM = {
#master_key_type = aes256-cts
acl_file = /etc/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words

View File

@ -1,8 +1,8 @@
#!/bin/bash
FQDN="hadoop.com"
FQDN="test.com"
ADMIN="admin"
PASS="airflow"
PASS="Admin12!"
KRB5_KTNAME=/etc/admin.keytab
@ -10,21 +10,31 @@ cat /etc/hosts
echo "hostname: ${FQDN}"
# create kerberos database
echo -e "${PASS}\n${PASS}" | kdb5_util create -s
inited="/app/inited"
# create admin
echo -e "${PASS}\n${PASS}" | kadmin.local -q "addprinc ${ADMIN}/admin"
function init_user() {
if [ -f "${inited}" ];then
echo "user inited"
return;
fi
echo "begin init user"
# create kerberos database
echo -e "${PASS}\n${PASS}" | kdb5_util create -s
# create admin
echo -e "${PASS}\n${PASS}" | kadmin.local -q "addprinc ${ADMIN}/admin"
# create hadoop
echo -e "${PASS}\n${PASS}" | kadmin.local -q "addprinc hadoop"
echo -e "${PASS}\n${PASS}" | kadmin.local -q "addprinc hadoop/${FQDN}"
kadmin.local -q "ktadd -norandkey -k ${KRB5_KTNAME} hadoop"
kadmin.local -q "ktadd -norandkey -k ${KRB5_KTNAME} hadoop/${FQDN}"
kadmin.local -q "xst -k /app/hadoop.keytab -norandkey hadoop/${FQDN}"
touch "${inited}"
echo "user inite success"
}
# create airflow
echo -e "${PASS}\n${PASS}" | kadmin.local -q "addprinc -randkey airflow"
echo -e "${PASS}\n${PASS}" | kadmin.local -q "addprinc -randkey airflow/${FQDN}"
kadmin.local -q "ktadd -k ${KRB5_KTNAME} airflow"
kadmin.local -q "ktadd -k ${KRB5_KTNAME} airflow/${FQDN}"
/usr/local/bin/supervisord -n -c /etc/supervisord.conf
function main() {
init_user
/usr/local/bin/supervisord -n -c /etc/supervisord.conf
}
main