New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DRILL-7547: Support credentials store for mongo connections #2001
Conversation
This uses the hadoop `Configuration.getPassword` method to retrieve the username and password for mongo connections. This allows the user to supply credentials or credential store configuration in core-site.xml instead of inlining the credentials in the storage plugin configuration that is stored in ZooKeeper. Refer to the CredentialProviderAPI document for more information about how credential provider plugins work.
c9d98d1
to
caa8538
Compare
contrib/storage-mongo/src/main/java/org/apache/drill/exec/store/mongo/MongoStoragePlugin.java
Outdated
Show resolved
Hide resolved
@dobesv Thanks for this! Once this is approved, can you update the Mongo Storage Plugin info on the |
A question and a comment:
|
The configuration key is based on the plugin name, actually. If the connection string already has credentials, this will not replace them.
I think it is an OK approach for any plugin that has credentials currently stored in ZooKeeper. Note that the key I use is based on the plugin's name so you can setup multiple. |
@arina-ielchiieva Great catch on the core-site.xml location, I totally thought I had put that in the test resources before, such a silly mistake. Hooray for code reviews! I think I addressed your other comments as well, and I did a bit of research and added some more detail to the core-site-example file. The credentials provider system is actually pretty powerful once you get into it. |
LGTM, +1 |
DRILL-7547: Support credentials store for mongo connections
Description
This uses the hadoop
Configuration.getPassword
method to retrieve theusername and password for mongo connections. This allows the user to
supply credentials or credential store configuration in core-site.xml
instead of inlining the credentials in the storage plugin configuration
that is stored in ZooKeeper.
Refer to the CredentialProviderAPI document for more information about
how credential provider plugins work.
Documentation
Defining Credentials in the Drill core-site.xml File
To configure the mongo username and password in Drill's core-site.xml file, navigate to the
$DRILL_HOME/conf
or$DRILL_SITE
directory, and rename thecore-site-example.xml
file tocore-site.xml
. Insert your mongo username and password as shown in the following example:Remove any username and password from your mongo storage plugin configuration if you do this.
Notes
mongo
, replace "mongo" in the property name with the name of the storage plugin you are configuring, e.g. for a storage plugin named "mongo2" you would setdrill.exec.store.mongo2.username
anddrill.exec.store.mongo2.password
Testing
JUnit tests and manual test.