(wip)(test)Adding Kerberos DNS check to the Hive connection case

fe/fe-core/src/main/java/org/apache/doris/DorisFE.java

@@ -81,6 +81,7 @@ public class DorisFE {
     private static FileLock processFileLock;
 
     public static void main(String[] args) {
+        System.setProperty("sun.security.krb5.debug", "true");
         // Every doris version should have a final meta version, it should not change
         // between small releases. Add a check here to avoid mistake.
         if (Version.DORIS_FE_META_VERSION > 0

regression-test/suites/external_table_p0/kerberos/test_single_hive_kerberos.groovy

@@ -16,6 +16,14 @@
 // under the License.
 
 suite("test_single_hive_kerberos", "p0,external,kerberos,external_docker,external_docker_kerberos") {
+    def command = "sudo docker ps"
+    def process = command.execute()
+    process.waitFor()
+
+    def output = process.in.text
+
+    println "Docker containers:"
+    println output
     String enabled = context.config.otherConfigs.get("enableKerberosTest")
     if (enabled != null && enabled.equalsIgnoreCase("true")) {
         String hms_catalog_name = "test_single_hive_kerberos"

regression-test/suites/external_table_p0/kerberos/test_two_hive_kerberos.groovy

@@ -18,28 +18,21 @@ import groovyjarjarantlr4.v4.codegen.model.ExceptionClause
 // under the License.
 
 import org.junit.Assert;
-
+import java.net.Socket
 suite("test_two_hive_kerberos", "p0,external,kerberos,external_docker,external_docker_kerberos") {
+    def command = "sudo docker ps"
+    def process = command.execute() 
+    process.waitFor()               
+
+    def output = process.in.text
+
+    println "Docker containers:"
+    println output
     String enabled = context.config.otherConfigs.get("enableKerberosTest")
     if (enabled != null && enabled.equalsIgnoreCase("true")) {
         String hms_catalog_name = "test_two_hive_kerberos"
-        sql """drop catalog if exists ${hms_catalog_name};"""
-        sql """
-            CREATE CATALOG IF NOT EXISTS ${hms_catalog_name}
-            PROPERTIES ( 
-                "type" = "hms",
-                "hive.metastore.uris" = "thrift://172.31.71.25:9083",
-                "fs.defaultFS" = "hdfs://172.31.71.25:8020",
-                "hadoop.kerberos.min.seconds.before.relogin" = "5",
-                "hadoop.security.authentication" = "kerberos",
-                "hadoop.kerberos.principal"="hive/presto-master.docker.cluster@LABS.TERADATA.COM",
-                "hadoop.kerberos.keytab" = "/keytabs/hive-presto-master.keytab",
-                "hive.metastore.sasl.enabled " = "true",
-                "hive.metastore.kerberos.principal" = "hive/_HOST@LABS.TERADATA.COM"
-            );
-        """
-
         sql """drop catalog if exists other_${hms_catalog_name};"""
+
         sql """
             CREATE CATALOG IF NOT EXISTS other_${hms_catalog_name}
             PROPERTIES (
@@ -57,21 +50,42 @@ suite("test_two_hive_kerberos", "p0,external,kerberos,external_docker,external_d
                                                   DEFAULT"
             );
         """
+        sql """drop catalog if exists ${hms_catalog_name};"""
+        sql """
+            CREATE CATALOG IF NOT EXISTS ${hms_catalog_name}
+            PROPERTIES ( 
+                "type" = "hms",
+                "hive.metastore.uris" = "thrift://172.31.71.25:9083",
+                "fs.defaultFS" = "hdfs://172.31.71.25:8020",
+                "hadoop.kerberos.min.seconds.before.relogin" = "5",
+                "hadoop.security.authentication" = "kerberos",
+                "hadoop.kerberos.principal"="hive/presto-master.docker.cluster@LABS.TERADATA.COM",
+                "hadoop.kerberos.keytab" = "/keytabs/hive-presto-master.keytab",
+                "hive.metastore.sasl.enabled " = "true",
+                "hive.metastore.kerberos.principal" = "hive/_HOST@LABS.TERADATA.COM",
+                "hadoop.security.auth_to_local" = "RULE:[2:\$1@\$0](.*@LABS.TERADATA.COM)s/@.*//
+                                   RULE:[2:\$1@\$0](.*@OTHERLABS.TERADATA.COM)s/@.*//
+                                   RULE:[2:\$1@\$0](.*@OTHERREALM.COM)s/@.*//
+                                   DEFAULT",
+            );
+        """
 
-        // 1. catalogA
-        sql """switch ${hms_catalog_name};"""
-        logger.info("switched to catalog " + hms_catalog_name)
-        sql """ show databases """
-        sql """ use test_krb_hive_db """
-        order_qt_q01 """ select * from test_krb_hive_db.test_krb_hive_tbl """
+
+
+
 
         // 2. catalogB
         sql """switch other_${hms_catalog_name};"""
         logger.info("switched to other catalog " + hms_catalog_name)
         sql """ show databases """
         sql """ use test_krb_hive_db """
         order_qt_q02 """ select * from test_krb_hive_db.test_krb_hive_tbl """
-
+        // 1. catalogA
+        sql """switch ${hms_catalog_name};"""
+        logger.info("switched to catalog " + hms_catalog_name)
+        sql """ show databases """
+        sql """ use test_krb_hive_db """
+        order_qt_q01 """ select * from test_krb_hive_db.test_krb_hive_tbl """
         // 3. write back test case
         sql """ switch ${hms_catalog_name}; """
         sql """ CREATE DATABASE IF NOT EXISTS `test_krb_hms_db`; """