You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hawq.apache.org by li...@apache.org on 2017/06/01 08:35:02 UTC

incubator-hawq git commit: HAWQ-1476. Augment enable-ranger-plugin.sh to support kerberos. (close #1248)

Repository: incubator-hawq
Updated Branches:
  refs/heads/master abd74ed1c -> ed5029c76


HAWQ-1476. Augment enable-ranger-plugin.sh to support kerberos.
(close #1248)


Project: http://git-wip-us.apache.org/repos/asf/incubator-hawq/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-hawq/commit/ed5029c7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-hawq/tree/ed5029c7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-hawq/diff/ed5029c7

Branch: refs/heads/master
Commit: ed5029c76515d36cae0c41e96d19eee0b4710561
Parents: abd74ed
Author: stanlyxiang <st...@gmail.com>
Authored: Thu Jun 1 15:41:55 2017 +0800
Committer: Lili Ma <ic...@gmail.com>
Committed: Thu Jun 1 16:34:03 2017 +0800

----------------------------------------------------------------------
 ranger-plugin/conf/ranger-servicedef-hawq.json |  2 +-
 ranger-plugin/scripts/enable-ranger-plugin.sh  | 28 ++++++++++++++++++++-
 2 files changed, 28 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/ed5029c7/ranger-plugin/conf/ranger-servicedef-hawq.json
----------------------------------------------------------------------
diff --git a/ranger-plugin/conf/ranger-servicedef-hawq.json b/ranger-plugin/conf/ranger-servicedef-hawq.json
index 172eb3a..b8ce53e 100644
--- a/ranger-plugin/conf/ranger-servicedef-hawq.json
+++ b/ranger-plugin/conf/ranger-servicedef-hawq.json
@@ -244,7 +244,7 @@
       "name": "authentication",
       "type": "enum",
       "subType": "authType",
-      "mandatory": false,
+      "mandatory": true,
       "validationRegEx": "",
       "validationMessage": "",
       "uiHint": "",

http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/ed5029c7/ranger-plugin/scripts/enable-ranger-plugin.sh
----------------------------------------------------------------------
diff --git a/ranger-plugin/scripts/enable-ranger-plugin.sh b/ranger-plugin/scripts/enable-ranger-plugin.sh
index 5b702c9..0e839b7 100755
--- a/ranger-plugin/scripts/enable-ranger-plugin.sh
+++ b/ranger-plugin/scripts/enable-ranger-plugin.sh
@@ -20,7 +20,7 @@
 #
 
 function usage() {
-  echo "USAGE: enable-ranger-plugin.sh -r ranger_host:ranger_port -u ranger_user -p ranger_password [-h hawq_host:hawq_port] -w hawq_user -q hawq_password"
+  echo "USAGE: enable-ranger-plugin.sh -r ranger_host:ranger_port -u ranger_user -p ranger_password [-h hawq_host:hawq_port -t lookup_authentication_type -s hawq_kerberos_service_name] -w hawq_user -q hawq_password"
   exit 1
 }
 
@@ -131,6 +131,18 @@ function get_hawq_password() {
   done
 }
 
+function get_hawq_kerberos_service_name() {
+  if [[ -z "$HAWQ_KERBEROS_SERVICE_NAME" ]]; then
+    HAWQ_KERBEROS_SERVICE_NAME="postgres"
+  fi
+}
+
+function get_lookup_authentication_type() {
+  if [[ -z "$LOOKUP_AUTHENTICATION_TYPE" ]]; then
+    LOOKUP_AUTHENTICATION_TYPE="simple"
+  fi
+}
+
 function parse_params() {
   while [[ $# -gt 0 ]]
   do
@@ -160,6 +172,14 @@ function parse_params() {
         HAWQ_PASSWORD="$2"
         shift
         ;;
+      -s)
+        HAWQ_KERBEROS_SERVICE_NAME="$2"
+        shift
+        ;;
+      -t)
+        LOOKUP_AUTHENTICATION_TYPE="$2"
+        shift
+        ;;
       *)
         usage
         ;;
@@ -175,6 +195,8 @@ function validate_params() {
   get_hawq_url
   get_hawq_user
   get_hawq_password
+  get_hawq_kerberos_service_name
+  get_lookup_authentication_type
   echo "RANGER URL  = ${RANGER_URL}"
   echo "RANGER User = ${RANGER_USER}"
   echo "RANGER Password = $(mask ${RANGER_PASSWORD})"
@@ -182,6 +204,8 @@ function validate_params() {
   echo "HAWQ PORT = ${HAWQ_PORT}"
   echo "HAWQ User = ${HAWQ_USER}"
   echo "HAWQ Password = $(mask ${HAWQ_PASSWORD})"
+  echo "HAWQ Lookup Authentication Type = ${LOOKUP_AUTHENTICATION_TYPE}"
+  echo "HAWQ Kerberos Service Name = ${HAWQ_KERBEROS_SERVICE_NAME}"
 }
 
 function check_hawq_service_definition() {
@@ -217,6 +241,8 @@ function create_hawq_service_instance() {
                     \"isEnabled\":true,
                     \"configs\":{\"username\":\"${HAWQ_USER}\",
                                \"password\":\"${HAWQ_PASSWORD}\",
+                               \"authentication\":\"${LOOKUP_AUTHENTICATION_TYPE}\",
+                               \"principal\":\"${HAWQ_KERBEROS_SERVICE_NAME}\",
                                \"hostname\":\"${HAWQ_HOST}\",
                                \"port\":\"${HAWQ_PORT}\"}}"