You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ga...@apache.org on 2016/06/28 13:49:28 UTC
[1/2] ambari git commit: AMBARI-17363: Enable Ranger support for Hive
Interactive(gautam)
Repository: ambari
Updated Branches:
refs/heads/branch-2.4 bc8bd5873 -> 016d6ec48
refs/heads/trunk 740c6caa9 -> 8daa34ded
AMBARI-17363: Enable Ranger support for Hive Interactive(gautam)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/8daa34de
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/8daa34de
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/8daa34de
Branch: refs/heads/trunk
Commit: 8daa34ded1f6bc53bc61a4fc1108703eb4ceecf7
Parents: 740c6ca
Author: Gautam Borad <ga...@apache.org>
Authored: Wed Jun 22 15:39:51 2016 +0530
Committer: Gautam Borad <ga...@apache.org>
Committed: Tue Jun 28 19:19:08 2016 +0530
----------------------------------------------------------------------
.../package/scripts/hive_server_interactive.py | 3 +-
.../scripts/setup_ranger_hive_interactive.py | 78 ++++++++++++++++++++
2 files changed, 80 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/8daa34de/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
index e892509..255396f 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
@@ -54,6 +54,7 @@ from setup_ranger_hive import setup_ranger_hive
from hive_service_interactive import hive_service_interactive
from hive_interactive import hive_interactive
from hive_server import HiveServerDefault
+from setup_ranger_hive_interactive import setup_ranger_hive_interactive
import traceback
@@ -119,7 +120,7 @@ class HiveServerInteractiveDefault(HiveServerInteractive):
raise Fail("Skipping START of Hive Server Interactive since LLAP app couldn't be STARTED.")
# TODO : test the workability of Ranger and Hive2 during upgrade
- # setup_ranger_hive(upgrade_type=upgrade_type)
+ setup_ranger_hive_interactive(upgrade_type=upgrade_type)
hive_service_interactive('hiveserver2', action='start', upgrade_type=upgrade_type)
http://git-wip-us.apache.org/repos/asf/ambari/blob/8daa34de/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py
new file mode 100644
index 0000000..eeb3031
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py
@@ -0,0 +1,78 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+from resource_management.core.logger import Logger
+
+def setup_ranger_hive_interactive(upgrade_type = None):
+ import params
+
+ if params.has_ranger_admin:
+
+ stack_version = None
+
+ if upgrade_type is not None:
+ stack_version = params.version
+
+ if params.retryAble:
+ Logger.info("Hive2: Setup ranger: command retry enabled thus retrying if ranger admin is down !")
+ else:
+ Logger.info("Hive2: Setup ranger: command retry not enabled thus skipping if ranger admin is down !")
+
+ if params.xml_configurations_supported and params.enable_ranger_hive and params.xa_audit_hdfs_is_enabled:
+ params.HdfsResource("/ranger/audit",
+ type="directory",
+ action="create_on_execute",
+ owner=params.hdfs_user,
+ group=params.hdfs_user,
+ mode=0755,
+ recursive_chmod=True
+ )
+ params.HdfsResource("/ranger/audit/hive2",
+ type="directory",
+ action="create_on_execute",
+ owner=params.hive_user,
+ group=params.hive_user,
+ mode=0700,
+ recursive_chmod=True
+ )
+ params.HdfsResource(None, action="execute")
+
+ from resource_management.libraries.functions.setup_ranger_plugin_xml import setup_ranger_plugin
+ setup_ranger_plugin('hive-server2-hive2', 'hive', params.ranger_previous_jdbc_jar,
+ params.ranger_downloaded_custom_connector, params.ranger_driver_curl_source,
+ params.ranger_driver_curl_target, params.java64_home,
+ params.repo_name, params.hive_ranger_plugin_repo,
+ params.ranger_env, params.ranger_plugin_properties,
+ params.policy_user, params.policymgr_mgr_url,
+ params.enable_ranger_hive, conf_dict=params.hive_server_conf_dir,
+ component_user=params.hive_user, component_group=params.user_group, cache_service_list=['hive-server2-hive2'],
+ plugin_audit_properties=params.config['configurations']['ranger-hive-audit'], plugin_audit_attributes=params.config['configuration_attributes']['ranger-hive-audit'],
+ plugin_security_properties=params.config['configurations']['ranger-hive-security'], plugin_security_attributes=params.config['configuration_attributes']['ranger-hive-security'],
+ plugin_policymgr_ssl_properties=params.config['configurations']['ranger-hive-policymgr-ssl'], plugin_policymgr_ssl_attributes=params.config['configuration_attributes']['ranger-hive-policymgr-ssl'],
+ component_list=['hive-client', 'hive-metastore', 'hive-server2','hive-server2-hive2'], audit_db_is_enabled=False,
+ credential_file=params.credential_file, xa_audit_db_password=None,
+ ssl_truststore_password=params.ssl_truststore_password, ssl_keystore_password=params.ssl_keystore_password,
+ stack_version_override = stack_version, skip_if_rangeradmin_down= not params.retryAble, api_version='v2',
+ is_security_enabled = params.security_enabled,
+ is_stack_supports_ranger_kerberos = params.stack_supports_ranger_kerberos,
+ component_user_principal=params.hive_principal if params.security_enabled else None,
+ component_user_keytab=params.hive_server2_keytab if params.security_enabled else None)
+
+ else:
+ Logger.info('Ranger admin not installed')
[2/2] ambari git commit: AMBARI-17363: Enable Ranger support for Hive
Interactive(gautam)
Posted by ga...@apache.org.
AMBARI-17363: Enable Ranger support for Hive Interactive(gautam)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/016d6ec4
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/016d6ec4
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/016d6ec4
Branch: refs/heads/branch-2.4
Commit: 016d6ec48802ec62632c200c5c73958d5eb84314
Parents: bc8bd58
Author: Gautam Borad <ga...@apache.org>
Authored: Wed Jun 22 15:39:51 2016 +0530
Committer: Gautam Borad <ga...@apache.org>
Committed: Tue Jun 28 19:19:16 2016 +0530
----------------------------------------------------------------------
.../package/scripts/hive_server_interactive.py | 3 +-
.../scripts/setup_ranger_hive_interactive.py | 78 ++++++++++++++++++++
2 files changed, 80 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/016d6ec4/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
index e892509..255396f 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
@@ -54,6 +54,7 @@ from setup_ranger_hive import setup_ranger_hive
from hive_service_interactive import hive_service_interactive
from hive_interactive import hive_interactive
from hive_server import HiveServerDefault
+from setup_ranger_hive_interactive import setup_ranger_hive_interactive
import traceback
@@ -119,7 +120,7 @@ class HiveServerInteractiveDefault(HiveServerInteractive):
raise Fail("Skipping START of Hive Server Interactive since LLAP app couldn't be STARTED.")
# TODO : test the workability of Ranger and Hive2 during upgrade
- # setup_ranger_hive(upgrade_type=upgrade_type)
+ setup_ranger_hive_interactive(upgrade_type=upgrade_type)
hive_service_interactive('hiveserver2', action='start', upgrade_type=upgrade_type)
http://git-wip-us.apache.org/repos/asf/ambari/blob/016d6ec4/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py
new file mode 100644
index 0000000..eeb3031
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py
@@ -0,0 +1,78 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+from resource_management.core.logger import Logger
+
+def setup_ranger_hive_interactive(upgrade_type = None):
+ import params
+
+ if params.has_ranger_admin:
+
+ stack_version = None
+
+ if upgrade_type is not None:
+ stack_version = params.version
+
+ if params.retryAble:
+ Logger.info("Hive2: Setup ranger: command retry enabled thus retrying if ranger admin is down !")
+ else:
+ Logger.info("Hive2: Setup ranger: command retry not enabled thus skipping if ranger admin is down !")
+
+ if params.xml_configurations_supported and params.enable_ranger_hive and params.xa_audit_hdfs_is_enabled:
+ params.HdfsResource("/ranger/audit",
+ type="directory",
+ action="create_on_execute",
+ owner=params.hdfs_user,
+ group=params.hdfs_user,
+ mode=0755,
+ recursive_chmod=True
+ )
+ params.HdfsResource("/ranger/audit/hive2",
+ type="directory",
+ action="create_on_execute",
+ owner=params.hive_user,
+ group=params.hive_user,
+ mode=0700,
+ recursive_chmod=True
+ )
+ params.HdfsResource(None, action="execute")
+
+ from resource_management.libraries.functions.setup_ranger_plugin_xml import setup_ranger_plugin
+ setup_ranger_plugin('hive-server2-hive2', 'hive', params.ranger_previous_jdbc_jar,
+ params.ranger_downloaded_custom_connector, params.ranger_driver_curl_source,
+ params.ranger_driver_curl_target, params.java64_home,
+ params.repo_name, params.hive_ranger_plugin_repo,
+ params.ranger_env, params.ranger_plugin_properties,
+ params.policy_user, params.policymgr_mgr_url,
+ params.enable_ranger_hive, conf_dict=params.hive_server_conf_dir,
+ component_user=params.hive_user, component_group=params.user_group, cache_service_list=['hive-server2-hive2'],
+ plugin_audit_properties=params.config['configurations']['ranger-hive-audit'], plugin_audit_attributes=params.config['configuration_attributes']['ranger-hive-audit'],
+ plugin_security_properties=params.config['configurations']['ranger-hive-security'], plugin_security_attributes=params.config['configuration_attributes']['ranger-hive-security'],
+ plugin_policymgr_ssl_properties=params.config['configurations']['ranger-hive-policymgr-ssl'], plugin_policymgr_ssl_attributes=params.config['configuration_attributes']['ranger-hive-policymgr-ssl'],
+ component_list=['hive-client', 'hive-metastore', 'hive-server2','hive-server2-hive2'], audit_db_is_enabled=False,
+ credential_file=params.credential_file, xa_audit_db_password=None,
+ ssl_truststore_password=params.ssl_truststore_password, ssl_keystore_password=params.ssl_keystore_password,
+ stack_version_override = stack_version, skip_if_rangeradmin_down= not params.retryAble, api_version='v2',
+ is_security_enabled = params.security_enabled,
+ is_stack_supports_ranger_kerberos = params.stack_supports_ranger_kerberos,
+ component_user_principal=params.hive_principal if params.security_enabled else None,
+ component_user_keytab=params.hive_server2_keytab if params.security_enabled else None)
+
+ else:
+ Logger.info('Ranger admin not installed')