You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2017/06/14 21:19:46 UTC
[15/26] ambari git commit: AMBARI-21227 Updating Ranger
install.properties file (mugdha)
AMBARI-21227 Updating Ranger install.properties file (mugdha)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/1f19461f
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/1f19461f
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/1f19461f
Branch: refs/heads/branch-feature-AMBARI-20859
Commit: 1f19461f10a2c54d3ed81efedc3f9d3d64397700
Parents: 8cdf232
Author: Mugdha Varadkar <mu...@apache.org>
Authored: Mon Jun 12 14:53:45 2017 +0530
Committer: Mugdha Varadkar <mu...@apache.org>
Committed: Tue Jun 13 10:18:23 2017 +0530
----------------------------------------------------------------------
.../libraries/providers/modify_properties_file.py | 9 +++++++--
.../RANGER/0.4.0/package/scripts/ranger_admin.py | 11 ++++++++++-
.../RANGER/0.4.0/package/scripts/setup_ranger_xml.py | 13 +++++++++++++
.../RANGER_KMS/0.5.0.2.3/package/scripts/kms.py | 8 ++++++++
.../RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py | 10 +++++++++-
.../test/python/stacks/2.2/RANGER/test_ranger_admin.py | 8 ++++++++
.../test/python/stacks/2.5/RANGER/test_ranger_admin.py | 10 ++++++++++
.../python/stacks/2.5/RANGER_KMS/test_kms_server.py | 10 ++++++++++
.../test/python/stacks/2.6/RANGER/test_ranger_admin.py | 10 ++++++++++
9 files changed, 85 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-common/src/main/python/resource_management/libraries/providers/modify_properties_file.py
----------------------------------------------------------------------
diff --git a/ambari-common/src/main/python/resource_management/libraries/providers/modify_properties_file.py b/ambari-common/src/main/python/resource_management/libraries/providers/modify_properties_file.py
index 53d7d2f..f45f27d 100644
--- a/ambari-common/src/main/python/resource_management/libraries/providers/modify_properties_file.py
+++ b/ambari-common/src/main/python/resource_management/libraries/providers/modify_properties_file.py
@@ -37,6 +37,7 @@ class ModifyPropertiesFileProvider(Provider):
properties = self.resource.properties
unsaved_values = properties.keys()
new_content_lines = []
+ final_content_lines = ""
if sudo.path_isfile(filename):
file_content = sudo.read_file(filename, encoding=self.resource.encoding)
@@ -62,9 +63,13 @@ class ModifyPropertiesFileProvider(Provider):
value = InlineTemplate(unicode(properties[property_name])).get_content()
line = u"{0}{1}{2}".format(unicode(property_name), delimiter, value)
new_content_lines.append(line)
-
+
+ final_content_lines = u"\n".join(new_content_lines)
+ if not final_content_lines.endswith("\n"):
+ final_content_lines = final_content_lines + "\n"
+
File (filename,
- content = u"\n".join(new_content_lines) + "\n",
+ content = final_content_lines,
owner = self.resource.owner,
group = self.resource.group,
mode = self.resource.mode,
http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py
index b849d58..ecbacbf 100644
--- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py
@@ -29,7 +29,7 @@ from resource_management.libraries.functions.format import format
from resource_management.core.logger import Logger
from resource_management.core import shell
from ranger_service import ranger_service
-from setup_ranger_xml import setup_ranger_audit_solr, setup_ranger_admin_passwd_change
+from setup_ranger_xml import setup_ranger_audit_solr, setup_ranger_admin_passwd_change, update_password_configs
from resource_management.libraries.functions import solr_cloud_util
from ambari_commons.constants import UPGRADE_TYPE_NON_ROLLING, UPGRADE_TYPE_ROLLING
from resource_management.libraries.functions.constants import Direction
@@ -45,6 +45,14 @@ class RangerAdmin(Script):
self.install_packages(env)
import params
env.set_params(params)
+
+ # taking backup of install.properties file
+ Execute(('cp', '-f', format('{ranger_home}/install.properties'), format('{ranger_home}/install-backup.properties')),
+ not_if = format('ls {ranger_home}/install-backup.properties'),
+ only_if = format('ls {ranger_home}/install.properties'),
+ sudo = True
+ )
+
# call config and setup db only in case of HDP version < 2.6
if not params.stack_supports_ranger_setup_db_on_start:
self.configure(env, setup_db=True)
@@ -92,6 +100,7 @@ class RangerAdmin(Script):
solr_cloud_util.setup_solr_client(params.config, custom_log4j = params.custom_log4j)
setup_ranger_audit_solr()
+ update_password_configs()
ranger_service('ranger_admin')
http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
index 26e6578..85eb796 100644
--- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
@@ -851,3 +851,16 @@ def setup_tagsync_ssl_configs():
mode = 0640
)
Logger.info("Configuring tagsync-ssl configurations done successfully.")
+
+def update_password_configs():
+ import params
+
+ password_configs = {'db_root_password': '_', 'db_password': '_'}
+
+ if params.stack_supports_ranger_audit_db:
+ password_configs['audit_db_password'] = '_'
+
+ ModifyPropertiesFile(format("{ranger_home}/install.properties"),
+ properties = password_configs,
+ owner = params.unix_user,
+ )
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
index 5a25b92..bbc438b 100755
--- a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
+++ b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
@@ -675,3 +675,11 @@ def check_ranger_service_support_kerberos(user, keytab, principal):
else:
Logger.error('Ranger service is not reachable')
return False
+
+def update_password_configs():
+ import params
+
+ ModifyPropertiesFile(format("{kms_home}/install.properties"),
+ properties = {'db_root_password': '_', 'db_password': '_', 'KMS_MASTER_KEY_PASSWD': '_', 'REPOSITORY_CONFIG_PASSWORD': '_'},
+ owner = params.kms_user,
+ )
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py
index 44d61da..829a998 100755
--- a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py
+++ b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py
@@ -27,7 +27,7 @@ from resource_management.libraries.functions.format import format
from resource_management.core.logger import Logger
from resource_management.core import shell
from resource_management.libraries.functions.default import default
-from kms import kms, setup_kms_db, setup_java_patch, enable_kms_plugin, setup_kms_jce
+from kms import kms, setup_kms_db, setup_java_patch, enable_kms_plugin, setup_kms_jce, update_password_configs
from kms_service import kms_service
import upgrade
@@ -41,6 +41,13 @@ class KmsServer(Script):
import params
env.set_params(params)
+ # taking backup of install.properties file
+ Execute(('cp', '-f', format('{kms_home}/install.properties'), format('{kms_home}/install-backup.properties')),
+ not_if = format('ls {kms_home}/install-backup.properties'),
+ only_if = format('ls {kms_home}/install.properties'),
+ sudo = True
+ )
+
setup_kms_db()
self.configure(env)
setup_java_patch()
@@ -62,6 +69,7 @@ class KmsServer(Script):
self.configure(env)
enable_kms_plugin()
setup_kms_jce()
+ update_password_configs()
kms_service(action = 'start', upgrade_type=upgrade_type)
def status(self, env):
http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py b/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py
index d338c28..961be84 100644
--- a/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py
+++ b/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py
@@ -48,6 +48,10 @@ class TestRangerAdmin(RMFTestCase):
target = RMFTestCase.TARGET_COMMON_SERVICES
)
self.assert_configure_default()
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties',
+ owner = 'ranger',
+ properties = {'db_password': '_', 'db_root_password': '_', 'audit_db_password': '_'}
+ )
self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start',
environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep',
@@ -89,6 +93,10 @@ class TestRangerAdmin(RMFTestCase):
target = RMFTestCase.TARGET_COMMON_SERVICES
)
self.assert_configure_secured()
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties',
+ owner = 'ranger',
+ properties = {'db_password': '_', 'db_root_password': '_', 'audit_db_password': '_'}
+ )
self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start',
environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep',
http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/test/python/stacks/2.5/RANGER/test_ranger_admin.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.5/RANGER/test_ranger_admin.py b/ambari-server/src/test/python/stacks/2.5/RANGER/test_ranger_admin.py
index 8f2bd2e..9ba1275 100644
--- a/ambari-server/src/test/python/stacks/2.5/RANGER/test_ranger_admin.py
+++ b/ambari-server/src/test/python/stacks/2.5/RANGER/test_ranger_admin.py
@@ -83,6 +83,11 @@ class TestRangerAdmin(RMFTestCase):
self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/infra-solr --create-collection --collection ranger_audits --config-set ranger_audits --shards 1 --replication 1 --max-shards 1 --retry 5 --interval 10')
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties',
+ owner = 'ranger',
+ properties = {'db_password': '_', 'db_root_password': '_'}
+ )
+
self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start',
environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep',
@@ -178,6 +183,11 @@ class TestRangerAdmin(RMFTestCase):
self.assertResourceCalled('Execute','ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /ambari-solr/configs/ranger_audits --secure-znode --jaas-file /usr/hdp/current/ranger-admin/conf/ranger_solr_jaas.conf --sasl-users rangeradmin,infra-solr --retry 5 --interval 10')
self.assertResourceCalled('Execute', 'ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /ambari-solr/collections/ranger_audits --secure-znode --jaas-file /usr/hdp/current/ranger-admin/conf/ranger_solr_jaas.conf --sasl-users rangeradmin,infra-solr --retry 5 --interval 10')
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties',
+ owner = 'ranger',
+ properties = {'db_password': '_', 'db_root_password': '_'}
+ )
+
self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start',
environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep',
http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/test/python/stacks/2.5/RANGER_KMS/test_kms_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.5/RANGER_KMS/test_kms_server.py b/ambari-server/src/test/python/stacks/2.5/RANGER_KMS/test_kms_server.py
index f6f0af3..7ebe2f5 100644
--- a/ambari-server/src/test/python/stacks/2.5/RANGER_KMS/test_kms_server.py
+++ b/ambari-server/src/test/python/stacks/2.5/RANGER_KMS/test_kms_server.py
@@ -236,6 +236,11 @@ class TestRangerKMS(RMFTestCase):
sudo=True
)
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-kms/install.properties',
+ owner = 'kms',
+ properties = {'db_password': '_', 'KMS_MASTER_KEY_PASSWD': '_', 'REPOSITORY_CONFIG_PASSWORD': '_', 'db_root_password': '_'}
+ )
+
self.assertResourceCalled('Execute', '/usr/hdp/current/ranger-kms/ranger-kms start',
environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
not_if = 'ps -ef | grep proc_rangerkms | grep -v grep',
@@ -671,6 +676,11 @@ class TestRangerKMS(RMFTestCase):
sudo=True
)
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-kms/install.properties',
+ owner = 'kms',
+ properties = {'db_password': '_', 'KMS_MASTER_KEY_PASSWD': '_', 'REPOSITORY_CONFIG_PASSWORD': '_', 'db_root_password': '_'}
+ )
+
self.assertResourceCalled('Execute', '/usr/hdp/current/ranger-kms/ranger-kms start',
environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
not_if = 'ps -ef | grep proc_rangerkms | grep -v grep',
http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py b/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py
index 9167017..e8bacbd 100644
--- a/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py
+++ b/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py
@@ -86,6 +86,11 @@ class TestRangerAdmin(RMFTestCase):
create_parents=True)
self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/infra-solr --create-collection --collection ranger_audits --config-set ranger_audits --shards 1 --replication 1 --max-shards 1 --retry 5 --interval 10')
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties',
+ owner = 'ranger',
+ properties = {'db_password': '_', 'db_root_password': '_'}
+ )
+
self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start',
environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep',
@@ -167,6 +172,11 @@ class TestRangerAdmin(RMFTestCase):
self.assertResourceCalled('Execute','ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /infra-solr/configs/ranger_audits --secure-znode --jaas-file /usr/hdp/current/ranger-admin/conf/ranger_solr_jaas.conf --sasl-users rangeradmin,infra-solr --retry 5 --interval 10')
self.assertResourceCalled('Execute', 'ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /infra-solr/collections/ranger_audits --secure-znode --jaas-file /usr/hdp/current/ranger-admin/conf/ranger_solr_jaas.conf --sasl-users rangeradmin,infra-solr --retry 5 --interval 10')
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties',
+ owner = 'ranger',
+ properties = {'db_password': '_', 'db_root_password': '_'}
+ )
+
self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start',
environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep',