You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Andrew Luo <an...@outlook.com> on 2020/03/06 04:27:13 UTC
Review Request 72204: RANGER-2752: Add corresponding upgrade patch for
RANGER-2550
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72204/
-----------------------------------------------------------
Review request for ranger and Pradeep Agrawal.
Bugs: RANGER-2752
None
Description
-------
Upgrading from 0.7.0 to the current master fails with the following error:
2020-03-04 07:38:00,523 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java -cp /opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c \; -query "insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J10015', current_timestamp, 'Ranger 2.1.0-SNAPSHOT', current_timestamp, '306a9688fa98','N') ;"
Wed Mar 04 07:38:01 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
2020-03-04 07:38:01,164 [I] java patch PatchForKafkaServiceDefUpdate_J10015 is being applied..
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
[EL Warning]: 2020-03-04 07:38:19.282-ClientSession(841450293)-Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of range value for column 'sort_order' at row 1
Error Code: 1264
Call: INSERT INTO x_access_type_def (ADDED_BY_ID, CREATE_TIME, datamask_options, def_id, item_id, label, name, sort_order, rb_key_label, rowfilter_options, UPDATE_TIME, UPD_BY_ID) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
bind => [12 parameters bound]
Query: ValueReadQuery(name="x_access_type_def_SEQ" sql="SELECT LAST_INSERT_ID()")
2020-03-04 07:38:19,406 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java -cp /opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c \; -query "delete from x_db_version_h where version = 'J10015' and active = 'N' and updated_by='306a9688fa98';"
Wed Mar 04 07:38:19 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
2020-03-04 07:38:20,091 [E] applying java patch PatchForKafkaServiceDefUpdate_J10015 failed
This seems to be due to this commit not having corresponding handling (DDL patch) for upgrade scenarios: https://github.com/apache/ranger/commit/2a6dd3d078c52cc1314af581f7b8e6c8cdab933a
Testing
-------
Tested 0.7.0 to 2.1.0 upgrade on MySQL. Unfortunately I don't have 0.7.0 environments for upgrade testing on other DBs but I copied much of the patch syntax from patch 024, which changes the same column for other tables.
Thanks,
Andrew Luo
Re: Review Request 72204: RANGER-2752: Add corresponding upgrade
patch for RANGER-2550
Posted by Andrew Luo <an...@outlook.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72204/#review219811
-----------------------------------------------------------
Oops, forgot to add the patch. Updated review is here: https://reviews.apache.org/r/72205/
- Andrew Luo
On March 6, 2020, 4:27 a.m., Andrew Luo wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72204/
> -----------------------------------------------------------
>
> (Updated March 6, 2020, 4:27 a.m.)
>
>
> Review request for ranger and Pradeep Agrawal.
>
>
> Bugs: RANGER-2752
> None
>
>
> Description
> -------
>
> Upgrading from 0.7.0 to the current master fails with the following error:
>
> 2020-03-04 07:38:00,523 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java -cp /opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c \; -query "insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J10015', current_timestamp, 'Ranger 2.1.0-SNAPSHOT', current_timestamp, '306a9688fa98','N') ;"
> Wed Mar 04 07:38:01 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> 2020-03-04 07:38:01,164 [I] java patch PatchForKafkaServiceDefUpdate_J10015 is being applied..
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> [EL Warning]: 2020-03-04 07:38:19.282-ClientSession(841450293)-Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd): org.eclipse.persistence.exceptions.DatabaseException
> Internal Exception: com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of range value for column 'sort_order' at row 1
> Error Code: 1264
> Call: INSERT INTO x_access_type_def (ADDED_BY_ID, CREATE_TIME, datamask_options, def_id, item_id, label, name, sort_order, rb_key_label, rowfilter_options, UPDATE_TIME, UPD_BY_ID) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
> bind => [12 parameters bound]
> Query: ValueReadQuery(name="x_access_type_def_SEQ" sql="SELECT LAST_INSERT_ID()")
> 2020-03-04 07:38:19,406 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java -cp /opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c \; -query "delete from x_db_version_h where version = 'J10015' and active = 'N' and updated_by='306a9688fa98';"
> Wed Mar 04 07:38:19 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> 2020-03-04 07:38:20,091 [E] applying java patch PatchForKafkaServiceDefUpdate_J10015 failed
>
> This seems to be due to this commit not having corresponding handling (DDL patch) for upgrade scenarios: https://github.com/apache/ranger/commit/2a6dd3d078c52cc1314af581f7b8e6c8cdab933a
>
>
> Testing
> -------
>
> Tested 0.7.0 to 2.1.0 upgrade on MySQL. Unfortunately I don't have 0.7.0 environments for upgrade testing on other DBs but I copied much of the patch syntax from patch 024, which changes the same column for other tables.
>
>
> Thanks,
>
> Andrew Luo
>
>