You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2015/04/21 03:33:59 UTC
[jira] [Updated] (AMBARI-10576) Add the ability to obtain details
about required Kerberos identities
[ https://issues.apache.org/jira/browse/AMBARI-10576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Levas updated AMBARI-10576:
----------------------------------
Description:
Add the ability to obtain details about required Kerberos identities for the cluster. These details should be obtained using a REST API call formatted as a JSON structure.
Resulting JSON block per Kerberos identity:
{code}
"KerberosIdentity" : {
"cluster_name" : "BUG10576",
"description" : "/smokeuser",
"host_name" : "levas-10576-1.c.pramod-thangali.internal",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : "false",
"keytab_file_owner" : "ambari-qa",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
"principal_local_username" : "ambari-qa",
"principal_name" : "ambari-qa@EXAMPLE.COM",
"principal_type" : "USER"
}
{code}
Ideally at some point, the data will be converted into CSV-formatted data as follows:
||host||description||principal||keytab file name||keytab file base path||keytab file owner||keytab file group||keytab file mode||
|host1|Ambari Smoke Test User|ambari-qa@EXAMPLE.COM|smokeuser.headless.keytab|/etc/security/keytabs|ambari-qa|hadoop|440|
|host1|HDFS User|hdfs@EXAMPLE.COM|hdfs.headless.keytab|/etc/security/keytabs|hdfs|hadoop|440|
|host1|HDFS SPNEGO User|HTTP/host1@EXAMPLE.COM|spnego.service.keytab|/etc/security/keytabs|root|hadoop|440|
|host1|HDFS SPNEGO User|HTTP/host1@EXAMPLE.COM|spnego.service.keytab|/etc/security/keytabs|root|hadoop|440|
|host1|DataNode|dn/host1@EXAMPLE.COM|dn.service.keytab|/etc/security/keytabs|hdfs|hadoop|400|
|host1|NameNode|nn/host1@EXAMPLE.COM|nn.service.keytab|/etc/security/keytabs|hdfs|hadoop|400|
|host1|ZooKeeper Server|zookeeper/host1@EXAMPLE.COM|zk.service.keytab|/etc/security/keytabs|zookeeper|hadoop|400|
*Solution*
The following API calls are to be used to obtain the data:
{code:title=GET /api/v1/clusters/c1/hosts?fields=kerberos_identities/*}
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts?fields=kerberos_identities/*",
"items" : [
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1",
"Hosts" : {
"cluster_name" : "c1",
"host_name" : "host1"
},
"kerberos_identities" : [
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/HTTP%2Fhost1%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "root",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
"principal_local_username" : null,
"principal_name" : "HTTP/host1@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/ambari-qa%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "ambari-qa",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
"principal_local_username" : "ambari-qa",
"principal_name" : "ambari-qa@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/dn%2Fhost1%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "dn/host1@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/hdfs%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "hdfs@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/nn%2Fhost1%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/nn.service.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "nn/host1@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/zookeeper%2Fhost1%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "zookeeper",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
"principal_local_username" : null,
"principal_name" : "zookeeper/host1@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
}
]
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2",
"Hosts" : {
"cluster_name" : "c1",
"host_name" : "host2"
},
"kerberos_identities" : [
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/HTTP%2Fhost2%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "root",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
"principal_local_username" : null,
"principal_name" : "HTTP/host2@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/ambari-qa%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "ambari-qa",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
"principal_local_username" : "ambari-qa",
"principal_name" : "ambari-qa@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/dn%2Fhost2%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "dn/host2@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/hdfs%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "hdfs@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/nn%2Fhost2%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/nn.service.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "nn/host2@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/zookeeper%2Fhost2%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "zookeeper",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
"principal_local_username" : null,
"principal_name" : "zookeeper/host2@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
}
]
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3",
"Hosts" : {
"cluster_name" : "c1",
"host_name" : "host3"
},
"kerberos_identities" : [
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3/kerberos_identities/HTTP%2Fhost3%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host3",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "root",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
"principal_local_username" : null,
"principal_name" : "HTTP/host3@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3/kerberos_identities/ambari-qa%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host3",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "ambari-qa",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
"principal_local_username" : "ambari-qa",
"principal_name" : "ambari-qa@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3/kerberos_identities/dn%2Fhost3%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host3",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "dn/host3@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3/kerberos_identities/hdfs%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host3",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "hdfs@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3/kerberos_identities/zookeeper%2Fhost3%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host3",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "zookeeper",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
"principal_local_username" : null,
"principal_name" : "zookeeper/host3@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
}
]
}
]
}
{code}
{code:title=GET /api/v1/clusters/c1/kerberos_identities?fields=*}
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities?fields=*",
"items" : [
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/HTTP%2Fhost1%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "root",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
"principal_local_username" : null,
"principal_name" : "HTTP/host1@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/ambari-qa%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "ambari-qa",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
"principal_local_username" : "ambari-qa",
"principal_name" : "ambari-qa@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/dn%2Fhost1%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "dn/host1@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/hdfs%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "hdfs@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/nn%2Fhost1%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/nn.service.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "nn/host1@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/zookeeper%2Fhost1%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host1",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "zookeeper",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
"principal_local_username" : null,
"principal_name" : "zookeeper/host1@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/HTTP%2Fhost2%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "root",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
"principal_local_username" : null,
"principal_name" : "HTTP/host2@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/ambari-qa%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "ambari-qa",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
"principal_local_username" : "ambari-qa",
"principal_name" : "ambari-qa@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/dn%2Fhost2%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "dn/host2@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/hdfs%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "hdfs@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/nn%2Fhost2%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/nn.service.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "nn/host2@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/zookeeper%2Fhost2%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host2",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "zookeeper",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
"principal_local_username" : null,
"principal_name" : "zookeeper/host2@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/HTTP%2Fhost3%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host3",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "root",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
"principal_local_username" : null,
"principal_name" : "HTTP/host3@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/ambari-qa%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host3",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "ambari-qa",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
"principal_local_username" : "ambari-qa",
"principal_name" : "ambari-qa@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/dn%2Fhost3%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host3",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "dn/host3@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/hdfs%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host3",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "r",
"keytab_file_installed" : false,
"keytab_file_owner" : "hdfs",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
"principal_local_username" : "hdfs",
"principal_name" : "hdfs@EXAMPLE.COM",
"principal_type" : "USER"
}
},
{
"href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/zookeeper%2Fhost3%40EXAMPLE.COM",
"KerberosIdentity" : {
"cluster_name" : "c1",
"description" : "some description",
"host_name" : "host3",
"keytab_file_group" : "hadoop",
"keytab_file_group_access" : "",
"keytab_file_installed" : false,
"keytab_file_owner" : "zookeeper",
"keytab_file_owner_access" : "r",
"keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
"principal_local_username" : null,
"principal_name" : "zookeeper/host3@EXAMPLE.COM",
"principal_type" : "SERVICE"
}
}
]
}
{code}
was:
Add the ability to obtain details about required Kerberos identities for the cluster. These details should be obtained using a REST API call formatted as a JSON structure.
JSON structure TBD.
Ideally at some point, the data will be converted into CSV-formatted data as follows:
||host||description||principal||keytab file name||keytab file base path||keytab file owner||keytab file group||keytab file mode||
|host1|Ambari Smoke Test User|ambari-qa@EXAMPLE.COM|smokeuser.headless.keytab|/etc/security/keytabs|ambari-qa|hadoop|440|
|host1|HDFS User|hdfs@EXAMPLE.COM|hdfs.headless.keytab|/etc/security/keytabs|hdfs|hadoop|440|
|host1|HDFS SPNEGO User|HTTP/host1@EXAMPLE.COM|spnego.service.keytab|/etc/security/keytabs|root|hadoop|440|
|host1|HDFS SPNEGO User|HTTP/host1@EXAMPLE.COM|spnego.service.keytab|/etc/security/keytabs|root|hadoop|440|
|host1|DataNode|dn/host1@EXAMPLE.COM|dn.service.keytab|/etc/security/keytabs|hdfs|hadoop|400|
|host1|NameNode|nn/host1@EXAMPLE.COM|nn.service.keytab|/etc/security/keytabs|hdfs|hadoop|400|
|host1|ZooKeeper Server|zookeeper/host1@EXAMPLE.COM|zk.service.keytab|/etc/security/keytabs|zookeeper|hadoop|400|
> Add the ability to obtain details about required Kerberos identities
> --------------------------------------------------------------------
>
> Key: AMBARI-10576
> URL: https://issues.apache.org/jira/browse/AMBARI-10576
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.1.0
> Reporter: Robert Levas
> Assignee: Robert Levas
> Priority: Critical
> Labels: kerberos
> Fix For: 2.1.0
>
>
> Add the ability to obtain details about required Kerberos identities for the cluster. These details should be obtained using a REST API call formatted as a JSON structure.
> Resulting JSON block per Kerberos identity:
> {code}
> "KerberosIdentity" : {
> "cluster_name" : "BUG10576",
> "description" : "/smokeuser",
> "host_name" : "levas-10576-1.c.pramod-thangali.internal",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : "false",
> "keytab_file_owner" : "ambari-qa",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
> "principal_local_username" : "ambari-qa",
> "principal_name" : "ambari-qa@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> {code}
> Ideally at some point, the data will be converted into CSV-formatted data as follows:
> ||host||description||principal||keytab file name||keytab file base path||keytab file owner||keytab file group||keytab file mode||
> |host1|Ambari Smoke Test User|ambari-qa@EXAMPLE.COM|smokeuser.headless.keytab|/etc/security/keytabs|ambari-qa|hadoop|440|
> |host1|HDFS User|hdfs@EXAMPLE.COM|hdfs.headless.keytab|/etc/security/keytabs|hdfs|hadoop|440|
> |host1|HDFS SPNEGO User|HTTP/host1@EXAMPLE.COM|spnego.service.keytab|/etc/security/keytabs|root|hadoop|440|
> |host1|HDFS SPNEGO User|HTTP/host1@EXAMPLE.COM|spnego.service.keytab|/etc/security/keytabs|root|hadoop|440|
> |host1|DataNode|dn/host1@EXAMPLE.COM|dn.service.keytab|/etc/security/keytabs|hdfs|hadoop|400|
> |host1|NameNode|nn/host1@EXAMPLE.COM|nn.service.keytab|/etc/security/keytabs|hdfs|hadoop|400|
> |host1|ZooKeeper Server|zookeeper/host1@EXAMPLE.COM|zk.service.keytab|/etc/security/keytabs|zookeeper|hadoop|400|
> *Solution*
> The following API calls are to be used to obtain the data:
> {code:title=GET /api/v1/clusters/c1/hosts?fields=kerberos_identities/*}
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts?fields=kerberos_identities/*",
> "items" : [
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1",
> "Hosts" : {
> "cluster_name" : "c1",
> "host_name" : "host1"
> },
> "kerberos_identities" : [
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/HTTP%2Fhost1%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "root",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "HTTP/host1@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/ambari-qa%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "ambari-qa",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
> "principal_local_username" : "ambari-qa",
> "principal_name" : "ambari-qa@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/dn%2Fhost1%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "dn/host1@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/hdfs%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "hdfs@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/nn%2Fhost1%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/nn.service.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "nn/host1@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host1/kerberos_identities/zookeeper%2Fhost1%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "zookeeper",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "zookeeper/host1@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> }
> ]
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2",
> "Hosts" : {
> "cluster_name" : "c1",
> "host_name" : "host2"
> },
> "kerberos_identities" : [
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/HTTP%2Fhost2%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "root",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "HTTP/host2@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/ambari-qa%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "ambari-qa",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
> "principal_local_username" : "ambari-qa",
> "principal_name" : "ambari-qa@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/dn%2Fhost2%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "dn/host2@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/hdfs%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "hdfs@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/nn%2Fhost2%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/nn.service.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "nn/host2@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host2/kerberos_identities/zookeeper%2Fhost2%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "zookeeper",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "zookeeper/host2@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> }
> ]
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3",
> "Hosts" : {
> "cluster_name" : "c1",
> "host_name" : "host3"
> },
> "kerberos_identities" : [
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3/kerberos_identities/HTTP%2Fhost3%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host3",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "root",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "HTTP/host3@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3/kerberos_identities/ambari-qa%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host3",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "ambari-qa",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
> "principal_local_username" : "ambari-qa",
> "principal_name" : "ambari-qa@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3/kerberos_identities/dn%2Fhost3%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host3",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "dn/host3@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3/kerberos_identities/hdfs%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host3",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "hdfs@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/hosts/host3/kerberos_identities/zookeeper%2Fhost3%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host3",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "zookeeper",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "zookeeper/host3@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> }
> ]
> }
> ]
> }
> {code}
> {code:title=GET /api/v1/clusters/c1/kerberos_identities?fields=*}
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities?fields=*",
> "items" : [
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/HTTP%2Fhost1%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "root",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "HTTP/host1@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/ambari-qa%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "ambari-qa",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
> "principal_local_username" : "ambari-qa",
> "principal_name" : "ambari-qa@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/dn%2Fhost1%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "dn/host1@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/hdfs%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "hdfs@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/nn%2Fhost1%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/nn.service.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "nn/host1@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/zookeeper%2Fhost1%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host1",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "zookeeper",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "zookeeper/host1@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/HTTP%2Fhost2%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "root",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "HTTP/host2@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/ambari-qa%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "ambari-qa",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
> "principal_local_username" : "ambari-qa",
> "principal_name" : "ambari-qa@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/dn%2Fhost2%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "dn/host2@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/hdfs%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "hdfs@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/nn%2Fhost2%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/nn.service.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "nn/host2@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/zookeeper%2Fhost2%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host2",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "zookeeper",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "zookeeper/host2@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/HTTP%2Fhost3%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host3",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "root",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/spnego.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "HTTP/host3@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/ambari-qa%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host3",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "ambari-qa",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/smokeuser.headless.keytab",
> "principal_local_username" : "ambari-qa",
> "principal_name" : "ambari-qa@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/dn%2Fhost3%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host3",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/dn.service.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "dn/host3@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/hdfs%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host3",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "r",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "hdfs",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/hdfs.headless.keytab",
> "principal_local_username" : "hdfs",
> "principal_name" : "hdfs@EXAMPLE.COM",
> "principal_type" : "USER"
> }
> },
> {
> "href" : "http://ambari:8080/api/v1/clusters/c1/kerberos_identities/zookeeper%2Fhost3%40EXAMPLE.COM",
> "KerberosIdentity" : {
> "cluster_name" : "c1",
> "description" : "some description",
> "host_name" : "host3",
> "keytab_file_group" : "hadoop",
> "keytab_file_group_access" : "",
> "keytab_file_installed" : false,
> "keytab_file_owner" : "zookeeper",
> "keytab_file_owner_access" : "r",
> "keytab_file_path" : "/etc/security/keytabs/zk.service.keytab",
> "principal_local_username" : null,
> "principal_name" : "zookeeper/host3@EXAMPLE.COM",
> "principal_type" : "SERVICE"
> }
> }
> ]
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)