You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by jo...@apache.org on 2017/05/12 14:36:40 UTC
[01/26] ambari git commit: AMBARI-20979. Outstanding Alerts UI issues
(akovalenko)
Repository: ambari
Updated Branches:
refs/heads/branch-feature-AMBARI-12556 7b0ccdae5 -> 87e8bdf1a
AMBARI-20979. Outstanding Alerts UI issues (akovalenko)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/4595f00b
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/4595f00b
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/4595f00b
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 4595f00b0ec6bfd86eb8270d3af2f6876080a84f
Parents: 80ef772
Author: Aleksandr Kovalenko <ak...@hortonworks.com>
Authored: Wed May 10 16:49:25 2017 +0300
Committer: Aleksandr Kovalenko <ak...@hortonworks.com>
Committed: Wed May 10 16:49:25 2017 +0300
----------------------------------------------------------------------
.../app/controllers/main/service/info/summary.js | 2 +-
ambari-web/app/styles/alerts.less | 19 +++++++++++++++++--
ambari-web/app/styles/top-nav.less | 2 +-
ambari-web/app/templates/main/alerts.hbs | 16 ++++++++--------
4 files changed, 27 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/4595f00b/ambari-web/app/controllers/main/service/info/summary.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/controllers/main/service/info/summary.js b/ambari-web/app/controllers/main/service/info/summary.js
index 1554c61..d7fff18 100644
--- a/ambari-web/app/controllers/main/service/info/summary.js
+++ b/ambari-web/app/controllers/main/service/info/summary.js
@@ -369,7 +369,7 @@ App.MainServiceInfoSummaryController = Em.Controller.extend(App.WidgetSectionMix
return App.ModalPopup.show({
header: Em.I18n.t('services.service.summary.alerts.popup.header').format(context.get('displayName')),
autoHeight: false,
- classNames: ['sixty-percent-width-modal'],
+ classNames: ['sixty-percent-width-modal', 'service-alerts-popup'],
bodyClass: Em.View.extend({
templateName: require('templates/main/service/info/service_alert_popup'),
classNames: ['service-alerts'],
http://git-wip-us.apache.org/repos/asf/ambari/blob/4595f00b/ambari-web/app/styles/alerts.less
----------------------------------------------------------------------
diff --git a/ambari-web/app/styles/alerts.less b/ambari-web/app/styles/alerts.less
index 5134daf..e4b21a7 100644
--- a/ambari-web/app/styles/alerts.less
+++ b/ambari-web/app/styles/alerts.less
@@ -104,14 +104,14 @@
.col0,
td:first-child,
th:first-child {
- width: 35%;
+ width: 15%;
}
.col1,
td:first-child + td,
th:first-child + th {
- width: 15%;
+ width: 35%;
}
.col2,
@@ -388,6 +388,21 @@
padding-right: 5px;
min-width: 20px;
}
+ .row {
+ margin-left: 0;
+ margin-right: 0;
+ }
+ }
+}
+
+.service-alerts-popup {
+ .modal {
+ .modal-content {
+ .modal-body {
+ padding-left: 0;
+ padding-right: 0;
+ }
+ }
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/4595f00b/ambari-web/app/styles/top-nav.less
----------------------------------------------------------------------
diff --git a/ambari-web/app/styles/top-nav.less b/ambari-web/app/styles/top-nav.less
index 4ba11e5..2fd7db0 100644
--- a/ambari-web/app/styles/top-nav.less
+++ b/ambari-web/app/styles/top-nav.less
@@ -66,7 +66,7 @@
border-radius: 50%;
min-width: 20px;
height: 20px;
- padding: 0px 0px;
+ padding: 0 4px;
color: @top-nav-ops-count-color;
background-color: @top-nav-ops-count-bg-color;
text-align: center;
http://git-wip-us.apache.org/repos/asf/ambari/blob/4595f00b/ambari-web/app/templates/main/alerts.hbs
----------------------------------------------------------------------
diff --git a/ambari-web/app/templates/main/alerts.hbs b/ambari-web/app/templates/main/alerts.hbs
index a8cc513..40469d3 100644
--- a/ambari-web/app/templates/main/alerts.hbs
+++ b/ambari-web/app/templates/main/alerts.hbs
@@ -33,15 +33,15 @@
<table class="table advanced-header-table table-hover alerts-table" id="alert-definitions-table">
<thead>
{{#view view.sortView classNames="label-row" contentBinding="view.filteredContent"}}
- {{view view.parentView.nameSort class="first name-sorting"}}
- {{view view.parentView.statusSort class="status-sorting"}}
+ {{view view.parentView.statusSort class="first status-sorting"}}
+ {{view view.parentView.nameSort class="name-sorting"}}
{{view view.parentView.serviceSort class="service-sorting"}}
{{view view.parentView.lastTriggeredSort class="last-triggred-sorting"}}
{{view view.parentView.enabledSort class="enabled-sorting"}}
{{/view}}
<tr class="filter-row">
- <th class="first">{{view view.nameFilterView class="name-filter"}}</th>
- <th>{{view view.stateFilterView class="status-filter"}}</th>
+ <th class="first">{{view view.stateFilterView class="status-filter"}}</th>
+ <th>{{view view.nameFilterView class="name-filter"}}</th>
<th>{{view view.serviceFilterView class="service-filter"}}</th>
<th>{{view view.triggeredFilterView class="last-triggered-filter"}}</th>
<th>{{view view.enabledFilterView class="enabled-filter"}}</th>
@@ -52,13 +52,13 @@
{{#if view.pageContent}}
{{#each alertDefinition in view.pageContent}}
<tr>
- <td class="first alert-name">
+ <td class="first alert-status">
+ {{view App.AlertDefinitionSummary contentBinding="alertDefinition"}}
+ </td>
+ <td class="alert-name">
<span {{bindAttr title="alertDefinition.type"}} {{bindAttr class=":type-icon alertDefinition.typeIconClass"}}></span>
<a href="#" {{action "gotoAlertDetails" alertDefinition}}>{{alertDefinition.label}}</a>
</td>
- <td class="alert-status">
- {{view App.AlertDefinitionSummary contentBinding="alertDefinition"}}
- </td>
<td class="alert-service">{{alertDefinition.serviceDisplayName}}</td>
<td class="alert-time">
<time class="timeago" {{bindAttr data-original-title="alertDefinition.lastTriggeredFormatted"}}>{{alertDefinition.lastTriggeredAgoFormatted}}</time>
[13/26] ambari git commit: AMBARI-20999. More updates to llap configs
for hdp stack (Siddharth via smohanty)
Posted by jo...@apache.org.
AMBARI-20999. More updates to llap configs for hdp stack (Siddharth via smohanty)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/f7e9af87
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/f7e9af87
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/f7e9af87
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: f7e9af87c75d8641a96b8b097b7b44f0a9f13538
Parents: 023c819
Author: Sumit Mohanty <sm...@hortonworks.com>
Authored: Thu May 11 17:03:27 2017 -0700
Committer: Sumit Mohanty <sm...@hortonworks.com>
Committed: Thu May 11 17:10:35 2017 -0700
----------------------------------------------------------------------
.../server/upgrade/UpgradeCatalog250.java | 72 --------------------
.../stacks/HDP/2.5/upgrades/config-upgrade.xml | 15 ++++
.../HDP/2.5/upgrades/nonrolling-upgrade-2.6.xml | 12 ++++
.../stacks/HDP/2.5/upgrades/upgrade-2.6.xml | 2 +
.../configuration/hive-interactive-site.xml | 11 ++-
.../HIVE/configuration/tez-interactive-site.xml | 13 ++++
.../server/upgrade/UpgradeCatalog250Test.java | 23 +------
7 files changed, 52 insertions(+), 96 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/f7e9af87/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog250.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog250.java b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog250.java
index 058acb2..1740e25 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog250.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog250.java
@@ -200,7 +200,6 @@ public class UpgradeCatalog250 extends AbstractUpgradeCatalog {
updateHadoopEnvConfigs();
updateKafkaConfigs();
updateHIVEInteractiveConfigs();
- updateHiveLlapConfigs();
unInstallAllZeppelinViews();
updateZeppelinConfigs();
updateAtlasConfigs();
@@ -495,56 +494,6 @@ public class UpgradeCatalog250 extends AbstractUpgradeCatalog {
}
}
- protected void updateHiveLlapConfigs() throws AmbariException {
- AmbariManagementController ambariManagementController = injector.getInstance(AmbariManagementController.class);
- Clusters clusters = ambariManagementController.getClusters();
-
- if (clusters != null) {
- Map<String, Cluster> clusterMap = clusters.getClusters();
-
- if (clusterMap != null && !clusterMap.isEmpty()) {
- for (final Cluster cluster : clusterMap.values()) {
- Set<String> installedServices = cluster.getServices().keySet();
-
- if (installedServices.contains("HIVE")) {
- Config hiveSite = cluster.getDesiredConfigByType(HIVE_INTERACTIVE_SITE);
- if (hiveSite != null) {
- Map<String, String> hiveSiteProperties = hiveSite.getProperties();
- String schedulerDelay = hiveSiteProperties.get("hive.llap.task.scheduler.locality.delay");
- if (schedulerDelay != null) {
- // Property exists. Change to new default if set to -1.
- if (schedulerDelay.length() != 0) {
- try {
- int schedulerDelayInt = Integer.parseInt(schedulerDelay);
- if (schedulerDelayInt == -1) {
- // Old default. Set to new default.
- updateConfigurationProperties(HIVE_INTERACTIVE_SITE, Collections
- .singletonMap("hive.llap.task.scheduler.locality.delay", "8000"), true,
- false);
- }
- } catch (NumberFormatException e) {
- // Invalid existing value. Set to new default.
- updateConfigurationProperties(HIVE_INTERACTIVE_SITE, Collections
- .singletonMap("hive.llap.task.scheduler.locality.delay", "8000"), true,
- false);
- }
- }
- }
- updateConfigurationProperties(HIVE_INTERACTIVE_SITE,
- Collections.singletonMap("hive.mapjoin.hybridgrace.hashtable", "true"), true,
- false);
- updateConfigurationProperties("tez-interactive-site",
- Collections.singletonMap("tez.session.am.dag.submit.timeout.secs", "1209600"), true,
- false);
- // Explicitly skipping hive.llap.allow.permanent.fns during upgrades, since it's related to security,
- // and we don't know if the value is set by the user or as a result of the previous default.
- }
- }
- }
- }
- }
- }
-
protected void updateAMSConfigs() throws AmbariException {
AmbariManagementController ambariManagementController = injector.getInstance(AmbariManagementController.class);
Clusters clusters = ambariManagementController.getClusters();
@@ -1050,7 +999,6 @@ public class UpgradeCatalog250 extends AbstractUpgradeCatalog {
*
* @throws AmbariException
*/
- private static final String HIVE_INTERACTIVE_SITE = "hive-interactive-site";
private static final String HIVE_INTERACTIVE_ENV = "hive-interactive-env";
private static final String HIVE_ENV = "hive-env";
protected void updateHIVEInteractiveConfigs() throws AmbariException {
@@ -1061,26 +1009,6 @@ public class UpgradeCatalog250 extends AbstractUpgradeCatalog {
if (clusterMap != null && !clusterMap.isEmpty()) {
for (final Cluster cluster : clusterMap.values()) {
- Config hiveInteractiveSite = cluster.getDesiredConfigByType(HIVE_INTERACTIVE_SITE);
- if (hiveInteractiveSite != null) {
- Map<String, String> newProperties = new HashMap<>();
- newProperties.put("hive.auto.convert.join.noconditionaltask.size", "1000000000");
-
- String llapRpcPortString = hiveInteractiveSite.getProperties().get("hive.llap.daemon.rpc.port");
- if (StringUtils.isNotBlank(llapRpcPortString)) {
- try {
- int llapRpcPort = Integer.parseInt(llapRpcPortString);
- if (llapRpcPort == 15001) {
- newProperties.put("hive.llap.daemon.rpc.port", "0");
- LOG.info("Updating HSI hive.llap.daemon.rpc.port to: 0");
- }
- } catch (NumberFormatException e) {
- LOG.warn("Unable to parse llap.rpc.port as integer: " + llapRpcPortString);
- }
- }
- updateConfigurationProperties(HIVE_INTERACTIVE_SITE, newProperties, true, true);
- }
-
Config hiveInteractiveEnv = cluster.getDesiredConfigByType(HIVE_INTERACTIVE_ENV);
Config hiveEnv = cluster.getDesiredConfigByType(HIVE_ENV);
if (hiveInteractiveEnv != null) {
http://git-wip-us.apache.org/repos/asf/ambari/blob/f7e9af87/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/config-upgrade.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/config-upgrade.xml b/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/config-upgrade.xml
index 559d8dc..045ed5a 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/config-upgrade.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/config-upgrade.xml
@@ -480,6 +480,21 @@
<set key="hive.vectorized.groupby.maxentries" value="1000000"/>
</definition>
+ <definition xsi:type="configure" id="llap_update_settings" summary="Update additional LLAP settings">
+ <type>hive-interactive-site</type>
+ <set key="hive.llap.task.scheduler.locality.delay" value="-1"/>
+ <set key="hive.mapjoin.hybridgrace.hashtable" value="false"/>
+ <set key="hive.merge.nway.joins" value="false"/>
+ <set key="hive.llap.daemon.rpc.port" value="0"/>
+ </definition>
+
+ <definition xsi:type="configure" id="llap_update_tez_settings" summary="Update additional LLAP-Tez settings">
+ <type>tez-interactive-site</type>
+ <set key="tez.runtime.shuffle.keep-alive.enabled" value="true"/>
+ <set key="tez.am.am-rm.heartbeat.interval-ms.max" value="30000"/>
+ <set key="tez.session.am.dag.submit.timeout.secs" value="1209600"/>
+ </definition>
+
<definition xsi:type="configure" id="hdp_2_6_0_0_copy_hive_tez_container_size_to_hiveInteractive">
<type>hive-interactive-site</type>
<transfer operation="copy" from-type="hive-site" from-key="hive.tez.container.size" to-key="hive.tez.container.size" default-value="682" if-type="hive-interactive-site" if-key="hive.tez.container.size" if-key-state="absent"/>
http://git-wip-us.apache.org/repos/asf/ambari/blob/f7e9af87/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/nonrolling-upgrade-2.6.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/nonrolling-upgrade-2.6.xml b/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/nonrolling-upgrade-2.6.xml
index 25a8568..8c659ee 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/nonrolling-upgrade-2.6.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/nonrolling-upgrade-2.6.xml
@@ -562,6 +562,18 @@
</task>
</execute-stage>
+ <execute-stage service="HIVE" component="HIVE_SERVER_INTERACTIVE" title="Update additional LLAP settings">
+ <task xsi:type="configure" id="llap_update_settings">
+ <summary>Update additional LLAP settings</summary>
+ </task>
+ </execute-stage>
+
+ <execute-stage service="HIVE" component="HIVE_SERVER_INTERACTIVE" title="Update additional LLAP-Tez settings">
+ <task xsi:type="configure" id="llap_update_tez_settings">
+ <summary>Update additional LLAP-Tez settings</summary>
+ </task>
+ </execute-stage>
+
<execute-stage service="HIVE" component="HIVE_SERVER_INTERACTIVE" title="Update JVM stack size for LLAP">
<task xsi:type="configure" id="llap_append_stack_size_java_opts">
<summary>Updating JVM stack size for LLAP</summary>
http://git-wip-us.apache.org/repos/asf/ambari/blob/f7e9af87/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/upgrade-2.6.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/upgrade-2.6.xml b/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/upgrade-2.6.xml
index 0470b7a..3054ca3 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/upgrade-2.6.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/upgrade-2.6.xml
@@ -845,6 +845,8 @@
<task xsi:type="configure" id="llap_update_hashaggregation"/>
<task xsi:type="configure" id="llap_append_stack_size_java_opts"/>
<task xsi:type="configure" id="llap_update_shuffle_parallel_copies"/>
+ <task xsi:type="configure" id="llap_update_settings"/>
+ <task xsi:type="configure" id="llap_update_tez_settings"/>
</pre-upgrade>
<pre-downgrade />
http://git-wip-us.apache.org/repos/asf/ambari/blob/f7e9af87/ambari-server/src/main/resources/stacks/HDP/2.6/services/HIVE/configuration/hive-interactive-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.6/services/HIVE/configuration/hive-interactive-site.xml b/ambari-server/src/main/resources/stacks/HDP/2.6/services/HIVE/configuration/hive-interactive-site.xml
index 0610833..cb4f947 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.6/services/HIVE/configuration/hive-interactive-site.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.6/services/HIVE/configuration/hive-interactive-site.xml
@@ -30,7 +30,7 @@ limitations under the License.
-->
<property>
<name>hive.llap.task.scheduler.locality.delay</name>
- <value>8000</value>
+ <value>-1</value>
<description>
Amount of time to wait (in ms) before allocating a request which contains location information,
to a location other than the ones requested. Set to -1 for an infinite delay, 0
@@ -41,7 +41,7 @@ limitations under the License.
<property>
<name>hive.mapjoin.hybridgrace.hashtable</name>
- <value>true</value>
+ <value>false</value>
<description>Whether to use hybrid grace hash join as the join method for mapjoin.
Applies to dynamically partitioned joins when running in LLAP, but not to regular
broadcast(map) joins. hive.llap.enable.grace.join.in.llap is used for this.
@@ -103,4 +103,11 @@ limitations under the License.
<on-ambari-upgrade add="false"/>
</property>
+ <property>
+ <name>hive.merge.nway.joins</name>
+ <value>false</value>
+ <description>Merge adjacent joins into a single n-way join</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/f7e9af87/ambari-server/src/main/resources/stacks/HDP/2.6/services/HIVE/configuration/tez-interactive-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.6/services/HIVE/configuration/tez-interactive-site.xml b/ambari-server/src/main/resources/stacks/HDP/2.6/services/HIVE/configuration/tez-interactive-site.xml
index ab1202a..09416e3 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.6/services/HIVE/configuration/tez-interactive-site.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.6/services/HIVE/configuration/tez-interactive-site.xml
@@ -102,4 +102,17 @@
</description>
<on-ambari-upgrade add="false"/>
</property>
+ <property>
+ <name>tez.runtime.shuffle.keep-alive.enabled</name>
+ <value>true</value>
+ <description>Connection keep-alive for shuffle</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>tez.am.am-rm.heartbeat.interval-ms.max</name>
+ <value>10000</value>
+ <description>The heartbeat interval between the tez AM and YARN RM</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/f7e9af87/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog250Test.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog250Test.java b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog250Test.java
index b5dc32b..3cb2c47 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog250Test.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog250Test.java
@@ -386,7 +386,6 @@ public class UpgradeCatalog250Test {
Method updateAmsConfigs = UpgradeCatalog250.class.getDeclaredMethod("updateAMSConfigs");
Method updateHadoopEnvConfigs = UpgradeCatalog250.class.getDeclaredMethod("updateHadoopEnvConfigs");
Method updateKafkaConfigs = UpgradeCatalog250.class.getDeclaredMethod("updateKafkaConfigs");
- Method updateHiveLlapConfigs = UpgradeCatalog250.class.getDeclaredMethod("updateHiveLlapConfigs");
Method updateTablesForZeppelinViewRemoval = UpgradeCatalog250.class.getDeclaredMethod("unInstallAllZeppelinViews");
Method updateHIVEInteractiveConfigs = UpgradeCatalog250.class.getDeclaredMethod("updateHIVEInteractiveConfigs");
Method addManageServiceAutoStartPermissions = UpgradeCatalog250.class.getDeclaredMethod("addManageServiceAutoStartPermissions");
@@ -409,7 +408,6 @@ public class UpgradeCatalog250Test {
.addMockedMethod(updateAmsConfigs)
.addMockedMethod(updateHadoopEnvConfigs)
.addMockedMethod(updateKafkaConfigs)
- .addMockedMethod(updateHiveLlapConfigs)
.addMockedMethod(addNewConfigurationsFromXml)
.addMockedMethod(addManageServiceAutoStartPermissions)
.addMockedMethod(addManageAlertNotificationsPermissions)
@@ -444,9 +442,6 @@ public class UpgradeCatalog250Test {
upgradeCatalog250.updateHIVEInteractiveConfigs();
expectLastCall().once();
- upgradeCatalog250.updateHiveLlapConfigs();
- expectLastCall().once();
-
upgradeCatalog250.unInstallAllZeppelinViews();
expectLastCall().once();
@@ -1704,19 +1699,6 @@ public class UpgradeCatalog250Test {
"hive.metastore.heapsize", "512",
"hive_ambari_database", "MySQL");
- Map<String, String> oldHiveIntSite = ImmutableMap.of(
- "hive.llap.daemon.rpc.port", "15001");
-
- Map<String, String> expectedHiveIntSite = ImmutableMap.of(
- "hive.llap.daemon.rpc.port", "0",
- "hive.auto.convert.join.noconditionaltask.size", "1000000000");
-
- Config mockHsiSite = easyMockSupport.createNiceMock(Config.class);
- expect(cluster.getDesiredConfigByType("hive-interactive-site")).andReturn(mockHsiSite).atLeastOnce();
- expect(mockHsiSite.getProperties()).andReturn(oldHiveIntSite).anyTimes();
- Capture<Map<String, String>> hsiSiteCapture = EasyMock.newCapture();
- expect(controller.createConfig(anyObject(Cluster.class), anyString(), capture(hsiSiteCapture), anyString(),
- EasyMock.<Map<String, Map<String, String>>>anyObject())).andReturn(config).once();
Config mockHiveEnv = easyMockSupport.createNiceMock(Config.class);
expect(cluster.getDesiredConfigByType("hive-env")).andReturn(mockHiveEnv).atLeastOnce();
@@ -1731,13 +1713,10 @@ public class UpgradeCatalog250Test {
replay(clusters, cluster);
replay(controller, injector2);
- replay(mockHsiEnv, mockHiveEnv, mockHsiSite);
+ replay(mockHsiEnv, mockHiveEnv);
new UpgradeCatalog250(injector2).updateHIVEInteractiveConfigs();
easyMockSupport.verifyAll();
- Map<String, String> updatedHsiSite = hsiSiteCapture.getValue();
- assertTrue(Maps.difference(expectedHiveIntSite, updatedHsiSite).areEqual());
-
Map<String, String> updatedHsiEnv = hsiEnvCapture.getValue();
assertTrue(Maps.difference(expectedHsiEnv, updatedHsiEnv).areEqual());
}
[11/26] ambari git commit: AMBARI-20992 - HDFS metainfo.xml has the
wrong scope for component dependencies
Posted by jo...@apache.org.
AMBARI-20992 - HDFS metainfo.xml has the wrong scope for component dependencies
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/1d46f23f
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/1d46f23f
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/1d46f23f
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 1d46f23f743bf64a3d086863af02d15aeb36f484
Parents: 7e2dd63
Author: Tim Thorpe <tt...@apache.org>
Authored: Thu May 11 10:27:07 2017 -0700
Committer: Tim Thorpe <tt...@apache.org>
Committed: Thu May 11 10:27:07 2017 -0700
----------------------------------------------------------------------
.../main/resources/common-services/HDFS/2.1.0.2.0/metainfo.xml | 6 +++---
.../main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml | 6 +++---
2 files changed, 6 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/1d46f23f/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/metainfo.xml b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/metainfo.xml
index 3026938..0769ae8 100644
--- a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/metainfo.xml
+++ b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/metainfo.xml
@@ -35,7 +35,7 @@
<dependencies>
<dependency>
<name>HDFS/ZKFC</name>
- <scope>host</scope>
+ <scope>cluster</scope>
<auto-deploy>
<enabled>false</enabled>
</auto-deploy>
@@ -48,7 +48,7 @@
</dependency>
<dependency>
<name>ZOOKEEPER/ZOOKEEPER_SERVER</name>
- <scope>host</scope>
+ <scope>cluster</scope>
<auto-deploy>
<enabled>false</enabled>
</auto-deploy>
@@ -61,7 +61,7 @@
</dependency>
<dependency>
<name>HDFS/JOURNALNODE</name>
- <scope>host</scope>
+ <scope>cluster</scope>
<auto-deploy>
<enabled>false</enabled>
</auto-deploy>
http://git-wip-us.apache.org/repos/asf/ambari/blob/1d46f23f/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml b/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml
index 967c974..0606883 100644
--- a/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml
+++ b/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml
@@ -35,7 +35,7 @@
<dependencies>
<dependency>
<name>HDFS/ZKFC</name>
- <scope>host</scope>
+ <scope>cluster</scope>
<auto-deploy>
<enabled>false</enabled>
</auto-deploy>
@@ -48,7 +48,7 @@
</dependency>
<dependency>
<name>ZOOKEEPER/ZOOKEEPER_SERVER</name>
- <scope>host</scope>
+ <scope>cluster</scope>
<auto-deploy>
<enabled>false</enabled>
</auto-deploy>
@@ -61,7 +61,7 @@
</dependency>
<dependency>
<name>HDFS/JOURNALNODE</name>
- <scope>host</scope>
+ <scope>cluster</scope>
<auto-deploy>
<enabled>false</enabled>
</auto-deploy>
[25/26] ambari git commit: Revert "AMBARI-21002. RU/EU: Restart
Zookeeper step failed (dgrinenko via dlysnichenko)"
Posted by jo...@apache.org.
Revert "AMBARI-21002. RU/EU: Restart Zookeeper step failed (dgrinenko via dlysnichenko)"
This reverts commit 48c9b3402610614603ae9aefa034a08a9a90c75b.
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/8f9786ba
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/8f9786ba
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/8f9786ba
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 8f9786ba77670276d78d76b6a5d7dc2029a67a29
Parents: 48c9b34
Author: Lisnichenko Dmitro <dl...@hortonworks.com>
Authored: Fri May 12 16:56:34 2017 +0300
Committer: Lisnichenko Dmitro <dl...@hortonworks.com>
Committed: Fri May 12 16:56:34 2017 +0300
----------------------------------------------------------------------
.../server/controller/internal/UpgradeResourceProvider.java | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/8f9786ba/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeResourceProvider.java
index c7f7980..623851a 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeResourceProvider.java
@@ -120,7 +120,6 @@ import org.apache.ambari.server.state.stack.upgrade.UpdateStackGrouping;
import org.apache.ambari.server.state.stack.upgrade.UpgradeScope;
import org.apache.ambari.server.state.stack.upgrade.UpgradeType;
import org.apache.ambari.server.state.svccomphost.ServiceComponentHostServerActionEvent;
-import org.apache.ambari.server.utils.StageUtils;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
@@ -819,7 +818,7 @@ public class UpgradeResourceProvider extends AbstractControllerResourceProvider
}
List<UpgradeGroupEntity> groupEntities = new ArrayList<>();
- RequestStageContainer req = createRequest(cluster, direction, version);
+ RequestStageContainer req = createRequest(direction, version);
// the upgrade context calculated these for us based on direction
StackId sourceStackId = upgradeContext.getOriginalStackId();
@@ -1265,17 +1264,13 @@ public class UpgradeResourceProvider extends AbstractControllerResourceProvider
}
}
- private RequestStageContainer createRequest(Cluster cluster, Direction direction, String version) throws AmbariException {
+ private RequestStageContainer createRequest(Direction direction, String version) {
ActionManager actionManager = getManagementController().getActionManager();
RequestStageContainer requestStages = new RequestStageContainer(
actionManager.getNextRequestId(), null, s_requestFactory.get(), actionManager);
requestStages.setRequestContext(String.format("%s to %s", direction.getVerb(true), version));
- Map<String, Set<String>> clusterHostInfo = StageUtils.getClusterHostInfo(cluster);
- String clusterHostInfoJson = StageUtils.getGson().toJson(clusterHostInfo);
- requestStages.setClusterHostInfo(clusterHostInfoJson);
-
return requestStages;
}
[26/26] ambari git commit: Merge branch 'trunk' into
branch-feature-AMBARI-12556
Posted by jo...@apache.org.
Merge branch 'trunk' into branch-feature-AMBARI-12556
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/87e8bdf1
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/87e8bdf1
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/87e8bdf1
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 87e8bdf1a0833897c98faeccfbf268017ed27c49
Parents: 7b0ccda 8f9786b
Author: Jonathan Hurley <jh...@hortonworks.com>
Authored: Fri May 12 10:32:12 2017 -0400
Committer: Jonathan Hurley <jh...@hortonworks.com>
Committed: Fri May 12 10:32:12 2017 -0400
----------------------------------------------------------------------
ambari-infra/.gitignore | 6 +
ambari-infra/ambari-infra-manager/pom.xml | 17 +-
.../conf/batch/InfraManagerBatchConfig.java | 227 +++
.../infra/job/dummy/DummyItemProcessor.java | 36 +
.../ambari/infra/job/dummy/DummyItemWriter.java | 36 +
.../ambari/infra/job/dummy/DummyObject.java | 40 +
.../apache/ambari/infra/rest/JobResource.java | 43 +-
.../src/main/resources/dummy/dummy.txt | 3 +
.../src/main/resources/infra-manager.properties | 6 +-
.../alerts/AlertMaintenanceModeListener.java | 60 +-
.../apache/ambari/server/state/AlertState.java | 4 +
.../server/topology/BlueprintValidatorImpl.java | 88 +-
.../RequiredConfigPropertiesValidator.java | 188 ++
.../validators/TopologyValidatorFactory.java | 3 +-
.../server/upgrade/UpgradeCatalog250.java | 72 -
.../main/python/ambari_server/serverUpgrade.py | 31 +-
.../main/python/ambari_server/setupMpacks.py | 9 +-
.../common-services/HDFS/2.1.0.2.0/metainfo.xml | 6 +-
.../common-services/HDFS/3.0.0.3.0/metainfo.xml | 10 +-
.../package/alerts/alert_llap_app_status.py | 4 +-
.../package/scripts/hive_server_interactive.py | 3 -
.../0.12.0.2.0/package/scripts/params_linux.py | 4 +-
.../package/alerts/alert_llap_app_status.py | 4 +-
.../package/scripts/hive_server_interactive.py | 3 -
.../2.1.0.3.0/package/scripts/params_linux.py | 4 +-
.../0.10.0.3.0/configuration/kafka-broker.xml | 2 +-
.../0.10.0.3.0/package/scripts/service_check.py | 15 +-
.../RANGER/0.7.0.3.0/alerts.json | 76 +
.../0.7.0.3.0/configuration/admin-log4j.xml | 132 ++
.../configuration/admin-properties.xml | 163 ++
.../configuration/atlas-tagsync-ssl.xml | 72 +
.../configuration/ranger-admin-site.xml | 785 ++++++++
.../0.7.0.3.0/configuration/ranger-env.xml | 513 +++++
.../0.7.0.3.0/configuration/ranger-site.xml | 30 +
.../configuration/ranger-solr-configuration.xml | 59 +
.../ranger-tagsync-policymgr-ssl.xml | 72 +
.../configuration/ranger-tagsync-site.xml | 206 ++
.../configuration/ranger-ugsync-site.xml | 574 ++++++
.../tagsync-application-properties.xml | 62 +
.../0.7.0.3.0/configuration/tagsync-log4j.xml | 90 +
.../0.7.0.3.0/configuration/usersync-log4j.xml | 89 +
.../configuration/usersync-properties.xml | 32 +
.../RANGER/0.7.0.3.0/kerberos.json | 153 ++
.../RANGER/0.7.0.3.0/metainfo.xml | 189 ++
.../alerts/alert_ranger_admin_passwd_check.py | 195 ++
.../RANGER/0.7.0.3.0/package/scripts/params.py | 448 +++++
.../0.7.0.3.0/package/scripts/ranger_admin.py | 217 ++
.../0.7.0.3.0/package/scripts/ranger_service.py | 69 +
.../0.7.0.3.0/package/scripts/ranger_tagsync.py | 139 ++
.../package/scripts/ranger_usersync.py | 124 ++
.../0.7.0.3.0/package/scripts/service_check.py | 49 +
.../0.7.0.3.0/package/scripts/setup_ranger.py | 153 ++
.../package/scripts/setup_ranger_xml.py | 853 ++++++++
.../0.7.0.3.0/package/scripts/status_params.py | 39 +
.../RANGER/0.7.0.3.0/package/scripts/upgrade.py | 31 +
.../templates/input.config-ranger.json.j2 | 79 +
.../package/templates/ranger_admin_pam.j2 | 22 +
.../package/templates/ranger_remote_pam.j2 | 22 +
.../package/templates/ranger_solr_jaas_conf.j2 | 26 +
.../properties/ranger-solrconfig.xml.j2 | 1874 ++++++++++++++++++
.../RANGER/0.7.0.3.0/quicklinks/quicklinks.json | 41 +
.../RANGER/0.7.0.3.0/role_command_order.json | 9 +
.../RANGER/0.7.0.3.0/service_advisor.py | 793 ++++++++
.../0.7.0.3.0/themes/theme_version_1.json | 722 +++++++
.../0.7.0.3.0/themes/theme_version_2.json | 1470 ++++++++++++++
.../0.7.0.3.0/themes/theme_version_3.json | 692 +++++++
.../0.7.0.3.0/themes/theme_version_5.json | 48 +
.../SPARK/1.2.1/package/scripts/params.py | 2 +-
.../SPARK/2.2.0/package/scripts/params.py | 2 +-
.../SPARK2/2.0.0/package/scripts/params.py | 2 +-
.../stacks/HDP/2.5/upgrades/config-upgrade.xml | 15 +
.../HDP/2.5/upgrades/nonrolling-upgrade-2.6.xml | 12 +
.../stacks/HDP/2.5/upgrades/upgrade-2.6.xml | 2 +
.../configuration/hive-interactive-site.xml | 11 +-
.../HIVE/configuration/tez-interactive-site.xml | 13 +
.../stacks/HDP/3.0/services/RANGER/metainfo.xml | 27 +
.../AlertMaintenanceModeListenerTest.java | 4 +
.../server/topology/BlueprintImplTest.java | 13 -
.../RequiredConfigPropertiesValidatorTest.java | 302 +++
.../server/upgrade/UpgradeCatalog250Test.java | 23 +-
.../controllers/main/service/info/summary.js | 2 +-
ambari-web/app/styles/alerts.less | 19 +-
.../app/styles/theme/bootstrap-ambari.css | 55 +-
ambari-web/app/styles/top-nav.less | 2 +-
ambari-web/app/templates/main/alerts.hbs | 16 +-
.../view/hive2/resources/files/FileService.java | 8 +-
.../view/hive20/internal/dto/TableStats.java | 24 +-
.../internal/parsers/TableMetaParserImpl.java | 8 +-
88 files changed, 12620 insertions(+), 278 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/87e8bdf1/ambari-server/src/main/python/ambari_server/serverUpgrade.py
----------------------------------------------------------------------
[21/26] ambari git commit: AMBARI-20985. HDP 3.0 TP - create service
definition for Ranger with configs, kerberos, widgets, etc.(vbrodetskyi)
Posted by jo...@apache.org.
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-ugsync-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-ugsync-site.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-ugsync-site.xml
new file mode 100644
index 0000000..2c62851
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-ugsync-site.xml
@@ -0,0 +1,574 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<configuration supports_final="true">
+ <property>
+ <name>ranger.usersync.port</name>
+ <value>5151</value>
+ <description>Port for unix authentication service, run within usersync</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ssl</name>
+ <value>true</value>
+ <description>SSL enabled? (ranger admin -> usersync communication)</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.usersync.keystore.password</name>
+ <value>UnIx529p</value>
+ <property-type>PASSWORD</property-type>
+ <description>Keystore password</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.usersync.truststore.password</name>
+ <value>changeit</value>
+ <property-type>PASSWORD</property-type>
+ <description>Truststore password</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.passwordvalidator.path</name>
+ <value>./native/credValidator.uexe</value>
+ <description>Native program for password validation</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.enabled</name>
+ <display-name>Enable User Sync</display-name>
+ <value>true</value>
+ <description>Should users and groups be synchronized to Ranger Database? Required to setup Ranger policies</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>Yes</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>No</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.sink.impl.class</name>
+ <value>org.apache.ranger.unixusersync.process.PolicyMgrUserGroupBuilder</value>
+ <description>Class to be used as sink (to sync users into ranger admin)</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.policymanager.baseURL</name>
+ <value>{{ranger_external_url}}</value>
+ <description>URL to be used by clients to access ranger admin, use FQDN</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.policymanager.maxrecordsperapicall</name>
+ <value>1000</value>
+ <description>How many records to be returned per API call</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.policymanager.mockrun</name>
+ <value>false</value>
+ <description>Is user sync doing mock run?</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.unix.minUserId</name>
+ <display-name>Minimum User ID</display-name>
+ <value>500</value>
+ <description>Only sync users above this user id (applicable for UNIX)</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.unix.group.file</name>
+ <display-name>Group File</display-name>
+ <value>/etc/group</value>
+ <description>Location of the groups file on the linux server</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.unix.password.file</name>
+ <display-name>Password File</display-name>
+ <value>/etc/passwd</value>
+ <description>Location of the password file on the linux server</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.sleeptimeinmillisbetweensynccycle</name>
+ <value>60000</value>
+ <description>Sleeptime interval in milliseconds, if < 6000 then default to 1 min</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.source.impl.class</name>
+ <value>org.apache.ranger.unixusersync.process.UnixUserGroupBuilder</value>
+ <display-name>Sync Source</display-name>
+ <description>For Ldap: org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder, For Unix: org.apache.ranger.unixusersync.process.UnixUserGroupBuilder, org.apache.ranger.unixusersync.process.FileSourceUserGroupBuilder</description>
+ <value-attributes>
+ <type>value-list</type>
+ <empty-value-valid>true</empty-value-valid>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>org.apache.ranger.unixusersync.process.UnixUserGroupBuilder</value>
+ <label>UNIX</label>
+ </entry>
+ <entry>
+ <value>org.apache.ranger.unixusersync.process.FileSourceUserGroupBuilder</value>
+ <label>FILE</label>
+ </entry>
+ <entry>
+ <value>org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder</value>
+ <label>LDAP/AD</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.filesource.file</name>
+ <display-name>File Name</display-name>
+ <value>/tmp/usergroup.txt</value>
+ <description>Path to the file with the users and groups information. Example: /tmp/usergroup.json or /tmp/usergroup.csv or /tmp/usergroup.txt</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.filesource.text.delimiter</name>
+ <display-name>Delimiter</display-name>
+ <value>,</value>
+ <description>Delimiter used in file, if File based user sync is used</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.url</name>
+ <display-name>LDAP/AD URL</display-name>
+ <value/>
+ <description>LDAP server URL. Example: value = ldap://localhost:389 or ldaps//localhost:636</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.binddn</name>
+ <display-name>Bind User</display-name>
+ <value/>
+ <description>Full distinguished name (DN), including common name (CN), of an LDAP user account that has privileges to search for users. This user is used for searching the users. This could be read-only LDAP user. Example: cn=admin,dc=example,dc=com</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.ldapbindpassword</name>
+ <display-name>Bind User Password</display-name>
+ <value/>
+ <property-type>PASSWORD</property-type>
+ <description>Password for the LDAP bind user used for searching users.</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.bindalias</name>
+ <value>testldapalias</value>
+ <description>Set as ranger.usersync.ldap.bindalias (string as is)</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.usersync.ldap.searchBase</name>
+ <value>dc=hadoop,dc=apache,dc=org</value>
+ <description>"# search base for users and groups
+# sample value would be dc=hadoop,dc=apache,dc=org
+# From Ranger Release 0.6.0 multiple Ous can be configured with ; (semicolon) separated"</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.user.searchbase</name>
+ <display-name>User Search Base</display-name>
+ <value/>
+ <description>"# search base for users
+# sample value would be ou=users,dc=hadoop,dc=apache,dc=org
+# overrides value specified in ranger.usersync.ldap.searchBase
+# From Ranger Release 0.6.0 multiple Ous can be configured with ; (semicolon) separated eg: cn=users,dc=example,dc=com;ou=example1,ou=example2"</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.user.searchscope</name>
+ <display-name>User Search Scope</display-name>
+ <value>sub</value>
+ <description>"# search scope for the users, only base, one and sub are supported values
+# please customize the value to suit your deployment
+# default value: sub"</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.user.objectclass</name>
+ <display-name>User Object Class</display-name>
+ <value>person</value>
+ <description>LDAP User Object Class. Example: person or user</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.user.searchfilter</name>
+ <display-name>User Search Filter</display-name>
+ <value/>
+ <description>"optional additional filter constraining the users selected for syncing
+# a sample value would be (dept=eng)
+# please customize the value to suit your deployment
+# default value is empty"</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.user.nameattribute</name>
+ <display-name>Username Attribute</display-name>
+ <value/>
+ <description>LDAP user name attribute. Example: sAMAccountName in AD, uid or cn in OpenLDAP</description>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.referral</name>
+ <value>ignore</value>
+ <description>Set to follow if multiple LDAP servers are configured to return continuation references for results. Set to ignore (default) if no referrals should be followed</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.user.groupnameattribute</name>
+ <display-name>User Group Name Attribute</display-name>
+ <value>memberof, ismemberof</value>
+ <description>LDAP user group name attribute. Generally it is the same as username attribute. Example: sAMAccountName in AD, uid or cn in OpenLDAP</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.username.caseconversion</name>
+ <value>none</value>
+ <description>User name case conversion</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.groupname.caseconversion</name>
+ <value>none</value>
+ <description>Group name case conversion</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.logdir</name>
+ <value>{{usersync_log_dir}}</value>
+ <description>User sync log directory</description>
+ <value-attributes>
+ <visible>false</visible>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.usersync.group.usermapsyncenabled</name>
+ <value>true</value>
+ <display-name>Group User Map Sync</display-name>
+ <description>Sync specific groups for users?</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>Yes</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>No</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.group.searchbase</name>
+ <display-name>Group Search Base</display-name>
+ <value/>
+ <description>"# search base for groups
+# sample value would be ou=groups,dc=hadoop,dc=apache,dc=org
+# overrides value specified in ranger.usersync.ldap.searchBase, ranger.usersync.ldap.user.searchbase
+# if a value is not specified, takes the value of ranger.usersync.ldap.searchBase
+# if ranger.usersync.ldap.searchBase is also not specified, takes the value of ranger.usersync.ldap.user.searchbase"
+# From Ranger Release 0.6.0 multiple Ous can be configured with ; (semicolon) separated eg: ou=groups,DC=example,DC=com;ou=group1,ou=group2"
+</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.group.searchscope</name>
+ <value/>
+ <description>"# search scope for the groups, only base, one and sub are supported values
+# please customize the value to suit your deployment
+# default value: sub"</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.group.objectclass</name>
+ <display-name>Group Object Class</display-name>
+ <value/>
+ <description>LDAP Group object class. Example: group</description>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.usersync.group.searchfilter</name>
+ <value/>
+ <display-name>Group Search Filter</display-name>
+ <description>"# optional additional filter constraining the groups selected for syncing
+# a sample value would be (dept=eng)
+# please customize the value to suit your deployment
+# default value is empty"</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.group.nameattribute</name>
+ <display-name>Group Name Attribute</display-name>
+ <value/>
+ <description>LDAP group name attribute. Example: cn</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.group.memberattributename</name>
+ <display-name>Group Member Attribute</display-name>
+ <value/>
+ <description>LDAP group member attribute name. Example: member</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.pagedresultsenabled</name>
+ <value>true</value>
+ <description>Results can be paged?</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>Yes</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>No</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.pagedresultssize</name>
+ <value>500</value>
+ <description>Page size</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.usersync.kerberos.principal</name>
+ <value/>
+ <description/>
+ <property-type>KERBEROS_PRINCIPAL</property-type>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.kerberos.keytab</name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.policymgr.username</name>
+ <value>rangerusersync</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.policymgr.alias</name>
+ <value>ranger.usersync.policymgr.password</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.usersync.group.search.first.enabled</name>
+ <display-name>Enable Group Search First</display-name>
+ <value>false</value>
+ <description/>
+ <value-attributes>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>Yes</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>No</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.user.searchenabled</name>
+ <display-name>Enable User Search</display-name>
+ <value>false</value>
+ <description/>
+ <value-attributes>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>Yes</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>No</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.deltasync</name>
+ <display-name>Incremental Sync</display-name>
+ <value>true</value>
+ <description>Enable Incremental Sync</description>
+ <value-attributes>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>Yes</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>No</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.usersync.group.searchenabled</name>
+ <display-name>Enable Group Sync</display-name>
+ <value>false</value>
+ <description>"# do we want to do ldapsearch to find groups instead of relying on user entry attributes
+ # valid values: true, false
+ # any value other than true would be treated as false
+ # default value: false"</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>Yes</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>No</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-ugsync-site</type>
+ <name>ranger.usersync.ldap.deltasync</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.keystore.file</name>
+ <value>/usr/hdp/current/ranger-usersync/conf/unixauthservice.jks</value>
+ <description>Keystore file used for usersync</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.truststore.file</name>
+ <value>/usr/hdp/current/ranger-usersync/conf/mytruststore.jks</value>
+ <description>Truststore used for usersync, required if usersync -> ranger admin communication is SSL enabled</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.ldap.bindkeystore</name>
+ <value/>
+ <description>Set same value as ranger.usersync.keystore.file property i.e default value /usr/hdp/current/ranger-usersync/conf/ugsync.jceks</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.credstore.filename</name>
+ <value>/usr/hdp/current/ranger-usersync/conf/ugsync.jceks</value>
+ <description>Credential store file name for user sync, specify full path</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.usersync.policymgr.keystore</name>
+ <value>/usr/hdp/current/ranger-usersync/conf/ugsync.jceks</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/tagsync-application-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/tagsync-application-properties.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/tagsync-application-properties.xml
new file mode 100644
index 0000000..f616324
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/tagsync-application-properties.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration>
+ <property>
+ <name>atlas.kafka.entities.group.id</name>
+ <display-name>Atlas Source: Kafka consumer group</display-name>
+ <value>ranger_entities_consumer</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.kafka.bootstrap.servers</name>
+ <display-name>Atlas Source: Kafka endpoint</display-name>
+ <value>localhost:6667</value>
+ <description/>
+ <depends-on>
+ <property>
+ <type>kafka-broker</type>
+ <name>port</name>
+ </property>
+ </depends-on>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.kafka.zookeeper.connect</name>
+ <display-name>Atlas Source: Zookeeper endpoint</display-name>
+ <value>localhost:2181</value>
+ <description/>
+ <depends-on>
+ <property>
+ <type>zoo.cfg</type>
+ <name>clientPort</name>
+ </property>
+ </depends-on>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/tagsync-log4j.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/tagsync-log4j.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/tagsync-log4j.xml
new file mode 100644
index 0000000..8ec85a0
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/tagsync-log4j.xml
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_adding_forbidden="false">
+ <property>
+ <name>ranger_tagsync_log_maxfilesize</name>
+ <value>256</value>
+ <description>The maximum size of backup file before the log is rotated</description>
+ <display-name>Ranger tagsync Log: backup file size</display-name>
+ <value-attributes>
+ <unit>MB</unit>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_tagsync_log_number_of_backup_files</name>
+ <value>20</value>
+ <description>The number of backup files</description>
+ <display-name>Ranger tagsync Log: # of backup files</display-name>
+ <value-attributes>
+ <type>int</type>
+ <minimum>0</minimum>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>content</name>
+ <display-name>tagsync-log4j template</display-name>
+ <description>tagsync-log4j.properties</description>
+ <value>
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+
+log4j.rootLogger = info,logFile
+
+# logFile
+log4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.logFile.file=${logdir}/tagsync.log
+log4j.appender.logFile.datePattern='.'yyyy-MM-dd
+log4j.appender.logFile.layout=org.apache.log4j.PatternLayout
+log4j.appender.logFile.MaxFileSize = {{ranger_tagsync_log_maxfilesize}}MB
+log4j.appender.logFile.MaxBackupIndex = {{ranger_tagsync_log_number_of_backup_files}}
+log4j.appender.logFile.layout.ConversionPattern=%d{dd MMM yyyy HH:mm:ss} %5p %c{1} [%t] - %L %m%n
+
+# console
+log4j.appender.console=org.apache.log4j.ConsoleAppender
+log4j.appender.console.Target=System.out
+log4j.appender.console.layout=org.apache.log4j.PatternLayout
+log4j.appender.console.layout.ConversionPattern=%d{dd MMM yyyy HH:mm:ss} %5p %c{1} [%t] - %L %m%n
+ </value>
+ <value-attributes>
+ <type>content</type>
+ <show-property-name>false</show-property-name>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/usersync-log4j.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/usersync-log4j.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/usersync-log4j.xml
new file mode 100644
index 0000000..6d91b6e
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/usersync-log4j.xml
@@ -0,0 +1,89 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_adding_forbidden="false">
+ <property>
+ <name>ranger_usersync_log_maxfilesize</name>
+ <value>256</value>
+ <description>The maximum size of backup file before the log is rotated</description>
+ <display-name>Ranger usersync Log: backup file size</display-name>
+ <value-attributes>
+ <unit>MB</unit>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_usersync_log_maxbackupindex</name>
+ <value>20</value>
+ <description>The number of backup files</description>
+ <display-name>Ranger usersync Log: # of backup files</display-name>
+ <value-attributes>
+ <type>int</type>
+ <minimum>0</minimum>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>content</name>
+ <display-name>usersync-log4j template</display-name>
+ <description>usersync-log4j.properties</description>
+ <value>
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+log4j.rootLogger = info,logFile
+
+# logFile
+log4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.logFile.file=${logdir}/usersync.log
+log4j.appender.logFile.datePattern='.'yyyy-MM-dd
+log4j.appender.logFile.layout=org.apache.log4j.PatternLayout
+log4j.appender.logFile.layout.ConversionPattern=%d{dd MMM yyyy HH:mm:ss} %5p %c{1} [%t] - %m%n
+log4j.appender.logFile.MaxFileSize = {{ranger_usersync_log_maxfilesize}}MB
+log4j.appender.logFile.MaxBackupIndex = {{ranger_usersync_log_maxbackupindex}}
+
+# console
+log4j.appender.console=org.apache.log4j.ConsoleAppender
+log4j.appender.console.Target=System.out
+log4j.appender.console.layout=org.apache.log4j.PatternLayout
+log4j.appender.console.layout.ConversionPattern=%d{dd MMM yyyy HH:mm:ss} %5p %c{1} [%t] - %m%n
+ </value>
+ <value-attributes>
+ <type>content</type>
+ <show-property-name>false</show-property-name>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/usersync-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/usersync-properties.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/usersync-properties.xml
new file mode 100644
index 0000000..15aabe8
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/usersync-properties.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_final="false">
+
+
+
+
+
+
+
+
+
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/kerberos.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/kerberos.json b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/kerberos.json
new file mode 100644
index 0000000..1fc8acf
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/kerberos.json
@@ -0,0 +1,153 @@
+{
+ "services": [
+ {
+ "name": "RANGER",
+ "identities": [
+ {
+ "name": "/spnego"
+ },
+ {
+ "name": "/smokeuser"
+ }
+ ],
+ "configurations": [
+ {
+ "ranger-admin-site": {
+ "xasecure.audit.jaas.Client.loginModuleName": "com.sun.security.auth.module.Krb5LoginModule",
+ "xasecure.audit.jaas.Client.loginModuleControlFlag": "required",
+ "xasecure.audit.jaas.Client.option.useKeyTab": "true",
+ "xasecure.audit.jaas.Client.option.storeKey": "false",
+ "xasecure.audit.jaas.Client.option.serviceName": "solr"
+ }
+ }
+ ],
+ "components": [
+ {
+ "name": "RANGER_ADMIN",
+ "identities": [
+ {
+ "name": "rangeradmin",
+ "principal": {
+ "value": "rangeradmin/_HOST@${realm}",
+ "type" : "service",
+ "configuration": "ranger-admin-site/ranger.admin.kerberos.principal",
+ "local_username" : "${ranger-env/ranger_user}"
+ },
+ "keytab": {
+ "file": "${keytab_dir}/rangeradmin.service.keytab",
+ "owner": {
+ "name": "${ranger-env/ranger_user}",
+ "access": "r"
+ },
+ "configuration": "ranger-admin-site/ranger.admin.kerberos.keytab"
+ }
+ },
+ {
+ "name": "rangerlookup",
+ "principal": {
+ "value": "rangerlookup/_HOST@${realm}",
+ "configuration": "ranger-admin-site/ranger.lookup.kerberos.principal",
+ "type" : "service"
+ },
+ "keytab": {
+ "file": "${keytab_dir}/rangerlookup.service.keytab",
+ "owner": {
+ "name": "${ranger-env/ranger_user}",
+ "access": "r"
+ },
+ "configuration": "ranger-admin-site/ranger.lookup.kerberos.keytab"
+ }
+ },
+ {
+ "name": "/spnego",
+ "keytab": {
+ "configuration": "ranger-admin-site/ranger.spnego.kerberos.keytab"
+ }
+ },
+ {
+ "name": "/RANGER/RANGER_ADMIN/rangeradmin",
+ "principal": {
+ "configuration": "ranger-admin-site/xasecure.audit.jaas.Client.option.principal"
+ },
+ "keytab": {
+ "configuration": "ranger-admin-site/xasecure.audit.jaas.Client.option.keyTab"
+ }
+ },
+ {
+ "name": "/AMBARI_INFRA/INFRA_SOLR/infra-solr",
+ "when" : {
+ "contains" : ["services", "AMBARI_INFRA"]
+ }
+ }
+ ]
+ },
+ {
+ "name": "RANGER_USERSYNC",
+ "identities": [
+ {
+ "name": "rangerusersync",
+ "principal": {
+ "value": "rangerusersync/_HOST@${realm}",
+ "type" : "service",
+ "configuration" : "ranger-ugsync-site/ranger.usersync.kerberos.principal",
+ "local_username" : "rangerusersync"
+ },
+ "keytab": {
+ "file": "${keytab_dir}/rangerusersync.service.keytab",
+ "owner": {
+ "name": "${ranger-env/ranger_user}",
+ "access": "r"
+ },
+ "configuration": "ranger-ugsync-site/ranger.usersync.kerberos.keytab"
+ }
+ }
+ ]
+ },
+ {
+ "name": "RANGER_TAGSYNC",
+ "identities": [
+ {
+ "name": "rangertagsync",
+ "principal": {
+ "value": "rangertagsync/_HOST@${realm}",
+ "type" : "service",
+ "configuration": "ranger-tagsync-site/ranger.tagsync.kerberos.principal",
+ "local_username" : "rangertagsync"
+ },
+ "keytab": {
+ "file": "${keytab_dir}/rangertagsync.service.keytab",
+ "owner": {
+ "name": "${ranger-env/ranger_user}",
+ "access": "r"
+ },
+ "configuration": "ranger-tagsync-site/ranger.tagsync.kerberos.keytab"
+ }
+ },
+ {
+ "name": "/RANGER/RANGER_TAGSYNC/rangertagsync",
+ "principal": {
+ "configuration": "tagsync-application-properties/atlas.jaas.KafkaClient.option.principal"
+ },
+ "keytab": {
+ "configuration": "tagsync-application-properties/atlas.jaas.KafkaClient.option.keyTab"
+ }
+ }
+ ],
+ "configurations": [
+ {
+ "tagsync-application-properties": {
+ "atlas.jaas.KafkaClient.loginModuleName": "com.sun.security.auth.module.Krb5LoginModule",
+ "atlas.jaas.KafkaClient.loginModuleControlFlag": "required",
+ "atlas.jaas.KafkaClient.option.useKeyTab": "true",
+ "atlas.jaas.KafkaClient.option.storeKey": "true",
+ "atlas.jaas.KafkaClient.option.serviceName": "kafka",
+ "atlas.kafka.sasl.kerberos.service.name": "kafka",
+ "atlas.kafka.security.protocol": "PLAINTEXTSASL"
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ]
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/metainfo.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/metainfo.xml
new file mode 100644
index 0000000..e208800
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/metainfo.xml
@@ -0,0 +1,189 @@
+<?xml version="1.0"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<metainfo>
+ <schemaVersion>2.0</schemaVersion>
+ <services>
+ <service>
+ <name>RANGER</name>
+ <displayName>Ranger</displayName>
+ <comment>Comprehensive security for Hadoop</comment>
+ <version>0.7.0.3.0</version>
+ <components>
+
+ <component>
+ <name>RANGER_ADMIN</name>
+ <displayName>Ranger Admin</displayName>
+ <category>MASTER</category>
+ <cardinality>1+</cardinality>
+ <versionAdvertised>true</versionAdvertised>
+ <dependencies>
+ <dependency>
+ <name>AMBARI_INFRA/INFRA_SOLR_CLIENT</name>
+ <scope>host</scope>
+ <auto-deploy>
+ <enabled>true</enabled>
+ </auto-deploy>
+ </dependency>
+ </dependencies>
+ <commandScript>
+ <script>scripts/ranger_admin.py</script>
+ <scriptType>PYTHON</scriptType>
+ <timeout>600</timeout>
+ </commandScript>
+ <logs>
+ <log>
+ <logId>ranger_admin</logId>
+ <primary>true</primary>
+ </log>
+ <log>
+ <logId>ranger_dbpatch</logId>
+ </log>
+ </logs>
+ </component>
+
+ <component>
+ <name>RANGER_TAGSYNC</name>
+ <displayName>Ranger Tagsync</displayName>
+ <category>SLAVE</category>
+ <cardinality>0-1</cardinality>
+ <versionAdvertised>true</versionAdvertised>
+ <commandScript>
+ <script>scripts/ranger_tagsync.py</script>
+ <scriptType>PYTHON</scriptType>
+ <timeout>600</timeout>
+ </commandScript>
+ <configuration-dependencies>
+ <config-type>ranger-tagsync-site</config-type>
+ <config-type>tagsync-application-properties</config-type>
+ </configuration-dependencies>
+ </component>
+
+ <component>
+ <name>RANGER_USERSYNC</name>
+ <displayName>Ranger Usersync</displayName>
+ <category>MASTER</category>
+ <cardinality>1</cardinality>
+ <versionAdvertised>true</versionAdvertised>
+ <auto-deploy>
+ <enabled>true</enabled>
+ <co-locate>RANGER/RANGER_ADMIN</co-locate>
+ </auto-deploy>
+ <commandScript>
+ <script>scripts/ranger_usersync.py</script>
+ <scriptType>PYTHON</scriptType>
+ <timeout>600</timeout>
+ </commandScript>
+ <logs>
+ <log>
+ <logId>ranger_usersync</logId>
+ <primary>true</primary>
+ </log>
+ </logs>
+ </component>
+
+ </components>
+ <configuration-dependencies>
+ <config-type>admin-properties</config-type>
+ <config-type>ranger-site</config-type>
+ <config-type>usersync-properties</config-type>
+ <config-type>ranger-admin-site</config-type>
+ <config-type>ranger-ugsync-site</config-type>
+ <config-type>admin-log4j</config-type>
+ <config-type>usersync-log4j</config-type>
+ <config-type>ranger-solr-configuration</config-type>
+ </configuration-dependencies>
+
+ <commandScript>
+ <script>scripts/service_check.py</script>
+ <scriptType>PYTHON</scriptType>
+ <timeout>300</timeout>
+ </commandScript>
+
+ <themes>
+ <theme>
+ <fileName>theme_version_1.json</fileName>
+ <default>true</default>
+ </theme>
+ <theme>
+ <fileName>theme_version_2.json</fileName>
+ <default>true</default>
+ </theme>
+ <theme>
+ <fileName>theme_version_3.json</fileName>
+ <default>true</default>
+ </theme>
+ <theme>
+ <fileName>theme_version_5.json</fileName>
+ <default>true</default>
+ </theme>
+ </themes>
+
+ <osSpecifics>
+ <osSpecific>
+ <osFamily>redhat7,amazon2015,redhat6,suse11,suse12</osFamily>
+ <packages>
+ <package>
+ <name>ranger_${stack_version}-admin</name>
+ </package>
+ <package>
+ <name>ranger_${stack_version}-usersync</name>
+ </package>
+ <package>
+ <name>ranger_${stack_version}-tagsync</name>
+ <condition>should_install_ranger_tagsync</condition>
+ </package>
+ <package>
+ <name>ambari-infra-solr-client</name>
+ <condition>should_install_infra_solr_client</condition>
+ </package>
+ </packages>
+ </osSpecific>
+ <osSpecific>
+ <osFamily>debian7,ubuntu12,ubuntu14,ubuntu16</osFamily>
+ <packages>
+ <package>
+ <name>ranger-${stack_version}-admin</name>
+ </package>
+ <package>
+ <name>ranger-${stack_version}-usersync</name>
+ </package>
+ <package>
+ <name>ranger-${stack_version}-tagsync</name>
+ <condition>should_install_ranger_tagsync</condition>
+ </package>
+ <package>
+ <name>ambari-infra-solr-client</name>
+ <condition>should_install_infra_solr_client</condition>
+ </package>
+ </packages>
+ </osSpecific>
+ </osSpecifics>
+
+ <quickLinksConfigurations>
+ <quickLinksConfiguration>
+ <fileName>quicklinks.json</fileName>
+ <default>true</default>
+ </quickLinksConfiguration>
+ </quickLinksConfigurations>
+
+ </service>
+ </services>
+</metainfo>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/alerts/alert_ranger_admin_passwd_check.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/alerts/alert_ranger_admin_passwd_check.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/alerts/alert_ranger_admin_passwd_check.py
new file mode 100644
index 0000000..8ea8070
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/alerts/alert_ranger_admin_passwd_check.py
@@ -0,0 +1,195 @@
+#!/usr/bin/env python
+
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+
+import base64
+import urllib2
+import ambari_simplejson as json # simplejson is much faster comparing to Python 2.6 json module and has the same functions set.
+import logging
+from resource_management.core.environment import Environment
+from resource_management.libraries.script import Script
+from resource_management.libraries.functions.stack_features import check_stack_feature
+from resource_management.libraries.functions import StackFeature
+
+logger = logging.getLogger()
+RANGER_ADMIN_URL = '{{admin-properties/policymgr_external_url}}'
+ADMIN_USERNAME = '{{ranger-env/admin_username}}'
+ADMIN_PASSWORD = '{{ranger-env/admin_password}}'
+RANGER_ADMIN_USERNAME = '{{ranger-env/ranger_admin_username}}'
+RANGER_ADMIN_PASSWORD = '{{ranger-env/ranger_admin_password}}'
+SECURITY_ENABLED = '{{cluster-env/security_enabled}}'
+
+def get_tokens():
+ """
+ Returns a tuple of tokens in the format {{site/property}} that will be used
+ to build the dictionary passed into execute
+
+ :return tuple
+ """
+ return (RANGER_ADMIN_URL, ADMIN_USERNAME, ADMIN_PASSWORD, RANGER_ADMIN_USERNAME, RANGER_ADMIN_PASSWORD, SECURITY_ENABLED)
+
+
+def execute(configurations={}, parameters={}, host_name=None):
+ """
+ Returns a tuple containing the result code and a pre-formatted result label
+
+ Keyword arguments:
+ configurations (dictionary): a mapping of configuration key to value
+ parameters (dictionary): a mapping of script parameter key to value
+ host_name (string): the name of this host where the alert is running
+ """
+
+ if configurations is None:
+ return (('UNKNOWN', ['There were no configurations supplied to the script.']))
+
+ ranger_link = None
+ ranger_auth_link = None
+ ranger_get_user = None
+ admin_username = None
+ admin_password = None
+ ranger_admin_username = None
+ ranger_admin_password = None
+ security_enabled = False
+
+ stack_version_formatted = Script.get_stack_version()
+ stack_supports_ranger_kerberos = stack_version_formatted and check_stack_feature(StackFeature.RANGER_KERBEROS_SUPPORT, stack_version_formatted)
+
+ if RANGER_ADMIN_URL in configurations:
+ ranger_link = configurations[RANGER_ADMIN_URL]
+ if ranger_link.endswith('/'):
+ ranger_link = ranger_link[:-1]
+ ranger_auth_link = '{0}/{1}'.format(ranger_link, 'service/public/api/repository/count')
+ ranger_get_user = '{0}/{1}'.format(ranger_link, 'service/xusers/users')
+
+ if ADMIN_USERNAME in configurations:
+ admin_username = configurations[ADMIN_USERNAME]
+
+ if ADMIN_PASSWORD in configurations:
+ admin_password = configurations[ADMIN_PASSWORD]
+
+ if RANGER_ADMIN_USERNAME in configurations:
+ ranger_admin_username = configurations[RANGER_ADMIN_USERNAME]
+
+ if RANGER_ADMIN_PASSWORD in configurations:
+ ranger_admin_password = configurations[RANGER_ADMIN_PASSWORD]
+
+ if SECURITY_ENABLED in configurations:
+ security_enabled = str(configurations[SECURITY_ENABLED]).upper() == 'TRUE'
+
+ label = None
+ result_code = 'OK'
+
+ try:
+ if security_enabled and stack_supports_ranger_kerberos:
+ result_code = 'UNKNOWN'
+ label = 'This alert will get skipped for Ranger Admin on kerberos env'
+ else:
+ admin_http_code = check_ranger_login(ranger_auth_link, admin_username, admin_password)
+ if admin_http_code == 200:
+ get_user_code = get_ranger_user(ranger_get_user, admin_username, admin_password, ranger_admin_username)
+ if get_user_code:
+ user_http_code = check_ranger_login(ranger_auth_link, ranger_admin_username, ranger_admin_password)
+ if user_http_code == 200:
+ result_code = 'OK'
+ label = 'Login Successful for users {0} and {1}'.format(admin_username, ranger_admin_username)
+ elif user_http_code == 401:
+ result_code = 'CRITICAL'
+ label = 'User:{0} credentials on Ambari UI are not in sync with Ranger'.format(ranger_admin_username)
+ else:
+ result_code = 'WARNING'
+ label = 'Ranger Admin service is not reachable, please restart the service'
+ else:
+ result_code = 'OK'
+ label = 'Login Successful for user: {0}. User:{1} user not yet synced with Ranger'.format(admin_username, ranger_admin_username)
+ elif admin_http_code == 401:
+ result_code = 'CRITICAL'
+ label = 'User:{0} credentials on Ambari UI are not in sync with Ranger'.format(admin_username)
+ else:
+ result_code = 'WARNING'
+ label = 'Ranger Admin service is not reachable, please restart the service'
+
+ except Exception, e:
+ label = str(e)
+ result_code = 'UNKNOWN'
+ logger.exception(label)
+
+ return ((result_code, [label]))
+
+def check_ranger_login(ranger_auth_link, username, password):
+ """
+ params ranger_auth_link: ranger login url
+ params username: user credentials
+ params password: user credentials
+
+ return response code
+ """
+ try:
+ usernamepassword = '{0}:{1}'.format(username, password)
+ base_64_string = base64.encodestring(usernamepassword).replace('\n', '')
+ request = urllib2.Request(ranger_auth_link)
+ request.add_header("Content-Type", "application/json")
+ request.add_header("Accept", "application/json")
+ request.add_header("Authorization", "Basic {0}".format(base_64_string))
+ result = urllib2.urlopen(request, timeout=20)
+ response_code = result.getcode()
+ if response_code == 200:
+ response = json.loads(result.read())
+ return response_code
+ except urllib2.HTTPError, e:
+ logger.exception("Error during Ranger service authentication. Http status code - {0}. {1}".format(e.code, e.read()))
+ return e.code
+ except urllib2.URLError, e:
+ logger.exception("Error during Ranger service authentication. {0}".format(e.reason))
+ return None
+ except Exception, e:
+ return 401
+
+def get_ranger_user(ranger_get_user, username, password, user):
+ """
+ params ranger_get_user: ranger get user url
+ params username: user credentials
+ params password: user credentials
+ params user: user to be search
+ return Boolean if user exist or not
+ """
+ try:
+ url = '{0}?name={1}'.format(ranger_get_user, user)
+ usernamepassword = '{0}:{1}'.format(username, password)
+ base_64_string = base64.encodestring(usernamepassword).replace('\n', '')
+ request = urllib2.Request(url)
+ request.add_header("Content-Type", "application/json")
+ request.add_header("Accept", "application/json")
+ request.add_header("Authorization", "Basic {0}".format(base_64_string))
+ result = urllib2.urlopen(request, timeout=20)
+ response_code = result.getcode()
+ response = json.loads(result.read())
+ if response_code == 200 and len(response['vXUsers']) > 0:
+ for xuser in response['vXUsers']:
+ if xuser['name'] == user:
+ return True
+ else:
+ return False
+ except urllib2.HTTPError, e:
+ logger.exception("Error getting user from Ranger service. Http status code - {0}. {1}".format(e.code, e.read()))
+ return False
+ except urllib2.URLError, e:
+ logger.exception("Error getting user from Ranger service. {0}".format(e.reason))
+ return False
+ except Exception, e:
+ return False
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/params.py
new file mode 100644
index 0000000..094d239
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/params.py
@@ -0,0 +1,448 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+
+import os
+from resource_management.libraries.script import Script
+from resource_management.libraries.functions.version import format_stack_version
+from resource_management.libraries.functions.format import format
+from resource_management.libraries.functions.default import default
+from resource_management.libraries.functions.is_empty import is_empty
+from resource_management.libraries.functions.constants import Direction
+from resource_management.libraries.functions.stack_features import check_stack_feature
+from resource_management.libraries.functions.stack_features import get_stack_feature_version
+from resource_management.libraries.functions import StackFeature
+from resource_management.libraries.functions.get_bare_principal import get_bare_principal
+
+# a map of the Ambari role to the component name
+# for use with <stack-root>/current/<component>
+SERVER_ROLE_DIRECTORY_MAP = {
+ 'RANGER_ADMIN' : 'ranger-admin',
+ 'RANGER_USERSYNC' : 'ranger-usersync',
+ 'RANGER_TAGSYNC' : 'ranger-tagsync'
+}
+
+component_directory = Script.get_component_from_role(SERVER_ROLE_DIRECTORY_MAP, "RANGER_ADMIN")
+
+config = Script.get_config()
+tmp_dir = Script.get_tmp_dir()
+stack_root = Script.get_stack_root()
+
+stack_name = default("/hostLevelParams/stack_name", None)
+version = default("/commandParams/version", None)
+
+stack_version_unformatted = config['hostLevelParams']['stack_version']
+stack_version_formatted = format_stack_version(stack_version_unformatted)
+
+upgrade_marker_file = format("{tmp_dir}/rangeradmin_ru.inprogress")
+
+xml_configurations_supported = config['configurations']['ranger-env']['xml_configurations_supported']
+
+create_db_dbuser = config['configurations']['ranger-env']['create_db_dbuser']
+
+# get the correct version to use for checking stack features
+version_for_stack_feature_checks = get_stack_feature_version(config)
+
+stack_supports_rolling_upgrade = check_stack_feature(StackFeature.ROLLING_UPGRADE, version_for_stack_feature_checks)
+stack_supports_config_versioning = check_stack_feature(StackFeature.CONFIG_VERSIONING, version_for_stack_feature_checks)
+stack_supports_usersync_non_root = check_stack_feature(StackFeature.RANGER_USERSYNC_NON_ROOT, version_for_stack_feature_checks)
+stack_supports_ranger_tagsync = check_stack_feature(StackFeature.RANGER_TAGSYNC_COMPONENT, version_for_stack_feature_checks)
+stack_supports_ranger_audit_db = check_stack_feature(StackFeature.RANGER_AUDIT_DB_SUPPORT, version_for_stack_feature_checks)
+stack_supports_ranger_log4j = check_stack_feature(StackFeature.RANGER_LOG4J_SUPPORT, version_for_stack_feature_checks)
+stack_supports_ranger_kerberos = check_stack_feature(StackFeature.RANGER_KERBEROS_SUPPORT, version_for_stack_feature_checks)
+stack_supports_usersync_passwd = check_stack_feature(StackFeature.RANGER_USERSYNC_PASSWORD_JCEKS, version_for_stack_feature_checks)
+stack_supports_infra_client = check_stack_feature(StackFeature.RANGER_INSTALL_INFRA_CLIENT, version_for_stack_feature_checks)
+stack_supports_pid = check_stack_feature(StackFeature.RANGER_PID_SUPPORT, version_for_stack_feature_checks)
+stack_supports_ranger_admin_password_change = check_stack_feature(StackFeature.RANGER_ADMIN_PASSWD_CHANGE, version_for_stack_feature_checks)
+stack_supports_ranger_setup_db_on_start = check_stack_feature(StackFeature.RANGER_SETUP_DB_ON_START, version_for_stack_feature_checks)
+stack_supports_ranger_tagsync_ssl_xml_support = check_stack_feature(StackFeature.RANGER_TAGSYNC_SSL_XML_SUPPORT, version_for_stack_feature_checks)
+stack_supports_ranger_solr_configs = check_stack_feature(StackFeature.RANGER_SOLR_CONFIG_SUPPORT, version_for_stack_feature_checks)
+stack_supports_secure_ssl_password = check_stack_feature(StackFeature.SECURE_RANGER_SSL_PASSWORD, version_for_stack_feature_checks)
+
+downgrade_from_version = default("/commandParams/downgrade_from_version", None)
+upgrade_direction = default("/commandParams/upgrade_direction", None)
+
+ranger_conf = '/etc/ranger/admin/conf'
+ranger_ugsync_conf = '/etc/ranger/usersync/conf'
+ranger_tagsync_home = format('{stack_root}/current/ranger-tagsync')
+ranger_tagsync_conf = format('{stack_root}/current/ranger-tagsync/conf')
+tagsync_bin = '/usr/bin/ranger-tagsync'
+tagsync_services_file = format('{stack_root}/current/ranger-tagsync/ranger-tagsync-services.sh')
+security_store_path = '/etc/security/serverKeys'
+tagsync_etc_path = '/etc/ranger/tagsync/'
+ranger_tagsync_credential_file= os.path.join(tagsync_etc_path,'rangercred.jceks')
+atlas_tagsync_credential_file= os.path.join(tagsync_etc_path,'atlascred.jceks')
+ranger_tagsync_keystore_password = config['configurations']['ranger-tagsync-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']
+ranger_tagsync_truststore_password = config['configurations']['ranger-tagsync-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']
+atlas_tagsync_keystore_password = config['configurations']['atlas-tagsync-ssl']['xasecure.policymgr.clientssl.keystore.password']
+atlas_tagsync_truststore_password = config['configurations']['atlas-tagsync-ssl']['xasecure.policymgr.clientssl.truststore.password']
+
+if upgrade_direction == Direction.DOWNGRADE and version and not check_stack_feature(StackFeature.CONFIG_VERSIONING, version):
+ stack_supports_rolling_upgrade = True
+ stack_supports_config_versioning = False
+
+if upgrade_direction == Direction.DOWNGRADE and version and not check_stack_feature(StackFeature.RANGER_USERSYNC_NON_ROOT, version):
+ stack_supports_usersync_non_root = False
+
+if stack_supports_rolling_upgrade:
+ ranger_home = format('{stack_root}/current/ranger-admin')
+ ranger_conf = '/etc/ranger/admin/conf'
+ ranger_stop = '/usr/bin/ranger-admin-stop'
+ ranger_start = '/usr/bin/ranger-admin-start'
+ usersync_home = format('{stack_root}/current/ranger-usersync')
+ usersync_start = '/usr/bin/ranger-usersync-start'
+ usersync_stop = '/usr/bin/ranger-usersync-stop'
+ ranger_ugsync_conf = '/etc/ranger/usersync/conf'
+
+if stack_supports_config_versioning:
+ ranger_conf = format('{stack_root}/current/ranger-admin/conf')
+ ranger_ugsync_conf = format('{stack_root}/current/ranger-usersync/conf')
+
+if stack_supports_ranger_tagsync:
+ ranger_tagsync_home = format('{stack_root}/current/ranger-tagsync')
+ tagsync_bin = '/usr/bin/ranger-tagsync'
+ ranger_tagsync_conf = format('{stack_root}/current/ranger-tagsync/conf')
+ tagsync_services_file = format('{stack_root}/current/ranger-tagsync/ranger-tagsync-services.sh')
+
+usersync_services_file = format('{stack_root}/current/ranger-usersync/ranger-usersync-services.sh')
+
+java_home = config['hostLevelParams']['java_home']
+unix_user = config['configurations']['ranger-env']['ranger_user']
+unix_group = config['configurations']['ranger-env']['ranger_group']
+ranger_pid_dir = default("/configurations/ranger-env/ranger_pid_dir", "/var/run/ranger")
+usersync_log_dir = default("/configurations/ranger-env/ranger_usersync_log_dir", "/var/log/ranger/usersync")
+admin_log_dir = default("/configurations/ranger-env/ranger_admin_log_dir", "/var/log/ranger/admin")
+ranger_admin_default_file = format('{ranger_conf}/ranger-admin-default-site.xml')
+security_app_context_file = format('{ranger_conf}/security-applicationContext.xml')
+ranger_ugsync_default_file = format('{ranger_ugsync_conf}/ranger-ugsync-default.xml')
+usgsync_log4j_file = format('{ranger_ugsync_conf}/log4j.xml')
+if stack_supports_ranger_log4j:
+ usgsync_log4j_file = format('{ranger_ugsync_conf}/log4j.properties')
+cred_validator_file = format('{usersync_home}/native/credValidator.uexe')
+
+ambari_server_hostname = config['clusterHostInfo']['ambari_server_host'][0]
+
+db_flavor = (config['configurations']['admin-properties']['DB_FLAVOR']).lower()
+usersync_exturl = config['configurations']['admin-properties']['policymgr_external_url']
+if usersync_exturl.endswith('/'):
+ usersync_exturl = usersync_exturl.rstrip('/')
+ranger_host = config['clusterHostInfo']['ranger_admin_hosts'][0]
+ugsync_host = 'localhost'
+usersync_host_info = config['clusterHostInfo']['ranger_usersync_hosts']
+if not is_empty(usersync_host_info) and len(usersync_host_info) > 0:
+ ugsync_host = config['clusterHostInfo']['ranger_usersync_hosts'][0]
+ranger_external_url = config['configurations']['admin-properties']['policymgr_external_url']
+if ranger_external_url.endswith('/'):
+ ranger_external_url = ranger_external_url.rstrip('/')
+ranger_db_name = config['configurations']['admin-properties']['db_name']
+ranger_auditdb_name = default('/configurations/admin-properties/audit_db_name', 'ranger_audits')
+
+sql_command_invoker = config['configurations']['admin-properties']['SQL_COMMAND_INVOKER']
+db_root_user = config['configurations']['admin-properties']['db_root_user']
+db_root_password = unicode(config['configurations']['admin-properties']['db_root_password'])
+db_host = config['configurations']['admin-properties']['db_host']
+ranger_db_user = config['configurations']['admin-properties']['db_user']
+ranger_audit_db_user = default('/configurations/admin-properties/audit_db_user', 'rangerlogger')
+ranger_db_password = unicode(config['configurations']['admin-properties']['db_password'])
+
+#ranger-env properties
+oracle_home = default("/configurations/ranger-env/oracle_home", "-")
+
+#For curl command in ranger to get db connector
+jdk_location = config['hostLevelParams']['jdk_location']
+java_share_dir = '/usr/share/java'
+jdbc_jar_name = None
+previous_jdbc_jar_name = None
+if db_flavor.lower() == 'mysql':
+ jdbc_jar_name = default("/hostLevelParams/custom_mysql_jdbc_name", None)
+ previous_jdbc_jar_name = default("/hostLevelParams/previous_custom_mysql_jdbc_name", None)
+ audit_jdbc_url = format('jdbc:mysql://{db_host}/{ranger_auditdb_name}') if stack_supports_ranger_audit_db else None
+ jdbc_dialect = "org.eclipse.persistence.platform.database.MySQLPlatform"
+elif db_flavor.lower() == 'oracle':
+ jdbc_jar_name = default("/hostLevelParams/custom_oracle_jdbc_name", None)
+ previous_jdbc_jar_name = default("/hostLevelParams/previous_custom_oracle_jdbc_name", None)
+ jdbc_dialect = "org.eclipse.persistence.platform.database.OraclePlatform"
+ colon_count = db_host.count(':')
+ if colon_count == 2 or colon_count == 0:
+ audit_jdbc_url = format('jdbc:oracle:thin:@{db_host}') if stack_supports_ranger_audit_db else None
+ else:
+ audit_jdbc_url = format('jdbc:oracle:thin:@//{db_host}') if stack_supports_ranger_audit_db else None
+elif db_flavor.lower() == 'postgres':
+ jdbc_jar_name = default("/hostLevelParams/custom_postgres_jdbc_name", None)
+ previous_jdbc_jar_name = default("/hostLevelParams/previous_custom_postgres_jdbc_name", None)
+ audit_jdbc_url = format('jdbc:postgresql://{db_host}/{ranger_auditdb_name}') if stack_supports_ranger_audit_db else None
+ jdbc_dialect = "org.eclipse.persistence.platform.database.PostgreSQLPlatform"
+elif db_flavor.lower() == 'mssql':
+ jdbc_jar_name = default("/hostLevelParams/custom_mssql_jdbc_name", None)
+ previous_jdbc_jar_name = default("/hostLevelParams/previous_custom_mssql_jdbc_name", None)
+ audit_jdbc_url = format('jdbc:sqlserver://{db_host};databaseName={ranger_auditdb_name}') if stack_supports_ranger_audit_db else None
+ jdbc_dialect = "org.eclipse.persistence.platform.database.SQLServerPlatform"
+elif db_flavor.lower() == 'sqla':
+ jdbc_jar_name = default("/hostLevelParams/custom_sqlanywhere_jdbc_name", None)
+ previous_jdbc_jar_name = default("/hostLevelParams/previous_custom_sqlanywhere_jdbc_name", None)
+ audit_jdbc_url = format('jdbc:sqlanywhere:database={ranger_auditdb_name};host={db_host}') if stack_supports_ranger_audit_db else None
+ jdbc_dialect = "org.eclipse.persistence.platform.database.SQLAnywherePlatform"
+
+downloaded_custom_connector = format("{tmp_dir}/{jdbc_jar_name}")
+
+driver_curl_source = format("{jdk_location}/{jdbc_jar_name}")
+driver_curl_target = format("{java_share_dir}/{jdbc_jar_name}")
+previous_jdbc_jar = format("{java_share_dir}/{previous_jdbc_jar_name}")
+if stack_supports_config_versioning:
+ driver_curl_target = format("{ranger_home}/ews/lib/{jdbc_jar_name}")
+ previous_jdbc_jar = format("{ranger_home}/ews/lib/{previous_jdbc_jar_name}")
+
+if db_flavor.lower() == 'sqla':
+ downloaded_custom_connector = format("{tmp_dir}/sqla-client-jdbc.tar.gz")
+ jar_path_in_archive = format("{tmp_dir}/sqla-client-jdbc/java/sajdbc4.jar")
+ libs_path_in_archive = format("{tmp_dir}/sqla-client-jdbc/native/lib64/*")
+ jdbc_libs_dir = format("{ranger_home}/native/lib64")
+ ld_lib_path = format("{jdbc_libs_dir}")
+
+#for db connection
+check_db_connection_jar_name = "DBConnectionVerification.jar"
+check_db_connection_jar = format("/usr/lib/ambari-agent/{check_db_connection_jar_name}")
+ranger_jdbc_connection_url = config["configurations"]["ranger-admin-site"]["ranger.jpa.jdbc.url"]
+ranger_jdbc_driver = config["configurations"]["ranger-admin-site"]["ranger.jpa.jdbc.driver"]
+
+ranger_credential_provider_path = config["configurations"]["ranger-admin-site"]["ranger.credential.provider.path"]
+ranger_jpa_jdbc_credential_alias = config["configurations"]["ranger-admin-site"]["ranger.jpa.jdbc.credential.alias"]
+ranger_ambari_db_password = unicode(config["configurations"]["admin-properties"]["db_password"])
+
+ranger_jpa_audit_jdbc_credential_alias = default('/configurations/ranger-admin-site/ranger.jpa.audit.jdbc.credential.alias', 'rangeraudit')
+ranger_ambari_audit_db_password = ''
+if not is_empty(config["configurations"]["admin-properties"]["audit_db_password"]) and stack_supports_ranger_audit_db:
+ ranger_ambari_audit_db_password = unicode(config["configurations"]["admin-properties"]["audit_db_password"])
+
+ugsync_jceks_path = config["configurations"]["ranger-ugsync-site"]["ranger.usersync.credstore.filename"]
+ugsync_cred_lib = os.path.join(usersync_home,"lib","*")
+cred_lib_path = os.path.join(ranger_home,"cred","lib","*")
+cred_setup_prefix = (format('{ranger_home}/ranger_credential_helper.py'), '-l', cred_lib_path)
+ranger_audit_source_type = config["configurations"]["ranger-admin-site"]["ranger.audit.source.type"]
+
+if xml_configurations_supported:
+ ranger_usersync_keystore_password = unicode(config["configurations"]["ranger-ugsync-site"]["ranger.usersync.keystore.password"])
+ ranger_usersync_ldap_ldapbindpassword = unicode(config["configurations"]["ranger-ugsync-site"]["ranger.usersync.ldap.ldapbindpassword"])
+ ranger_usersync_truststore_password = unicode(config["configurations"]["ranger-ugsync-site"]["ranger.usersync.truststore.password"])
+ ranger_usersync_keystore_file = config["configurations"]["ranger-ugsync-site"]["ranger.usersync.keystore.file"]
+ default_dn_name = 'cn=unixauthservice,ou=authenticator,o=mycompany,c=US'
+
+ranger_admin_hosts = config['clusterHostInfo']['ranger_admin_hosts']
+is_ranger_ha_enabled = True if len(ranger_admin_hosts) > 1 else False
+ranger_ug_ldap_url = config["configurations"]["ranger-ugsync-site"]["ranger.usersync.ldap.url"]
+ranger_ug_ldap_bind_dn = config["configurations"]["ranger-ugsync-site"]["ranger.usersync.ldap.binddn"]
+ranger_ug_ldap_user_searchfilter = config["configurations"]["ranger-ugsync-site"]["ranger.usersync.ldap.user.searchfilter"]
+ranger_ug_ldap_group_searchbase = config["configurations"]["ranger-ugsync-site"]["ranger.usersync.group.searchbase"]
+ranger_ug_ldap_group_searchfilter = config["configurations"]["ranger-ugsync-site"]["ranger.usersync.group.searchfilter"]
+ug_sync_source = config["configurations"]["ranger-ugsync-site"]["ranger.usersync.source.impl.class"]
+current_host = config['hostname']
+if current_host in ranger_admin_hosts:
+ ranger_host = current_host
+
+# ranger-tagsync
+ranger_tagsync_hosts = default("/clusterHostInfo/ranger_tagsync_hosts", [])
+has_ranger_tagsync = len(ranger_tagsync_hosts) > 0
+
+tagsync_log_dir = default("/configurations/ranger-tagsync-site/ranger.tagsync.logdir", "/var/log/ranger/tagsync")
+tagsync_jceks_path = config["configurations"]["ranger-tagsync-site"]["ranger.tagsync.keystore.filename"]
+atlas_tagsync_jceks_path = config["configurations"]["ranger-tagsync-site"]["ranger.tagsync.source.atlasrest.keystore.filename"]
+tagsync_application_properties = dict(config["configurations"]["tagsync-application-properties"]) if has_ranger_tagsync else None
+tagsync_pid_file = format('{ranger_pid_dir}/tagsync.pid')
+tagsync_cred_lib = os.path.join(ranger_tagsync_home, "lib", "*")
+
+ranger_usersync_log_maxfilesize = default('/configurations/usersync-log4j/ranger_usersync_log_maxfilesize',256)
+ranger_usersync_log_maxbackupindex = default('/configurations/usersync-log4j/ranger_usersync_log_maxbackupindex',20)
+ranger_tagsync_log_maxfilesize = default('/configurations/tagsync-log4j/ranger_tagsync_log_maxfilesize',256)
+ranger_tagsync_log_number_of_backup_files = default('/configurations/tagsync-log4j/ranger_tagsync_log_number_of_backup_files',20)
+ranger_xa_log_maxfilesize = default('/configurations/admin-log4j/ranger_xa_log_maxfilesize',256)
+ranger_xa_log_maxbackupindex = default('/configurations/admin-log4j/ranger_xa_log_maxbackupindex',20)
+
+# ranger log4j.properties
+admin_log4j = config['configurations']['admin-log4j']['content']
+usersync_log4j = config['configurations']['usersync-log4j']['content']
+tagsync_log4j = config['configurations']['tagsync-log4j']['content']
+
+# ranger kerberos
+security_enabled = config['configurations']['cluster-env']['security_enabled']
+namenode_hosts = default("/clusterHostInfo/namenode_host", [])
+has_namenode = len(namenode_hosts) > 0
+
+ugsync_policymgr_alias = config["configurations"]["ranger-ugsync-site"]["ranger.usersync.policymgr.alias"]
+ugsync_policymgr_keystore = config["configurations"]["ranger-ugsync-site"]["ranger.usersync.policymgr.keystore"]
+
+# ranger solr
+audit_solr_enabled = default('/configurations/ranger-env/xasecure.audit.destination.solr', False)
+ranger_solr_config_set = config['configurations']['ranger-env']['ranger_solr_config_set']
+ranger_solr_collection_name = config['configurations']['ranger-env']['ranger_solr_collection_name']
+ranger_solr_shards = config['configurations']['ranger-env']['ranger_solr_shards']
+replication_factor = config['configurations']['ranger-env']['ranger_solr_replication_factor']
+ranger_solr_conf = format('{ranger_home}/contrib/solr_for_audit_setup/conf')
+infra_solr_hosts = default("/clusterHostInfo/infra_solr_hosts", [])
+has_infra_solr = len(infra_solr_hosts) > 0
+is_solrCloud_enabled = default('/configurations/ranger-env/is_solrCloud_enabled', False)
+is_external_solrCloud_enabled = default('/configurations/ranger-env/is_external_solrCloud_enabled', False)
+solr_znode = '/ranger_audits'
+if stack_supports_infra_client and is_solrCloud_enabled:
+ solr_znode = default('/configurations/ranger-admin-site/ranger.audit.solr.zookeepers', 'NONE')
+ if solr_znode != '' and solr_znode.upper() != 'NONE':
+ solr_znode = solr_znode.split('/')
+ if len(solr_znode) > 1 and len(solr_znode) == 2:
+ solr_znode = solr_znode[1]
+ solr_znode = format('/{solr_znode}')
+ if has_infra_solr and not is_external_solrCloud_enabled:
+ solr_znode = config['configurations']['infra-solr-env']['infra_solr_znode']
+solr_user = unix_user
+if has_infra_solr and not is_external_solrCloud_enabled:
+ solr_user = default('/configurations/infra-solr-env/infra_solr_user', unix_user)
+ infra_solr_role_ranger_admin = default('configurations/infra-solr-security-json/infra_solr_role_ranger_admin', 'ranger_user')
+ infra_solr_role_ranger_audit = default('configurations/infra-solr-security-json/infra_solr_role_ranger_audit', 'ranger_audit_user')
+ infra_solr_role_dev = default('configurations/infra-solr-security-json/infra_solr_role_dev', 'dev')
+custom_log4j = has_infra_solr and not is_external_solrCloud_enabled
+
+ranger_audit_max_retention_days = config['configurations']['ranger-solr-configuration']['ranger_audit_max_retention_days']
+ranger_audit_logs_merge_factor = config['configurations']['ranger-solr-configuration']['ranger_audit_logs_merge_factor']
+ranger_solr_config_content = config['configurations']['ranger-solr-configuration']['content']
+
+# get comma separated list of zookeeper hosts
+zookeeper_port = default('/configurations/zoo.cfg/clientPort', None)
+zookeeper_hosts = default("/clusterHostInfo/zookeeper_hosts", [])
+index = 0
+zookeeper_quorum = ""
+for host in zookeeper_hosts:
+ zookeeper_quorum += host + ":" + str(zookeeper_port)
+ index += 1
+ if index < len(zookeeper_hosts):
+ zookeeper_quorum += ","
+
+# solr kerberised
+solr_jaas_file = None
+is_external_solrCloud_kerberos = default('/configurations/ranger-env/is_external_solrCloud_kerberos', False)
+
+if security_enabled:
+ if has_ranger_tagsync:
+ ranger_tagsync_principal = config['configurations']['ranger-tagsync-site']['ranger.tagsync.kerberos.principal']
+ if not is_empty(ranger_tagsync_principal) and ranger_tagsync_principal != '':
+ tagsync_jaas_principal = ranger_tagsync_principal.replace('_HOST', current_host.lower())
+ tagsync_keytab_path = config['configurations']['ranger-tagsync-site']['ranger.tagsync.kerberos.keytab']
+
+ if stack_supports_ranger_kerberos:
+ ranger_admin_keytab = config['configurations']['ranger-admin-site']['ranger.admin.kerberos.keytab']
+ ranger_admin_principal = config['configurations']['ranger-admin-site']['ranger.admin.kerberos.principal']
+ if not is_empty(ranger_admin_principal) and ranger_admin_principal != '':
+ ranger_admin_jaas_principal = ranger_admin_principal.replace('_HOST', ranger_host.lower())
+ if stack_supports_infra_client and is_solrCloud_enabled and is_external_solrCloud_enabled and is_external_solrCloud_kerberos:
+ solr_jaas_file = format('{ranger_home}/conf/ranger_solr_jaas.conf')
+ solr_kerberos_principal = ranger_admin_jaas_principal
+ solr_kerberos_keytab = ranger_admin_keytab
+ if stack_supports_infra_client and is_solrCloud_enabled and not is_external_solrCloud_enabled and not is_external_solrCloud_kerberos:
+ solr_jaas_file = format('{ranger_home}/conf/ranger_solr_jaas.conf')
+ solr_kerberos_principal = ranger_admin_jaas_principal
+ solr_kerberos_keytab = ranger_admin_keytab
+
+# logic to create core-site.xml if hdfs not installed
+if stack_supports_ranger_kerberos and not has_namenode:
+ core_site_property = {
+ 'hadoop.security.authentication': 'kerberos' if security_enabled else 'simple'
+ }
+
+ if security_enabled:
+ realm = 'EXAMPLE.COM'
+ ranger_admin_bare_principal = 'rangeradmin'
+ ranger_usersync_bare_principal = 'rangerusersync'
+ ranger_tagsync_bare_principal = 'rangertagsync'
+
+ ranger_usersync_principal = config['configurations']['ranger-ugsync-site']['ranger.usersync.kerberos.principal']
+ if not is_empty(ranger_admin_principal) and ranger_admin_principal != '':
+ ranger_admin_bare_principal = get_bare_principal(ranger_admin_principal)
+ if not is_empty(ranger_usersync_principal) and ranger_usersync_principal != '':
+ ranger_usersync_bare_principal = get_bare_principal(ranger_usersync_principal)
+ realm = config['configurations']['kerberos-env']['realm']
+
+ rule_dict = [
+ {'principal': ranger_admin_bare_principal, 'user': unix_user},
+ {'principal': ranger_usersync_bare_principal, 'user': 'rangerusersync'},
+ ]
+
+ if has_ranger_tagsync:
+ if not is_empty(ranger_tagsync_principal) and ranger_tagsync_principal != '':
+ ranger_tagsync_bare_principal = get_bare_principal(ranger_tagsync_principal)
+ rule_dict.append({'principal': ranger_tagsync_bare_principal, 'user': 'rangertagsync'})
+
+ core_site_auth_to_local_property = ''
+ for item in range(len(rule_dict)):
+ rule_line = 'RULE:[2:$1@$0]({0}@{1})s/.*/{2}/\n'.format(rule_dict[item]['principal'], realm, rule_dict[item]['user'])
+ core_site_auth_to_local_property = rule_line + core_site_auth_to_local_property
+
+ core_site_auth_to_local_property = core_site_auth_to_local_property + 'DEFAULT'
+ core_site_property['hadoop.security.auth_to_local'] = core_site_auth_to_local_property
+
+upgrade_type = Script.get_upgrade_type(default("/commandParams/upgrade_type", ""))
+
+# ranger service pid
+user_group = config['configurations']['cluster-env']['user_group']
+ranger_admin_pid_file = format('{ranger_pid_dir}/rangeradmin.pid')
+ranger_usersync_pid_file = format('{ranger_pid_dir}/usersync.pid')
+
+# admin credential
+admin_username = config['configurations']['ranger-env']['admin_username']
+admin_password = config['configurations']['ranger-env']['admin_password']
+default_admin_password = 'admin'
+
+ranger_is_solr_kerberised = "false"
+if audit_solr_enabled and is_solrCloud_enabled:
+ # Check internal solrCloud
+ if security_enabled and not is_external_solrCloud_enabled:
+ ranger_is_solr_kerberised = "true"
+ # Check external solrCloud
+ if is_external_solrCloud_enabled and is_external_solrCloud_kerberos:
+ ranger_is_solr_kerberised = "true"
+
+hbase_master_hosts = default("/clusterHostInfo/hbase_master_hosts", [])
+is_hbase_ha_enabled = True if len(hbase_master_hosts) > 1 else False
+is_namenode_ha_enabled = True if len(namenode_hosts) > 1 else False
+ranger_hbase_plugin_enabled = False
+ranger_hdfs_plugin_enabled = False
+
+
+if is_hbase_ha_enabled:
+ if not is_empty(config['configurations']['ranger-hbase-plugin-properties']['ranger-hbase-plugin-enabled']):
+ ranger_hbase_plugin_enabled = config['configurations']['ranger-hbase-plugin-properties']['ranger-hbase-plugin-enabled'].lower() == 'yes'
+if is_namenode_ha_enabled:
+ if not is_empty(config['configurations']['ranger-hdfs-plugin-properties']['ranger-hdfs-plugin-enabled']):
+ ranger_hdfs_plugin_enabled = config['configurations']['ranger-hdfs-plugin-properties']['ranger-hdfs-plugin-enabled'].lower() == 'yes'
+
+ranger_admin_password_properties = ['ranger.jpa.jdbc.password', 'ranger.jpa.audit.jdbc.password', 'ranger.ldap.bind.password', 'ranger.ldap.ad.bind.password']
+ranger_usersync_password_properties = ['ranger.usersync.ldap.ldapbindpassword']
+ranger_tagsync_password_properties = ['xasecure.policymgr.clientssl.keystore.password', 'xasecure.policymgr.clientssl.truststore.password']
+if stack_supports_secure_ssl_password:
+ ranger_admin_password_properties.extend(['ranger.service.https.attrib.keystore.pass', 'ranger.truststore.password'])
+ ranger_usersync_password_properties.extend(['ranger.usersync.keystore.password', 'ranger.usersync.truststore.password'])
+
+ranger_auth_method = config['configurations']['ranger-admin-site']['ranger.authentication.method']
+ranger_ldap_password_alias = default('/configurations/ranger-admin-site/ranger.ldap.binddn.credential.alias', 'ranger.ldap.bind.password')
+ranger_ad_password_alias = default('/configurations/ranger-admin-site/ranger.ldap.ad.binddn.credential.alias', 'ranger.ldap.ad.bind.password')
+ranger_https_keystore_alias = default('/configurations/ranger-admin-site/ranger.service.https.attrib.keystore.credential.alias', 'keyStoreCredentialAlias')
+ranger_truststore_alias = default('/configurations/ranger-admin-site/ranger.truststore.alias', 'trustStoreAlias')
+https_enabled = config['configurations']['ranger-admin-site']['ranger.service.https.attrib.ssl.enabled']
+http_enabled = config['configurations']['ranger-admin-site']['ranger.service.http.enabled']
+https_keystore_password = config['configurations']['ranger-admin-site']['ranger.service.https.attrib.keystore.pass']
+truststore_password = config['configurations']['ranger-admin-site']['ranger.truststore.password']
+
+# need this to capture cluster name for ranger tagsync
+cluster_name = config['clusterName']
\ No newline at end of file
[10/26] ambari git commit: AMBARI-20980. RU: RESTART
SPARK2/SPARK2_CLIENT failed (dlysnichenko)
Posted by jo...@apache.org.
AMBARI-20980. RU: RESTART SPARK2/SPARK2_CLIENT failed (dlysnichenko)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/7e2dd63b
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/7e2dd63b
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/7e2dd63b
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 7e2dd63b7a3b7509a28b12641de87122eda0e33e
Parents: 3edbc2c
Author: Lisnichenko Dmitro <dl...@hortonworks.com>
Authored: Thu May 11 17:31:58 2017 +0300
Committer: Lisnichenko Dmitro <dl...@hortonworks.com>
Committed: Thu May 11 17:31:58 2017 +0300
----------------------------------------------------------------------
.../common-services/SPARK/1.2.1/package/scripts/params.py | 2 +-
.../common-services/SPARK/2.2.0/package/scripts/params.py | 2 +-
.../common-services/SPARK2/2.0.0/package/scripts/params.py | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/7e2dd63b/ambari-server/src/main/resources/common-services/SPARK/1.2.1/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/SPARK/1.2.1/package/scripts/params.py b/ambari-server/src/main/resources/common-services/SPARK/1.2.1/package/scripts/params.py
index 6a59caf..42396bd 100644
--- a/ambari-server/src/main/resources/common-services/SPARK/1.2.1/package/scripts/params.py
+++ b/ambari-server/src/main/resources/common-services/SPARK/1.2.1/package/scripts/params.py
@@ -211,7 +211,7 @@ dfs_type = default("/commandParams/dfs_type", "")
# livy is only supported from HDP 2.5
has_livyserver = False
-if stack_version_formatted and check_stack_feature(StackFeature.SPARK_LIVY, stack_version_formatted):
+if stack_version_formatted and check_stack_feature(StackFeature.SPARK_LIVY, stack_version_formatted) and "livy-env" in config['configurations']:
livy_component_directory = Script.get_component_from_role(SERVER_ROLE_DIRECTORY_MAP, "LIVY_SERVER")
livy_conf = format("{stack_root}/current/{livy_component_directory}/conf")
livy_log_dir = config['configurations']['livy-env']['livy_log_dir']
http://git-wip-us.apache.org/repos/asf/ambari/blob/7e2dd63b/ambari-server/src/main/resources/common-services/SPARK/2.2.0/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/SPARK/2.2.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/SPARK/2.2.0/package/scripts/params.py
index e60cab5..1d36a75 100644
--- a/ambari-server/src/main/resources/common-services/SPARK/2.2.0/package/scripts/params.py
+++ b/ambari-server/src/main/resources/common-services/SPARK/2.2.0/package/scripts/params.py
@@ -200,7 +200,7 @@ dfs_type = default("/commandParams/dfs_type", "")
# livy for spark2 is only supported from HDP 2.6
has_livyserver = False
-if stack_version_formatted and check_stack_feature(StackFeature.SPARK_LIVY, stack_version_formatted):
+if stack_version_formatted and check_stack_feature(StackFeature.SPARK_LIVY, stack_version_formatted) and "livy-env" in config['configurations']:
livy_component_directory = Script.get_component_from_role(SERVER_ROLE_DIRECTORY_MAP, "LIVY_SERVER")
livy_conf = format("{stack_root}/current/{livy_component_directory}/conf")
livy_log_dir = config['configurations']['livy-env']['livy_log_dir']
http://git-wip-us.apache.org/repos/asf/ambari/blob/7e2dd63b/ambari-server/src/main/resources/common-services/SPARK2/2.0.0/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/SPARK2/2.0.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/SPARK2/2.0.0/package/scripts/params.py
index 4ed0718..1df3f2f 100755
--- a/ambari-server/src/main/resources/common-services/SPARK2/2.0.0/package/scripts/params.py
+++ b/ambari-server/src/main/resources/common-services/SPARK2/2.0.0/package/scripts/params.py
@@ -198,7 +198,7 @@ dfs_type = default("/commandParams/dfs_type", "")
# livy for spark2 is only supported from HDP 2.6
has_livyserver = False
-if stack_version_formatted and check_stack_feature(StackFeature.SPARK_LIVY2, stack_version_formatted):
+if stack_version_formatted and check_stack_feature(StackFeature.SPARK_LIVY2, stack_version_formatted) and "livy2-env" in config['configurations']:
livy2_component_directory = Script.get_component_from_role(SERVER_ROLE_DIRECTORY_MAP, "LIVY2_SERVER")
livy2_conf = format("{stack_root}/current/{livy2_component_directory}/conf")
livy2_log_dir = config['configurations']['livy2-env']['livy2_log_dir']
[18/26] ambari git commit: AMBARI-20985. HDP 3.0 TP - create service
definition for Ranger with configs, kerberos, widgets, etc.(vbrodetskyi)
Posted by jo...@apache.org.
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_1.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_1.json b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_1.json
new file mode 100644
index 0000000..e6724cd
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_1.json
@@ -0,0 +1,722 @@
+{
+ "name": "default",
+ "description": "Default theme for Ranger service",
+ "configuration": {
+ "layouts": [
+ {
+ "name": "default",
+ "tabs": [
+ {
+ "name": "ranger_admin_settings",
+ "display-name": "Ranger Admin",
+ "layout": {
+ "tab-columns": "2",
+ "tab-rows": "2",
+ "sections": [
+ {
+ "name": "section-ranger-admin",
+ "display-name": "Ranger Admin",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "3",
+ "column-span": "2",
+ "section-columns": "2",
+ "section-rows": "3",
+ "subsections": [
+ {
+ "name": "subsection-ranger-db-row1-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-db-row1-col2",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-db-root-user-col1",
+ "row-index": "1",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-db-root-user-col2",
+ "row-index": "1",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "name": "ranger_user_info",
+ "display-name": "Ranger User Info",
+ "layout": {
+ "tab-columns": "1",
+ "tab-rows": "1",
+ "sections": [
+ {
+ "name": "section-user-info",
+ "display-name": "Ranger User Info",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "2",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "2",
+ "subsections": [
+ {
+ "name": "subsection-ranger-user-row2-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "subsection-tabs": [
+ {
+ "name": "ldap-common-configs",
+ "display-name": "Common Configs",
+ "depends-on": [
+ {
+ "configs": [
+ "usersync-properties/SYNC_SOURCE"
+ ],
+ "if": "${usersync-properties/SYNC_SOURCE} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "name": "ldap-user-configs",
+ "display-name": "User Configs",
+ "depends-on": [
+ {
+ "configs": [
+ "usersync-properties/SYNC_SOURCE"
+ ],
+ "if": "${usersync-properties/SYNC_SOURCE} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "name": "ranger_plugin",
+ "display-name": "Ranger Plugin",
+ "layout": {
+ "tab-columns": "1",
+ "tab-rows": "1",
+ "sections": [
+ {
+ "name": "section-ranger-plugin",
+ "display-name": "Ranger Plugin",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "3",
+ "section-columns": "3",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "section-ranger-plugin-row1-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "section-ranger-plugin-row1-col2",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "section-ranger-plugin-row1-col3",
+ "row-index": "0",
+ "column-index": "2",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "name": "ranger_audit_settings",
+ "display-name": "Ranger Audit",
+ "layout": {
+ "tab-columns": "1",
+ "tab-rows": "2",
+ "sections": [
+ {
+ "name": "section-ranger-audit-hdfs",
+ "display-name": "Audit to HDFS",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-hdfs-row1-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ },
+ {
+ "name": "section-ranger-audit-db",
+ "display-name": "Audit to DB",
+ "row-index": "1",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-audit-db-row2-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-audit-db-row2-col2",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ]
+ }
+ ],
+ "placement": {
+ "configuration-layout": "default",
+ "configs": [
+ {
+ "config": "admin-properties/DB_FLAVOR",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "admin-properties/db_name",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "admin-properties/db_user",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "ranger-admin-site/ranger.jpa.jdbc.url",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "admin-properties/db_host",
+ "subsection-name": "subsection-ranger-db-row1-col2"
+ },
+ {
+ "config": "ranger-admin-site/ranger.jpa.jdbc.driver",
+ "subsection-name": "subsection-ranger-db-row1-col2"
+ },
+ {
+ "config": "admin-properties/db_password",
+ "subsection-name": "subsection-ranger-db-row1-col2"
+ },
+ {
+ "config": "admin-properties/db_root_user",
+ "subsection-name": "subsection-ranger-db-root-user-col1"
+ },
+ {
+ "config": "admin-properties/db_root_password",
+ "subsection-name": "subsection-ranger-db-root-user-col2"
+ },
+ {
+ "config": "usersync-properties/SYNC_SOURCE",
+ "subsection-name": "subsection-ranger-user-row2-col1"
+ },
+
+ {
+ "config": "usersync-properties/MIN_UNIX_USER_ID_TO_SYNC",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "usersync-properties/SYNC_SOURCE"
+ ],
+ "if": "${usersync-properties/SYNC_SOURCE} === unix",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_URL",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs"
+ },
+ {
+ "config": "ranger-env/bind_anonymous",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_BIND_DN",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/bind_anonymous"
+ ],
+ "if": "${ranger-env/bind_anonymous}",
+ "then": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ }
+ }
+ ]
+
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_BIND_PASSWORD",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/bind_anonymous"
+ ],
+ "if": "${ranger-env/bind_anonymous}",
+ "then": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_NAME_ATTRIBUTE",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_OBJECT_CLASS",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_BASE",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_FILTER",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_SCOPE",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_GROUP_NAME_ATTRIBUTE",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "ranger-env/ranger-hdfs-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col1",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "HDFS",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/ranger-hive-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col1",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "HIVE",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/ranger-hbase-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col2",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "HBASE",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/ranger-storm-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col2",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "STORM",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/ranger-knox-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col3",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "KNOX",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs",
+ "subsection-name": "subsection-ranger-hdfs-row1-col1"
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs.dir",
+ "subsection-name": "subsection-ranger-hdfs-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.hdfs"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.hdfs}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.db",
+ "subsection-name": "subsection-ranger-audit-db-row2-col1"
+ },
+ {
+ "config": "admin-properties/audit_db_user",
+ "subsection-name": "subsection-ranger-audit-db-row2-col1"
+ },
+ {
+ "config": "admin-properties/audit_db_name",
+ "subsection-name": "subsection-ranger-audit-db-row2-col2"
+ },
+ {
+ "config": "admin-properties/audit_db_password",
+ "subsection-name": "subsection-ranger-audit-db-row2-col2"
+ }
+ ]
+ },
+ "widgets": [
+ {
+ "config": "admin-properties/DB_FLAVOR",
+ "widget": {
+ "type": "combo"
+ }
+ },
+ {
+ "config": "admin-properties/db_user",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_name",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.jpa.jdbc.url",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_host",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_password",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "admin-properties/db_root_user",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_root_password",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_SOURCE",
+ "widget": {
+ "type": "combo"
+ }
+ },
+ {
+ "config": "usersync-properties/MIN_UNIX_USER_ID_TO_SYNC",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_URL",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-env/bind_anonymous",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_BIND_DN",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_BIND_PASSWORD",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_NAME_ATTRIBUTE",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_OBJECT_CLASS",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_BASE",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_FILTER",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_SCOPE",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_GROUP_NAME_ATTRIBUTE",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-hdfs-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-hive-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-hbase-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-knox-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-storm-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs.dir",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.db",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "admin-properties/audit_db_user",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/audit_db_name",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/audit_db_password",
+ "widget": {
+ "type": "password"
+ }
+ }
+ ]
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_2.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_2.json b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_2.json
new file mode 100644
index 0000000..cbd27e4
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_2.json
@@ -0,0 +1,1470 @@
+{
+ "name": "default",
+ "description": "Default theme for Ranger service",
+ "configuration": {
+ "layouts": [
+ {
+ "name": "default",
+ "tabs": [
+ {
+ "name": "ranger_admin_settings",
+ "display-name": "Ranger Admin",
+ "layout": {
+ "tab-columns": "2",
+ "tab-rows": "2",
+ "sections": [
+ {
+ "name": "section-ranger-admin",
+ "display-name": "Ranger Admin",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "3",
+ "column-span": "2",
+ "section-columns": "2",
+ "section-rows": "3",
+ "subsections": [
+ {
+ "name": "subsection-ranger-db-row1-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-db-row1-col2",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-db-row2",
+ "row-index": "1",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "2"
+ },
+ {
+ "name": "subsection-ranger-db-root-user-col1",
+ "row-index": "2",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/create_db_dbuser"
+ ],
+ "if": "${ranger-env/create_db_dbuser}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "name": "subsection-ranger-db-root-user-col2",
+ "row-index": "2",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/create_db_dbuser"
+ ],
+ "if": "${ranger-env/create_db_dbuser}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "name": "ranger_user_info",
+ "display-name": "Ranger User Info",
+ "layout": {
+ "tab-columns": "1",
+ "tab-rows": "1",
+ "sections": [
+ {
+ "name": "section-user-info",
+ "display-name": "Ranger User Info",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "2",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "2",
+ "subsections": [
+ {
+ "name": "subsection-ranger-user-row1-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-user-row2-col1",
+ "row-index": "1",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "subsection-tabs": [
+ {
+ "name": "ldap-common-configs",
+ "display-name": "Common Configs",
+ "depends-on": [
+ {
+ "configs": [
+ "ranger-ugsync-site/ranger.usersync.source.impl.class"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.source.impl.class} === org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "name": "ldap-user-configs",
+ "display-name": "User Configs",
+ "depends-on": [
+ {
+ "configs": [
+ "ranger-ugsync-site/ranger.usersync.source.impl.class"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.source.impl.class} === org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "name": "ldap-group-configs",
+ "display-name": "Group Configs",
+ "depends-on": [
+ {
+ "configs": [
+ "ranger-ugsync-site/ranger.usersync.source.impl.class"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.source.impl.class} === org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ }
+ ],
+ "depends-on": [
+ {
+ "configs": [
+ "ranger-ugsync-site/ranger.usersync.enabled"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.enabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "name": "ranger_plugin",
+ "display-name": "Ranger Plugin",
+ "layout": {
+ "tab-columns": "1",
+ "tab-rows": "1",
+ "sections": [
+ {
+ "name": "section-ranger-plugin",
+ "display-name": "Ranger Plugin",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "3",
+ "section-columns": "3",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "section-ranger-plugin-row1-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "section-ranger-plugin-row1-col2",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "section-ranger-plugin-row1-col3",
+ "row-index": "0",
+ "column-index": "2",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "name": "ranger_audit_settings",
+ "display-name": "Ranger Audit",
+ "layout": {
+ "tab-columns": "2",
+ "tab-rows": "2",
+ "sections": [
+ {
+ "name": "section-ranger-audit-solr",
+ "display-name": "Audit to Solr",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-solr-row1-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ },
+ {
+ "name": "section-ranger-audit-hdfs",
+ "display-name": "Audit to HDFS",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-hdfs-row1-col2",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ },
+ {
+ "name": "section-ranger-audit-db",
+ "display-name": "Audit to DB",
+ "row-index": "1",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "2",
+ "section-columns": "2",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-audit-db-row2-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-audit-db-row2-col2",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ]
+ }
+ ],
+ "placement": {
+ "configuration-layout": "default",
+ "configs": [
+ {
+ "config": "admin-properties/DB_FLAVOR",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "admin-properties/db_name",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "admin-properties/db_user",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "ranger-admin-site/ranger.jpa.jdbc.url",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "admin-properties/db_host",
+ "subsection-name": "subsection-ranger-db-row1-col2"
+ },
+ {
+ "config": "ranger-admin-site/ranger.jpa.jdbc.driver",
+ "subsection-name": "subsection-ranger-db-row1-col2"
+ },
+ {
+ "config": "admin-properties/db_password",
+ "subsection-name": "subsection-ranger-db-row1-col2"
+ },
+ {
+ "config": "ranger-env/test_db_connection",
+ "subsection-name": "subsection-ranger-db-row2",
+ "property_value_attributes": {
+ "ui_only_property": true
+ },
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/create_db_dbuser"
+ ],
+ "if": "${ranger-env/create_db_dbuser}",
+ "then": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/create_db_dbuser",
+ "subsection-name": "subsection-ranger-db-row2"
+ },
+ {
+ "config": "admin-properties/db_root_user",
+ "subsection-name": "subsection-ranger-db-root-user-col1"
+ },
+ {
+ "config": "ranger-env/ranger_privelege_user_jdbc_url",
+ "subsection-name": "subsection-ranger-db-root-user-col1"
+ },
+ {
+ "config": "admin-properties/db_root_password",
+ "subsection-name": "subsection-ranger-db-root-user-col2"
+ },
+ {
+ "config": "ranger-env/test_root_db_connection",
+ "subsection-name": "subsection-ranger-db-root-user-col1",
+ "property_value_attributes": {
+ "ui_only_property": true
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.enabled",
+ "subsection-name": "subsection-ranger-user-row1-col1"
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.source.impl.class",
+ "subsection-name": "subsection-ranger-user-row2-col1"
+ },
+
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.unix.minUserId",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.source.impl.class"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.source.impl.class} === org.apache.ranger.unixusersync.process.UnixUserGroupBuilder",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.unix.password.file",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.source.impl.class"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.source.impl.class} === org.apache.ranger.unixusersync.process.UnixUserGroupBuilder",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.unix.group.file",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.source.impl.class"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.source.impl.class} === org.apache.ranger.unixusersync.process.UnixUserGroupBuilder",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.filesource.file",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.source.impl.class"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.source.impl.class} === org.apache.ranger.unixusersync.process.FileSourceUserGroupBuilder",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.filesource.text.delimiter",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.source.impl.class"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.source.impl.class} === org.apache.ranger.unixusersync.process.FileSourceUserGroupBuilder",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.url",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs"
+ },
+ {
+ "config": "ranger-env/bind_anonymous",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs"
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.binddn",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/bind_anonymous"
+ ],
+ "if": "${ranger-env/bind_anonymous}",
+ "then": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.ldapbindpassword",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/bind_anonymous"
+ ],
+ "if": "${ranger-env/bind_anonymous}",
+ "then": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.nameattribute",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.objectclass",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.searchbase",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.searchfilter",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.searchscope",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.groupnameattribute",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.usermapsyncenabled",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.searchenabled",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-group-configs"
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.memberattributename",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-group-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.group.searchenabled"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.group.searchenabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.nameattribute",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-group-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.group.searchenabled"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.group.searchenabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.objectclass",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-group-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.group.searchenabled"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.group.searchenabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.searchbase",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-group-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.group.searchenabled"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.group.searchenabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.searchfilter",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-group-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.group.searchenabled"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.group.searchenabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/ranger-hdfs-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col1",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "HDFS",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/ranger-yarn-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col1",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "YARN",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/ranger-hive-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col1",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "HIVE",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/ranger-hbase-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col2",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "HBASE",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/ranger-storm-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col2",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "STORM",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/ranger-knox-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col3",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "KNOX",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/ranger-kafka-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col3",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "KAFKA",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.db",
+ "subsection-name": "subsection-ranger-audit-db-row2-col1"
+ },
+ {
+ "config": "admin-properties/audit_db_user",
+ "subsection-name": "subsection-ranger-audit-db-row2-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.db"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.db}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "admin-properties/audit_db_name",
+ "subsection-name": "subsection-ranger-audit-db-row2-col2",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.db"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.db}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "admin-properties/audit_db_password",
+ "subsection-name": "subsection-ranger-audit-db-row2-col2",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.db"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.db}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.solr",
+ "subsection-name": "subsection-ranger-solr-row1-col1"
+ },
+ {
+ "config": "ranger-env/is_solrCloud_enabled",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.solr"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.solr}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.urls",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/is_solrCloud_enabled",
+ "ranger-env/xasecure.audit.destination.solr"
+ ],
+ "if": "${ranger-env/is_solrCloud_enabled} === false && ${ranger-env/xasecure.audit.destination.solr}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.zookeepers",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/is_solrCloud_enabled",
+ "ranger-env/xasecure.audit.destination.solr"
+ ],
+ "if": "${ranger-env/is_solrCloud_enabled} && ${ranger-env/xasecure.audit.destination.solr}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.username",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.solr"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.solr}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.password",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.solr"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.solr}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs",
+ "subsection-name": "subsection-ranger-hdfs-row1-col2"
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs.dir",
+ "subsection-name": "subsection-ranger-hdfs-row1-col2",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.hdfs"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.hdfs}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ }
+ ]
+ },
+ "widgets": [
+ {
+ "config": "admin-properties/DB_FLAVOR",
+ "widget": {
+ "type": "combo"
+ }
+ },
+ {
+ "config": "admin-properties/db_user",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_name",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.jpa.jdbc.url",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.jpa.jdbc.driver",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_host",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_password",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "ranger-env/test_db_connection",
+ "widget": {
+ "type": "test-db-connection",
+ "display-name": "Test Connection",
+ "required-properties": {
+ "jdbc.driver.class": "ranger-admin-site/ranger.jpa.jdbc.driver",
+ "jdbc.driver.url": "ranger-admin-site/ranger.jpa.jdbc.url",
+ "db.connection.source.host": "ranger-site/ranger_admin_hosts",
+ "db.type": "admin-properties/DB_FLAVOR",
+ "db.connection.destination.host": "admin-properties/db_host",
+ "db.connection.user": "admin-properties/db_user",
+ "db.connection.password": "admin-properties/db_password"
+ }
+ }
+ },
+ {
+ "config": "ranger-env/create_db_dbuser",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger_privelege_user_jdbc_url",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_root_user",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_root_password",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "ranger-env/test_root_db_connection",
+ "widget": {
+ "type": "test-db-connection",
+ "display-name": "Test Connection",
+ "required-properties": {
+ "jdbc.driver.class": "ranger-admin-site/ranger.jpa.jdbc.driver",
+ "jdbc.driver.url": "ranger-env/ranger_privelege_user_jdbc_url",
+ "db.connection.source.host": "ranger-site/ranger_admin_hosts",
+ "db.type": "admin-properties/DB_FLAVOR",
+ "db.connection.destination.host": "admin-properties/db_host",
+ "db.connection.user": "admin-properties/db_root_user",
+ "db.connection.password": "admin-properties/db_root_password"
+ }
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.source.impl.class",
+ "widget": {
+ "type": "combo"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.url",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-env/bind_anonymous",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.binddn",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.ldapbindpassword",
+ "widget": {
+ "type": "password"
+ }
+ },
+
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.usermapsyncenabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.nameattribute",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.objectclass",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.searchbase",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.searchfilter",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.searchscope",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.user.groupnameattribute",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.searchenabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.memberattributename",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.nameattribute",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.objectclass",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.searchbase",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.searchfilter",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.unix.minUserId",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.unix.password.file",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.unix.group.file",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.filesource.file",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.filesource.text.delimiter",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-hdfs-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-hive-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-hbase-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-kafka-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-knox-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-storm-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-yarn-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.db",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "admin-properties/audit_db_user",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/audit_db_name",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/audit_db_password",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.solr",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/is_solrCloud_enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.urls",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.zookeepers",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.username",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.password",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs.dir",
+ "widget": {
+ "type": "text-field"
+ }
+ }
+ ]
+ }
+}
+
[02/26] ambari git commit: AMBARI-20978 Ambari 3.0: Outstanding new
components issues. (atkach)
Posted by jo...@apache.org.
AMBARI-20978 Ambari 3.0: Outstanding new components issues. (atkach)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/506b8476
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/506b8476
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/506b8476
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 506b84768581311d944b57cbd270ee3b96613b65
Parents: 4595f00
Author: Andrii Tkach <at...@apache.org>
Authored: Wed May 10 13:36:40 2017 +0300
Committer: Andrii Tkach <at...@apache.org>
Committed: Wed May 10 17:44:35 2017 +0300
----------------------------------------------------------------------
.../app/styles/theme/bootstrap-ambari.css | 53 +++++++++++++-------
ambari-web/app/styles/wizard.less | 6 +++
2 files changed, 42 insertions(+), 17 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/506b8476/ambari-web/app/styles/theme/bootstrap-ambari.css
----------------------------------------------------------------------
diff --git a/ambari-web/app/styles/theme/bootstrap-ambari.css b/ambari-web/app/styles/theme/bootstrap-ambari.css
index 3164584..7f95dab 100644
--- a/ambari-web/app/styles/theme/bootstrap-ambari.css
+++ b/ambari-web/app/styles/theme/bootstrap-ambari.css
@@ -212,6 +212,9 @@
background-color: #429929;
border: 1px solid #3FAE2A;
}
+.btn-success {
+ border: none;
+}
.btn-regular-default-state {
background-color: #FFF;
color: #666;
@@ -222,41 +225,52 @@
border: 1px solid #3FAE2A;
color: #FFF;
}
-.btn-group.open .btn.dropdown-toggle {
+.btn-group.open .btn.dropdown-toggle,
+.dropdown.open .btn.dropdown-toggle {
box-shadow: inset 0px 0px 3px 0px #1391c1;
}
.btn-group.open .btn.dropdown-toggle,
-.btn-group.open .btn.dropdown-toggle.btn-default {
+.dropdown.open .btn.dropdown-toggle,
+.btn-group.open .btn.dropdown-toggle.btn-default,
+.dropdown.open .btn.dropdown-toggle.btn-default {
background-color: #FFF;
color: #666;
border: 1px solid #cfd3d7;
}
.btn-group.open .btn.dropdown-toggle:hover,
-.btn-group.open .btn.dropdown-toggle.btn-default:hover {
+.dropdown.open .btn.dropdown-toggle:hover,
+.btn-group.open .btn.dropdown-toggle.btn-default:hover,
+.dropdown.open .btn.dropdown-toggle.btn-default:hover {
background-color: #FFF;
color: #666;
border: 1px solid #cfd3d7;
}
.btn-group.open .btn.dropdown-toggle + .dropdown-menu > li > a:hover,
-.btn-group.open .btn.dropdown-toggle.btn-default + .dropdown-menu > li > a:hover {
+.dropdown.open .btn.dropdown-toggle + .dropdown-menu > li > a:hover,
+.btn-group.open .btn.dropdown-toggle.btn-default + .dropdown-menu > li > a:hover,
+.dropdown.open .btn.dropdown-toggle.btn-default + .dropdown-menu > li > a:hover {
background-color: #808793;
color: #FFF;
}
-.btn-group.open .btn.dropdown-toggle.btn-primary {
+.btn-group.open .btn.dropdown-toggle.btn-primary,
+.dropdown.open .btn.dropdown-toggle.btn-primary {
background-color: #3FAE2A;
border: 1px solid #3FAE2A;
color: #FFF;
}
-.btn-group.open .btn.dropdown-toggle.btn-primary:hover {
+.btn-group.open .btn.dropdown-toggle.btn-primary:hover,
+.dropdown.open .btn.dropdown-toggle.btn-primary:hover {
background-color: #3FAE2A;
border: 1px solid #3FAE2A;
color: #FFF;
}
-.btn-group.open .btn.dropdown-toggle.btn-primary + .dropdown-menu > li > a:hover {
+.btn-group.open .btn.dropdown-toggle.btn-primary + .dropdown-menu > li > a:hover,
+.dropdown.open .btn.dropdown-toggle.btn-primary + .dropdown-menu > li > a:hover {
background-color: #429929;
color: #FFF;
}
-.btn-group.open .dropdown-menu {
+.btn-group.open .dropdown-menu,
+.dropdown.open .dropdown-menu {
font-family: 'Roboto', sans-serif;
font-weight: normal;
font-style: normal;
@@ -269,17 +283,22 @@
color: #666;
border: 1px solid #cfd3d7;
}
-.btn-group.open .dropdown-menu > li {
+.btn-group.open .dropdown-menu > li,
+.dropdown.open .dropdown-menu > li {
margin-bottom: 1px;
}
-.btn-group.open .dropdown-menu > li > a {
+.btn-group.open .dropdown-menu > li > a,
+.dropdown.open .dropdown-menu > li > a {
height: 24px;
}
-.btn-group .btn.dropdown-toggle:first-child {
+.btn-group .btn.dropdown-toggle:first-child,
+.dropdown .btn.dropdown-toggle:first-child {
min-width: 80px;
}
.btn-group .btn.dropdown-toggle.disabled,
-.btn-group .btn.dropdown-toggle[disabled] {
+.dropdown .btn.dropdown-toggle.disabled,
+.btn-group .btn.dropdown-toggle[disabled],
+.dropdown .btn.dropdown-toggle[disabled] {
opacity: 0.6;
}
input.form-control {
@@ -347,9 +366,9 @@ input.form-control:focus {
.form-control[disabled],
.form-control[readonly],
fieldset[disabled] .form-control {
- color: #dbdee2;
- border-color: #b2b8c1;
- background-color: #b2b8c1;
+ color: #999999;
+ border-color: #cccccc;
+ background-color: #dddddd;
}
h2.table-title {
font-family: 'Roboto', sans-serif;
@@ -703,7 +722,7 @@ input[type="checkbox"] + label:before {
content: '';
position: absolute;
left: 0;
- top: 2px;
+ top: 4px;
width: 10px;
height: 10px;
box-sizing: border-box;
@@ -716,7 +735,7 @@ input[type="checkbox"]:checked + label:after {
content: '\2714';
color: #FFF;
position: absolute;
- top: 2px;
+ top: 0;
left: 2px;
font-size: 9px;
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/506b8476/ambari-web/app/styles/wizard.less
----------------------------------------------------------------------
diff --git a/ambari-web/app/styles/wizard.less b/ambari-web/app/styles/wizard.less
index 130896dd..407d965 100644
--- a/ambari-web/app/styles/wizard.less
+++ b/ambari-web/app/styles/wizard.less
@@ -199,6 +199,12 @@
color: #00688B;
}
}
+ #step4 {
+ .checkbox > div {
+ line-height: 1.3em;
+ font-size: initial;
+ }
+ }
#step6 {
.pre-scrollable {
max-height: 440px;
[14/26] ambari git commit: Hive view 2.0 : table stats parameters
changed from Integer to Long to handle bigger values (Greg Senia via
nitirajrathore)
Posted by jo...@apache.org.
Hive view 2.0 : table stats parameters changed from Integer to Long to handle bigger values (Greg Senia via nitirajrathore)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/461209a9
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/461209a9
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/461209a9
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 461209a9050566117f7b7342be875d5cec7e94d8
Parents: f7e9af8
Author: Nitiraj Singh Rathore <ni...@gmail.com>
Authored: Fri May 12 08:44:49 2017 +0530
Committer: Nitiraj Singh Rathore <ni...@gmail.com>
Committed: Fri May 12 08:45:45 2017 +0530
----------------------------------------------------------------------
.../view/hive20/internal/dto/TableStats.java | 24 ++++++++++----------
.../internal/parsers/TableMetaParserImpl.java | 8 +++----
2 files changed, 16 insertions(+), 16 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/461209a9/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/internal/dto/TableStats.java
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/internal/dto/TableStats.java b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/internal/dto/TableStats.java
index 5d0f307..6af9359 100644
--- a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/internal/dto/TableStats.java
+++ b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/internal/dto/TableStats.java
@@ -34,11 +34,11 @@ public class TableStats {
private DatabaseMetadataWrapper databaseMetadata;
private Boolean isTableStatsEnabled;
- private Integer numFiles;
- private Integer numRows;
+ private Long numFiles;
+ private Long numRows;
private String columnStatsAccurate;
- private Integer rawDataSize;
- private Integer totalSize;
+ private Long rawDataSize;
+ private Long totalSize;
public Boolean getTableStatsEnabled() {
return isTableStatsEnabled;
@@ -48,11 +48,11 @@ public class TableStats {
isTableStatsEnabled = tableStatsEnabled;
}
- public Integer getNumFiles() {
+ public Long getNumFiles() {
return numFiles;
}
- public void setNumFiles(Integer numFiles) {
+ public void setNumFiles(Long numFiles) {
this.numFiles = numFiles;
}
@@ -64,27 +64,27 @@ public class TableStats {
this.columnStatsAccurate = columnStatsAccurate;
}
- public Integer getRawDataSize() {
+ public Long getRawDataSize() {
return rawDataSize;
}
- public void setRawDataSize(Integer rawDataSize) {
+ public void setRawDataSize(Long rawDataSize) {
this.rawDataSize = rawDataSize;
}
- public Integer getTotalSize() {
+ public Long getTotalSize() {
return totalSize;
}
- public void setTotalSize(Integer totalSize) {
+ public void setTotalSize(Long totalSize) {
this.totalSize = totalSize;
}
- public Integer getNumRows() {
+ public Long getNumRows() {
return numRows;
}
- public void setNumRows(Integer numRows) {
+ public void setNumRows(Long numRows) {
this.numRows = numRows;
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/461209a9/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/internal/parsers/TableMetaParserImpl.java
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/internal/parsers/TableMetaParserImpl.java b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/internal/parsers/TableMetaParserImpl.java
index 711cab9..ef1b464 100644
--- a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/internal/parsers/TableMetaParserImpl.java
+++ b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/internal/parsers/TableMetaParserImpl.java
@@ -102,22 +102,22 @@ public class TableMetaParserImpl implements TableMetaParser<TableMeta> {
if(!Strings.isNullOrEmpty(numFiles) && !Strings.isNullOrEmpty(numFiles.trim())){
tableStats.setTableStatsEnabled(true);
- tableStats.setNumFiles(Integer.valueOf(numFiles.trim()));
+ tableStats.setNumFiles(Long.valueOf(numFiles.trim()));
}
if(!Strings.isNullOrEmpty(numRows) && !Strings.isNullOrEmpty(numRows.trim())){
tableStats.setTableStatsEnabled(true);
- tableStats.setNumRows(Integer.valueOf(numRows.trim()));
+ tableStats.setNumRows(Long.valueOf(numRows.trim()));
}
if(!Strings.isNullOrEmpty(rawDataSize) && !Strings.isNullOrEmpty(rawDataSize.trim())){
tableStats.setTableStatsEnabled(true);
- tableStats.setRawDataSize(Integer.valueOf(rawDataSize.trim()));
+ tableStats.setRawDataSize(Long.valueOf(rawDataSize.trim()));
}
if(!Strings.isNullOrEmpty(totalSize) && !Strings.isNullOrEmpty(totalSize.trim())){
tableStats.setTableStatsEnabled(true);
- tableStats.setTotalSize(Integer.valueOf(totalSize.trim()));
+ tableStats.setTotalSize(Long.valueOf(totalSize.trim()));
}
if(!Strings.isNullOrEmpty(columnStatsAccurate) && !Strings.isNullOrEmpty(columnStatsAccurate.trim())) {
[17/26] ambari git commit: AMBARI-20985. HDP 3.0 TP - create service
definition for Ranger with configs, kerberos, widgets, etc.(vbrodetskyi)
Posted by jo...@apache.org.
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_3.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_3.json b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_3.json
new file mode 100644
index 0000000..cbe28a3
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_3.json
@@ -0,0 +1,692 @@
+{
+ "configuration": {
+ "layouts": [
+ {
+ "name": "default",
+ "tabs": [
+ {
+ "name": "ranger_audit_settings",
+ "display-name": "Ranger Audit",
+ "layout": {
+ "tab-columns": "2",
+ "tab-rows": "2",
+ "sections": [
+ {
+ "name": "section-ranger-audit-solr",
+ "display-name": "Audit to Solr",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-solr-row1-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ },
+ {
+ "name": "section-ranger-audit-hdfs",
+ "display-name": "Audit to HDFS",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-hdfs-row1-col2",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "name": "ranger_tagsync",
+ "display-name": "Ranger Tagsync",
+ "layout": {
+ "tab-columns": "2",
+ "tab-rows": "2",
+ "sections": [
+ {
+ "name": "section-tagsync-atlas",
+ "display-name": "Atlas Tag Source",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-tagsync-row1-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ },
+ {
+ "name": "section-tagsync-atlasrest",
+ "display-name": "AtlasRest Tag Source",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-tagsync-row1-col2",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ },
+ {
+ "name": "section-tagsync-file",
+ "display-name": "File Tag Source",
+ "row-index": "1",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-tagsync-row2-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ]
+ }
+ ],
+ "placement": {
+ "configuration-layout": "default",
+ "configs": [
+ {
+ "config": "ranger-env/ranger-atlas-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col2",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "ATLAS",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.atlas",
+ "subsection-name": "subsection-ranger-tagsync-row1-col1"
+ },
+ {
+ "config": "tagsync-application-properties/atlas.kafka.bootstrap.servers",
+ "subsection-name": "subsection-ranger-tagsync-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-tagsync-site/ranger.tagsync.source.atlas"
+ ],
+ "if": "${ranger-tagsync-site/ranger.tagsync.source.atlas}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "tagsync-application-properties/atlas.kafka.zookeeper.connect",
+ "subsection-name": "subsection-ranger-tagsync-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-tagsync-site/ranger.tagsync.source.atlas"
+ ],
+ "if": "${ranger-tagsync-site/ranger.tagsync.source.atlas}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "tagsync-application-properties/atlas.kafka.entities.group.id",
+ "subsection-name": "subsection-ranger-tagsync-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-tagsync-site/ranger.tagsync.source.atlas"
+ ],
+ "if": "${ranger-tagsync-site/ranger.tagsync.source.atlas}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.atlasrest",
+ "subsection-name": "subsection-ranger-tagsync-row1-col2"
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.atlasrest.endpoint",
+ "subsection-name": "subsection-ranger-tagsync-row1-col2",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-tagsync-site/ranger.tagsync.source.atlasrest"
+ ],
+ "if": "${ranger-tagsync-site/ranger.tagsync.source.atlasrest}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.atlasrest.download.interval.millis",
+ "subsection-name": "subsection-ranger-tagsync-row1-col2",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-tagsync-site/ranger.tagsync.source.atlasrest"
+ ],
+ "if": "${ranger-tagsync-site/ranger.tagsync.source.atlasrest}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.file",
+ "subsection-name": "subsection-ranger-tagsync-row2-col1"
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.file.check.interval.millis",
+ "subsection-name": "subsection-ranger-tagsync-row2-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-tagsync-site/ranger.tagsync.source.file"
+ ],
+ "if": "${ranger-tagsync-site/ranger.tagsync.source.file}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.file.filename",
+ "subsection-name": "subsection-ranger-tagsync-row2-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-tagsync-site/ranger.tagsync.source.file"
+ ],
+ "if": "${ranger-tagsync-site/ranger.tagsync.source.file}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.user.searchenabled",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.group.search.first.enabled"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.group.search.first.enabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.search.first.enabled",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-group-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-ugsync-site/ranger.usersync.group.searchenabled"
+ ],
+ "if": "${ranger-ugsync-site/ranger.usersync.group.searchenabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.solr",
+ "subsection-name": "subsection-ranger-solr-row1-col1"
+ },
+ {
+ "config": "ranger-env/is_solrCloud_enabled",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.solr"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.solr}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/is_external_solrCloud_enabled",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.solr",
+ "ranger-env/is_solrCloud_enabled"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.solr} && ${ranger-env/is_solrCloud_enabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/is_external_solrCloud_kerberos",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.solr",
+ "ranger-env/is_solrCloud_enabled",
+ "ranger-env/is_external_solrCloud_enabled"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.solr} && ${ranger-env/is_solrCloud_enabled} && ${ranger-env/is_external_solrCloud_enabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.urls",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/is_solrCloud_enabled",
+ "ranger-env/xasecure.audit.destination.solr"
+ ],
+ "if": "${ranger-env/is_solrCloud_enabled} === false && ${ranger-env/xasecure.audit.destination.solr}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.zookeepers",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/is_solrCloud_enabled",
+ "ranger-env/xasecure.audit.destination.solr"
+ ],
+ "if": "${ranger-env/is_solrCloud_enabled} && ${ranger-env/xasecure.audit.destination.solr}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.username",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.solr"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.solr}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.password",
+ "subsection-name": "subsection-ranger-solr-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.solr"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.solr}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs",
+ "subsection-name": "subsection-ranger-hdfs-row1-col2"
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs.dir",
+ "subsection-name": "subsection-ranger-hdfs-row1-col2",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.hdfs"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.hdfs}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ }
+ ]
+ },
+ "widgets": [
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.file.check.interval.millis",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.file.filename",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.atlasrest.download.interval.millis",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.atlasrest.endpoint",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "tagsync-application-properties/atlas.kafka.entities.group.id",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "tagsync-application-properties/atlas.kafka.bootstrap.servers",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "tagsync-application-properties/atlas.kafka.zookeeper.connect",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.atlas",
+ "widget": {
+ "type": "checkbox"
+ }
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.atlasrest",
+ "widget": {
+ "type": "checkbox"
+ }
+ },
+ {
+ "config": "ranger-tagsync-site/ranger.tagsync.source.file",
+ "widget": {
+ "type": "checkbox"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-atlas-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.user.searchenabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.group.search.first.enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.solr",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/is_solrCloud_enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/is_external_solrCloud_enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/is_external_solrCloud_kerberos",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.urls",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.zookeepers",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.username",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.audit.solr.password",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs.dir",
+ "widget": {
+ "type": "text-field"
+ }
+ }
+ ]
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_5.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_5.json b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_5.json
new file mode 100644
index 0000000..8068a38
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/themes/theme_version_5.json
@@ -0,0 +1,48 @@
+{
+ "configuration": {
+ "placement": {
+ "configuration-layout": "default",
+ "configs": [
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.deltasync",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs"
+ },
+ {
+ "config": "ranger-env/ranger-nifi-plugin-enabled",
+ "subsection-name": "section-ranger-plugin-row1-col1",
+ "depends-on": [
+ {
+ "resource": "service",
+ "if": "NIFI",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ }
+ ]
+ },
+ "widgets": [
+ {
+ "config": "ranger-ugsync-site/ranger.usersync.ldap.deltasync",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/ranger-nifi-plugin-enabled",
+ "widget": {
+ "type": "toggle"
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/stacks/HDP/3.0/services/RANGER/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/3.0/services/RANGER/metainfo.xml b/ambari-server/src/main/resources/stacks/HDP/3.0/services/RANGER/metainfo.xml
new file mode 100644
index 0000000..c8b3d65
--- /dev/null
+++ b/ambari-server/src/main/resources/stacks/HDP/3.0/services/RANGER/metainfo.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<metainfo>
+ <schemaVersion>2.0</schemaVersion>
+ <services>
+ <service>
+ <name>RANGER</name>
+ <version>0.7.0.3.0</version>
+ <extends>common-services/RANGER/0.7.0.3.0</extends>
+ </service>
+ </services>
+</metainfo>
[07/26] ambari git commit: AMBARI-20434. Enhance Kafka Service Check.
Additional changes (WangJie via dlysnichenko)
Posted by jo...@apache.org.
AMBARI-20434. Enhance Kafka Service Check. Additional changes (WangJie via dlysnichenko)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/4b3cbef3
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/4b3cbef3
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/4b3cbef3
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 4b3cbef39edb37b8b393dd5b19c968223a282281
Parents: 242d9e7
Author: Lisnichenko Dmitro <dl...@hortonworks.com>
Authored: Thu May 11 13:27:06 2017 +0300
Committer: Lisnichenko Dmitro <dl...@hortonworks.com>
Committed: Thu May 11 13:27:06 2017 +0300
----------------------------------------------------------------------
.../KAFKA/0.10.0.3.0/configuration/kafka-broker.xml | 2 +-
.../0.10.0.3.0/package/scripts/service_check.py | 15 ++++++++++-----
2 files changed, 11 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/4b3cbef3/ambari-server/src/main/resources/common-services/KAFKA/0.10.0.3.0/configuration/kafka-broker.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KAFKA/0.10.0.3.0/configuration/kafka-broker.xml b/ambari-server/src/main/resources/common-services/KAFKA/0.10.0.3.0/configuration/kafka-broker.xml
index b62b986..46c14c0 100644
--- a/ambari-server/src/main/resources/common-services/KAFKA/0.10.0.3.0/configuration/kafka-broker.xml
+++ b/ambari-server/src/main/resources/common-services/KAFKA/0.10.0.3.0/configuration/kafka-broker.xml
@@ -527,7 +527,7 @@
</property>
<property>
<name>delete.topic.enable</name>
- <value>false</value>
+ <value>true</value>
<description>Enables delete topic. Delete topic through the admin tool will have no effect if this config is turned off</description>
<on-ambari-upgrade add="false"/>
</property>
http://git-wip-us.apache.org/repos/asf/ambari/blob/4b3cbef3/ambari-server/src/main/resources/common-services/KAFKA/0.10.0.3.0/package/scripts/service_check.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KAFKA/0.10.0.3.0/package/scripts/service_check.py b/ambari-server/src/main/resources/common-services/KAFKA/0.10.0.3.0/package/scripts/service_check.py
index 0f3a417..cb66f98 100644
--- a/ambari-server/src/main/resources/common-services/KAFKA/0.10.0.3.0/package/scripts/service_check.py
+++ b/ambari-server/src/main/resources/common-services/KAFKA/0.10.0.3.0/package/scripts/service_check.py
@@ -40,12 +40,17 @@ class ServiceCheck(Script):
topic_exists_cmd = format("{kafka_home}/bin/kafka-topics.sh --zookeeper {kafka_config[zookeeper.connect]} --topic {topic} --list")
topic_exists_cmd_p = subprocess.Popen(topic_exists_cmd.split(" "), stdout=subprocess.PIPE, stderr=subprocess.PIPE)
topic_exists_cmd_out, topic_exists_cmd_err = topic_exists_cmd_p.communicate()
- # run create topic command only if the topic doesn't exists
- if topic not in topic_exists_cmd_out:
- create_topic_cmd = format("{kafka_home}/bin/kafka-topics.sh --zookeeper {kafka_config[zookeeper.connect]} --create --topic {topic} --partitions 1 --replication-factor 1")
+
+ delete_topic_cmd = format("{kafka_home}/bin/kafka-topics.sh --zookeeper {kafka_config[zookeeper.connect]} --delete --topic {topic}")
+ create_topic_cmd = format("{kafka_home}/bin/kafka-topics.sh --zookeeper {kafka_config[zookeeper.connect]} --create --topic {topic} --partitions 1 --replication-factor 1")
+ if topic in topic_exists_cmd_out:
+ # run delete topic and recreate the topic command only if the topic exists
+ command = source_cmd + " ; " + delete_topic_cmd + ";" + create_topic_cmd
+ else:
+ # run create topic command
command = source_cmd + " ; " + create_topic_cmd
- Logger.info("Running kafka create topic command: %s" % command)
- call_and_match_output(command, format("({create_topic_cmd_created_output})|({create_topic_cmd_exists_output})"), "Failed to check that topic exists", user=params.kafka_user)
+ Logger.info("Running kafka create topic command: %s" % command)
+ call_and_match_output(command, format("({create_topic_cmd_created_output})|({create_topic_cmd_exists_output})"), "Failed to check that topic exists", user=params.kafka_user)
def read_kafka_config(self):
import params
[19/26] ambari git commit: AMBARI-20985. HDP 3.0 TP - create service
definition for Ranger with configs, kerberos, widgets, etc.(vbrodetskyi)
Posted by jo...@apache.org.
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/properties/ranger-solrconfig.xml.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/properties/ranger-solrconfig.xml.j2 b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/properties/ranger-solrconfig.xml.j2
new file mode 100644
index 0000000..25dbb7a
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/properties/ranger-solrconfig.xml.j2
@@ -0,0 +1,1874 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<!--
+ For more details about configurations options that may appear in
+ this file, see http://wiki.apache.org/solr/SolrConfigXml.
+-->
+<config>
+ <!-- In all configuration below, a prefix of "solr." for class names
+ is an alias that causes solr to search appropriate packages,
+ including org.apache.solr.(search|update|request|core|analysis)
+
+ You may also specify a fully qualified Java classname if you
+ have your own custom plugins.
+ -->
+
+ <!-- Controls what version of Lucene various components of Solr
+ adhere to. Generally, you want to use the latest version to
+ get all bug fixes and improvements. It is highly recommended
+ that you fully re-index after changing this setting as it can
+ affect both how text is indexed and queried.
+ -->
+ <luceneMatchVersion>5.2.0</luceneMatchVersion>
+
+ <!-- <lib/> directives can be used to instruct Solr to load any Jars
+ identified and use them to resolve any "plugins" specified in
+ your solrconfig.xml or schema.xml (ie: Analyzers, Request
+ Handlers, etc...).
+
+ All directories and paths are resolved relative to the
+ instanceDir.
+
+ Please note that <lib/> directives are processed in the order
+ that they appear in your solrconfig.xml file, and are "stacked"
+ on top of each other when building a ClassLoader - so if you have
+ plugin jars with dependencies on other jars, the "lower level"
+ dependency jars should be loaded first.
+
+ If a "./lib" directory exists in your instanceDir, all files
+ found in it are included as if you had used the following
+ syntax...
+
+ <lib dir="./lib" />
+ -->
+
+ <!-- A 'dir' option by itself adds any files found in the directory
+ to the classpath, this is useful for including all jars in a
+ directory.
+
+ When a 'regex' is specified in addition to a 'dir', only the
+ files in that directory which completely match the regex
+ (anchored on both ends) will be included.
+
+ If a 'dir' option (with or without a regex) is used and nothing
+ is found that matches, a warning will be logged.
+
+ The examples below can be used to load some solr-contribs along
+ with their external dependencies.
+ -->
+ <lib dir="${solr.install.dir:../../../..}/dist/" regex="solr-dataimporthandler-.*\.jar" />
+
+ <lib dir="${solr.install.dir:../../../..}/contrib/extraction/lib" regex=".*\.jar" />
+ <lib dir="${solr.install.dir:../../../..}/dist/" regex="solr-cell-\d.*\.jar" />
+
+ <lib dir="${solr.install.dir:../../../..}/contrib/clustering/lib/" regex=".*\.jar" />
+ <lib dir="${solr.install.dir:../../../..}/dist/" regex="solr-clustering-\d.*\.jar" />
+
+ <lib dir="${solr.install.dir:../../../..}/contrib/langid/lib/" regex=".*\.jar" />
+ <lib dir="${solr.install.dir:../../../..}/dist/" regex="solr-langid-\d.*\.jar" />
+
+ <lib dir="${solr.install.dir:../../../..}/contrib/velocity/lib" regex=".*\.jar" />
+ <lib dir="${solr.install.dir:../../../..}/dist/" regex="solr-velocity-\d.*\.jar" />
+
+ <!-- an exact 'path' can be used instead of a 'dir' to specify a
+ specific jar file. This will cause a serious error to be logged
+ if it can't be loaded.
+ -->
+ <!--
+ <lib path="../a-jar-that-does-not-exist.jar" />
+ -->
+
+ <!-- Data Directory
+
+ Used to specify an alternate directory to hold all index data
+ other than the default ./data under the Solr home. If
+ replication is in use, this should match the replication
+ configuration.
+ -->
+ <dataDir>${solr.data.dir:}</dataDir>
+
+
+ <!-- The DirectoryFactory to use for indexes.
+
+ solr.StandardDirectoryFactory is filesystem
+ based and tries to pick the best implementation for the current
+ JVM and platform. solr.NRTCachingDirectoryFactory, the default,
+ wraps solr.StandardDirectoryFactory and caches small files in memory
+ for better NRT performance.
+
+ One can force a particular implementation via solr.MMapDirectoryFactory,
+ solr.NIOFSDirectoryFactory, or solr.SimpleFSDirectoryFactory.
+
+ solr.RAMDirectoryFactory is memory based, not
+ persistent, and doesn't work with replication.
+ -->
+ <directoryFactory name="DirectoryFactory"
+ class="${solr.directoryFactory:solr.NRTCachingDirectoryFactory}">
+
+
+ <!-- These will be used if you are using the solr.HdfsDirectoryFactory,
+ otherwise they will be ignored. If you don't plan on using hdfs,
+ you can safely remove this section. -->
+ <!-- The root directory that collection data should be written to. -->
+ <str name="solr.hdfs.home">${solr.hdfs.home:}</str>
+ <!-- The hadoop configuration files to use for the hdfs client. -->
+ <str name="solr.hdfs.confdir">${solr.hdfs.confdir:}</str>
+ <!-- Enable/Disable the hdfs cache. -->
+ <str name="solr.hdfs.blockcache.enabled">${solr.hdfs.blockcache.enabled:true}</str>
+ <!-- Enable/Disable using one global cache for all SolrCores.
+ The settings used will be from the first HdfsDirectoryFactory created. -->
+ <str name="solr.hdfs.blockcache.global">${solr.hdfs.blockcache.global:true}</str>
+
+ </directoryFactory>
+
+ <!-- The CodecFactory for defining the format of the inverted index.
+ The default implementation is SchemaCodecFactory, which is the official Lucene
+ index format, but hooks into the schema to provide per-field customization of
+ the postings lists and per-document values in the fieldType element
+ (postingsFormat/docValuesFormat). Note that most of the alternative implementations
+ are experimental, so if you choose to customize the index format, it's a good
+ idea to convert back to the official format e.g. via IndexWriter.addIndexes(IndexReader)
+ before upgrading to a newer version to avoid unnecessary reindexing.
+ -->
+ <codecFactory class="solr.SchemaCodecFactory"/>
+
+ <!-- To enable dynamic schema REST APIs, use the following for <schemaFactory>: -->
+
+ <schemaFactory class="ManagedIndexSchemaFactory">
+ <bool name="mutable">true</bool>
+ <str name="managedSchemaResourceName">managed-schema</str>
+ </schemaFactory>
+<!--
+ When ManagedIndexSchemaFactory is specified, Solr will load the schema from
+ the resource named in 'managedSchemaResourceName', rather than from schema.xml.
+ Note that the managed schema resource CANNOT be named schema.xml. If the managed
+ schema does not exist, Solr will create it after reading schema.xml, then rename
+ 'schema.xml' to 'schema.xml.bak'.
+
+ Do NOT hand edit the managed schema - external modifications will be ignored and
+ overwritten as a result of schema modification REST API calls.
+
+ When ManagedIndexSchemaFactory is specified with mutable = true, schema
+ modification REST API calls will be allowed; otherwise, error responses will be
+ sent back for these requests.
+
+ <schemaFactory class="ClassicIndexSchemaFactory"/>
+ -->
+
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ Index Config - These settings control low-level behavior of indexing
+ Most example settings here show the default value, but are commented
+ out, to more easily see where customizations have been made.
+
+ Note: This replaces <indexDefaults> and <mainIndex> from older versions
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <indexConfig>
+ <!-- maxFieldLength was removed in 4.0. To get similar behavior, include a
+ LimitTokenCountFilterFactory in your fieldType definition. E.g.
+ <filter class="solr.LimitTokenCountFilterFactory" maxTokenCount="10000"/>
+ -->
+ <!-- Maximum time to wait for a write lock (ms) for an IndexWriter. Default: 1000 -->
+ <!-- <writeLockTimeout>1000</writeLockTimeout> -->
+
+ <!-- The maximum number of simultaneous threads that may be
+ indexing documents at once in IndexWriter; if more than this
+ many threads arrive they will wait for others to finish.
+ Default in Solr/Lucene is 8. -->
+ <!-- <maxIndexingThreads>8</maxIndexingThreads> -->
+
+ <!-- Expert: Enabling compound file will use less files for the index,
+ using fewer file descriptors on the expense of performance decrease.
+ Default in Lucene is "true". Default in Solr is "false" (since 3.6) -->
+ <!-- <useCompoundFile>false</useCompoundFile> -->
+
+ <!-- ramBufferSizeMB sets the amount of RAM that may be used by Lucene
+ indexing for buffering added documents and deletions before they are
+ flushed to the Directory.
+ maxBufferedDocs sets a limit on the number of documents buffered
+ before flushing.
+ If both ramBufferSizeMB and maxBufferedDocs is set, then
+ Lucene will flush based on whichever limit is hit first.
+ The default is 100 MB. -->
+ <!-- <ramBufferSizeMB>100</ramBufferSizeMB> -->
+ <!-- <maxBufferedDocs>1000</maxBufferedDocs> -->
+
+ <!-- Expert: Merge Policy
+ The Merge Policy in Lucene controls how merging of segments is done.
+ The default since Solr/Lucene 3.3 is TieredMergePolicy.
+ The default since Lucene 2.3 was the LogByteSizeMergePolicy,
+ Even older versions of Lucene used LogDocMergePolicy.
+ -->
+ <!--
+ <mergePolicy class="org.apache.lucene.index.TieredMergePolicy">
+ <int name="maxMergeAtOnce">10</int>
+ <int name="segmentsPerTier">10</int>
+ </mergePolicy>
+ -->
+
+ <!-- Merge Factor
+ The merge factor controls how many segments will get merged at a time.
+ For TieredMergePolicy, mergeFactor is a convenience parameter which
+ will set both MaxMergeAtOnce and SegmentsPerTier at once.
+ For LogByteSizeMergePolicy, mergeFactor decides how many new segments
+ will be allowed before they are merged into one.
+ Default is 10 for both merge policies.
+ -->
+ <!--
+ <mergeFactor>10</mergeFactor>
+ -->
+
+ <!-- Ranger customization. Set to 5 to trigger purging of deleted documents more often -->
+ <mergeFactor>{{ranger_audit_logs_merge_factor}}</mergeFactor>
+
+ <!-- Expert: Merge Scheduler
+ The Merge Scheduler in Lucene controls how merges are
+ performed. The ConcurrentMergeScheduler (Lucene 2.3 default)
+ can perform merges in the background using separate threads.
+ The SerialMergeScheduler (Lucene 2.2 default) does not.
+ -->
+ <!--
+ <mergeScheduler class="org.apache.lucene.index.ConcurrentMergeScheduler"/>
+ -->
+
+ <!-- LockFactory
+
+ This option specifies which Lucene LockFactory implementation
+ to use.
+
+ single = SingleInstanceLockFactory - suggested for a
+ read-only index or when there is no possibility of
+ another process trying to modify the index.
+ native = NativeFSLockFactory - uses OS native file locking.
+ Do not use when multiple solr webapps in the same
+ JVM are attempting to share a single index.
+ simple = SimpleFSLockFactory - uses a plain file for locking
+
+ Defaults: 'native' is default for Solr3.6 and later, otherwise
+ 'simple' is the default
+
+ More details on the nuances of each LockFactory...
+ http://wiki.apache.org/lucene-java/AvailableLockFactories
+ -->
+ <lockType>${solr.lock.type:native}</lockType>
+
+ <!-- Unlock On Startup
+
+ If true, unlock any held write or commit locks on startup.
+ This defeats the locking mechanism that allows multiple
+ processes to safely access a lucene index, and should be used
+ with care. Default is "false".
+
+ This is not needed if lock type is 'single'
+ -->
+ <!--
+ <unlockOnStartup>false</unlockOnStartup>
+ -->
+
+ <!-- Commit Deletion Policy
+ Custom deletion policies can be specified here. The class must
+ implement org.apache.lucene.index.IndexDeletionPolicy.
+
+ The default Solr IndexDeletionPolicy implementation supports
+ deleting index commit points on number of commits, age of
+ commit point and optimized status.
+
+ The latest commit point should always be preserved regardless
+ of the criteria.
+ -->
+ <!--
+ <deletionPolicy class="solr.SolrDeletionPolicy">
+ -->
+ <!-- The number of commit points to be kept -->
+ <!-- <str name="maxCommitsToKeep">1</str> -->
+ <!-- The number of optimized commit points to be kept -->
+ <!-- <str name="maxOptimizedCommitsToKeep">0</str> -->
+ <!--
+ Delete all commit points once they have reached the given age.
+ Supports DateMathParser syntax e.g.
+ -->
+ <!--
+ <str name="maxCommitAge">30MINUTES</str>
+ <str name="maxCommitAge">1DAY</str>
+ -->
+ <!--
+ </deletionPolicy>
+ -->
+
+ <!-- Lucene Infostream
+
+ To aid in advanced debugging, Lucene provides an "InfoStream"
+ of detailed information when indexing.
+
+ Setting the value to true will instruct the underlying Lucene
+ IndexWriter to write its info stream to solr's log. By default,
+ this is enabled here, and controlled through log4j.properties.
+ -->
+ <infoStream>true</infoStream>
+ </indexConfig>
+
+
+ <!-- JMX
+
+ This example enables JMX if and only if an existing MBeanServer
+ is found, use this if you want to configure JMX through JVM
+ parameters. Remove this to disable exposing Solr configuration
+ and statistics to JMX.
+
+ For more details see http://wiki.apache.org/solr/SolrJmx
+ -->
+ <jmx />
+ <!-- If you want to connect to a particular server, specify the
+ agentId
+ -->
+ <!-- <jmx agentId="myAgent" /> -->
+ <!-- If you want to start a new MBeanServer, specify the serviceUrl -->
+ <!-- <jmx serviceUrl="service:jmx:rmi:///jndi/rmi://localhost:9999/solr"/>
+ -->
+
+ <!-- The default high-performance update handler -->
+ <updateHandler class="solr.DirectUpdateHandler2">
+
+ <!-- Enables a transaction log, used for real-time get, durability, and
+ and solr cloud replica recovery. The log can grow as big as
+ uncommitted changes to the index, so use of a hard autoCommit
+ is recommended (see below).
+ "dir" - the target directory for transaction logs, defaults to the
+ solr data directory. -->
+ <updateLog>
+ <str name="dir">${solr.ulog.dir:}</str>
+ </updateLog>
+
+ <!-- AutoCommit
+
+ Perform a hard commit automatically under certain conditions.
+ Instead of enabling autoCommit, consider using "commitWithin"
+ when adding documents.
+
+ http://wiki.apache.org/solr/UpdateXmlMessages
+
+ maxDocs - Maximum number of documents to add since the last
+ commit before automatically triggering a new commit.
+
+ maxTime - Maximum amount of time in ms that is allowed to pass
+ since a document was added before automatically
+ triggering a new commit.
+ openSearcher - if false, the commit causes recent index changes
+ to be flushed to stable storage, but does not cause a new
+ searcher to be opened to make those changes visible.
+
+ If the updateLog is enabled, then it's highly recommended to
+ have some sort of hard autoCommit to limit the log size.
+ -->
+ <autoCommit>
+ <maxTime>${solr.autoCommit.maxTime:15000}</maxTime>
+ <openSearcher>false</openSearcher>
+ </autoCommit>
+
+ <!-- softAutoCommit is like autoCommit except it causes a
+ 'soft' commit which only ensures that changes are visible
+ but does not ensure that data is synced to disk. This is
+ faster and more near-realtime friendly than a hard commit.
+ -->
+
+ <autoSoftCommit>
+ <maxTime>${solr.autoSoftCommit.maxTime:5000}</maxTime>
+ </autoSoftCommit>
+
+ <!-- Update Related Event Listeners
+
+ Various IndexWriter related events can trigger Listeners to
+ take actions.
+
+ postCommit - fired after every commit or optimize command
+ postOptimize - fired after every optimize command
+ -->
+ <!-- The RunExecutableListener executes an external command from a
+ hook such as postCommit or postOptimize.
+
+ exe - the name of the executable to run
+ dir - dir to use as the current working directory. (default=".")
+ wait - the calling thread waits until the executable returns.
+ (default="true")
+ args - the arguments to pass to the program. (default is none)
+ env - environment variables to set. (default is none)
+ -->
+ <!-- This example shows how RunExecutableListener could be used
+ with the script based replication...
+ http://wiki.apache.org/solr/CollectionDistribution
+ -->
+ <!--
+ <listener event="postCommit" class="solr.RunExecutableListener">
+ <str name="exe">solr/bin/snapshooter</str>
+ <str name="dir">.</str>
+ <bool name="wait">true</bool>
+ <arr name="args"> <str>arg1</str> <str>arg2</str> </arr>
+ <arr name="env"> <str>MYVAR=val1</str> </arr>
+ </listener>
+ -->
+
+ </updateHandler>
+
+ <!-- IndexReaderFactory
+
+ Use the following format to specify a custom IndexReaderFactory,
+ which allows for alternate IndexReader implementations.
+
+ ** Experimental Feature **
+
+ Please note - Using a custom IndexReaderFactory may prevent
+ certain other features from working. The API to
+ IndexReaderFactory may change without warning or may even be
+ removed from future releases if the problems cannot be
+ resolved.
+
+
+ ** Features that may not work with custom IndexReaderFactory **
+
+ The ReplicationHandler assumes a disk-resident index. Using a
+ custom IndexReader implementation may cause incompatibility
+ with ReplicationHandler and may cause replication to not work
+ correctly. See SOLR-1366 for details.
+
+ -->
+ <!--
+ <indexReaderFactory name="IndexReaderFactory" class="package.class">
+ <str name="someArg">Some Value</str>
+ </indexReaderFactory >
+ -->
+
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ Query section - these settings control query time things like caches
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <query>
+ <!-- Max Boolean Clauses
+
+ Maximum number of clauses in each BooleanQuery, an exception
+ is thrown if exceeded.
+
+ ** WARNING **
+
+ This option actually modifies a global Lucene property that
+ will affect all SolrCores. If multiple solrconfig.xml files
+ disagree on this property, the value at any given moment will
+ be based on the last SolrCore to be initialized.
+
+ -->
+ <maxBooleanClauses>1024</maxBooleanClauses>
+
+
+ <!-- Solr Internal Query Caches
+
+ There are two implementations of cache available for Solr,
+ LRUCache, based on a synchronized LinkedHashMap, and
+ FastLRUCache, based on a ConcurrentHashMap.
+
+ FastLRUCache has faster gets and slower puts in single
+ threaded operation and thus is generally faster than LRUCache
+ when the hit ratio of the cache is high (> 75%), and may be
+ faster under other scenarios on multi-cpu systems.
+ -->
+
+ <!-- Filter Cache
+
+ Cache used by SolrIndexSearcher for filters (DocSets),
+ unordered sets of *all* documents that match a query. When a
+ new searcher is opened, its caches may be prepopulated or
+ "autowarmed" using data from caches in the old searcher.
+ autowarmCount is the number of items to prepopulate. For
+ LRUCache, the autowarmed items will be the most recently
+ accessed items.
+
+ Parameters:
+ class - the SolrCache implementation LRUCache or
+ (LRUCache or FastLRUCache)
+ size - the maximum number of entries in the cache
+ initialSize - the initial capacity (number of entries) of
+ the cache. (see java.util.HashMap)
+ autowarmCount - the number of entries to prepopulate from
+ and old cache.
+ -->
+ <filterCache class="solr.FastLRUCache"
+ size="512"
+ initialSize="512"
+ autowarmCount="0"/>
+
+ <!-- Query Result Cache
+
+ Caches results of searches - ordered lists of document ids
+ (DocList) based on a query, a sort, and the range of documents requested.
+ -->
+ <queryResultCache class="solr.LRUCache"
+ size="512"
+ initialSize="512"
+ autowarmCount="0"/>
+
+ <!-- Document Cache
+
+ Caches Lucene Document objects (the stored fields for each
+ document). Since Lucene internal document ids are transient,
+ this cache will not be autowarmed.
+ -->
+ <documentCache class="solr.LRUCache"
+ size="512"
+ initialSize="512"
+ autowarmCount="0"/>
+
+ <!-- custom cache currently used by block join -->
+ <cache name="perSegFilter"
+ class="solr.search.LRUCache"
+ size="10"
+ initialSize="0"
+ autowarmCount="10"
+ regenerator="solr.NoOpRegenerator" />
+
+ <!-- Field Value Cache
+
+ Cache used to hold field values that are quickly accessible
+ by document id. The fieldValueCache is created by default
+ even if not configured here.
+ -->
+ <!--
+ <fieldValueCache class="solr.FastLRUCache"
+ size="512"
+ autowarmCount="128"
+ showItems="32" />
+ -->
+
+ <!-- Custom Cache
+
+ Example of a generic cache. These caches may be accessed by
+ name through SolrIndexSearcher.getCache(),cacheLookup(), and
+ cacheInsert(). The purpose is to enable easy caching of
+ user/application level data. The regenerator argument should
+ be specified as an implementation of solr.CacheRegenerator
+ if autowarming is desired.
+ -->
+ <!--
+ <cache name="myUserCache"
+ class="solr.LRUCache"
+ size="4096"
+ initialSize="1024"
+ autowarmCount="1024"
+ regenerator="com.mycompany.MyRegenerator"
+ />
+ -->
+
+
+ <!-- Lazy Field Loading
+
+ If true, stored fields that are not requested will be loaded
+ lazily. This can result in a significant speed improvement
+ if the usual case is to not load all stored fields,
+ especially if the skipped fields are large compressed text
+ fields.
+ -->
+ <enableLazyFieldLoading>true</enableLazyFieldLoading>
+
+ <!-- Use Filter For Sorted Query
+
+ A possible optimization that attempts to use a filter to
+ satisfy a search. If the requested sort does not include
+ score, then the filterCache will be checked for a filter
+ matching the query. If found, the filter will be used as the
+ source of document ids, and then the sort will be applied to
+ that.
+
+ For most situations, this will not be useful unless you
+ frequently get the same search repeatedly with different sort
+ options, and none of them ever use "score"
+ -->
+ <!--
+ <useFilterForSortedQuery>true</useFilterForSortedQuery>
+ -->
+
+ <!-- Result Window Size
+
+ An optimization for use with the queryResultCache. When a search
+ is requested, a superset of the requested number of document ids
+ are collected. For example, if a search for a particular query
+ requests matching documents 10 through 19, and queryWindowSize is 50,
+ then documents 0 through 49 will be collected and cached. Any further
+ requests in that range can be satisfied via the cache.
+ -->
+ <queryResultWindowSize>20</queryResultWindowSize>
+
+ <!-- Maximum number of documents to cache for any entry in the
+ queryResultCache.
+ -->
+ <queryResultMaxDocsCached>200</queryResultMaxDocsCached>
+
+ <!-- Query Related Event Listeners
+
+ Various IndexSearcher related events can trigger Listeners to
+ take actions.
+
+ newSearcher - fired whenever a new searcher is being prepared
+ and there is a current searcher handling requests (aka
+ registered). It can be used to prime certain caches to
+ prevent long request times for certain requests.
+
+ firstSearcher - fired whenever a new searcher is being
+ prepared but there is no current registered searcher to handle
+ requests or to gain autowarming data from.
+
+
+ -->
+ <!-- QuerySenderListener takes an array of NamedList and executes a
+ local query request for each NamedList in sequence.
+ -->
+ <listener event="newSearcher" class="solr.QuerySenderListener">
+ <arr name="queries">
+ <!--
+ <lst><str name="q">solr</str><str name="sort">price asc</str></lst>
+ <lst><str name="q">rocks</str><str name="sort">weight asc</str></lst>
+ -->
+ </arr>
+ </listener>
+ <listener event="firstSearcher" class="solr.QuerySenderListener">
+ <arr name="queries">
+ <lst>
+ <str name="q">static firstSearcher warming in solrconfig.xml</str>
+ </lst>
+ </arr>
+ </listener>
+
+ <!-- Use Cold Searcher
+
+ If a search request comes in and there is no current
+ registered searcher, then immediately register the still
+ warming searcher and use it. If "false" then all requests
+ will block until the first searcher is done warming.
+ -->
+ <useColdSearcher>true</useColdSearcher>
+
+ <!-- Max Warming Searchers
+
+ Maximum number of searchers that may be warming in the
+ background concurrently. An error is returned if this limit
+ is exceeded.
+
+ Recommend values of 1-2 for read-only slaves, higher for
+ masters w/o cache warming.
+ -->
+ <maxWarmingSearchers>2</maxWarmingSearchers>
+
+ </query>
+
+
+ <!-- Request Dispatcher
+
+ This section contains instructions for how the SolrDispatchFilter
+ should behave when processing requests for this SolrCore.
+
+ handleSelect is a legacy option that affects the behavior of requests
+ such as /select?qt=XXX
+
+ handleSelect="true" will cause the SolrDispatchFilter to process
+ the request and dispatch the query to a handler specified by the
+ "qt" param, assuming "/select" isn't already registered.
+
+ handleSelect="false" will cause the SolrDispatchFilter to
+ ignore "/select" requests, resulting in a 404 unless a handler
+ is explicitly registered with the name "/select"
+
+ handleSelect="true" is not recommended for new users, but is the default
+ for backwards compatibility
+ -->
+ <requestDispatcher handleSelect="false" >
+ <!-- Request Parsing
+
+ These settings indicate how Solr Requests may be parsed, and
+ what restrictions may be placed on the ContentStreams from
+ those requests
+
+ enableRemoteStreaming - enables use of the stream.file
+ and stream.url parameters for specifying remote streams.
+
+ multipartUploadLimitInKB - specifies the max size (in KiB) of
+ Multipart File Uploads that Solr will allow in a Request.
+
+ formdataUploadLimitInKB - specifies the max size (in KiB) of
+ form data (application/x-www-form-urlencoded) sent via
+ POST. You can use POST to pass request parameters not
+ fitting into the URL.
+
+ addHttpRequestToContext - if set to true, it will instruct
+ the requestParsers to include the original HttpServletRequest
+ object in the context map of the SolrQueryRequest under the
+ key "httpRequest". It will not be used by any of the existing
+ Solr components, but may be useful when developing custom
+ plugins.
+
+ *** WARNING ***
+ The settings below authorize Solr to fetch remote files, You
+ should make sure your system has some authentication before
+ using enableRemoteStreaming="true"
+
+ -->
+ <requestParsers enableRemoteStreaming="true"
+ multipartUploadLimitInKB="2048000"
+ formdataUploadLimitInKB="2048"
+ addHttpRequestToContext="false"/>
+
+ <!-- HTTP Caching
+
+ Set HTTP caching related parameters (for proxy caches and clients).
+
+ The options below instruct Solr not to output any HTTP Caching
+ related headers
+ -->
+ <httpCaching never304="true" />
+ <!-- If you include a <cacheControl> directive, it will be used to
+ generate a Cache-Control header (as well as an Expires header
+ if the value contains "max-age=")
+
+ By default, no Cache-Control header is generated.
+
+ You can use the <cacheControl> option even if you have set
+ never304="true"
+ -->
+ <!--
+ <httpCaching never304="true" >
+ <cacheControl>max-age=30, public</cacheControl>
+ </httpCaching>
+ -->
+ <!-- To enable Solr to respond with automatically generated HTTP
+ Caching headers, and to response to Cache Validation requests
+ correctly, set the value of never304="false"
+
+ This will cause Solr to generate Last-Modified and ETag
+ headers based on the properties of the Index.
+
+ The following options can also be specified to affect the
+ values of these headers...
+
+ lastModFrom - the default value is "openTime" which means the
+ Last-Modified value (and validation against If-Modified-Since
+ requests) will all be relative to when the current Searcher
+ was opened. You can change it to lastModFrom="dirLastMod" if
+ you want the value to exactly correspond to when the physical
+ index was last modified.
+
+ etagSeed="..." is an option you can change to force the ETag
+ header (and validation against If-None-Match requests) to be
+ different even if the index has not changed (ie: when making
+ significant changes to your config file)
+
+ (lastModifiedFrom and etagSeed are both ignored if you use
+ the never304="true" option)
+ -->
+ <!--
+ <httpCaching lastModifiedFrom="openTime"
+ etagSeed="Solr">
+ <cacheControl>max-age=30, public</cacheControl>
+ </httpCaching>
+ -->
+ </requestDispatcher>
+
+ <!-- Request Handlers
+
+ http://wiki.apache.org/solr/SolrRequestHandler
+
+ Incoming queries will be dispatched to a specific handler by name
+ based on the path specified in the request.
+
+ Legacy behavior: If the request path uses "/select" but no Request
+ Handler has that name, and if handleSelect="true" has been specified in
+ the requestDispatcher, then the Request Handler is dispatched based on
+ the qt parameter. Handlers without a leading '/' are accessed this way
+ like so: http://host/app/[core/]select?qt=name If no qt is
+ given, then the requestHandler that declares default="true" will be
+ used or the one named "standard".
+
+ If a Request Handler is declared with startup="lazy", then it will
+ not be initialized until the first request that uses it.
+
+ -->
+
+ <requestHandler name="/dataimport" class="solr.DataImportHandler">
+ <lst name="defaults">
+ <str name="config">solr-data-config.xml</str>
+ </lst>
+ </requestHandler>
+
+ <!-- SearchHandler
+
+ http://wiki.apache.org/solr/SearchHandler
+
+ For processing Search Queries, the primary Request Handler
+ provided with Solr is "SearchHandler" It delegates to a sequent
+ of SearchComponents (see below) and supports distributed
+ queries across multiple shards
+ -->
+ <requestHandler name="/select" class="solr.SearchHandler">
+ <!-- default values for query parameters can be specified, these
+ will be overridden by parameters in the request
+ -->
+ <lst name="defaults">
+ <str name="echoParams">explicit</str>
+ <int name="rows">10</int>
+ <str name="df">text</str>
+ </lst>
+ <!-- In addition to defaults, "appends" params can be specified
+ to identify values which should be appended to the list of
+ multi-val params from the query (or the existing "defaults").
+ -->
+ <!-- In this example, the param "fq=instock:true" would be appended to
+ any query time fq params the user may specify, as a mechanism for
+ partitioning the index, independent of any user selected filtering
+ that may also be desired (perhaps as a result of faceted searching).
+
+ NOTE: there is *absolutely* nothing a client can do to prevent these
+ "appends" values from being used, so don't use this mechanism
+ unless you are sure you always want it.
+ -->
+ <!--
+ <lst name="appends">
+ <str name="fq">inStock:true</str>
+ </lst>
+ -->
+ <!-- "invariants" are a way of letting the Solr maintainer lock down
+ the options available to Solr clients. Any params values
+ specified here are used regardless of what values may be specified
+ in either the query, the "defaults", or the "appends" params.
+
+ In this example, the facet.field and facet.query params would
+ be fixed, limiting the facets clients can use. Faceting is
+ not turned on by default - but if the client does specify
+ facet=true in the request, these are the only facets they
+ will be able to see counts for; regardless of what other
+ facet.field or facet.query params they may specify.
+
+ NOTE: there is *absolutely* nothing a client can do to prevent these
+ "invariants" values from being used, so don't use this mechanism
+ unless you are sure you always want it.
+ -->
+ <!--
+ <lst name="invariants">
+ <str name="facet.field">cat</str>
+ <str name="facet.field">manu_exact</str>
+ <str name="facet.query">price:[* TO 500]</str>
+ <str name="facet.query">price:[500 TO *]</str>
+ </lst>
+ -->
+ <!-- If the default list of SearchComponents is not desired, that
+ list can either be overridden completely, or components can be
+ prepended or appended to the default list. (see below)
+ -->
+ <!--
+ <arr name="components">
+ <str>nameOfCustomComponent1</str>
+ <str>nameOfCustomComponent2</str>
+ </arr>
+ -->
+ </requestHandler>
+
+ <!-- A request handler that returns indented JSON by default -->
+ <requestHandler name="/query" class="solr.SearchHandler">
+ <lst name="defaults">
+ <str name="echoParams">explicit</str>
+ <str name="wt">json</str>
+ <str name="indent">true</str>
+ <str name="df">text</str>
+ </lst>
+ </requestHandler>
+
+
+ <!-- realtime get handler, guaranteed to return the latest stored fields of
+ any document, without the need to commit or open a new searcher. The
+ current implementation relies on the updateLog feature being enabled.
+
+ ** WARNING **
+ Do NOT disable the realtime get handler at /get if you are using
+ SolrCloud otherwise any leader election will cause a full sync in ALL
+ replicas for the shard in question. Similarly, a replica recovery will
+ also always fetch the complete index from the leader because a partial
+ sync will not be possible in the absence of this handler.
+ -->
+ <requestHandler name="/get" class="solr.RealTimeGetHandler">
+ <lst name="defaults">
+ <str name="omitHeader">true</str>
+ <str name="wt">json</str>
+ <str name="indent">true</str>
+ </lst>
+ </requestHandler>
+
+
+ <!-- A Robust Example
+
+ This example SearchHandler declaration shows off usage of the
+ SearchHandler with many defaults declared
+
+ Note that multiple instances of the same Request Handler
+ (SearchHandler) can be registered multiple times with different
+ names (and different init parameters)
+ -->
+ <requestHandler name="/browse" class="solr.SearchHandler">
+ <lst name="defaults">
+ <str name="echoParams">explicit</str>
+
+ <!-- VelocityResponseWriter settings -->
+ <str name="wt">velocity</str>
+ <str name="v.template">browse</str>
+ <str name="v.layout">layout</str>
+
+ <!-- Query settings -->
+ <str name="defType">edismax</str>
+ <str name="q.alt">*:*</str>
+ <str name="rows">10</str>
+ <str name="fl">*,score</str>
+
+ <!-- Faceting defaults -->
+ <str name="facet">on</str>
+ <str name="facet.mincount">1</str>
+ </lst>
+ </requestHandler>
+
+
+ <initParams path="/update/**,/query,/select,/tvrh,/elevate,/spell,/browse">
+ <lst name="defaults">
+ <str name="df">text</str>
+ <str name="update.chain">add-unknown-fields-to-the-schema</str>
+ </lst>
+ </initParams>
+
+ <!-- Update Request Handler.
+
+ http://wiki.apache.org/solr/UpdateXmlMessages
+
+ The canonical Request Handler for Modifying the Index through
+ commands specified using XML, JSON, CSV, or JAVABIN
+
+ Note: Since solr1.1 requestHandlers requires a valid content
+ type header if posted in the body. For example, curl now
+ requires: -H 'Content-type:text/xml; charset=utf-8'
+
+ To override the request content type and force a specific
+ Content-type, use the request parameter:
+ ?update.contentType=text/csv
+
+ This handler will pick a response format to match the input
+ if the 'wt' parameter is not explicit
+ -->
+ <requestHandler name="/update" class="solr.UpdateRequestHandler">
+ <!-- See below for information on defining
+ updateRequestProcessorChains that can be used by name
+ on each Update Request
+ -->
+ <!--
+ <lst name="defaults">
+ <str name="update.chain">dedupe</str>
+ </lst>
+ -->
+ </requestHandler>
+
+ <!-- Solr Cell Update Request Handler
+
+ http://wiki.apache.org/solr/ExtractingRequestHandler
+
+ -->
+ <requestHandler name="/update/extract"
+ startup="lazy"
+ class="solr.extraction.ExtractingRequestHandler" >
+ <lst name="defaults">
+ <str name="lowernames">true</str>
+ <str name="uprefix">ignored_</str>
+
+ <!-- capture link hrefs but ignore div attributes -->
+ <str name="captureAttr">true</str>
+ <str name="fmap.a">links</str>
+ <str name="fmap.div">ignored_</str>
+ </lst>
+ </requestHandler>
+
+
+ <!-- Field Analysis Request Handler
+
+ RequestHandler that provides much the same functionality as
+ analysis.jsp. Provides the ability to specify multiple field
+ types and field names in the same request and outputs
+ index-time and query-time analysis for each of them.
+
+ Request parameters are:
+ analysis.fieldname - field name whose analyzers are to be used
+
+ analysis.fieldtype - field type whose analyzers are to be used
+ analysis.fieldvalue - text for index-time analysis
+ q (or analysis.q) - text for query time analysis
+ analysis.showmatch (true|false) - When set to true and when
+ query analysis is performed, the produced tokens of the
+ field value analysis will be marked as "matched" for every
+ token that is produces by the query analysis
+ -->
+ <requestHandler name="/analysis/field"
+ startup="lazy"
+ class="solr.FieldAnalysisRequestHandler" />
+
+
+ <!-- Document Analysis Handler
+
+ http://wiki.apache.org/solr/AnalysisRequestHandler
+
+ An analysis handler that provides a breakdown of the analysis
+ process of provided documents. This handler expects a (single)
+ content stream with the following format:
+
+ <docs>
+ <doc>
+ <field name="id">1</field>
+ <field name="name">The Name</field>
+ <field name="text">The Text Value</field>
+ </doc>
+ <doc>...</doc>
+ <doc>...</doc>
+ ...
+ </docs>
+
+ Note: Each document must contain a field which serves as the
+ unique key. This key is used in the returned response to associate
+ an analysis breakdown to the analyzed document.
+
+ Like the FieldAnalysisRequestHandler, this handler also supports
+ query analysis by sending either an "analysis.query" or "q"
+ request parameter that holds the query text to be analyzed. It
+ also supports the "analysis.showmatch" parameter which when set to
+ true, all field tokens that match the query tokens will be marked
+ as a "match".
+ -->
+ <requestHandler name="/analysis/document"
+ class="solr.DocumentAnalysisRequestHandler"
+ startup="lazy" />
+
+ <!-- This single handler is equivalent to the following... -->
+ <!--
+ <requestHandler name="/admin/luke" class="solr.admin.LukeRequestHandler" />
+ <requestHandler name="/admin/system" class="solr.admin.SystemInfoHandler" />
+ <requestHandler name="/admin/plugins" class="solr.admin.PluginInfoHandler" />
+ <requestHandler name="/admin/threads" class="solr.admin.ThreadDumpHandler" />
+ <requestHandler name="/admin/properties" class="solr.admin.PropertiesRequestHandler" />
+ <requestHandler name="/admin/file" class="solr.admin.ShowFileRequestHandler" >
+ -->
+ <!-- If you wish to hide files under ${solr.home}/conf, explicitly
+ register the ShowFileRequestHandler using the definition below.
+ NOTE: The glob pattern ('*') is the only pattern supported at present, *.xml will
+ not exclude all files ending in '.xml'. Use it to exclude _all_ updates
+ -->
+ <!--
+ <requestHandler name="/admin/file"
+ class="solr.admin.ShowFileRequestHandler" >
+ <lst name="invariants">
+ <str name="hidden">synonyms.txt</str>
+ <str name="hidden">anotherfile.txt</str>
+ <str name="hidden">*</str>
+ </lst>
+ </requestHandler>
+ -->
+
+ <!--
+ Enabling this request handler (which is NOT a default part of the admin handler) will allow the Solr UI to edit
+ all the config files. This is intended for secure/development use ONLY! Leaving available and publically
+ accessible is a security vulnerability and should be done with extreme caution!
+ -->
+ <!--
+ <requestHandler name="/admin/fileedit" class="solr.admin.EditFileRequestHandler" >
+ <lst name="invariants">
+ <str name="hidden">synonyms.txt</str>
+ <str name="hidden">anotherfile.txt</str>
+ </lst>
+ </requestHandler>
+ -->
+ <!-- ping/healthcheck -->
+ <requestHandler name="/admin/ping" class="solr.PingRequestHandler">
+ <lst name="invariants">
+ <str name="q">solrpingquery</str>
+ </lst>
+ <lst name="defaults">
+ <str name="echoParams">all</str>
+ </lst>
+ <!-- An optional feature of the PingRequestHandler is to configure the
+ handler with a "healthcheckFile" which can be used to enable/disable
+ the PingRequestHandler.
+ relative paths are resolved against the data dir
+ -->
+ <!-- <str name="healthcheckFile">server-enabled.txt</str> -->
+ </requestHandler>
+
+ <!-- Echo the request contents back to the client -->
+ <requestHandler name="/debug/dump" class="solr.DumpRequestHandler" >
+ <lst name="defaults">
+ <str name="echoParams">explicit</str>
+ <str name="echoHandler">true</str>
+ </lst>
+ </requestHandler>
+
+ <!-- Solr Replication
+
+ The SolrReplicationHandler supports replicating indexes from a
+ "master" used for indexing and "slaves" used for queries.
+
+ http://wiki.apache.org/solr/SolrReplication
+
+ It is also necessary for SolrCloud to function (in Cloud mode, the
+ replication handler is used to bulk transfer segments when nodes
+ are added or need to recover).
+
+ https://wiki.apache.org/solr/SolrCloud/
+ -->
+ <requestHandler name="/replication" class="solr.ReplicationHandler" >
+ <!--
+ To enable simple master/slave replication, uncomment one of the
+ sections below, depending on whether this solr instance should be
+ the "master" or a "slave". If this instance is a "slave" you will
+ also need to fill in the masterUrl to point to a real machine.
+ -->
+ <!--
+ <lst name="master">
+ <str name="replicateAfter">commit</str>
+ <str name="replicateAfter">startup</str>
+ <str name="confFiles">schema.xml,stopwords.txt</str>
+ </lst>
+ -->
+ <!--
+ <lst name="slave">
+ <str name="masterUrl">http://your-master-hostname:8983/solr</str>
+ <str name="pollInterval">00:00:60</str>
+ </lst>
+ -->
+ </requestHandler>
+
+ <!-- Search Components
+
+ Search components are registered to SolrCore and used by
+ instances of SearchHandler (which can access them by name)
+
+ By default, the following components are available:
+
+ <searchComponent name="query" class="solr.QueryComponent" />
+ <searchComponent name="facet" class="solr.FacetComponent" />
+ <searchComponent name="mlt" class="solr.MoreLikeThisComponent" />
+ <searchComponent name="highlight" class="solr.HighlightComponent" />
+ <searchComponent name="stats" class="solr.StatsComponent" />
+ <searchComponent name="debug" class="solr.DebugComponent" />
+
+ Default configuration in a requestHandler would look like:
+
+ <arr name="components">
+ <str>query</str>
+ <str>facet</str>
+ <str>mlt</str>
+ <str>highlight</str>
+ <str>stats</str>
+ <str>debug</str>
+ </arr>
+
+ If you register a searchComponent to one of the standard names,
+ that will be used instead of the default.
+
+ To insert components before or after the 'standard' components, use:
+
+ <arr name="first-components">
+ <str>myFirstComponentName</str>
+ </arr>
+
+ <arr name="last-components">
+ <str>myLastComponentName</str>
+ </arr>
+
+ NOTE: The component registered with the name "debug" will
+ always be executed after the "last-components"
+
+ -->
+
+ <!-- Spell Check
+
+ The spell check component can return a list of alternative spelling
+ suggestions.
+
+ http://wiki.apache.org/solr/SpellCheckComponent
+ -->
+ <searchComponent name="spellcheck" class="solr.SpellCheckComponent">
+
+ <str name="queryAnalyzerFieldType">text_general</str>
+
+ <!-- Multiple "Spell Checkers" can be declared and used by this
+ component
+ -->
+
+ <!-- a spellchecker built from a field of the main index -->
+ <lst name="spellchecker">
+ <str name="name">default</str>
+ <str name="field">text</str>
+ <str name="classname">solr.DirectSolrSpellChecker</str>
+ <!-- the spellcheck distance measure used, the default is the internal levenshtein -->
+ <str name="distanceMeasure">internal</str>
+ <!-- minimum accuracy needed to be considered a valid spellcheck suggestion -->
+ <float name="accuracy">0.5</float>
+ <!-- the maximum #edits we consider when enumerating terms: can be 1 or 2 -->
+ <int name="maxEdits">2</int>
+ <!-- the minimum shared prefix when enumerating terms -->
+ <int name="minPrefix">1</int>
+ <!-- maximum number of inspections per result. -->
+ <int name="maxInspections">5</int>
+ <!-- minimum length of a query term to be considered for correction -->
+ <int name="minQueryLength">4</int>
+ <!-- maximum threshold of documents a query term can appear to be considered for correction -->
+ <float name="maxQueryFrequency">0.01</float>
+ <!-- uncomment this to require suggestions to occur in 1% of the documents
+ <float name="thresholdTokenFrequency">.01</float>
+ -->
+ </lst>
+
+ <!-- a spellchecker that can break or combine words. See "/spell" handler below for usage -->
+ <lst name="spellchecker">
+ <str name="name">wordbreak</str>
+ <str name="classname">solr.WordBreakSolrSpellChecker</str>
+ <str name="field">name</str>
+ <str name="combineWords">true</str>
+ <str name="breakWords">true</str>
+ <int name="maxChanges">10</int>
+ </lst>
+
+ <!-- a spellchecker that uses a different distance measure -->
+ <!--
+ <lst name="spellchecker">
+ <str name="name">jarowinkler</str>
+ <str name="field">spell</str>
+ <str name="classname">solr.DirectSolrSpellChecker</str>
+ <str name="distanceMeasure">
+ org.apache.lucene.search.spell.JaroWinklerDistance
+ </str>
+ </lst>
+ -->
+
+ <!-- a spellchecker that use an alternate comparator
+
+ comparatorClass be one of:
+ 1. score (default)
+ 2. freq (Frequency first, then score)
+ 3. A fully qualified class name
+ -->
+ <!--
+ <lst name="spellchecker">
+ <str name="name">freq</str>
+ <str name="field">lowerfilt</str>
+ <str name="classname">solr.DirectSolrSpellChecker</str>
+ <str name="comparatorClass">freq</str>
+ -->
+
+ <!-- A spellchecker that reads the list of words from a file -->
+ <!--
+ <lst name="spellchecker">
+ <str name="classname">solr.FileBasedSpellChecker</str>
+ <str name="name">file</str>
+ <str name="sourceLocation">spellings.txt</str>
+ <str name="characterEncoding">UTF-8</str>
+ <str name="spellcheckIndexDir">spellcheckerFile</str>
+ </lst>
+ -->
+ </searchComponent>
+
+ <!-- A request handler for demonstrating the spellcheck component.
+
+ NOTE: This is purely as an example. The whole purpose of the
+ SpellCheckComponent is to hook it into the request handler that
+ handles your normal user queries so that a separate request is
+ not needed to get suggestions.
+
+ IN OTHER WORDS, THERE IS REALLY GOOD CHANCE THE SETUP BELOW IS
+ NOT WHAT YOU WANT FOR YOUR PRODUCTION SYSTEM!
+
+ See http://wiki.apache.org/solr/SpellCheckComponent for details
+ on the request parameters.
+ -->
+ <requestHandler name="/spell" class="solr.SearchHandler" startup="lazy">
+ <lst name="defaults">
+ <str name="df">text</str>
+ <!-- Solr will use suggestions from both the 'default' spellchecker
+ and from the 'wordbreak' spellchecker and combine them.
+ collations (re-written queries) can include a combination of
+ corrections from both spellcheckers -->
+ <str name="spellcheck.dictionary">default</str>
+ <str name="spellcheck.dictionary">wordbreak</str>
+ <str name="spellcheck">on</str>
+ <str name="spellcheck.extendedResults">true</str>
+ <str name="spellcheck.count">10</str>
+ <str name="spellcheck.alternativeTermCount">5</str>
+ <str name="spellcheck.maxResultsForSuggest">5</str>
+ <str name="spellcheck.collate">true</str>
+ <str name="spellcheck.collateExtendedResults">true</str>
+ <str name="spellcheck.maxCollationTries">10</str>
+ <str name="spellcheck.maxCollations">5</str>
+ </lst>
+ <arr name="last-components">
+ <str>spellcheck</str>
+ </arr>
+ </requestHandler>
+
+ <searchComponent name="suggest" class="solr.SuggestComponent">
+ <lst name="suggester">
+ <str name="name">mySuggester</str>
+ <str name="lookupImpl">FuzzyLookupFactory</str> <!-- org.apache.solr.spelling.suggest.fst -->
+ <str name="dictionaryImpl">DocumentDictionaryFactory</str> <!-- org.apache.solr.spelling.suggest.HighFrequencyDictionaryFactory -->
+ <str name="field">cat</str>
+ <str name="weightField">price</str>
+ <str name="suggestAnalyzerFieldType">string</str>
+ </lst>
+ </searchComponent>
+
+ <requestHandler name="/suggest" class="solr.SearchHandler" startup="lazy">
+ <lst name="defaults">
+ <str name="suggest">true</str>
+ <str name="suggest.count">10</str>
+ </lst>
+ <arr name="components">
+ <str>suggest</str>
+ </arr>
+ </requestHandler>
+ <!-- Term Vector Component
+
+ http://wiki.apache.org/solr/TermVectorComponent
+ -->
+ <searchComponent name="tvComponent" class="solr.TermVectorComponent"/>
+
+ <!-- A request handler for demonstrating the term vector component
+
+ This is purely as an example.
+
+ In reality you will likely want to add the component to your
+ already specified request handlers.
+ -->
+ <requestHandler name="/tvrh" class="solr.SearchHandler" startup="lazy">
+ <lst name="defaults">
+ <str name="df">text</str>
+ <bool name="tv">true</bool>
+ </lst>
+ <arr name="last-components">
+ <str>tvComponent</str>
+ </arr>
+ </requestHandler>
+
+ <!-- Clustering Component
+
+ You'll need to set the solr.clustering.enabled system property
+ when running solr to run with clustering enabled:
+
+ java -Dsolr.clustering.enabled=true -jar start.jar
+
+ http://wiki.apache.org/solr/ClusteringComponent
+ http://carrot2.github.io/solr-integration-strategies/
+ -->
+ <searchComponent name="clustering"
+ enable="${solr.clustering.enabled:false}"
+ class="solr.clustering.ClusteringComponent" >
+ <lst name="engine">
+ <str name="name">lingo</str>
+
+ <!-- Class name of a clustering algorithm compatible with the Carrot2 framework.
+
+ Currently available open source algorithms are:
+ * org.carrot2.clustering.lingo.LingoClusteringAlgorithm
+ * org.carrot2.clustering.stc.STCClusteringAlgorithm
+ * org.carrot2.clustering.kmeans.BisectingKMeansClusteringAlgorithm
+
+ See http://project.carrot2.org/algorithms.html for more information.
+
+ A commercial algorithm Lingo3G (needs to be installed separately) is defined as:
+ * com.carrotsearch.lingo3g.Lingo3GClusteringAlgorithm
+ -->
+ <str name="carrot.algorithm">org.carrot2.clustering.lingo.LingoClusteringAlgorithm</str>
+
+ <!-- Override location of the clustering algorithm's resources
+ (attribute definitions and lexical resources).
+
+ A directory from which to load algorithm-specific stop words,
+ stop labels and attribute definition XMLs.
+
+ For an overview of Carrot2 lexical resources, see:
+ http://download.carrot2.org/head/manual/#chapter.lexical-resources
+
+ For an overview of Lingo3G lexical resources, see:
+ http://download.carrotsearch.com/lingo3g/manual/#chapter.lexical-resources
+ -->
+ <str name="carrot.resourcesDir">clustering/carrot2</str>
+ </lst>
+
+ <!-- An example definition for the STC clustering algorithm. -->
+ <lst name="engine">
+ <str name="name">stc</str>
+ <str name="carrot.algorithm">org.carrot2.clustering.stc.STCClusteringAlgorithm</str>
+ </lst>
+
+ <!-- An example definition for the bisecting kmeans clustering algorithm. -->
+ <lst name="engine">
+ <str name="name">kmeans</str>
+ <str name="carrot.algorithm">org.carrot2.clustering.kmeans.BisectingKMeansClusteringAlgorithm</str>
+ </lst>
+ </searchComponent>
+
+ <!-- A request handler for demonstrating the clustering component
+
+ This is purely as an example.
+
+ In reality you will likely want to add the component to your
+ already specified request handlers.
+ -->
+ <requestHandler name="/clustering"
+ startup="lazy"
+ enable="${solr.clustering.enabled:false}"
+ class="solr.SearchHandler">
+ <lst name="defaults">
+ <bool name="clustering">true</bool>
+ <bool name="clustering.results">true</bool>
+ <!-- Field name with the logical "title" of a each document (optional) -->
+ <str name="carrot.title">name</str>
+ <!-- Field name with the logical "URL" of a each document (optional) -->
+ <str name="carrot.url">id</str>
+ <!-- Field name with the logical "content" of a each document (optional) -->
+ <str name="carrot.snippet">features</str>
+ <!-- Apply highlighter to the title/ content and use this for clustering. -->
+ <bool name="carrot.produceSummary">true</bool>
+ <!-- the maximum number of labels per cluster -->
+ <!--<int name="carrot.numDescriptions">5</int>-->
+ <!-- produce sub clusters -->
+ <bool name="carrot.outputSubClusters">false</bool>
+
+ <!-- Configure the remaining request handler parameters. -->
+ <str name="defType">edismax</str>
+ <str name="qf">
+ text^0.5 features^1.0 name^1.2 sku^1.5 id^10.0 manu^1.1 cat^1.4
+ </str>
+ <str name="q.alt">*:*</str>
+ <str name="rows">10</str>
+ <str name="fl">*,score</str>
+ </lst>
+ <arr name="last-components">
+ <str>clustering</str>
+ </arr>
+ </requestHandler>
+
+ <!-- Terms Component
+
+ http://wiki.apache.org/solr/TermsComponent
+
+ A component to return terms and document frequency of those
+ terms
+ -->
+ <searchComponent name="terms" class="solr.TermsComponent"/>
+
+ <!-- A request handler for demonstrating the terms component -->
+ <requestHandler name="/terms" class="solr.SearchHandler" startup="lazy">
+ <lst name="defaults">
+ <bool name="terms">true</bool>
+ <bool name="distrib">false</bool>
+ </lst>
+ <arr name="components">
+ <str>terms</str>
+ </arr>
+ </requestHandler>
+
+
+ <!-- Query Elevation Component
+
+ http://wiki.apache.org/solr/QueryElevationComponent
+
+ a search component that enables you to configure the top
+ results for a given query regardless of the normal lucene
+ scoring.
+ -->
+ <searchComponent name="elevator" class="solr.QueryElevationComponent" >
+ <!-- pick a fieldType to analyze queries -->
+ <str name="queryFieldType">string</str>
+ <str name="config-file">elevate.xml</str>
+ </searchComponent>
+
+ <!-- A request handler for demonstrating the elevator component -->
+ <requestHandler name="/elevate" class="solr.SearchHandler" startup="lazy">
+ <lst name="defaults">
+ <str name="echoParams">explicit</str>
+ <str name="df">text</str>
+ </lst>
+ <arr name="last-components">
+ <str>elevator</str>
+ </arr>
+ </requestHandler>
+
+ <!-- Highlighting Component
+
+ http://wiki.apache.org/solr/HighlightingParameters
+ -->
+ <searchComponent class="solr.HighlightComponent" name="highlight">
+ <highlighting>
+ <!-- Configure the standard fragmenter -->
+ <!-- This could most likely be commented out in the "default" case -->
+ <fragmenter name="gap"
+ default="true"
+ class="solr.highlight.GapFragmenter">
+ <lst name="defaults">
+ <int name="hl.fragsize">100</int>
+ </lst>
+ </fragmenter>
+
+ <!-- A regular-expression-based fragmenter
+ (for sentence extraction)
+ -->
+ <fragmenter name="regex"
+ class="solr.highlight.RegexFragmenter">
+ <lst name="defaults">
+ <!-- slightly smaller fragsizes work better because of slop -->
+ <int name="hl.fragsize">70</int>
+ <!-- allow 50% slop on fragment sizes -->
+ <float name="hl.regex.slop">0.5</float>
+ <!-- a basic sentence pattern -->
+ <str name="hl.regex.pattern">[-\w ,/\n\"']{20,200}</str>
+ </lst>
+ </fragmenter>
+
+ <!-- Configure the standard formatter -->
+ <formatter name="html"
+ default="true"
+ class="solr.highlight.HtmlFormatter">
+ <lst name="defaults">
+ <str name="hl.simple.pre"><![CDATA[<em>]]></str>
+ <str name="hl.simple.post"><![CDATA[</em>]]></str>
+ </lst>
+ </formatter>
+
+ <!-- Configure the standard encoder -->
+ <encoder name="html"
+ class="solr.highlight.HtmlEncoder" />
+
+ <!-- Configure the standard fragListBuilder -->
+ <fragListBuilder name="simple"
+ class="solr.highlight.SimpleFragListBuilder"/>
+
+ <!-- Configure the single fragListBuilder -->
+ <fragListBuilder name="single"
+ class="solr.highlight.SingleFragListBuilder"/>
+
+ <!-- Configure the weighted fragListBuilder -->
+ <fragListBuilder name="weighted"
+ default="true"
+ class="solr.highlight.WeightedFragListBuilder"/>
+
+ <!-- default tag FragmentsBuilder -->
+ <fragmentsBuilder name="default"
+ default="true"
+ class="solr.highlight.ScoreOrderFragmentsBuilder">
+ <!--
+ <lst name="defaults">
+ <str name="hl.multiValuedSeparatorChar">/</str>
+ </lst>
+ -->
+ </fragmentsBuilder>
+
+ <!-- multi-colored tag FragmentsBuilder -->
+ <fragmentsBuilder name="colored"
+ class="solr.highlight.ScoreOrderFragmentsBuilder">
+ <lst name="defaults">
+ <str name="hl.tag.pre"><![CDATA[
+ <b style="background:yellow">,<b style="background:lawgreen">,
+ <b style="background:aquamarine">,<b style="background:magenta">,
+ <b style="background:palegreen">,<b style="background:coral">,
+ <b style="background:wheat">,<b style="background:khaki">,
+ <b style="background:lime">,<b style="background:deepskyblue">]]></str>
+ <str name="hl.tag.post"><![CDATA[</b>]]></str>
+ </lst>
+ </fragmentsBuilder>
+
+ <boundaryScanner name="default"
+ default="true"
+ class="solr.highlight.SimpleBoundaryScanner">
+ <lst name="defaults">
+ <str name="hl.bs.maxScan">10</str>
+ <str name="hl.bs.chars">.,!? 	 </str>
+ </lst>
+ </boundaryScanner>
+
+ <boundaryScanner name="breakIterator"
+ class="solr.highlight.BreakIteratorBoundaryScanner">
+ <lst name="defaults">
+ <!-- type should be one of CHARACTER, WORD(default), LINE and SENTENCE -->
+ <str name="hl.bs.type">WORD</str>
+ <!-- language and country are used when constructing Locale object. -->
+ <!-- And the Locale object will be used when getting instance of BreakIterator -->
+ <str name="hl.bs.language">en</str>
+ <str name="hl.bs.country">US</str>
+ </lst>
+ </boundaryScanner>
+ </highlighting>
+ </searchComponent>
+
+ <!-- Update Processors
+
+ Chains of Update Processor Factories for dealing with Update
+ Requests can be declared, and then used by name in Update
+ Request Processors
+
+ http://wiki.apache.org/solr/UpdateRequestProcessor
+
+ -->
+
+ <!-- Add unknown fields to the schema
+
+ An example field type guessing update processor that will
+ attempt to parse string-typed field values as Booleans, Longs,
+ Doubles, or Dates, and then add schema fields with the guessed
+ field types.
+
+ This requires that the schema is both managed and mutable, by
+ declaring schemaFactory as ManagedIndexSchemaFactory, with
+ mutable specified as true.
+
+ See http://wiki.apache.org/solr/GuessingFieldTypes
+ -->
+ <updateRequestProcessorChain name="add-unknown-fields-to-the-schema">
+ <processor class="solr.DefaultValueUpdateProcessorFactory">
+ <str name="fieldName">_ttl_</str>
+ <str name="value">+{{ranger_audit_max_retention_days}}DAYS</str>
+ </processor>
+ <processor class="solr.processor.DocExpirationUpdateProcessorFactory">
+ <int name="autoDeletePeriodSeconds">86400</int>
+ <str name="ttlFieldName">_ttl_</str>
+ <str name="expirationFieldName">_expire_at_</str>
+ </processor>
+ <processor class="solr.FirstFieldValueUpdateProcessorFactory">
+ <str name="fieldName">_expire_at_</str>
+ </processor>
+
+ <processor class="solr.RemoveBlankFieldUpdateProcessorFactory"/>
+ <processor class="solr.ParseBooleanFieldUpdateProcessorFactory"/>
+ <processor class="solr.ParseLongFieldUpdateProcessorFactory"/>
+ <processor class="solr.ParseDoubleFieldUpdateProcessorFactory"/>
+ <processor class="solr.ParseDateFieldUpdateProcessorFactory">
+ <arr name="format">
+ <str>yyyy-MM-dd'T'HH:mm:ss.SSSZ</str>
+ <str>yyyy-MM-dd'T'HH:mm:ss,SSSZ</str>
+ <str>yyyy-MM-dd'T'HH:mm:ss.SSS</str>
+ <str>yyyy-MM-dd'T'HH:mm:ss,SSS</str>
+ <str>yyyy-MM-dd'T'HH:mm:ssZ</str>
+ <str>yyyy-MM-dd'T'HH:mm:ss</str>
+ <str>yyyy-MM-dd'T'HH:mmZ</str>
+ <str>yyyy-MM-dd'T'HH:mm</str>
+ <str>yyyy-MM-dd HH:mm:ss.SSSZ</str>
+ <str>yyyy-MM-dd HH:mm:ss,SSSZ</str>
+ <str>yyyy-MM-dd HH:mm:ss.SSS</str>
+ <str>yyyy-MM-dd HH:mm:ss,SSS</str>
+ <str>yyyy-MM-dd HH:mm:ssZ</str>
+ <str>yyyy-MM-dd HH:mm:ss</str>
+ <str>yyyy-MM-dd HH:mmZ</str>
+ <str>yyyy-MM-dd HH:mm</str>
+ <str>yyyy-MM-dd</str>
+ </arr>
+ </processor>
+ <processor class="solr.AddSchemaFieldsUpdateProcessorFactory">
+ <str name="defaultFieldType">key_lower_case</str>
+ <lst name="typeMapping">
+ <str name="valueClass">java.lang.Boolean</str>
+ <str name="fieldType">boolean</str>
+ </lst>
+ <lst name="typeMapping">
+ <str name="valueClass">java.util.Date</str>
+ <str name="fieldType">tdate</str>
+ </lst>
+ <lst name="typeMapping">
+ <str name="valueClass">java.lang.Long</str>
+ <str name="valueClass">java.lang.Integer</str>
+ <str name="fieldType">tlong</str>
+ </lst>
+ <lst name="typeMapping">
+ <str name="valueClass">java.lang.Number</str>
+ <str name="fieldType">tdouble</str>
+ </lst>
+ </processor>
+ <processor class="solr.LogUpdateProcessorFactory"/>
+ <processor class="solr.RunUpdateProcessorFactory"/>
+ </updateRequestProcessorChain>
+
+
+ <!-- Deduplication
+
+ An example dedup update processor that creates the "id" field
+ on the fly based on the hash code of some other fields. This
+ example has overwriteDupes set to false since we are using the
+ id field as the signatureField and Solr will maintain
+ uniqueness based on that anyway.
+
+ -->
+ <!--
+ <updateRequestProcessorChain name="dedupe">
+ <processor class="solr.processor.SignatureUpdateProcessorFactory">
+ <bool name="enabled">true</bool>
+ <str name="signatureField">id</str>
+ <bool name="overwriteDupes">false</bool>
+ <str name="fields">name,features,cat</str>
+ <str name="signatureClass">solr.processor.Lookup3Signature</str>
+ </processor>
+ <processor class="solr.LogUpdateProcessorFactory" />
+ <processor class="solr.RunUpdateProcessorFactory" />
+ </updateRequestProcessorChain>
+ -->
+
+ <!-- Language identification
+
+ This example update chain identifies the language of the incoming
+ documents using the langid contrib. The detected language is
+ written to field language_s. No field name mapping is done.
+ The fields used for detection are text, title, subject and description,
+ making this example suitable for detecting languages form full-text
+ rich documents injected via ExtractingRequestHandler.
+ See more about langId at http://wiki.apache.org/solr/LanguageDetection
+ -->
+ <!--
+ <updateRequestProcessorChain name="langid">
+ <processor class="org.apache.solr.update.processor.TikaLanguageIdentifierUpdateProcessorFactory">
+ <str name="langid.fl">text,title,subject,description</str>
+ <str name="langid.langField">language_s</str>
+ <str name="langid.fallback">en</str>
+ </processor>
+ <processor class="solr.LogUpdateProcessorFactory" />
+ <processor class="solr.RunUpdateProcessorFactory" />
+ </updateRequestProcessorChain>
+ -->
+
+ <!-- Script update processor
+
+ This example hooks in an update processor implemented using JavaScript.
+
+ See more about the script update processor at http://wiki.apache.org/solr/ScriptUpdateProcessor
+ -->
+ <!--
+ <updateRequestProcessorChain name="script">
+ <processor class="solr.StatelessScriptUpdateProcessorFactory">
+ <str name="script">update-script.js</str>
+ <lst name="params">
+ <str name="config_param">example config parameter</str>
+ </lst>
+ </processor>
+ <processor class="solr.RunUpdateProcessorFactory" />
+ </updateRequestProcessorChain>
+ -->
+
+ <!-- Response Writers
+
+ http://wiki.apache.org/solr/QueryResponseWriter
+
+ Request responses will be written using the writer specified by
+ the 'wt' request parameter matching the name of a registered
+ writer.
+
+ The "default" writer is the default and will be used if 'wt' is
+ not specified in the request.
+ -->
+ <!-- The following response writers are implicitly configured unless
+ overridden...
+ -->
+ <!--
+ <queryResponseWriter name="xml"
+ default="true"
+ class="solr.XMLResponseWriter" />
+ <queryResponseWriter name="json" class="solr.JSONResponseWriter"/>
+ <queryResponseWriter name="python" class="solr.PythonResponseWriter"/>
+ <queryResponseWriter name="ruby" class="solr.RubyResponseWriter"/>
+ <queryResponseWriter name="php" class="solr.PHPResponseWriter"/>
+ <queryResponseWriter name="phps" class="solr.PHPSerializedResponseWriter"/>
+ <queryResponseWriter name="csv" class="solr.CSVResponseWriter"/>
+ <queryResponseWriter name="schema.xml" class="solr.SchemaXmlResponseWriter"/>
+ -->
+
+ <queryResponseWriter name="json" class="solr.JSONResponseWriter">
+ <!-- For the purposes of the tutorial, JSON responses are written as
+ plain text so that they are easy to read in *any* browser.
+ If you expect a MIME type of "application/json" just remove this override.
+ -->
+ <str name="content-type">text/plain; charset=UTF-8</str>
+ </queryResponseWriter>
+
+ <!--
+ Custom response writers can be declared as needed...
+ -->
+ <queryResponseWriter name="velocity" class="solr.VelocityResponseWriter" startup="lazy">
+ <str name="template.base.dir">${velocity.template.base.dir:}</str>
+ </queryResponseWriter>
+
+ <!-- XSLT response writer transforms the XML output by any xslt file found
+ in Solr's conf/xslt directory. Changes to xslt files are checked for
+ every xsltCacheLifetimeSeconds.
+ -->
+ <queryResponseWriter name="xslt" class="solr.XSLTResponseWriter">
+ <int name="xsltCacheLifetimeSeconds">5</int>
+ </queryResponseWriter>
+
+ <!-- Query Parsers
+
+ http://wiki.apache.org/solr/SolrQuerySyntax
+
+ Multiple QParserPlugins can be registered by name, and then
+ used in either the "defType" param for the QueryComponent (used
+ by SearchHandler) or in LocalParams
+ -->
+ <!-- example of registering a query parser -->
+ <!--
+ <queryParser name="myparser" class="com.mycompany.MyQParserPlugin"/>
+ -->
+
+ <!-- Function Parsers
+
+ http://wiki.apache.org/solr/FunctionQuery
+
+ Multiple ValueSourceParsers can be registered by name, and then
+ used as function names when using the "func" QParser.
+ -->
+ <!-- example of registering a custom function parser -->
+ <!--
+ <valueSourceParser name="myfunc"
+ class="com.mycompany.MyValueSourceParser" />
+ -->
+
+
+ <!-- Document Transformers
+ http://wiki.apache.org/solr/DocTransformers
+ -->
+ <!--
+ Could be something like:
+ <transformer name="db" class="com.mycompany.LoadFromDatabaseTransformer" >
+ <int name="connection">jdbc://....</int>
+ </transformer>
+
+ To add a constant value to all docs, use:
+ <transformer name="mytrans2" class="org.apache.solr.response.transform.ValueAugmenterFactory" >
+ <int name="value">5</int>
+ </transformer>
+
+ If you want the user to still be able to change it with _value:something_ use this:
+ <transformer name="mytrans3" class="org.apache.solr.response.transform.ValueAugmenterFactory" >
+ <double name="defaultValue">5</double>
+ </transformer>
+
+ If you are using the QueryElevationComponent, you may wish to mark documents that get boosted. The
+ EditorialMarkerFactory will do exactly that:
+ <transformer name="qecBooster" class="org.apache.solr.response.transform.EditorialMarkerFactory" />
+ -->
+
+
+ <!-- Legacy config for the admin interface -->
+ <admin>
+ <defaultQuery>*:*</defaultQuery>
+ </admin>
+
+</config>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/quicklinks/quicklinks.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/quicklinks/quicklinks.json b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/quicklinks/quicklinks.json
new file mode 100644
index 0000000..d75d5f1
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/quicklinks/quicklinks.json
@@ -0,0 +1,41 @@
+{
+ "name": "default",
+ "description": "default quick links configuration",
+ "configuration": {
+ "protocol":
+ {
+ "type":"https",
+ "checks":[
+ {
+ "property":"ranger.service.https.attrib.ssl.enabled",
+ "desired":"true",
+ "site":"ranger-admin-site"
+ },
+ {
+ "property":"ranger.service.http.enabled",
+ "desired":"false",
+ "site":"ranger-admin-site"
+ }
+ ]
+ },
+
+ "links": [
+ {
+ "name": "ranger_admin_ui",
+ "label": "Ranger Admin UI",
+ "component_name" : "RANGER_ADMIN",
+ "requires_user_name": "false",
+ "url": "%@://%@:%@",
+ "attributes": ["authenticated", "sso"],
+ "port":{
+ "http_property": "ranger.service.http.port",
+ "http_default_port": "6080",
+ "https_property": "ranger.service.https.port",
+ "https_default_port": "6182",
+ "regex": "(\\d*)+",
+ "site": "ranger-admin-site"
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/role_command_order.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/role_command_order.json b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/role_command_order.json
new file mode 100644
index 0000000..557e9ac
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/role_command_order.json
@@ -0,0 +1,9 @@
+{
+ "general_deps" : {
+ "_comment" : "dependencies for RANGER",
+ "RANGER_SERVICE_CHECK-SERVICE_CHECK" : ["RANGER_ADMIN-START"],
+ "RANGER_SERVICE_CHECK-SERVICE_CHECK" : ["RANGER_USERSYNC-START"],
+ "RANGER_USERSYNC-START" : ["RANGER_ADMIN-START"],
+ "RANGER_ADMIN-START": ["ZOOKEEPER_SERVER-START", "INFRA_SOLR-START"]
+ }
+}
[23/26] ambari git commit: AMBARI-20998. HDP 3.0 TP - create Service
Advisor for Ranger.(vbrodetskyi)
Posted by jo...@apache.org.
AMBARI-20998. HDP 3.0 TP - create Service Advisor for Ranger.(vbrodetskyi)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/08dd15bd
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/08dd15bd
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/08dd15bd
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 08dd15bd32323fd579e1c677ca4868c17f44d8dd
Parents: 260ee2e
Author: Vitaly Brodetskyi <vb...@hortonworks.com>
Authored: Fri May 12 14:06:46 2017 +0300
Committer: Vitaly Brodetskyi <vb...@hortonworks.com>
Committed: Fri May 12 14:06:46 2017 +0300
----------------------------------------------------------------------
.../RANGER/0.7.0.3.0/service_advisor.py | 793 +++++++++++++++++++
1 file changed, 793 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/08dd15bd/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/service_advisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/service_advisor.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/service_advisor.py
new file mode 100644
index 0000000..875fa30
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/service_advisor.py
@@ -0,0 +1,793 @@
+#!/usr/bin/env ambari-python-wrap
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+
+# Python imports
+import imp
+import os
+import traceback
+import re
+import socket
+import fnmatch
+
+
+from resource_management.core.logger import Logger
+
+SCRIPT_DIR = os.path.dirname(os.path.abspath(__file__))
+STACKS_DIR = os.path.join(SCRIPT_DIR, '../../../stacks/')
+PARENT_FILE = os.path.join(STACKS_DIR, 'service_advisor.py')
+
+try:
+ with open(PARENT_FILE, 'rb') as fp:
+ service_advisor = imp.load_module('service_advisor', fp, PARENT_FILE, ('.py', 'rb', imp.PY_SOURCE))
+except Exception as e:
+ traceback.print_exc()
+ print "Failed to load parent"
+
+DB_TYPE_DEFAULT_PORT_MAP = {"MYSQL":"3306", "ORACLE":"1521", "POSTGRES":"5432", "MSSQL":"1433", "SQLA":"2638"}
+
+class RangerServiceAdvisor(service_advisor.ServiceAdvisor):
+
+ def __init__(self, *args, **kwargs):
+ self.as_super = super(RangerServiceAdvisor, self)
+ self.as_super.__init__(*args, **kwargs)
+
+ # Always call these methods
+ self.modifyMastersWithMultipleInstances()
+ self.modifyCardinalitiesDict()
+ self.modifyHeapSizeProperties()
+ self.modifyNotValuableComponents()
+ self.modifyComponentsNotPreferableOnServer()
+ self.modifyComponentLayoutSchemes()
+
+ def modifyMastersWithMultipleInstances(self):
+ """
+ Modify the set of masters with multiple instances.
+ Must be overriden in child class.
+ """
+ # Nothing to do
+ pass
+
+ def modifyCardinalitiesDict(self):
+ """
+ Modify the dictionary of cardinalities.
+ Must be overriden in child class.
+ """
+ # Nothing to do
+ pass
+
+ def modifyHeapSizeProperties(self):
+ """
+ Modify the dictionary of heap size properties.
+ Must be overriden in child class.
+ """
+ pass
+
+ def modifyNotValuableComponents(self):
+ """
+ Modify the set of components whose host assignment is based on other services.
+ Must be overriden in child class.
+ """
+ # Nothing to do
+ pass
+
+ def modifyComponentsNotPreferableOnServer(self):
+ """
+ Modify the set of components that are not preferable on the server.
+ Must be overriden in child class.
+ """
+ # Nothing to do
+ pass
+
+ def modifyComponentLayoutSchemes(self):
+ """
+ Modify layout scheme dictionaries for components.
+ The scheme dictionary basically maps the number of hosts to
+ host index where component should exist.
+ Must be overriden in child class.
+ """
+ # Nothing to do
+ pass
+
+ def getServiceComponentLayoutValidations(self, services, hosts):
+ """
+ Get a list of errors.
+ Must be overriden in child class.
+ """
+
+ return []
+
+ def getServiceConfigurationRecommendations(self, configurations, clusterData, services, hosts):
+ """
+ Entry point.
+ Must be overriden in child class.
+ """
+ #Logger.info("Class: %s, Method: %s. Recommending Service Configurations." %
+ # (self.__class__.__name__, inspect.stack()[0][3]))
+
+ recommender = RangerRecommender()
+ recommender.recommendRangerConfigurationsFromHDP206(configurations, clusterData, services, hosts)
+ recommender.recommendRangerConfigurationsFromHDP22(configurations, clusterData, services, hosts)
+ recommender.recommendRangerConfigurationsFromHDP23(configurations, clusterData, services, hosts)
+ recommender.recommendRangerConfigurationsFromHDP25(configurations, clusterData, services, hosts)
+ recommender.recommendRangerConfigurationsFromHDP26(configurations, clusterData, services, hosts)
+
+
+
+ def getServiceConfigurationsValidationItems(self, configurations, recommendedDefaults, services, hosts):
+ """
+ Entry point.
+ Validate configurations for the service. Return a list of errors.
+ The code for this function should be the same for each Service Advisor.
+ """
+ #Logger.info("Class: %s, Method: %s. Validating Configurations." %
+ # (self.__class__.__name__, inspect.stack()[0][3]))
+
+ validator = RangerValidator()
+ # Calls the methods of the validator using arguments,
+ # method(siteProperties, siteRecommendations, configurations, services, hosts)
+ return validator.validateListOfConfigUsingMethod(configurations, recommendedDefaults, services, hosts, validator.validators)
+
+
+
+class RangerRecommender(service_advisor.ServiceAdvisor):
+ """
+ Ranger Recommender suggests properties when adding the service for the first time or modifying configs via the UI.
+ """
+
+ def __init__(self, *args, **kwargs):
+ self.as_super = super(RangerRecommender, self)
+ self.as_super.__init__(*args, **kwargs)
+
+ def recommendRangerConfigurationsFromHDP206(self, configurations, clusterData, services, hosts):
+
+ putRangerAdminProperty = self.putProperty(configurations, "admin-properties", services)
+
+ # Build policymgr_external_url
+ protocol = 'http'
+ ranger_admin_host = 'localhost'
+ port = '6080'
+
+ # Check if http is disabled. For HDP-2.3 this can be checked in ranger-admin-site/ranger.service.http.enabled
+ # For Ranger-0.4.0 this can be checked in ranger-site/http.enabled
+ if ('ranger-site' in services['configurations'] and 'http.enabled' in services['configurations']['ranger-site']['properties'] \
+ and services['configurations']['ranger-site']['properties']['http.enabled'].lower() == 'false') or \
+ ('ranger-admin-site' in services['configurations'] and 'ranger.service.http.enabled' in services['configurations']['ranger-admin-site']['properties'] \
+ and services['configurations']['ranger-admin-site']['properties']['ranger.service.http.enabled'].lower() == 'false'):
+ # HTTPS protocol is used
+ protocol = 'https'
+ # Starting Ranger-0.5.0.2.3 port stored in ranger-admin-site ranger.service.https.port
+ if 'ranger-admin-site' in services['configurations'] and \
+ 'ranger.service.https.port' in services['configurations']['ranger-admin-site']['properties']:
+ port = services['configurations']['ranger-admin-site']['properties']['ranger.service.https.port']
+ # In Ranger-0.4.0 port stored in ranger-site https.service.port
+ elif 'ranger-site' in services['configurations'] and \
+ 'https.service.port' in services['configurations']['ranger-site']['properties']:
+ port = services['configurations']['ranger-site']['properties']['https.service.port']
+ else:
+ # HTTP protocol is used
+ # Starting Ranger-0.5.0.2.3 port stored in ranger-admin-site ranger.service.http.port
+ if 'ranger-admin-site' in services['configurations'] and \
+ 'ranger.service.http.port' in services['configurations']['ranger-admin-site']['properties']:
+ port = services['configurations']['ranger-admin-site']['properties']['ranger.service.http.port']
+ # In Ranger-0.4.0 port stored in ranger-site http.service.port
+ elif 'ranger-site' in services['configurations'] and \
+ 'http.service.port' in services['configurations']['ranger-site']['properties']:
+ port = services['configurations']['ranger-site']['properties']['http.service.port']
+
+ ranger_admin_hosts = self.getComponentHostNames(services, "RANGER", "RANGER_ADMIN")
+ if ranger_admin_hosts:
+ if len(ranger_admin_hosts) > 1 \
+ and services['configurations'] \
+ and 'admin-properties' in services['configurations'] and 'policymgr_external_url' in services['configurations']['admin-properties']['properties'] \
+ and services['configurations']['admin-properties']['properties']['policymgr_external_url'] \
+ and services['configurations']['admin-properties']['properties']['policymgr_external_url'].strip():
+
+ # in case of HA deployment keep the policymgr_external_url specified in the config
+ policymgr_external_url = services['configurations']['admin-properties']['properties']['policymgr_external_url']
+ else:
+
+ ranger_admin_host = ranger_admin_hosts[0]
+ policymgr_external_url = "%s://%s:%s" % (protocol, ranger_admin_host, port)
+
+ putRangerAdminProperty('policymgr_external_url', policymgr_external_url)
+
+ rangerServiceVersion = [service['StackServices']['service_version'] for service in services["services"] if service['StackServices']['service_name'] == 'RANGER'][0]
+ if rangerServiceVersion == '0.4.0':
+ # Recommend ldap settings based on ambari.properties configuration
+ # If 'ambari.ldap.isConfigured' == true
+ # For Ranger version 0.4.0
+ if 'ambari-server-properties' in services and \
+ 'ambari.ldap.isConfigured' in services['ambari-server-properties'] and \
+ services['ambari-server-properties']['ambari.ldap.isConfigured'].lower() == "true":
+ putUserSyncProperty = self.putProperty(configurations, "usersync-properties", services)
+ serverProperties = services['ambari-server-properties']
+ if 'authentication.ldap.managerDn' in serverProperties:
+ putUserSyncProperty('SYNC_LDAP_BIND_DN', serverProperties['authentication.ldap.managerDn'])
+ if 'authentication.ldap.primaryUrl' in serverProperties:
+ ldap_protocol = 'ldap://'
+ if 'authentication.ldap.useSSL' in serverProperties and serverProperties['authentication.ldap.useSSL'] == 'true':
+ ldap_protocol = 'ldaps://'
+ ldapUrl = ldap_protocol + serverProperties['authentication.ldap.primaryUrl'] if serverProperties['authentication.ldap.primaryUrl'] else serverProperties['authentication.ldap.primaryUrl']
+ putUserSyncProperty('SYNC_LDAP_URL', ldapUrl)
+ if 'authentication.ldap.userObjectClass' in serverProperties:
+ putUserSyncProperty('SYNC_LDAP_USER_OBJECT_CLASS', serverProperties['authentication.ldap.userObjectClass'])
+ if 'authentication.ldap.usernameAttribute' in serverProperties:
+ putUserSyncProperty('SYNC_LDAP_USER_NAME_ATTRIBUTE', serverProperties['authentication.ldap.usernameAttribute'])
+
+
+ # Set Ranger Admin Authentication method
+ if 'admin-properties' in services['configurations'] and 'usersync-properties' in services['configurations'] and \
+ 'SYNC_SOURCE' in services['configurations']['usersync-properties']['properties']:
+ rangerUserSyncSource = services['configurations']['usersync-properties']['properties']['SYNC_SOURCE']
+ authenticationMethod = rangerUserSyncSource.upper()
+ if authenticationMethod != 'FILE':
+ putRangerAdminProperty('authentication_method', authenticationMethod)
+
+ # Recommend xasecure.audit.destination.hdfs.dir
+ # For Ranger version 0.4.0
+ servicesList = [service["StackServices"]["service_name"] for service in services["services"]]
+ putRangerEnvProperty = self.putProperty(configurations, "ranger-env", services)
+ include_hdfs = "HDFS" in servicesList
+ if include_hdfs:
+ if 'core-site' in services['configurations'] and ('fs.defaultFS' in services['configurations']['core-site']['properties']):
+ default_fs = services['configurations']['core-site']['properties']['fs.defaultFS']
+ default_fs += '/ranger/audit/%app-type%/%time:yyyyMMdd%'
+ putRangerEnvProperty('xasecure.audit.destination.hdfs.dir', default_fs)
+
+ # Recommend Ranger Audit properties for ranger supported services
+ # For Ranger version 0.4.0
+ ranger_services = [
+ {'service_name': 'HDFS', 'audit_file': 'ranger-hdfs-plugin-properties'},
+ {'service_name': 'HBASE', 'audit_file': 'ranger-hbase-plugin-properties'},
+ {'service_name': 'HIVE', 'audit_file': 'ranger-hive-plugin-properties'},
+ {'service_name': 'KNOX', 'audit_file': 'ranger-knox-plugin-properties'},
+ {'service_name': 'STORM', 'audit_file': 'ranger-storm-plugin-properties'}
+ ]
+
+ for item in range(len(ranger_services)):
+ if ranger_services[item]['service_name'] in servicesList:
+ component_audit_file = ranger_services[item]['audit_file']
+ if component_audit_file in services["configurations"]:
+ ranger_audit_dict = [
+ {'filename': 'ranger-env', 'configname': 'xasecure.audit.destination.db', 'target_configname': 'XAAUDIT.DB.IS_ENABLED'},
+ {'filename': 'ranger-env', 'configname': 'xasecure.audit.destination.hdfs', 'target_configname': 'XAAUDIT.HDFS.IS_ENABLED'},
+ {'filename': 'ranger-env', 'configname': 'xasecure.audit.destination.hdfs.dir', 'target_configname': 'XAAUDIT.HDFS.DESTINATION_DIRECTORY'}
+ ]
+ putRangerAuditProperty = self.putProperty(configurations, component_audit_file, services)
+
+ for item in ranger_audit_dict:
+ if item['filename'] in services["configurations"] and item['configname'] in services["configurations"][item['filename']]["properties"]:
+ if item['filename'] in configurations and item['configname'] in configurations[item['filename']]["properties"]:
+ rangerAuditProperty = configurations[item['filename']]["properties"][item['configname']]
+ else:
+ rangerAuditProperty = services["configurations"][item['filename']]["properties"][item['configname']]
+ putRangerAuditProperty(item['target_configname'], rangerAuditProperty)
+
+
+
+
+ def recommendRangerConfigurationsFromHDP22(self, configurations, clusterData, services, hosts):
+ putRangerEnvProperty = self.putProperty(configurations, "ranger-env")
+ cluster_env = self.getServicesSiteProperties(services, "cluster-env")
+ security_enabled = cluster_env is not None and "security_enabled" in cluster_env and \
+ cluster_env["security_enabled"].lower() == "true"
+ if "ranger-env" in configurations and not security_enabled:
+ putRangerEnvProperty("ranger-storm-plugin-enabled", "No")
+
+ def getDBConnectionHostPort(self, db_type, db_host):
+ connection_string = ""
+ if db_type is None or db_type == "":
+ return connection_string
+ else:
+ colon_count = db_host.count(':')
+ if colon_count == 0:
+ if DB_TYPE_DEFAULT_PORT_MAP.has_key(db_type):
+ connection_string = db_host + ":" + DB_TYPE_DEFAULT_PORT_MAP[db_type]
+ else:
+ connection_string = db_host
+ elif colon_count == 1:
+ connection_string = db_host
+ elif colon_count == 2:
+ connection_string = db_host
+
+ return connection_string
+
+
+ def getOracleDBConnectionHostPort(self, db_type, db_host, rangerDbName):
+ connection_string = self.getDBConnectionHostPort(db_type, db_host)
+ colon_count = db_host.count(':')
+ if colon_count == 1 and '/' in db_host:
+ connection_string = "//" + connection_string
+ elif colon_count == 0 or colon_count == 1:
+ connection_string = "//" + connection_string + "/" + rangerDbName if rangerDbName else "//" + connection_string
+
+ return connection_string
+
+ def recommendRangerUrlConfigurations(self, configurations, services, requiredServices):
+ servicesList = [service["StackServices"]["service_name"] for service in services["services"]]
+
+ policymgr_external_url = ""
+ if 'admin-properties' in services['configurations'] and 'policymgr_external_url' in services['configurations']['admin-properties']['properties']:
+ if 'admin-properties' in configurations and 'policymgr_external_url' in configurations['admin-properties']['properties']:
+ policymgr_external_url = configurations['admin-properties']['properties']['policymgr_external_url']
+ else:
+ policymgr_external_url = services['configurations']['admin-properties']['properties']['policymgr_external_url']
+
+ for index in range(len(requiredServices)):
+ if requiredServices[index]['service_name'] in servicesList:
+ component_config_type = requiredServices[index]['config_type']
+ component_name = requiredServices[index]['service_name']
+ component_config_property = 'ranger.plugin.{0}.policy.rest.url'.format(component_name.lower())
+ if requiredServices[index]['service_name'] == 'RANGER_KMS':
+ component_config_property = 'ranger.plugin.kms.policy.rest.url'
+ putRangerSecurityProperty = self.putProperty(configurations, component_config_type, services)
+ if component_config_type in services["configurations"] and component_config_property in services["configurations"][component_config_type]["properties"]:
+ putRangerSecurityProperty(component_config_property, policymgr_external_url)
+
+ def recommendRangerConfigurationsFromHDP23(self, configurations, clusterData, services, hosts):
+ servicesList = [service["StackServices"]["service_name"] for service in services["services"]]
+ putRangerAdminProperty = self.putProperty(configurations, "ranger-admin-site", services)
+ putRangerEnvProperty = self.putProperty(configurations, "ranger-env", services)
+ putRangerUgsyncSite = self.putProperty(configurations, "ranger-ugsync-site", services)
+
+ if 'admin-properties' in services['configurations'] and ('DB_FLAVOR' in services['configurations']['admin-properties']['properties'])\
+ and ('db_host' in services['configurations']['admin-properties']['properties']) and ('db_name' in services['configurations']['admin-properties']['properties']):
+
+ rangerDbFlavor = services['configurations']["admin-properties"]["properties"]["DB_FLAVOR"]
+ rangerDbHost = services['configurations']["admin-properties"]["properties"]["db_host"]
+ rangerDbName = services['configurations']["admin-properties"]["properties"]["db_name"]
+ ranger_db_url_dict = {
+ 'MYSQL': {'ranger.jpa.jdbc.driver': 'com.mysql.jdbc.Driver',
+ 'ranger.jpa.jdbc.url': 'jdbc:mysql://' + self.getDBConnectionHostPort(rangerDbFlavor, rangerDbHost) + '/' + rangerDbName},
+ 'ORACLE': {'ranger.jpa.jdbc.driver': 'oracle.jdbc.driver.OracleDriver',
+ 'ranger.jpa.jdbc.url': 'jdbc:oracle:thin:@' + self.getOracleDBConnectionHostPort(rangerDbFlavor, rangerDbHost, rangerDbName)},
+ 'POSTGRES': {'ranger.jpa.jdbc.driver': 'org.postgresql.Driver',
+ 'ranger.jpa.jdbc.url': 'jdbc:postgresql://' + self.getDBConnectionHostPort(rangerDbFlavor, rangerDbHost) + '/' + rangerDbName},
+ 'MSSQL': {'ranger.jpa.jdbc.driver': 'com.microsoft.sqlserver.jdbc.SQLServerDriver',
+ 'ranger.jpa.jdbc.url': 'jdbc:sqlserver://' + self.getDBConnectionHostPort(rangerDbFlavor, rangerDbHost) + ';databaseName=' + rangerDbName},
+ 'SQLA': {'ranger.jpa.jdbc.driver': 'sap.jdbc4.sqlanywhere.IDriver',
+ 'ranger.jpa.jdbc.url': 'jdbc:sqlanywhere:host=' + self.getDBConnectionHostPort(rangerDbFlavor, rangerDbHost) + ';database=' + rangerDbName}
+ }
+ rangerDbProperties = ranger_db_url_dict.get(rangerDbFlavor, ranger_db_url_dict['MYSQL'])
+ for key in rangerDbProperties:
+ putRangerAdminProperty(key, rangerDbProperties.get(key))
+
+ if 'admin-properties' in services['configurations'] and ('DB_FLAVOR' in services['configurations']['admin-properties']['properties']) \
+ and ('db_host' in services['configurations']['admin-properties']['properties']):
+
+ rangerDbFlavor = services['configurations']["admin-properties"]["properties"]["DB_FLAVOR"]
+ rangerDbHost = services['configurations']["admin-properties"]["properties"]["db_host"]
+ ranger_db_privelege_url_dict = {
+ 'MYSQL': {'ranger_privelege_user_jdbc_url': 'jdbc:mysql://' + self.getDBConnectionHostPort(rangerDbFlavor, rangerDbHost)},
+ 'ORACLE': {'ranger_privelege_user_jdbc_url': 'jdbc:oracle:thin:@' + self.getOracleDBConnectionHostPort(rangerDbFlavor, rangerDbHost, None)},
+ 'POSTGRES': {'ranger_privelege_user_jdbc_url': 'jdbc:postgresql://' + self.getDBConnectionHostPort(rangerDbFlavor, rangerDbHost) + '/postgres'},
+ 'MSSQL': {'ranger_privelege_user_jdbc_url': 'jdbc:sqlserver://' + self.getDBConnectionHostPort(rangerDbFlavor, rangerDbHost) + ';'},
+ 'SQLA': {'ranger_privelege_user_jdbc_url': 'jdbc:sqlanywhere:host=' + self.getDBConnectionHostPort(rangerDbFlavor, rangerDbHost) + ';'}
+ }
+ rangerPrivelegeDbProperties = ranger_db_privelege_url_dict.get(rangerDbFlavor, ranger_db_privelege_url_dict['MYSQL'])
+ for key in rangerPrivelegeDbProperties:
+ putRangerEnvProperty(key, rangerPrivelegeDbProperties.get(key))
+
+ # Recommend ldap settings based on ambari.properties configuration
+ if 'ambari-server-properties' in services and \
+ 'ambari.ldap.isConfigured' in services['ambari-server-properties'] and \
+ services['ambari-server-properties']['ambari.ldap.isConfigured'].lower() == "true":
+ serverProperties = services['ambari-server-properties']
+ if 'authentication.ldap.baseDn' in serverProperties:
+ putRangerUgsyncSite('ranger.usersync.ldap.searchBase', serverProperties['authentication.ldap.baseDn'])
+ if 'authentication.ldap.groupMembershipAttr' in serverProperties:
+ putRangerUgsyncSite('ranger.usersync.group.memberattributename', serverProperties['authentication.ldap.groupMembershipAttr'])
+ if 'authentication.ldap.groupNamingAttr' in serverProperties:
+ putRangerUgsyncSite('ranger.usersync.group.nameattribute', serverProperties['authentication.ldap.groupNamingAttr'])
+ if 'authentication.ldap.groupObjectClass' in serverProperties:
+ putRangerUgsyncSite('ranger.usersync.group.objectclass', serverProperties['authentication.ldap.groupObjectClass'])
+ if 'authentication.ldap.managerDn' in serverProperties:
+ putRangerUgsyncSite('ranger.usersync.ldap.binddn', serverProperties['authentication.ldap.managerDn'])
+ if 'authentication.ldap.primaryUrl' in serverProperties:
+ ldap_protocol = 'ldap://'
+ if 'authentication.ldap.useSSL' in serverProperties and serverProperties['authentication.ldap.useSSL'] == 'true':
+ ldap_protocol = 'ldaps://'
+ ldapUrl = ldap_protocol + serverProperties['authentication.ldap.primaryUrl'] if serverProperties['authentication.ldap.primaryUrl'] else serverProperties['authentication.ldap.primaryUrl']
+ putRangerUgsyncSite('ranger.usersync.ldap.url', ldapUrl)
+ if 'authentication.ldap.userObjectClass' in serverProperties:
+ putRangerUgsyncSite('ranger.usersync.ldap.user.objectclass', serverProperties['authentication.ldap.userObjectClass'])
+ if 'authentication.ldap.usernameAttribute' in serverProperties:
+ putRangerUgsyncSite('ranger.usersync.ldap.user.nameattribute', serverProperties['authentication.ldap.usernameAttribute'])
+
+
+ # Recommend Ranger Authentication method
+ authMap = {
+ 'org.apache.ranger.unixusersync.process.UnixUserGroupBuilder': 'UNIX',
+ 'org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder': 'LDAP'
+ }
+
+ if 'ranger-ugsync-site' in services['configurations'] and 'ranger.usersync.source.impl.class' in services['configurations']["ranger-ugsync-site"]["properties"]:
+ rangerUserSyncClass = services['configurations']["ranger-ugsync-site"]["properties"]["ranger.usersync.source.impl.class"]
+ if rangerUserSyncClass in authMap:
+ rangerSqlConnectorProperty = authMap.get(rangerUserSyncClass)
+ putRangerAdminProperty('ranger.authentication.method', rangerSqlConnectorProperty)
+
+
+ if 'ranger-env' in services['configurations'] and 'is_solrCloud_enabled' in services['configurations']["ranger-env"]["properties"]:
+ isSolrCloudEnabled = services['configurations']["ranger-env"]["properties"]["is_solrCloud_enabled"] == "true"
+ else:
+ isSolrCloudEnabled = False
+
+ if isSolrCloudEnabled:
+ zookeeper_host_port = self.getZKHostPortString(services)
+ ranger_audit_zk_port = ''
+ if zookeeper_host_port:
+ ranger_audit_zk_port = '{0}/{1}'.format(zookeeper_host_port, 'ranger_audits')
+ putRangerAdminProperty('ranger.audit.solr.zookeepers', ranger_audit_zk_port)
+ else:
+ putRangerAdminProperty('ranger.audit.solr.zookeepers', 'NONE')
+
+ # Recommend ranger.audit.solr.zookeepers and xasecure.audit.destination.hdfs.dir
+ include_hdfs = "HDFS" in servicesList
+ if include_hdfs:
+ if 'core-site' in services['configurations'] and ('fs.defaultFS' in services['configurations']['core-site']['properties']):
+ default_fs = services['configurations']['core-site']['properties']['fs.defaultFS']
+ putRangerEnvProperty('xasecure.audit.destination.hdfs.dir', '{0}/{1}/{2}'.format(default_fs,'ranger','audit'))
+
+ # Recommend Ranger supported service's audit properties
+ ranger_services = [
+ {'service_name': 'HDFS', 'audit_file': 'ranger-hdfs-audit'},
+ {'service_name': 'YARN', 'audit_file': 'ranger-yarn-audit'},
+ {'service_name': 'HBASE', 'audit_file': 'ranger-hbase-audit'},
+ {'service_name': 'HIVE', 'audit_file': 'ranger-hive-audit'},
+ {'service_name': 'KNOX', 'audit_file': 'ranger-knox-audit'},
+ {'service_name': 'KAFKA', 'audit_file': 'ranger-kafka-audit'},
+ {'service_name': 'STORM', 'audit_file': 'ranger-storm-audit'}
+ ]
+
+ for item in range(len(ranger_services)):
+ if ranger_services[item]['service_name'] in servicesList:
+ component_audit_file = ranger_services[item]['audit_file']
+ if component_audit_file in services["configurations"]:
+ ranger_audit_dict = [
+ {'filename': 'ranger-env', 'configname': 'xasecure.audit.destination.db', 'target_configname': 'xasecure.audit.destination.db'},
+ {'filename': 'ranger-env', 'configname': 'xasecure.audit.destination.hdfs', 'target_configname': 'xasecure.audit.destination.hdfs'},
+ {'filename': 'ranger-env', 'configname': 'xasecure.audit.destination.hdfs.dir', 'target_configname': 'xasecure.audit.destination.hdfs.dir'},
+ {'filename': 'ranger-env', 'configname': 'xasecure.audit.destination.solr', 'target_configname': 'xasecure.audit.destination.solr'},
+ {'filename': 'ranger-admin-site', 'configname': 'ranger.audit.solr.urls', 'target_configname': 'xasecure.audit.destination.solr.urls'},
+ {'filename': 'ranger-admin-site', 'configname': 'ranger.audit.solr.zookeepers', 'target_configname': 'xasecure.audit.destination.solr.zookeepers'}
+ ]
+ putRangerAuditProperty = self.putProperty(configurations, component_audit_file, services)
+
+ for item in ranger_audit_dict:
+ if item['filename'] in services["configurations"] and item['configname'] in services["configurations"][item['filename']]["properties"]:
+ if item['filename'] in configurations and item['configname'] in configurations[item['filename']]["properties"]:
+ rangerAuditProperty = configurations[item['filename']]["properties"][item['configname']]
+ else:
+ rangerAuditProperty = services["configurations"][item['filename']]["properties"][item['configname']]
+ putRangerAuditProperty(item['target_configname'], rangerAuditProperty)
+
+ audit_solr_flag = 'false'
+ audit_db_flag = 'false'
+ ranger_audit_source_type = 'solr'
+ if 'ranger-env' in services['configurations'] and 'xasecure.audit.destination.solr' in services['configurations']["ranger-env"]["properties"]:
+ audit_solr_flag = services['configurations']["ranger-env"]["properties"]['xasecure.audit.destination.solr']
+ if 'ranger-env' in services['configurations'] and 'xasecure.audit.destination.db' in services['configurations']["ranger-env"]["properties"]:
+ audit_db_flag = services['configurations']["ranger-env"]["properties"]['xasecure.audit.destination.db']
+
+ if audit_db_flag == 'true' and audit_solr_flag == 'false':
+ ranger_audit_source_type = 'db'
+ putRangerAdminProperty('ranger.audit.source.type',ranger_audit_source_type)
+
+ knox_host = 'localhost'
+ knox_port = '8443'
+ if 'KNOX' in servicesList:
+ knox_hosts = self.getComponentHostNames(services, "KNOX", "KNOX_GATEWAY")
+ if len(knox_hosts) > 0:
+ knox_hosts.sort()
+ knox_host = knox_hosts[0]
+ if 'gateway-site' in services['configurations'] and 'gateway.port' in services['configurations']["gateway-site"]["properties"]:
+ knox_port = services['configurations']["gateway-site"]["properties"]['gateway.port']
+ putRangerAdminProperty('ranger.sso.providerurl', 'https://{0}:{1}/gateway/knoxsso/api/v1/websso'.format(knox_host, knox_port))
+
+ required_services = [
+ {'service_name': 'HDFS', 'config_type': 'ranger-hdfs-security'},
+ {'service_name': 'YARN', 'config_type': 'ranger-yarn-security'},
+ {'service_name': 'HBASE', 'config_type': 'ranger-hbase-security'},
+ {'service_name': 'HIVE', 'config_type': 'ranger-hive-security'},
+ {'service_name': 'KNOX', 'config_type': 'ranger-knox-security'},
+ {'service_name': 'KAFKA', 'config_type': 'ranger-kafka-security'},
+ {'service_name': 'RANGER_KMS','config_type': 'ranger-kms-security'},
+ {'service_name': 'STORM', 'config_type': 'ranger-storm-security'}
+ ]
+
+ # recommendation for ranger url for ranger-supported plugins
+ self.recommendRangerUrlConfigurations(configurations, services, required_services)
+
+
+ def recommendRangerConfigurationsFromHDP25(self, configurations, clusterData, services, hosts):
+ servicesList = [service["StackServices"]["service_name"] for service in services["services"]]
+ has_ranger_tagsync = False
+
+ putTagsyncAppProperty = self.putProperty(configurations, "tagsync-application-properties", services)
+ putTagsyncSiteProperty = self.putProperty(configurations, "ranger-tagsync-site", services)
+ putRangerAdminProperty = self.putProperty(configurations, "ranger-admin-site", services)
+ putRangerEnvProperty = self.putProperty(configurations, "ranger-env", services)
+
+ application_properties = self.getServicesSiteProperties(services, "application-properties")
+
+ ranger_tagsync_host = self.getHostsForComponent(services, "RANGER", "RANGER_TAGSYNC")
+ has_ranger_tagsync = len(ranger_tagsync_host) > 0
+
+ if 'ATLAS' in servicesList and has_ranger_tagsync:
+ atlas_hosts = self.getHostNamesWithComponent("ATLAS", "ATLAS_SERVER", services)
+ atlas_host = 'localhost' if len(atlas_hosts) == 0 else atlas_hosts[0]
+ protocol = 'http'
+ atlas_port = '21000'
+
+ if application_properties and 'atlas.enableTLS' in application_properties and application_properties['atlas.enableTLS'].lower() == 'true':
+ protocol = 'https'
+ if 'atlas.server.https.port' in application_properties:
+ atlas_port = application_properties['atlas.server.https.port']
+ else:
+ protocol = 'http'
+ if application_properties and 'atlas.server.http.port' in application_properties:
+ atlas_port = application_properties['atlas.server.http.port']
+
+ atlas_rest_endpoint = '{0}://{1}:{2}'.format(protocol, atlas_host, atlas_port)
+
+ putTagsyncSiteProperty('ranger.tagsync.source.atlas', 'true')
+ putTagsyncSiteProperty('ranger.tagsync.source.atlasrest.endpoint', atlas_rest_endpoint)
+
+ zookeeper_host_port = self.getZKHostPortString(services)
+ if zookeeper_host_port and has_ranger_tagsync:
+ putTagsyncAppProperty('atlas.kafka.zookeeper.connect', zookeeper_host_port)
+
+ if 'KAFKA' in servicesList and has_ranger_tagsync:
+ kafka_hosts = self.getHostNamesWithComponent("KAFKA", "KAFKA_BROKER", services)
+ kafka_port = '6667'
+ if 'kafka-broker' in services['configurations'] and (
+ 'port' in services['configurations']['kafka-broker']['properties']):
+ kafka_port = services['configurations']['kafka-broker']['properties']['port']
+ kafka_host_port = []
+ for i in range(len(kafka_hosts)):
+ kafka_host_port.append(kafka_hosts[i] + ':' + kafka_port)
+
+ final_kafka_host = ",".join(kafka_host_port)
+ putTagsyncAppProperty('atlas.kafka.bootstrap.servers', final_kafka_host)
+
+ is_solr_cloud_enabled = False
+ if 'ranger-env' in services['configurations'] and 'is_solrCloud_enabled' in services['configurations']['ranger-env']['properties']:
+ is_solr_cloud_enabled = services['configurations']['ranger-env']['properties']['is_solrCloud_enabled'] == 'true'
+
+ is_external_solr_cloud_enabled = False
+ if 'ranger-env' in services['configurations'] and 'is_external_solrCloud_enabled' in services['configurations']['ranger-env']['properties']:
+ is_external_solr_cloud_enabled = services['configurations']['ranger-env']['properties']['is_external_solrCloud_enabled'] == 'true'
+
+ ranger_audit_zk_port = ''
+
+ if 'AMBARI_INFRA' in servicesList and zookeeper_host_port and is_solr_cloud_enabled and not is_external_solr_cloud_enabled:
+ zookeeper_host_port = zookeeper_host_port.split(',')
+ zookeeper_host_port.sort()
+ zookeeper_host_port = ",".join(zookeeper_host_port)
+ infra_solr_znode = '/infra-solr'
+
+ if 'infra-solr-env' in services['configurations'] and \
+ ('infra_solr_znode' in services['configurations']['infra-solr-env']['properties']):
+ infra_solr_znode = services['configurations']['infra-solr-env']['properties']['infra_solr_znode']
+ ranger_audit_zk_port = '{0}{1}'.format(zookeeper_host_port, infra_solr_znode)
+ putRangerAdminProperty('ranger.audit.solr.zookeepers', ranger_audit_zk_port)
+ elif zookeeper_host_port and is_solr_cloud_enabled and is_external_solr_cloud_enabled:
+ ranger_audit_zk_port = '{0}/{1}'.format(zookeeper_host_port, 'ranger_audits')
+ putRangerAdminProperty('ranger.audit.solr.zookeepers', ranger_audit_zk_port)
+ else:
+ putRangerAdminProperty('ranger.audit.solr.zookeepers', 'NONE')
+
+ ranger_services = [
+ {'service_name': 'HDFS', 'audit_file': 'ranger-hdfs-audit'},
+ {'service_name': 'YARN', 'audit_file': 'ranger-yarn-audit'},
+ {'service_name': 'HBASE', 'audit_file': 'ranger-hbase-audit'},
+ {'service_name': 'HIVE', 'audit_file': 'ranger-hive-audit'},
+ {'service_name': 'KNOX', 'audit_file': 'ranger-knox-audit'},
+ {'service_name': 'KAFKA', 'audit_file': 'ranger-kafka-audit'},
+ {'service_name': 'STORM', 'audit_file': 'ranger-storm-audit'},
+ {'service_name': 'RANGER_KMS', 'audit_file': 'ranger-kms-audit'},
+ {'service_name': 'ATLAS', 'audit_file': 'ranger-atlas-audit'}
+ ]
+
+ for item in range(len(ranger_services)):
+ if ranger_services[item]['service_name'] in servicesList:
+ component_audit_file = ranger_services[item]['audit_file']
+ if component_audit_file in services["configurations"]:
+ ranger_audit_dict = [
+ {'filename': 'ranger-admin-site', 'configname': 'ranger.audit.solr.urls', 'target_configname': 'xasecure.audit.destination.solr.urls'},
+ {'filename': 'ranger-admin-site', 'configname': 'ranger.audit.solr.zookeepers', 'target_configname': 'xasecure.audit.destination.solr.zookeepers'}
+ ]
+ putRangerAuditProperty = self.putProperty(configurations, component_audit_file, services)
+
+ for item in ranger_audit_dict:
+ if item['filename'] in services["configurations"] and item['configname'] in services["configurations"][item['filename']]["properties"]:
+ if item['filename'] in configurations and item['configname'] in configurations[item['filename']]["properties"]:
+ rangerAuditProperty = configurations[item['filename']]["properties"][item['configname']]
+ else:
+ rangerAuditProperty = services["configurations"][item['filename']]["properties"][item['configname']]
+ putRangerAuditProperty(item['target_configname'], rangerAuditProperty)
+
+ if "HDFS" in servicesList:
+ hdfs_user = None
+ if "hadoop-env" in services["configurations"] and "hdfs_user" in services["configurations"]["hadoop-env"]["properties"]:
+ hdfs_user = services["configurations"]["hadoop-env"]["properties"]["hdfs_user"]
+ putRangerAdminProperty('ranger.kms.service.user.hdfs', hdfs_user)
+
+ if "HIVE" in servicesList:
+ hive_user = None
+ if "hive-env" in services["configurations"] and "hive_user" in services["configurations"]["hive-env"]["properties"]:
+ hive_user = services["configurations"]["hive-env"]["properties"]["hive_user"]
+ putRangerAdminProperty('ranger.kms.service.user.hive', hive_user)
+
+ ranger_plugins_serviceuser = [
+ {'service_name': 'HDFS', 'file_name': 'hadoop-env', 'config_name': 'hdfs_user', 'target_configname': 'ranger.plugins.hdfs.serviceuser'},
+ {'service_name': 'HIVE', 'file_name': 'hive-env', 'config_name': 'hive_user', 'target_configname': 'ranger.plugins.hive.serviceuser'},
+ {'service_name': 'YARN', 'file_name': 'yarn-env', 'config_name': 'yarn_user', 'target_configname': 'ranger.plugins.yarn.serviceuser'},
+ {'service_name': 'HBASE', 'file_name': 'hbase-env', 'config_name': 'hbase_user', 'target_configname': 'ranger.plugins.hbase.serviceuser'},
+ {'service_name': 'KNOX', 'file_name': 'knox-env', 'config_name': 'knox_user', 'target_configname': 'ranger.plugins.knox.serviceuser'},
+ {'service_name': 'STORM', 'file_name': 'storm-env', 'config_name': 'storm_user', 'target_configname': 'ranger.plugins.storm.serviceuser'},
+ {'service_name': 'KAFKA', 'file_name': 'kafka-env', 'config_name': 'kafka_user', 'target_configname': 'ranger.plugins.kafka.serviceuser'},
+ {'service_name': 'RANGER_KMS', 'file_name': 'kms-env', 'config_name': 'kms_user', 'target_configname': 'ranger.plugins.kms.serviceuser'},
+ {'service_name': 'ATLAS', 'file_name': 'atlas-env', 'config_name': 'metadata_user', 'target_configname': 'ranger.plugins.atlas.serviceuser'}
+ ]
+
+ for item in range(len(ranger_plugins_serviceuser)):
+ if ranger_plugins_serviceuser[item]['service_name'] in servicesList:
+ file_name = ranger_plugins_serviceuser[item]['file_name']
+ config_name = ranger_plugins_serviceuser[item]['config_name']
+ target_configname = ranger_plugins_serviceuser[item]['target_configname']
+ if file_name in services["configurations"] and config_name in services["configurations"][file_name]["properties"]:
+ service_user = services["configurations"][file_name]["properties"][config_name]
+ putRangerAdminProperty(target_configname, service_user)
+
+ if "ATLAS" in servicesList:
+ if "ranger-env" in services["configurations"]:
+ putAtlasRangerAuditProperty = self.putProperty(configurations, 'ranger-atlas-audit', services)
+ xasecure_audit_destination_hdfs = ''
+ xasecure_audit_destination_hdfs_dir = ''
+ xasecure_audit_destination_solr = ''
+ if 'xasecure.audit.destination.hdfs' in configurations['ranger-env']['properties']:
+ xasecure_audit_destination_hdfs = configurations['ranger-env']['properties']['xasecure.audit.destination.hdfs']
+ else:
+ xasecure_audit_destination_hdfs = services['configurations']['ranger-env']['properties']['xasecure.audit.destination.hdfs']
+
+ if 'core-site' in services['configurations'] and ('fs.defaultFS' in services['configurations']['core-site']['properties']):
+ xasecure_audit_destination_hdfs_dir = '{0}/{1}/{2}'.format(services['configurations']['core-site']['properties']['fs.defaultFS'] ,'ranger','audit')
+
+ if 'xasecure.audit.destination.solr' in configurations['ranger-env']['properties']:
+ xasecure_audit_destination_solr = configurations['ranger-env']['properties']['xasecure.audit.destination.solr']
+ else:
+ xasecure_audit_destination_solr = services['configurations']['ranger-env']['properties']['xasecure.audit.destination.solr']
+
+ putAtlasRangerAuditProperty('xasecure.audit.destination.hdfs',xasecure_audit_destination_hdfs)
+ putAtlasRangerAuditProperty('xasecure.audit.destination.hdfs.dir',xasecure_audit_destination_hdfs_dir)
+ putAtlasRangerAuditProperty('xasecure.audit.destination.solr',xasecure_audit_destination_solr)
+ required_services = [
+ {'service_name': 'ATLAS', 'config_type': 'ranger-atlas-security'}
+ ]
+
+ # recommendation for ranger url for ranger-supported plugins
+ self.recommendRangerUrlConfigurations(configurations, services, required_services)
+
+
+ def recommendRangerConfigurationsFromHDP26(self, configurations, clusterData, services, hosts):
+
+ putRangerUgsyncSite = self.putProperty(configurations, 'ranger-ugsync-site', services)
+
+ delta_sync_enabled = False
+ if 'ranger-ugsync-site' in services['configurations'] and 'ranger.usersync.ldap.deltasync' in services['configurations']['ranger-ugsync-site']['properties']:
+ delta_sync_enabled = services['configurations']['ranger-ugsync-site']['properties']['ranger.usersync.ldap.deltasync'] == "true"
+
+ if delta_sync_enabled:
+ putRangerUgsyncSite("ranger.usersync.group.searchenabled", "true")
+ else:
+ putRangerUgsyncSite("ranger.usersync.group.searchenabled", "false")
+
+
+
+
+
+class RangerValidator(service_advisor.ServiceAdvisor):
+ """
+ Ranger Validator checks the correctness of properties whenever the service is first added or the user attempts to
+ change configs via the UI.
+ """
+
+ def __init__(self, *args, **kwargs):
+ self.as_super = super(RangerValidator, self)
+ self.as_super.__init__(*args, **kwargs)
+
+ self.validators = [("ranger-env", self.validateRangerConfigurationsEnvFromHDP22),
+ ("admin-properties", self.validateRangerAdminConfigurationsFromHDP23),
+ ("ranger-env", self.validateRangerConfigurationsEnvFromHDP23),
+ ("ranger-tagsync-site", self.validateRangerTagsyncConfigurationsFromHDP25),
+ ("ranger-ugsync-site", self.validateRangerUsersyncConfigurationsFromHDP26)]
+
+
+
+ def validateRangerConfigurationsEnvFromHDP22(self, properties, recommendedDefaults, configurations, services, hosts):
+ ranger_env_properties = properties
+ validationItems = []
+ servicesList = [service["StackServices"]["service_name"] for service in services["services"]]
+ if "ranger-storm-plugin-enabled" in ranger_env_properties and ranger_env_properties['ranger-storm-plugin-enabled'].lower() == 'yes' and not 'KERBEROS' in servicesList:
+ validationItems.append({"config-name": "ranger-storm-plugin-enabled",
+ "item": self.getWarnItem("Ranger Storm plugin should not be enabled in non-kerberos environment.")})
+ return self.toConfigurationValidationProblems(validationItems, "ranger-env")
+
+ def validateRangerAdminConfigurationsFromHDP23(self, properties, recommendedDefaults, configurations, services, hosts):
+ ranger_site = properties
+ validationItems = []
+ servicesList = [service["StackServices"]["service_name"] for service in services["services"]]
+ if 'RANGER' in servicesList and 'policymgr_external_url' in ranger_site:
+ policymgr_mgr_url = ranger_site['policymgr_external_url']
+ if policymgr_mgr_url.endswith('/'):
+ validationItems.append({'config-name':'policymgr_external_url',
+ 'item':self.getWarnItem('Ranger External URL should not contain trailing slash "/"')})
+ return self.toConfigurationValidationProblems(validationItems,'admin-properties')
+
+
+ def validateRangerConfigurationsEnvFromHDP23(self, properties, recommendedDefaults, configurations, services, hosts):
+ ranger_env_properties = properties
+ validationItems = []
+ security_enabled = self.isSecurityEnabled(services)
+
+ if "ranger-kafka-plugin-enabled" in ranger_env_properties and ranger_env_properties["ranger-kafka-plugin-enabled"].lower() == 'yes' and not security_enabled:
+ validationItems.append({"config-name": "ranger-kafka-plugin-enabled",
+ "item": self.getWarnItem(
+ "Ranger Kafka plugin should not be enabled in non-kerberos environment.")})
+
+ validationProblems = self.toConfigurationValidationProblems(validationItems, "ranger-env")
+ return validationProblems
+
+
+ def validateRangerTagsyncConfigurationsFromHDP25(self, properties, recommendedDefaults, configurations, services, hosts):
+ ranger_tagsync_properties = properties
+ validationItems = []
+ servicesList = [service["StackServices"]["service_name"] for service in services["services"]]
+
+ has_atlas = False
+ if "RANGER" in servicesList:
+ has_atlas = not "ATLAS" in servicesList
+
+ if has_atlas and 'ranger.tagsync.source.atlas' in ranger_tagsync_properties and \
+ ranger_tagsync_properties['ranger.tagsync.source.atlas'].lower() == 'true':
+ validationItems.append({"config-name": "ranger.tagsync.source.atlas",
+ "item": self.getWarnItem(
+ "Need to Install ATLAS service to set ranger.tagsync.source.atlas as true.")})
+
+ return self.toConfigurationValidationProblems(validationItems, "ranger-tagsync-site")
+
+ def validateRangerUsersyncConfigurationsFromHDP26(self, properties, recommendedDefaults, configurations, services, hosts):
+ ranger_usersync_properties = properties
+ validationItems = []
+
+ delta_sync_enabled = 'ranger.usersync.ldap.deltasync' in ranger_usersync_properties \
+ and ranger_usersync_properties['ranger.usersync.ldap.deltasync'].lower() == 'true'
+ group_sync_enabled = 'ranger.usersync.group.searchenabled' in ranger_usersync_properties \
+ and ranger_usersync_properties['ranger.usersync.group.searchenabled'].lower() == 'true'
+ usersync_source_ldap_enabled = 'ranger.usersync.source.impl.class' in ranger_usersync_properties \
+ and ranger_usersync_properties['ranger.usersync.source.impl.class'] == 'org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder'
+
+ if usersync_source_ldap_enabled and delta_sync_enabled and not group_sync_enabled:
+ validationItems.append({"config-name": "ranger.usersync.group.searchenabled",
+ "item": self.getWarnItem(
+ "Need to set ranger.usersync.group.searchenabled as true, as ranger.usersync.ldap.deltasync is enabled")})
+
+ return self.toConfigurationValidationProblems(validationItems, "ranger-ugsync-site")
\ No newline at end of file
[05/26] ambari git commit: AMBARI-20974. Ambari fails to start due to
NPE after installation of HDF mpack - Addendum (mradhakrishnan)
Posted by jo...@apache.org.
AMBARI-20974. Ambari fails to start due to NPE after installation of HDF mpack - Addendum (mradhakrishnan)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/09ca0316
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/09ca0316
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/09ca0316
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 09ca0316d42240ea375e83b901ad3a4b0f55b37a
Parents: a60f132
Author: Madhuvanthi Radhakrishnan <mr...@hortonworks.com>
Authored: Wed May 10 14:26:55 2017 -0700
Committer: Madhuvanthi Radhakrishnan <mr...@hortonworks.com>
Committed: Wed May 10 14:26:55 2017 -0700
----------------------------------------------------------------------
ambari-server/src/main/python/ambari_server/setupMpacks.py | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/09ca0316/ambari-server/src/main/python/ambari_server/setupMpacks.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/python/ambari_server/setupMpacks.py b/ambari-server/src/main/python/ambari_server/setupMpacks.py
index 1bb7a70..aaf9c10 100755
--- a/ambari-server/src/main/python/ambari_server/setupMpacks.py
+++ b/ambari-server/src/main/python/ambari_server/setupMpacks.py
@@ -798,9 +798,10 @@ def _install_mpack(options, replay_mode=False, is_upgrade=False):
ambari_user = read_ambari_user()
- # This is required when a non-admin user is configured to setup ambari-server
- print_info_msg("Adjusting file permissions and ownerships")
- for pack in adjust_ownership_list:
+ if ambari_user:
+ # This is required when a non-admin user is configured to setup ambari-server
+ print_info_msg("Adjusting file permissions and ownerships")
+ for pack in adjust_ownership_list:
file = pack[0]
mod = pack[1]
user = pack[2].format(ambari_user)
@@ -808,7 +809,7 @@ def _install_mpack(options, replay_mode=False, is_upgrade=False):
logger.info("Setting file permissions: {0} {1} {2} {3}".format(file, mod, user, recursive))
set_file_permissions(file, mod, user, recursive)
- for pack in change_ownership_list:
+ for pack in change_ownership_list:
path = pack[0]
user = pack[1].format(ambari_user)
recursive = pack[2]
[08/26] ambari git commit: AMBARI-20978 Ambari 3.0: Outstanding new
components issues, additional patch. (atkach)
Posted by jo...@apache.org.
AMBARI-20978 Ambari 3.0: Outstanding new components issues, additional patch. (atkach)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/55750b92
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/55750b92
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/55750b92
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 55750b92a4f7ad00d2a63211f8b34364b47df289
Parents: 4b3cbef
Author: Andrii Tkach <at...@apache.org>
Authored: Thu May 11 13:49:12 2017 +0300
Committer: Andrii Tkach <at...@apache.org>
Committed: Thu May 11 13:49:12 2017 +0300
----------------------------------------------------------------------
ambari-web/app/styles/theme/bootstrap-ambari.css | 2 ++
ambari-web/app/styles/wizard.less | 6 ------
2 files changed, 2 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/55750b92/ambari-web/app/styles/theme/bootstrap-ambari.css
----------------------------------------------------------------------
diff --git a/ambari-web/app/styles/theme/bootstrap-ambari.css b/ambari-web/app/styles/theme/bootstrap-ambari.css
index 7f95dab..77bb086 100644
--- a/ambari-web/app/styles/theme/bootstrap-ambari.css
+++ b/ambari-web/app/styles/theme/bootstrap-ambari.css
@@ -389,6 +389,8 @@ h2.table-title {
}
.table input[type="checkbox"] + label {
position: relative;
+ line-height: 1.3em;
+ font-size: initial;
top: 4px;
margin-bottom: 0;
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/55750b92/ambari-web/app/styles/wizard.less
----------------------------------------------------------------------
diff --git a/ambari-web/app/styles/wizard.less b/ambari-web/app/styles/wizard.less
index 407d965..130896dd 100644
--- a/ambari-web/app/styles/wizard.less
+++ b/ambari-web/app/styles/wizard.less
@@ -199,12 +199,6 @@
color: #00688B;
}
}
- #step4 {
- .checkbox > div {
- line-height: 1.3em;
- font-size: initial;
- }
- }
#step6 {
.pre-scrollable {
max-height: 440px;
[20/26] ambari git commit: AMBARI-20985. HDP 3.0 TP - create service
definition for Ranger with configs, kerberos, widgets, etc.(vbrodetskyi)
Posted by jo...@apache.org.
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_admin.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_admin.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_admin.py
new file mode 100644
index 0000000..b849d58
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_admin.py
@@ -0,0 +1,217 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+from resource_management.core.exceptions import Fail
+from resource_management.libraries.functions.check_process_status import check_process_status
+from resource_management.libraries.functions import stack_select
+from resource_management.libraries.functions import conf_select
+from resource_management.libraries.functions.constants import Direction
+from resource_management.libraries.script import Script
+from resource_management.core.resources.system import Execute, File
+from resource_management.core.exceptions import ComponentIsNotRunning
+from resource_management.libraries.functions.format import format
+from resource_management.core.logger import Logger
+from resource_management.core import shell
+from ranger_service import ranger_service
+from setup_ranger_xml import setup_ranger_audit_solr, setup_ranger_admin_passwd_change
+from resource_management.libraries.functions import solr_cloud_util
+from ambari_commons.constants import UPGRADE_TYPE_NON_ROLLING, UPGRADE_TYPE_ROLLING
+from resource_management.libraries.functions.constants import Direction
+import upgrade
+import os, errno
+
+class RangerAdmin(Script):
+
+ def get_component_name(self):
+ return "ranger-admin"
+
+ def install(self, env):
+ self.install_packages(env)
+ import params
+ env.set_params(params)
+ # call config and setup db only in case of HDP version < 2.6
+ if not params.stack_supports_ranger_setup_db_on_start:
+ self.configure(env, setup_db=True)
+
+ def stop(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ if upgrade_type == UPGRADE_TYPE_NON_ROLLING and params.upgrade_direction == Direction.UPGRADE:
+ if params.stack_supports_rolling_upgrade and not params.stack_supports_config_versioning and os.path.isfile(format('{ranger_home}/ews/stop-ranger-admin.sh')):
+ File(format('{ranger_home}/ews/stop-ranger-admin.sh'),
+ owner=params.unix_user,
+ group = params.unix_group
+ )
+
+ Execute(format('{params.ranger_stop}'), environment={'JAVA_HOME': params.java_home}, user=params.unix_user)
+ if params.stack_supports_pid:
+ File(params.ranger_admin_pid_file,
+ action = "delete"
+ )
+
+ def pre_upgrade_restart(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ upgrade.prestart(env, "ranger-admin")
+
+ self.set_ru_rangeradmin_in_progress(params.upgrade_marker_file)
+
+ def post_upgrade_restart(self,env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ if os.path.isfile(params.upgrade_marker_file):
+ os.remove(params.upgrade_marker_file)
+
+ def start(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ # setup db only if in case HDP version is > 2.6
+ self.configure(env, upgrade_type=upgrade_type, setup_db=params.stack_supports_ranger_setup_db_on_start)
+
+ if params.stack_supports_infra_client and params.audit_solr_enabled and params.is_solrCloud_enabled:
+ solr_cloud_util.setup_solr_client(params.config, custom_log4j = params.custom_log4j)
+ setup_ranger_audit_solr()
+
+ ranger_service('ranger_admin')
+
+
+ def status(self, env):
+ import status_params
+
+ env.set_params(status_params)
+
+ if status_params.stack_supports_pid:
+ check_process_status(status_params.ranger_admin_pid_file)
+ return
+
+ cmd = 'ps -ef | grep proc_rangeradmin | grep -v grep'
+ code, output = shell.call(cmd, timeout=20)
+
+ if code != 0:
+ if self.is_ru_rangeradmin_in_progress(status_params.upgrade_marker_file):
+ Logger.info('Ranger admin process not running - skipping as stack upgrade is in progress')
+ else:
+ Logger.debug('Ranger admin process not running')
+ raise ComponentIsNotRunning()
+ pass
+
+ def configure(self, env, upgrade_type=None, setup_db=False):
+ import params
+ env.set_params(params)
+ if params.xml_configurations_supported:
+ from setup_ranger_xml import ranger
+ else:
+ from setup_ranger import ranger
+
+ # set up db if we are not upgrading and setup_db is true
+ if setup_db and upgrade_type is None:
+ if params.xml_configurations_supported:
+ from setup_ranger_xml import setup_ranger_db
+ setup_ranger_db()
+
+ ranger('ranger_admin', upgrade_type=upgrade_type)
+
+ # set up java patches if we are not upgrading and setup_db is true
+ if setup_db and upgrade_type is None:
+ if params.xml_configurations_supported:
+ from setup_ranger_xml import setup_java_patch
+ setup_java_patch()
+
+ if params.stack_supports_ranger_admin_password_change:
+ setup_ranger_admin_passwd_change()
+
+ def set_ru_rangeradmin_in_progress(self, upgrade_marker_file):
+ config_dir = os.path.dirname(upgrade_marker_file)
+ try:
+ msg = "Starting Upgrade"
+ if (not os.path.exists(config_dir)):
+ os.makedirs(config_dir)
+ ofp = open(upgrade_marker_file, 'w')
+ ofp.write(msg)
+ ofp.close()
+ except OSError as exc:
+ if exc.errno == errno.EEXIST and os.path.isdir(config_dir):
+ pass
+ else:
+ raise
+
+ def is_ru_rangeradmin_in_progress(self, upgrade_marker_file):
+ return os.path.isfile(upgrade_marker_file)
+
+ def setup_ranger_database(self, env):
+ import params
+ env.set_params(params)
+
+ upgrade_stack = stack_select._get_upgrade_stack()
+ if upgrade_stack is None:
+ raise Fail('Unable to determine the stack and stack version')
+
+ stack_version = upgrade_stack[1]
+
+ if params.xml_configurations_supported and params.upgrade_direction == Direction.UPGRADE:
+ Logger.info(format('Setting Ranger database schema, using version {stack_version}'))
+
+ from setup_ranger_xml import setup_ranger_db
+ setup_ranger_db(stack_version=stack_version)
+
+ def setup_ranger_java_patches(self, env):
+ import params
+ env.set_params(params)
+
+ upgrade_stack = stack_select._get_upgrade_stack()
+ if upgrade_stack is None:
+ raise Fail('Unable to determine the stack and stack version')
+
+ stack_version = upgrade_stack[1]
+
+ if params.xml_configurations_supported and params.upgrade_direction == Direction.UPGRADE:
+ Logger.info(format('Applying Ranger java patches, using version {stack_version}'))
+
+ from setup_ranger_xml import setup_java_patch
+ setup_java_patch(stack_version=stack_version)
+
+ def set_pre_start(self, env):
+ import params
+ env.set_params(params)
+
+ upgrade_stack = stack_select._get_upgrade_stack()
+ if upgrade_stack is None:
+ raise Fail('Unable to determine the stack and stack version')
+
+ stack_name = upgrade_stack[0]
+ stack_version = upgrade_stack[1]
+
+ stack_select.select("ranger-admin", stack_version)
+ conf_select.select(stack_name, "ranger-admin", stack_version)
+
+ def get_log_folder(self):
+ import params
+ return params.admin_log_dir
+
+ def get_user(self):
+ import params
+ return params.unix_user
+
+if __name__ == "__main__":
+ RangerAdmin().execute()
+
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_service.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_service.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_service.py
new file mode 100644
index 0000000..0355049
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_service.py
@@ -0,0 +1,69 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+
+from resource_management.libraries.functions.format import format
+from resource_management.libraries.functions.show_logs import show_logs
+from resource_management.core.resources.system import Execute
+
+def ranger_service(name, action=None):
+ import params
+
+ env_dict = {'JAVA_HOME': params.java_home}
+ if params.db_flavor.lower() == 'sqla':
+ env_dict = {'JAVA_HOME': params.java_home, 'LD_LIBRARY_PATH': params.ld_lib_path}
+
+ if name == 'ranger_admin':
+ no_op_test = format('ps -ef | grep proc_rangeradmin | grep -v grep')
+ try:
+ Execute(params.ranger_start, environment=env_dict, user=params.unix_user, not_if=no_op_test)
+ except:
+ show_logs(params.admin_log_dir, params.unix_user)
+ raise
+ elif name == 'ranger_usersync':
+ no_op_test = format('ps -ef | grep proc_rangerusersync | grep -v grep')
+ if params.stack_supports_usersync_non_root:
+ try:
+ Execute(params.usersync_start,
+ environment=env_dict,
+ not_if=no_op_test,
+ user=params.unix_user
+ )
+ except:
+ show_logs(params.usersync_log_dir, params.unix_user)
+ raise
+ else:
+ # Usersync requires to be run as root for 2.2
+ Execute((params.usersync_start,),
+ environment={'JAVA_HOME': params.java_home},
+ not_if=no_op_test,
+ sudo=True
+ )
+ elif name == 'ranger_tagsync' and params.stack_supports_ranger_tagsync:
+ no_op_test = format('ps -ef | grep proc_rangertagsync | grep -v grep')
+ cmd = format('{tagsync_services_file} start')
+ try:
+ Execute(cmd,
+ environment=env_dict,
+ user=params.unix_user,
+ not_if=no_op_test
+ )
+ except:
+ show_logs(params.tagsync_log_dir, params.unix_user)
+ raise
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_tagsync.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_tagsync.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_tagsync.py
new file mode 100644
index 0000000..008fb99
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_tagsync.py
@@ -0,0 +1,139 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+from resource_management.libraries.script import Script
+from resource_management.libraries.functions import conf_select
+from resource_management.libraries.functions import stack_select
+from resource_management.core.resources.system import Execute, File
+from resource_management.libraries.functions.check_process_status import check_process_status
+from resource_management.core.exceptions import ComponentIsNotRunning
+from resource_management.libraries.functions.format import format
+from resource_management.core.logger import Logger
+from resource_management.core import shell
+from ranger_service import ranger_service
+from setup_ranger_xml import ranger, ranger_credential_helper
+from resource_management.core.exceptions import Fail
+import upgrade
+
+class RangerTagsync(Script):
+
+ def install(self, env):
+ self.install_packages(env)
+ import params
+ env.set_params(params)
+
+ ranger_credential_helper(params.tagsync_cred_lib, 'tagadmin.user.password', 'rangertagsync', params.tagsync_jceks_path)
+ File(params.tagsync_jceks_path,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+ if params.stack_supports_ranger_tagsync_ssl_xml_support:
+ Logger.info("Stack support Atlas user for Tagsync, creating keystore for same.")
+ self.create_atlas_user_keystore(env)
+ else:
+ Logger.info("Stack does not support Atlas user for Tagsync, skipping keystore creation for same.")
+
+ self.configure(env)
+
+ def configure(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+ ranger('ranger_tagsync', upgrade_type=upgrade_type)
+
+ def start(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ self.configure(env, upgrade_type=upgrade_type)
+ ranger_service('ranger_tagsync')
+
+ def stop(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ Execute(format('{tagsync_services_file} stop'), environment={'JAVA_HOME': params.java_home}, user=params.unix_user)
+ File(params.tagsync_pid_file,
+ action = "delete"
+ )
+
+ def status(self, env):
+ import status_params
+ env.set_params(status_params)
+
+ check_process_status(status_params.tagsync_pid_file)
+
+ def pre_upgrade_restart(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ if params.stack_supports_ranger_tagsync:
+ Logger.info("Executing Ranger Tagsync Stack Upgrade pre-restart")
+ conf_select.select(params.stack_name, "ranger-tagsync", params.version)
+ stack_select.select("ranger-tagsync", params.version)
+
+ def get_component_name(self):
+ return "ranger-tagsync"
+
+ def get_log_folder(self):
+ import params
+ return params.tagsync_log_dir
+
+ def get_user(self):
+ import params
+ return params.unix_user
+
+ def get_pid_files(self):
+ import status_params
+ return [status_params.tagsync_pid_file]
+
+ def configure_atlas_user_for_tagsync(self, env):
+ Logger.info("Configuring Atlas user for Tagsync service.")
+ import params
+ env.set_params(params)
+
+ upgrade_stack = stack_select._get_upgrade_stack()
+ if upgrade_stack is None:
+ raise Fail('Unable to determine the stack and stack version')
+
+ stack_name = upgrade_stack[0]
+ stack_version = upgrade_stack[1]
+
+ stack_select.select("ranger-tagsync", stack_version)
+ conf_select.select(stack_name, "ranger-tagsync", stack_version)
+ if params.stack_supports_ranger_tagsync_ssl_xml_support:
+ Logger.info("Upgrading Tagsync, stack support Atlas user for Tagsync, creating keystore for same.")
+ self.create_atlas_user_keystore(env)
+ else:
+ Logger.info("Upgrading Tagsync, stack does not support Atlas user for Tagsync, skipping keystore creation for same.")
+
+ Logger.info("Configuring Atlas user for Tagsync service done.")
+
+ def create_atlas_user_keystore(self,env):
+ import params
+ env.set_params(params)
+ ranger_credential_helper(params.tagsync_cred_lib, 'atlas.user.password', 'admin', params.atlas_tagsync_jceks_path)
+ File(params.atlas_tagsync_jceks_path,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+
+if __name__ == "__main__":
+ RangerTagsync().execute()
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_usersync.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_usersync.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_usersync.py
new file mode 100644
index 0000000..b9366f6
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/ranger_usersync.py
@@ -0,0 +1,124 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+from resource_management.libraries.functions.check_process_status import check_process_status
+from resource_management.libraries.script import Script
+from resource_management.core.resources.system import Execute, File
+from resource_management.core.exceptions import ComponentIsNotRunning
+from resource_management.libraries.functions.format import format
+from resource_management.core.logger import Logger
+from resource_management.core import shell
+from ranger_service import ranger_service
+from ambari_commons.constants import UPGRADE_TYPE_NON_ROLLING, UPGRADE_TYPE_ROLLING
+from resource_management.libraries.functions.constants import Direction
+import upgrade
+import os
+
+class RangerUsersync(Script):
+
+ def install(self, env):
+ self.install_packages(env)
+ import params
+ env.set_params(params)
+
+ if params.stack_supports_usersync_passwd:
+ from setup_ranger_xml import ranger_credential_helper
+ ranger_credential_helper(params.ugsync_cred_lib, params.ugsync_policymgr_alias, 'rangerusersync', params.ugsync_policymgr_keystore)
+
+ File(params.ugsync_policymgr_keystore,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+
+ self.configure(env)
+
+ def configure(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ if params.xml_configurations_supported:
+ from setup_ranger_xml import ranger
+ else:
+ from setup_ranger import ranger
+
+ ranger('ranger_usersync', upgrade_type=upgrade_type)
+
+ def start(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ self.configure(env, upgrade_type=upgrade_type)
+ ranger_service('ranger_usersync')
+
+ def stop(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ if upgrade_type == UPGRADE_TYPE_NON_ROLLING and params.upgrade_direction == Direction.UPGRADE:
+ if params.stack_supports_usersync_non_root and os.path.isfile(params.usersync_services_file):
+ File(params.usersync_services_file,
+ mode = 0755
+ )
+ Execute(('ln','-sf', format('{usersync_services_file}'),'/usr/bin/ranger-usersync'),
+ not_if=format("ls /usr/bin/ranger-usersync"),
+ only_if=format("ls {usersync_services_file}"),
+ sudo=True
+ )
+
+ Execute((params.usersync_stop,), environment={'JAVA_HOME': params.java_home}, sudo=True)
+ if params.stack_supports_pid:
+ File(params.ranger_usersync_pid_file,
+ action = "delete"
+ )
+
+ def status(self, env):
+ import status_params
+ env.set_params(status_params)
+
+ if status_params.stack_supports_pid:
+ check_process_status(status_params.ranger_usersync_pid_file)
+ return
+
+ cmd = 'ps -ef | grep proc_rangerusersync | grep -v grep'
+ code, output = shell.call(cmd, timeout=20)
+
+ if code != 0:
+ Logger.debug('Ranger usersync process not running')
+ raise ComponentIsNotRunning()
+ pass
+
+ def pre_upgrade_restart(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+ upgrade.prestart(env, "ranger-usersync")
+
+ def get_component_name(self):
+ return "ranger-usersync"
+
+ def get_log_folder(self):
+ import params
+ return params.usersync_log_dir
+
+ def get_user(self):
+ import params
+ return params.unix_user
+
+if __name__ == "__main__":
+ RangerUsersync().execute()
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/service_check.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/service_check.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/service_check.py
new file mode 100644
index 0000000..fb6af95
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/service_check.py
@@ -0,0 +1,49 @@
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+
+from resource_management.libraries.script import Script
+from resource_management.core.resources.system import Execute
+from resource_management.core.exceptions import ComponentIsNotRunning
+from resource_management.libraries.functions.format import format
+from resource_management.core.logger import Logger
+import os
+
+
+class RangerServiceCheck(Script):
+
+ def service_check(self, env):
+ import params
+
+ env.set_params(params)
+ self.check_ranger_admin_service(params.ranger_external_url, params.upgrade_marker_file)
+
+ def check_ranger_admin_service(self, ranger_external_url, upgrade_marker_file):
+ if (self.is_ru_rangeradmin_in_progress(upgrade_marker_file)):
+ Logger.info('Ranger admin process not running - skipping as stack upgrade is in progress')
+ else:
+ Execute(format("curl -s -o /dev/null -w'%{{http_code}}' --negotiate -u: -k {ranger_external_url}/login.jsp | grep 200"),
+ tries = 10,
+ try_sleep=3,
+ logoutput=True)
+
+ def is_ru_rangeradmin_in_progress(self, upgrade_marker_file):
+ return os.path.isfile(upgrade_marker_file)
+
+if __name__ == "__main__":
+ RangerServiceCheck().execute()
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/setup_ranger.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/setup_ranger.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/setup_ranger.py
new file mode 100644
index 0000000..b0e8bad
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/setup_ranger.py
@@ -0,0 +1,153 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+import sys
+import fileinput
+import os
+from resource_management.libraries.functions.format import format
+from resource_management.libraries.resources.properties_file import PropertiesFile
+from resource_management.libraries.resources.modify_properties_file import ModifyPropertiesFile
+from resource_management.core.source import DownloadSource
+from resource_management.core.logger import Logger
+from resource_management.core.shell import as_sudo
+from resource_management.core.exceptions import Fail
+from resource_management.core.resources.system import Directory, Execute, File
+
+
+def ranger(name=None, upgrade_type=None):
+ if name == 'ranger_admin':
+ setup_ranger_admin(upgrade_type=upgrade_type)
+
+ if name == 'ranger_usersync':
+ setup_usersync(upgrade_type=upgrade_type)
+
+def setup_ranger_admin(upgrade_type=None):
+ import params
+
+ check_db_connnection()
+
+ if params.driver_curl_source and not params.driver_curl_source.endswith("/None"):
+ if params.previous_jdbc_jar and os.path.isfile(params.previous_jdbc_jar):
+ File(params.previous_jdbc_jar, action='delete')
+
+ File(params.downloaded_custom_connector,
+ content = DownloadSource(params.driver_curl_source),
+ mode = 0644
+ )
+
+ Execute(('cp', '--remove-destination', params.downloaded_custom_connector, params.driver_curl_target),
+ path=["/bin", "/usr/bin/"],
+ sudo=True)
+
+ File(params.driver_curl_target, mode=0644)
+
+ ModifyPropertiesFile(format("{ranger_home}/install.properties"),
+ properties = params.config['configurations']['admin-properties']
+ )
+
+ custom_config = dict()
+ custom_config['unix_user'] = params.unix_user
+ custom_config['unix_group'] = params.unix_group
+
+ ModifyPropertiesFile(format("{ranger_home}/install.properties"),
+ properties=custom_config
+ )
+
+ ModifyPropertiesFile(format("{ranger_home}/install.properties"),
+ properties = {'SQL_CONNECTOR_JAR': format('{driver_curl_target}')}
+ )
+
+ ##if db flavor == oracle - set oracle home env variable
+ if params.db_flavor.lower() == 'oracle' and params.oracle_home:
+ env_dict = {'JAVA_HOME': params.java_home, 'ORACLE_HOME':params.oracle_home, 'LD_LIBRARY_PATH':params.oracle_home}
+ else:
+ env_dict = {'JAVA_HOME': params.java_home}
+
+ setup_sh = format("cd {ranger_home} && ") + as_sudo([format('{ranger_home}/setup.sh')])
+ Execute(setup_sh,
+ environment=env_dict,
+ logoutput=True,
+ )
+
+ ModifyPropertiesFile(format("{ranger_conf}/xa_system.properties"),
+ properties = params.config['configurations']['ranger-site'],
+ )
+
+ ModifyPropertiesFile(format("{ranger_conf}/ranger_webserver.properties"),
+ properties = params.config['configurations']['ranger-site'],
+ mode=0744
+ )
+
+ Directory(params.admin_log_dir,
+ owner = params.unix_user,
+ group = params.unix_group
+ )
+
+def setup_usersync(upgrade_type=None):
+ import params
+
+ PropertiesFile(format("{usersync_home}/install.properties"),
+ properties = params.config['configurations']['usersync-properties'],
+ )
+
+ custom_config = dict()
+ custom_config['unix_user'] = params.unix_user
+ custom_config['unix_group'] = params.unix_group
+
+ ModifyPropertiesFile(format("{usersync_home}/install.properties"),
+ properties=custom_config
+ )
+
+ cmd = format("cd {usersync_home} && ") + as_sudo([format('{usersync_home}/setup.sh')])
+ Execute(cmd, environment={'JAVA_HOME': params.java_home}, logoutput=True)
+
+ File([params.usersync_start, params.usersync_stop],
+ owner = params.unix_user
+ )
+ File(params.usersync_services_file,
+ mode = 0755,
+ )
+
+ Directory(params.usersync_log_dir,
+ owner = params.unix_user,
+ group = params.unix_group
+ )
+
+def check_db_connnection():
+ import params
+
+ Logger.info('Checking DB connection')
+ env_dict = {}
+ if params.db_flavor.lower() == 'mysql':
+ cmd = format('{sql_command_invoker} -u {db_root_user} --password={db_root_password!p} -h {db_host} -s -e "select version();"')
+ elif params.db_flavor.lower() == 'oracle':
+ cmd = format("{sql_command_invoker} '{db_root_user}/\"{db_root_password}\"@{db_host}' AS SYSDBA")
+ env_dict = {'ORACLE_HOME':params.oracle_home, 'LD_LIBRARY_PATH':params.oracle_home}
+ elif params.db_flavor.lower() == 'postgres':
+ cmd = 'true'
+ elif params.db_flavor.lower() == 'mssql':
+ cmd = 'true'
+
+ try:
+ Execute(cmd,
+ environment=env_dict,
+ logoutput=True)
+ except Fail as ex:
+ Logger.error(str(ex))
+ raise Fail('Ranger Database connection check failed')
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/setup_ranger_xml.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/setup_ranger_xml.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/setup_ranger_xml.py
new file mode 100644
index 0000000..26e6578
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/setup_ranger_xml.py
@@ -0,0 +1,853 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+import os
+import re
+from resource_management.libraries.script import Script
+from resource_management.libraries.functions.default import default
+from resource_management.core.logger import Logger
+from resource_management.core.resources.system import File, Directory, Execute, Link
+from resource_management.core.source import DownloadSource, InlineTemplate, Template
+from resource_management.libraries.resources.xml_config import XmlConfig
+from resource_management.libraries.resources.modify_properties_file import ModifyPropertiesFile
+from resource_management.libraries.resources.properties_file import PropertiesFile
+from resource_management.core.exceptions import Fail
+from resource_management.libraries.functions.decorator import retry
+from resource_management.libraries.functions.format import format
+from resource_management.libraries.functions.is_empty import is_empty
+from resource_management.core.utils import PasswordString
+from resource_management.core.shell import as_sudo
+from resource_management.libraries.functions import solr_cloud_util
+from ambari_commons.constants import UPGRADE_TYPE_NON_ROLLING, UPGRADE_TYPE_ROLLING
+from resource_management.core.exceptions import ExecutionFailed
+
+# This file contains functions used for setup/configure of Ranger Admin and Ranger Usersync.
+# The design is to mimic what is done by the setup.sh script bundled by Ranger component currently.
+
+def ranger(name=None, upgrade_type=None):
+ """
+ parameter name: name of ranger service component
+ """
+ if name == 'ranger_admin':
+ setup_ranger_admin(upgrade_type=upgrade_type)
+
+ if name == 'ranger_usersync':
+ setup_usersync(upgrade_type=upgrade_type)
+
+ if name == 'ranger_tagsync':
+ setup_tagsync(upgrade_type=upgrade_type)
+
+def setup_ranger_admin(upgrade_type=None):
+ import params
+
+ if upgrade_type is None:
+ upgrade_type = Script.get_upgrade_type(default("/commandParams/upgrade_type", ""))
+
+ ranger_home = params.ranger_home
+ ranger_conf = params.ranger_conf
+
+ Directory(ranger_conf,
+ owner = params.unix_user,
+ group = params.unix_group,
+ create_parents = True
+ )
+
+ copy_jdbc_connector()
+
+ File(format("/usr/lib/ambari-agent/{check_db_connection_jar_name}"),
+ content = DownloadSource(format("{jdk_location}{check_db_connection_jar_name}")),
+ mode = 0644,
+ )
+
+ cp = format("{check_db_connection_jar}")
+ if params.db_flavor.lower() == 'sqla':
+ cp = cp + os.pathsep + format("{ranger_home}/ews/lib/sajdbc4.jar")
+ else:
+ cp = cp + os.pathsep + format("{driver_curl_target}")
+ cp = cp + os.pathsep + format("{ranger_home}/ews/lib/*")
+
+ db_connection_check_command = format(
+ "{java_home}/bin/java -cp {cp} org.apache.ambari.server.DBConnectionVerification '{ranger_jdbc_connection_url}' {ranger_db_user} {ranger_db_password!p} {ranger_jdbc_driver}")
+
+ env_dict = {}
+ if params.db_flavor.lower() == 'sqla':
+ env_dict = {'LD_LIBRARY_PATH':params.ld_lib_path}
+
+ Execute(db_connection_check_command, path='/usr/sbin:/sbin:/usr/local/bin:/bin:/usr/bin', tries=5, try_sleep=10, environment=env_dict)
+
+ Execute(('ln','-sf', format('{ranger_home}/ews/webapp/WEB-INF/classes/conf'), format('{ranger_home}/conf')),
+ not_if=format("ls {ranger_home}/conf"),
+ only_if=format("ls {ranger_home}/ews/webapp/WEB-INF/classes/conf"),
+ sudo=True)
+
+ if upgrade_type is not None:
+ src_file = format('{ranger_home}/ews/webapp/WEB-INF/classes/conf.dist/ranger-admin-default-site.xml')
+ dst_file = format('{ranger_home}/conf/ranger-admin-default-site.xml')
+ Execute(('cp', '-f', src_file, dst_file), sudo=True)
+
+ src_file = format('{ranger_home}/ews/webapp/WEB-INF/classes/conf.dist/security-applicationContext.xml')
+ dst_file = format('{ranger_home}/conf/security-applicationContext.xml')
+
+ Execute(('cp', '-f', src_file, dst_file), sudo=True)
+
+ Directory(format('{ranger_home}/'),
+ owner = params.unix_user,
+ group = params.unix_group,
+ recursive_ownership = True,
+ )
+
+ Directory(params.ranger_pid_dir,
+ mode=0755,
+ owner = params.unix_user,
+ group = params.user_group,
+ cd_access = "a",
+ create_parents=True
+ )
+
+ if params.stack_supports_pid:
+ File(format('{ranger_conf}/ranger-admin-env-piddir.sh'),
+ content = format("export RANGER_PID_DIR_PATH={ranger_pid_dir}\nexport RANGER_USER={unix_user}"),
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode=0755
+ )
+
+ Directory(params.admin_log_dir,
+ owner = params.unix_user,
+ group = params.unix_group,
+ create_parents = True,
+ cd_access='a',
+ mode=0755
+ )
+
+ File(format('{ranger_conf}/ranger-admin-env-logdir.sh'),
+ content = format("export RANGER_ADMIN_LOG_DIR={admin_log_dir}"),
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode=0755
+ )
+
+ if os.path.isfile(params.ranger_admin_default_file):
+ File(params.ranger_admin_default_file, owner=params.unix_user, group=params.unix_group)
+ else:
+ Logger.warning('Required file {0} does not exist, copying the file to {1} path'.format(params.ranger_admin_default_file, ranger_conf))
+ src_file = format('{ranger_home}/ews/webapp/WEB-INF/classes/conf.dist/ranger-admin-default-site.xml')
+ dst_file = format('{ranger_home}/conf/ranger-admin-default-site.xml')
+ Execute(('cp', '-f', src_file, dst_file), sudo=True)
+ File(params.ranger_admin_default_file, owner=params.unix_user, group=params.unix_group)
+
+ if os.path.isfile(params.security_app_context_file):
+ File(params.security_app_context_file, owner=params.unix_user, group=params.unix_group)
+ else:
+ Logger.warning('Required file {0} does not exist, copying the file to {1} path'.format(params.security_app_context_file, ranger_conf))
+ src_file = format('{ranger_home}/ews/webapp/WEB-INF/classes/conf.dist/security-applicationContext.xml')
+ dst_file = format('{ranger_home}/conf/security-applicationContext.xml')
+ Execute(('cp', '-f', src_file, dst_file), sudo=True)
+ File(params.security_app_context_file, owner=params.unix_user, group=params.unix_group)
+
+ if upgrade_type is not None and params.stack_supports_config_versioning:
+ if os.path.islink('/usr/bin/ranger-admin'):
+ Link('/usr/bin/ranger-admin', action="delete")
+
+ Link('/usr/bin/ranger-admin',
+ to=format('{ranger_home}/ews/ranger-admin-services.sh'))
+
+ if default("/configurations/ranger-admin-site/ranger.authentication.method", "") == 'PAM':
+ d = '/etc/pam.d'
+ if os.path.isdir(d):
+ if os.path.isfile(os.path.join(d, 'ranger-admin')):
+ Logger.info('ranger-admin PAM file already exists.')
+ else:
+ File(format('{d}/ranger-admin'),
+ content=Template('ranger_admin_pam.j2'),
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode=0644
+ )
+ if os.path.isfile(os.path.join(d, 'ranger-remote')):
+ Logger.info('ranger-remote PAM file already exists.')
+ else:
+ File(format('{d}/ranger-remote'),
+ content=Template('ranger_remote_pam.j2'),
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode=0644
+ )
+ else:
+ Logger.error("Unable to use PAM authentication, /etc/pam.d/ directory does not exist.")
+
+ Execute(('ln','-sf', format('{ranger_home}/ews/ranger-admin-services.sh'),'/usr/bin/ranger-admin'),
+ not_if=format("ls /usr/bin/ranger-admin"),
+ only_if=format("ls {ranger_home}/ews/ranger-admin-services.sh"),
+ sudo=True)
+
+ # remove plain-text password from xml configs
+
+ ranger_admin_site_copy = {}
+ ranger_admin_site_copy.update(params.config['configurations']['ranger-admin-site'])
+ for prop in params.ranger_admin_password_properties:
+ if prop in ranger_admin_site_copy:
+ ranger_admin_site_copy[prop] = "_"
+
+ XmlConfig("ranger-admin-site.xml",
+ conf_dir=ranger_conf,
+ configurations=ranger_admin_site_copy,
+ configuration_attributes=params.config['configuration_attributes']['ranger-admin-site'],
+ owner=params.unix_user,
+ group=params.unix_group,
+ mode=0644)
+
+ Directory(os.path.join(ranger_conf,'ranger_jaas'),
+ mode=0700,
+ owner=params.unix_user,
+ group=params.unix_group,
+ )
+
+ if params.stack_supports_ranger_log4j:
+ File(format('{ranger_home}/ews/webapp/WEB-INF/log4j.properties'),
+ owner=params.unix_user,
+ group=params.unix_group,
+ content=InlineTemplate(params.admin_log4j),
+ mode=0644
+ )
+
+ do_keystore_setup(upgrade_type=upgrade_type)
+
+ create_core_site_xml(ranger_conf)
+
+ if params.stack_supports_ranger_kerberos and params.security_enabled:
+ if params.is_hbase_ha_enabled and params.ranger_hbase_plugin_enabled:
+ XmlConfig("hbase-site.xml",
+ conf_dir=ranger_conf,
+ configurations=params.config['configurations']['hbase-site'],
+ configuration_attributes=params.config['configuration_attributes']['hbase-site'],
+ owner=params.unix_user,
+ group=params.unix_group,
+ mode=0644
+ )
+
+ if params.is_namenode_ha_enabled and params.ranger_hdfs_plugin_enabled:
+ XmlConfig("hdfs-site.xml",
+ conf_dir=ranger_conf,
+ configurations=params.config['configurations']['hdfs-site'],
+ configuration_attributes=params.config['configuration_attributes']['hdfs-site'],
+ owner=params.unix_user,
+ group=params.unix_group,
+ mode=0644
+ )
+
+def setup_ranger_db(stack_version=None):
+ import params
+
+ ranger_home = params.ranger_home
+ version = params.version
+ if stack_version is not None:
+ ranger_home = format("{stack_root}/{stack_version}/ranger-admin")
+ version = stack_version
+
+ copy_jdbc_connector(stack_version=version)
+
+ ModifyPropertiesFile(format("{ranger_home}/install.properties"),
+ properties = {'audit_store': params.ranger_audit_source_type},
+ owner = params.unix_user,
+ )
+
+ env_dict = {'RANGER_ADMIN_HOME':ranger_home, 'JAVA_HOME':params.java_home}
+ if params.db_flavor.lower() == 'sqla':
+ env_dict = {'RANGER_ADMIN_HOME':ranger_home, 'JAVA_HOME':params.java_home, 'LD_LIBRARY_PATH':params.ld_lib_path}
+
+ # User wants us to setup the DB user and DB?
+ if params.create_db_dbuser:
+ Logger.info('Setting up Ranger DB and DB User')
+ dba_setup = format('ambari-python-wrap {ranger_home}/dba_script.py -q')
+ Execute(dba_setup,
+ environment=env_dict,
+ logoutput=True,
+ user=params.unix_user,
+ )
+ else:
+ Logger.info('Separate DBA property not set. Assuming Ranger DB and DB User exists!')
+
+ db_setup = format('ambari-python-wrap {ranger_home}/db_setup.py')
+ Execute(db_setup,
+ environment=env_dict,
+ logoutput=True,
+ user=params.unix_user,
+ )
+
+
+def setup_java_patch(stack_version=None):
+ import params
+
+ ranger_home = params.ranger_home
+ if stack_version is not None:
+ ranger_home = format("{stack_root}/{stack_version}/ranger-admin")
+
+ env_dict = {'RANGER_ADMIN_HOME':ranger_home, 'JAVA_HOME':params.java_home}
+ if params.db_flavor.lower() == 'sqla':
+ env_dict = {'RANGER_ADMIN_HOME':ranger_home, 'JAVA_HOME':params.java_home, 'LD_LIBRARY_PATH':params.ld_lib_path}
+
+ setup_java_patch = format('ambari-python-wrap {ranger_home}/db_setup.py -javapatch')
+ Execute(setup_java_patch,
+ environment=env_dict,
+ logoutput=True,
+ user=params.unix_user,
+ )
+
+
+def do_keystore_setup(upgrade_type=None):
+ import params
+
+ ranger_home = params.ranger_home
+ cred_lib_path = params.cred_lib_path
+
+ if not is_empty(params.ranger_credential_provider_path):
+ ranger_credential_helper(cred_lib_path, params.ranger_jpa_jdbc_credential_alias, params.ranger_ambari_db_password, params.ranger_credential_provider_path)
+
+ File(params.ranger_credential_provider_path,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+
+ if not is_empty(params.ranger_credential_provider_path) and (params.ranger_audit_source_type).lower() == 'db' and not is_empty(params.ranger_ambari_audit_db_password):
+ ranger_credential_helper(cred_lib_path, params.ranger_jpa_audit_jdbc_credential_alias, params.ranger_ambari_audit_db_password, params.ranger_credential_provider_path)
+
+ File(params.ranger_credential_provider_path,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+
+ if params.ranger_auth_method.upper() == "LDAP":
+ ranger_credential_helper(params.cred_lib_path, params.ranger_ldap_password_alias, params.ranger_usersync_ldap_ldapbindpassword, params.ranger_credential_provider_path)
+
+ File(params.ranger_credential_provider_path,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+
+ if params.ranger_auth_method.upper() == "ACTIVE_DIRECTORY":
+ ranger_credential_helper(params.cred_lib_path, params.ranger_ad_password_alias, params.ranger_usersync_ldap_ldapbindpassword, params.ranger_credential_provider_path)
+
+ File(params.ranger_credential_provider_path,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+
+ if params.stack_supports_secure_ssl_password:
+ ranger_credential_helper(params.cred_lib_path, params.ranger_truststore_alias, params.truststore_password, params.ranger_credential_provider_path)
+
+ if params.https_enabled and not params.http_enabled:
+ ranger_credential_helper(params.cred_lib_path, params.ranger_https_keystore_alias, params.https_keystore_password, params.ranger_credential_provider_path)
+
+ File(params.ranger_credential_provider_path,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+
+def password_validation(password):
+ import params
+ if password.strip() == "":
+ raise Fail("Blank password is not allowed for Bind user. Please enter valid password.")
+ if re.search("[\\\`'\"]",password):
+ raise Fail("LDAP/AD bind password contains one of the unsupported special characters like \" ' \ `")
+ else:
+ Logger.info("password validated")
+
+def copy_jdbc_connector(stack_version=None):
+ import params
+
+ if params.jdbc_jar_name is None and params.driver_curl_source.endswith("/None"):
+ error_message = format("{db_flavor} jdbc driver cannot be downloaded from {jdk_location}\nPlease run 'ambari-server setup --jdbc-db={db_flavor} --jdbc-driver={{path_to_jdbc}}' on ambari-server host.")
+ raise Fail(error_message)
+
+ if params.driver_curl_source and not params.driver_curl_source.endswith("/None"):
+ if params.previous_jdbc_jar and os.path.isfile(params.previous_jdbc_jar):
+ File(params.previous_jdbc_jar, action='delete')
+
+ File(params.downloaded_custom_connector,
+ content = DownloadSource(params.driver_curl_source),
+ mode = 0644
+ )
+
+ ranger_home = params.ranger_home
+ if stack_version is not None:
+ ranger_home = format("{stack_root}/{stack_version}/ranger-admin")
+
+ driver_curl_target = format("{ranger_home}/ews/lib/{jdbc_jar_name}")
+
+ if params.db_flavor.lower() == 'sqla':
+ Execute(('tar', '-xvf', params.downloaded_custom_connector, '-C', params.tmp_dir), sudo = True)
+
+ Execute(('cp', '--remove-destination', params.jar_path_in_archive, os.path.join(ranger_home, 'ews', 'lib')),
+ path=["/bin", "/usr/bin/"],
+ sudo=True)
+
+ File(os.path.join(ranger_home, 'ews', 'lib', 'sajdbc4.jar'), mode=0644)
+
+ Directory(params.jdbc_libs_dir,
+ cd_access="a",
+ create_parents=True)
+
+ Execute(as_sudo(['yes', '|', 'cp', params.libs_path_in_archive, params.jdbc_libs_dir], auto_escape=False),
+ path=["/bin", "/usr/bin/"])
+ else:
+ Execute(('cp', '--remove-destination', params.downloaded_custom_connector, os.path.join(ranger_home, 'ews', 'lib')),
+ path=["/bin", "/usr/bin/"],
+ sudo=True)
+
+ File(os.path.join(ranger_home, 'ews', 'lib',params.jdbc_jar_name), mode=0644)
+
+ ModifyPropertiesFile(format("{ranger_home}/install.properties"),
+ properties = params.config['configurations']['admin-properties'],
+ owner = params.unix_user,
+ )
+
+ if params.db_flavor.lower() == 'sqla':
+ ModifyPropertiesFile(format("{ranger_home}/install.properties"),
+ properties = {'SQL_CONNECTOR_JAR': format('{ranger_home}/ews/lib/sajdbc4.jar')},
+ owner = params.unix_user,
+ )
+ else:
+ ModifyPropertiesFile(format("{ranger_home}/install.properties"),
+ properties = {'SQL_CONNECTOR_JAR': format('{driver_curl_target}')},
+ owner = params.unix_user,
+ )
+
+def setup_usersync(upgrade_type=None):
+ import params
+
+ usersync_home = params.usersync_home
+ ranger_home = params.ranger_home
+ ranger_ugsync_conf = params.ranger_ugsync_conf
+
+ if not is_empty(params.ranger_usersync_ldap_ldapbindpassword) and params.ug_sync_source == 'org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder':
+ password_validation(params.ranger_usersync_ldap_ldapbindpassword)
+
+ Directory(params.ranger_pid_dir,
+ mode=0755,
+ owner = params.unix_user,
+ group = params.user_group,
+ cd_access = "a",
+ create_parents=True
+ )
+
+ if params.stack_supports_pid:
+ File(format('{ranger_ugsync_conf}/ranger-usersync-env-piddir.sh'),
+ content = format("export USERSYNC_PID_DIR_PATH={ranger_pid_dir}\nexport UNIX_USERSYNC_USER={unix_user}"),
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode=0755
+ )
+
+ Directory(params.usersync_log_dir,
+ owner = params.unix_user,
+ group = params.unix_group,
+ cd_access = 'a',
+ create_parents=True,
+ mode=0755,
+ recursive_ownership = True
+ )
+
+ File(format('{ranger_ugsync_conf}/ranger-usersync-env-logdir.sh'),
+ content = format("export logdir={usersync_log_dir}"),
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode=0755
+ )
+
+ Directory(format("{ranger_ugsync_conf}/"),
+ owner = params.unix_user
+ )
+
+ if upgrade_type is not None:
+ src_file = format('{usersync_home}/conf.dist/ranger-ugsync-default.xml')
+ dst_file = format('{usersync_home}/conf/ranger-ugsync-default.xml')
+ Execute(('cp', '-f', src_file, dst_file), sudo=True)
+
+ if params.stack_supports_ranger_log4j:
+ File(format('{usersync_home}/conf/log4j.properties'),
+ owner=params.unix_user,
+ group=params.unix_group,
+ content=InlineTemplate(params.usersync_log4j),
+ mode=0644
+ )
+ elif upgrade_type is not None and not params.stack_supports_ranger_log4j:
+ src_file = format('{usersync_home}/conf.dist/log4j.xml')
+ dst_file = format('{usersync_home}/conf/log4j.xml')
+ Execute(('cp', '-f', src_file, dst_file), sudo=True)
+
+ # remove plain-text password from xml configs
+ ranger_ugsync_site_copy = {}
+ ranger_ugsync_site_copy.update(params.config['configurations']['ranger-ugsync-site'])
+ for prop in params.ranger_usersync_password_properties:
+ if prop in ranger_ugsync_site_copy:
+ ranger_ugsync_site_copy[prop] = "_"
+
+ XmlConfig("ranger-ugsync-site.xml",
+ conf_dir=ranger_ugsync_conf,
+ configurations=ranger_ugsync_site_copy,
+ configuration_attributes=params.config['configuration_attributes']['ranger-ugsync-site'],
+ owner=params.unix_user,
+ group=params.unix_group,
+ mode=0644)
+
+ if os.path.isfile(params.ranger_ugsync_default_file):
+ File(params.ranger_ugsync_default_file, owner=params.unix_user, group=params.unix_group)
+
+ if os.path.isfile(params.usgsync_log4j_file):
+ File(params.usgsync_log4j_file, owner=params.unix_user, group=params.unix_group)
+
+ if os.path.isfile(params.cred_validator_file):
+ File(params.cred_validator_file, group=params.unix_group, mode=04555)
+
+ ranger_credential_helper(params.ugsync_cred_lib, 'usersync.ssl.key.password', params.ranger_usersync_keystore_password, params.ugsync_jceks_path)
+
+ if not is_empty(params.ranger_usersync_ldap_ldapbindpassword) and params.ug_sync_source == 'org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder':
+ ranger_credential_helper(params.ugsync_cred_lib, 'ranger.usersync.ldap.bindalias', params.ranger_usersync_ldap_ldapbindpassword, params.ugsync_jceks_path)
+
+ ranger_credential_helper(params.ugsync_cred_lib, 'usersync.ssl.truststore.password', params.ranger_usersync_truststore_password, params.ugsync_jceks_path)
+
+ File(params.ugsync_jceks_path,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+
+ File([params.usersync_start, params.usersync_stop],
+ owner = params.unix_user,
+ group = params.unix_group
+ )
+
+ File(params.usersync_services_file,
+ mode = 0755,
+ )
+
+ Execute(('ln','-sf', format('{usersync_services_file}'),'/usr/bin/ranger-usersync'),
+ not_if=format("ls /usr/bin/ranger-usersync"),
+ only_if=format("ls {usersync_services_file}"),
+ sudo=True)
+
+ if not os.path.isfile(params.ranger_usersync_keystore_file):
+ cmd = format("{java_home}/bin/keytool -genkeypair -keyalg RSA -alias selfsigned -keystore '{ranger_usersync_keystore_file}' -keypass {ranger_usersync_keystore_password!p} -storepass {ranger_usersync_keystore_password!p} -validity 3600 -keysize 2048 -dname '{default_dn_name}'")
+
+ Execute(cmd, logoutput=True, user = params.unix_user)
+
+ File(params.ranger_usersync_keystore_file,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+
+ create_core_site_xml(ranger_ugsync_conf)
+
+def setup_tagsync(upgrade_type=None):
+ import params
+
+ ranger_tagsync_home = params.ranger_tagsync_home
+ ranger_home = params.ranger_home
+ ranger_tagsync_conf = params.ranger_tagsync_conf
+
+ Directory(format("{ranger_tagsync_conf}"),
+ owner = params.unix_user,
+ group = params.unix_group,
+ create_parents = True
+ )
+
+ Directory(params.ranger_pid_dir,
+ mode=0755,
+ create_parents=True,
+ owner = params.unix_user,
+ group = params.user_group,
+ cd_access = "a",
+ )
+
+ if params.stack_supports_pid:
+ File(format('{ranger_tagsync_conf}/ranger-tagsync-env-piddir.sh'),
+ content = format("export TAGSYNC_PID_DIR_PATH={ranger_pid_dir}\nexport UNIX_TAGSYNC_USER={unix_user}"),
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode=0755
+ )
+
+ Directory(params.tagsync_log_dir,
+ create_parents = True,
+ owner = params.unix_user,
+ group = params.unix_group,
+ cd_access = "a",
+ mode=0755
+ )
+
+ File(format('{ranger_tagsync_conf}/ranger-tagsync-env-logdir.sh'),
+ content = format("export RANGER_TAGSYNC_LOG_DIR={tagsync_log_dir}"),
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode=0755
+ )
+
+ XmlConfig("ranger-tagsync-site.xml",
+ conf_dir=ranger_tagsync_conf,
+ configurations=params.config['configurations']['ranger-tagsync-site'],
+ configuration_attributes=params.config['configuration_attributes']['ranger-tagsync-site'],
+ owner=params.unix_user,
+ group=params.unix_group,
+ mode=0644)
+ if params.stack_supports_ranger_tagsync_ssl_xml_support:
+ Logger.info("Stack supports tagsync-ssl configurations, performing the same.")
+ setup_tagsync_ssl_configs()
+ else:
+ Logger.info("Stack doesnt support tagsync-ssl configurations, skipping the same.")
+
+ PropertiesFile(format('{ranger_tagsync_conf}/atlas-application.properties'),
+ properties = params.tagsync_application_properties,
+ mode=0755,
+ owner=params.unix_user,
+ group=params.unix_group
+ )
+
+ File(format('{ranger_tagsync_conf}/log4j.properties'),
+ owner=params.unix_user,
+ group=params.unix_group,
+ content=InlineTemplate(params.tagsync_log4j),
+ mode=0644
+ )
+
+ File(params.tagsync_services_file,
+ mode = 0755,
+ )
+
+ Execute(('ln','-sf', format('{tagsync_services_file}'),'/usr/bin/ranger-tagsync'),
+ not_if=format("ls /usr/bin/ranger-tagsync"),
+ only_if=format("ls {tagsync_services_file}"),
+ sudo=True)
+
+ create_core_site_xml(ranger_tagsync_conf)
+
+def ranger_credential_helper(lib_path, alias_key, alias_value, file_path):
+ import params
+
+ java_bin = format('{java_home}/bin/java')
+ file_path = format('jceks://file{file_path}')
+ cmd = (java_bin, '-cp', lib_path, 'org.apache.ranger.credentialapi.buildks', 'create', alias_key, '-value', PasswordString(alias_value), '-provider', file_path)
+ Execute(cmd, environment={'JAVA_HOME': params.java_home}, logoutput=True, sudo=True)
+
+def create_core_site_xml(conf_dir):
+ import params
+
+ if params.stack_supports_ranger_kerberos:
+ if params.has_namenode:
+ XmlConfig("core-site.xml",
+ conf_dir=conf_dir,
+ configurations=params.config['configurations']['core-site'],
+ configuration_attributes=params.config['configuration_attributes']['core-site'],
+ owner=params.unix_user,
+ group=params.unix_group,
+ mode=0644
+ )
+ else:
+ Logger.warning('HDFS service not installed. Creating core-site.xml file.')
+ XmlConfig("core-site.xml",
+ conf_dir=conf_dir,
+ configurations=params.core_site_property,
+ configuration_attributes={},
+ owner=params.unix_user,
+ group=params.unix_group,
+ mode=0644
+ )
+
+def setup_ranger_audit_solr():
+ import params
+
+ if params.security_enabled and params.stack_supports_ranger_kerberos:
+
+ if params.solr_jaas_file is not None:
+ File(format("{solr_jaas_file}"),
+ content=Template("ranger_solr_jaas_conf.j2"),
+ owner=params.unix_user
+ )
+ try:
+ check_znode()
+
+ if params.stack_supports_ranger_solr_configs:
+ Logger.info('Solr configrations supported,creating solr-configurations.')
+ File(format("{ranger_solr_conf}/solrconfig.xml"),
+ content=InlineTemplate(params.ranger_solr_config_content),
+ owner=params.unix_user,
+ group=params.unix_group,
+ mode=0644
+ )
+
+ solr_cloud_util.upload_configuration_to_zk(
+ zookeeper_quorum = params.zookeeper_quorum,
+ solr_znode = params.solr_znode,
+ config_set = params.ranger_solr_config_set,
+ config_set_dir = params.ranger_solr_conf,
+ tmp_dir = params.tmp_dir,
+ java64_home = params.java_home,
+ solrconfig_content = InlineTemplate(params.ranger_solr_config_content),
+ jaas_file=params.solr_jaas_file,
+ retry=30, interval=5
+ )
+
+ else:
+ Logger.info('Solr configrations not supported, skipping solr-configurations.')
+ solr_cloud_util.upload_configuration_to_zk(
+ zookeeper_quorum = params.zookeeper_quorum,
+ solr_znode = params.solr_znode,
+ config_set = params.ranger_solr_config_set,
+ config_set_dir = params.ranger_solr_conf,
+ tmp_dir = params.tmp_dir,
+ java64_home = params.java_home,
+ jaas_file=params.solr_jaas_file,
+ retry=30, interval=5)
+
+ if params.security_enabled and params.has_infra_solr \
+ and not params.is_external_solrCloud_enabled and params.stack_supports_ranger_kerberos:
+
+ solr_cloud_util.add_solr_roles(params.config,
+ roles = [params.infra_solr_role_ranger_admin, params.infra_solr_role_ranger_audit, params.infra_solr_role_dev],
+ new_service_principals = [params.ranger_admin_jaas_principal])
+ service_default_principals_map = [('hdfs', 'nn'), ('hbase', 'hbase'), ('hive', 'hive'), ('kafka', 'kafka'), ('kms', 'rangerkms'),
+ ('knox', 'knox'), ('nifi', 'nifi'), ('storm', 'storm'), ('yanr', 'yarn')]
+ service_principals = get_ranger_plugin_principals(service_default_principals_map)
+ solr_cloud_util.add_solr_roles(params.config,
+ roles = [params.infra_solr_role_ranger_audit, params.infra_solr_role_dev],
+ new_service_principals = service_principals)
+
+
+ solr_cloud_util.create_collection(
+ zookeeper_quorum = params.zookeeper_quorum,
+ solr_znode = params.solr_znode,
+ collection = params.ranger_solr_collection_name,
+ config_set = params.ranger_solr_config_set,
+ java64_home = params.java_home,
+ shards = params.ranger_solr_shards,
+ replication_factor = int(params.replication_factor),
+ jaas_file = params.solr_jaas_file)
+
+ if params.security_enabled and params.has_infra_solr \
+ and not params.is_external_solrCloud_enabled and params.stack_supports_ranger_kerberos:
+ secure_znode(format('{solr_znode}/configs/{ranger_solr_config_set}'), params.solr_jaas_file)
+ secure_znode(format('{solr_znode}/collections/{ranger_solr_collection_name}'), params.solr_jaas_file)
+ except ExecutionFailed as execution_exception:
+ Logger.error('Error when configuring Solr for Ranger, Kindly check Solr/Zookeeper services to be up and running:\n {0}'.format(execution_exception))
+
+def setup_ranger_admin_passwd_change():
+ import params
+
+ if params.admin_password != params.default_admin_password:
+ cmd = format('ambari-python-wrap {ranger_home}/db_setup.py -changepassword {admin_username} {default_admin_password!p} {admin_password!p}')
+ Logger.info('Updating admin password')
+ Execute(cmd, environment={'JAVA_HOME': params.java_home, 'RANGER_ADMIN_HOME': params.ranger_home}, user=params.unix_user)
+
+@retry(times=10, sleep_time=5, err_class=Fail)
+def check_znode():
+ import params
+ solr_cloud_util.check_znode(
+ zookeeper_quorum=params.zookeeper_quorum,
+ solr_znode=params.solr_znode,
+ java64_home=params.java_home)
+
+def secure_znode(znode, jaasFile):
+ import params
+ solr_cloud_util.secure_znode(config=params.config, zookeeper_quorum=params.zookeeper_quorum,
+ solr_znode=znode,
+ jaas_file=jaasFile,
+ java64_home=params.java_home, sasl_users=[params.ranger_admin_jaas_principal])
+
+def get_ranger_plugin_principals(services_defaults_tuple_list):
+ """
+ Get ranger plugin user principals from service-default value maps using ranger-*-audit configurations
+ """
+ import params
+ user_principals = []
+ if len(services_defaults_tuple_list) < 1:
+ raise Exception("Services - defaults map parameter is missing.")
+
+ for (service, default_value) in services_defaults_tuple_list:
+ user_principal = default(format("configurations/ranger-{service}-audit/xasecure.audit.jaas.Client.option.principal"), default_value)
+ user_principals.append(user_principal)
+ return user_principals
+
+
+def setup_tagsync_ssl_configs():
+ import params
+ Directory(params.security_store_path,
+ cd_access="a",
+ create_parents=True)
+
+ Directory(params.tagsync_etc_path,
+ cd_access="a",
+ owner=params.unix_user,
+ group=params.unix_group,
+ mode=0775,
+ create_parents=True)
+
+ # remove plain-text password from xml configs
+ ranger_tagsync_policymgr_ssl_copy = {}
+ ranger_tagsync_policymgr_ssl_copy.update(params.config['configurations']['ranger-tagsync-policymgr-ssl'])
+ for prop in params.ranger_tagsync_password_properties:
+ if prop in ranger_tagsync_policymgr_ssl_copy:
+ ranger_tagsync_policymgr_ssl_copy[prop] = "_"
+
+ XmlConfig("ranger-policymgr-ssl.xml",
+ conf_dir=params.ranger_tagsync_conf,
+ configurations=ranger_tagsync_policymgr_ssl_copy,
+ configuration_attributes=params.config['configuration_attributes']['ranger-tagsync-policymgr-ssl'],
+ owner=params.unix_user,
+ group=params.unix_group,
+ mode=0644)
+
+ ranger_credential_helper(params.tagsync_cred_lib, 'sslKeyStore', params.ranger_tagsync_keystore_password, params.ranger_tagsync_credential_file)
+ ranger_credential_helper(params.tagsync_cred_lib, 'sslTrustStore', params.ranger_tagsync_truststore_password, params.ranger_tagsync_credential_file)
+
+ File(params.ranger_tagsync_credential_file,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+
+ # remove plain-text password from xml configs
+ atlas_tagsync_ssl_copy = {}
+ atlas_tagsync_ssl_copy.update(params.config['configurations']['atlas-tagsync-ssl'])
+ for prop in params.ranger_tagsync_password_properties:
+ if prop in atlas_tagsync_ssl_copy:
+ atlas_tagsync_ssl_copy[prop] = "_"
+
+ XmlConfig("atlas-tagsync-ssl.xml",
+ conf_dir=params.ranger_tagsync_conf,
+ configurations=atlas_tagsync_ssl_copy,
+ configuration_attributes=params.config['configuration_attributes']['atlas-tagsync-ssl'],
+ owner=params.unix_user,
+ group=params.unix_group,
+ mode=0644)
+
+ ranger_credential_helper(params.tagsync_cred_lib, 'sslKeyStore', params.atlas_tagsync_keystore_password, params.atlas_tagsync_credential_file)
+ ranger_credential_helper(params.tagsync_cred_lib, 'sslTrustStore', params.atlas_tagsync_truststore_password, params.atlas_tagsync_credential_file)
+
+ File(params.atlas_tagsync_credential_file,
+ owner = params.unix_user,
+ group = params.unix_group,
+ mode = 0640
+ )
+ Logger.info("Configuring tagsync-ssl configurations done successfully.")
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/status_params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/status_params.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/status_params.py
new file mode 100644
index 0000000..842430b
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/status_params.py
@@ -0,0 +1,39 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+
+from resource_management.libraries.script import Script
+from resource_management.libraries.functions.format import format
+from resource_management.libraries.functions.default import default
+from resource_management.libraries.functions.version import format_stack_version
+from resource_management.libraries.functions.stack_features import check_stack_feature
+from resource_management.libraries.functions import StackFeature
+
+config = Script.get_config()
+tmp_dir = Script.get_tmp_dir()
+
+upgrade_marker_file = format("{tmp_dir}/rangeradmin_ru.inprogress")
+ranger_pid_dir = config['configurations']['ranger-env']['ranger_pid_dir']
+tagsync_pid_file = format('{ranger_pid_dir}/tagsync.pid')
+stack_name = default("/hostLevelParams/stack_name", None)
+stack_version_unformatted = config['hostLevelParams']['stack_version']
+stack_version_formatted = format_stack_version(stack_version_unformatted)
+ranger_admin_pid_file = format('{ranger_pid_dir}/rangeradmin.pid')
+ranger_usersync_pid_file = format('{ranger_pid_dir}/usersync.pid')
+stack_supports_pid = stack_version_formatted and check_stack_feature(StackFeature.RANGER_PID_SUPPORT, stack_version_formatted)
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/upgrade.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/upgrade.py b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/upgrade.py
new file mode 100644
index 0000000..a07a1fd
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/scripts/upgrade.py
@@ -0,0 +1,31 @@
+
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+from resource_management.core.resources.system import Execute
+from resource_management.libraries.functions import conf_select
+from resource_management.libraries.functions import stack_select
+from resource_management.libraries.functions.format import format
+
+def prestart(env, stack_component):
+ import params
+
+ if params.version and params.stack_supports_rolling_upgrade:
+ conf_select.select(params.stack_name, stack_component, params.version)
+ stack_select.select(stack_component, params.version)
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/input.config-ranger.json.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/input.config-ranger.json.j2 b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/input.config-ranger.json.j2
new file mode 100644
index 0000000..6c5bb1f
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/input.config-ranger.json.j2
@@ -0,0 +1,79 @@
+{#
+ # Licensed to the Apache Software Foundation (ASF) under one
+ # or more contributor license agreements. See the NOTICE file
+ # distributed with this work for additional information
+ # regarding copyright ownership. The ASF licenses this file
+ # to you under the Apache License, Version 2.0 (the
+ # "License"); you may not use this file except in compliance
+ # with the License. You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+ #}
+{
+ "input":[
+ {
+ "type":"ranger_admin",
+ "rowtype":"service",
+ "path":"{{default('/configurations/ranger-env/ranger_admin_log_dir', '/var/log/ranger/admin')}}/xa_portal.log"
+ },
+ {
+ "type":"ranger_dbpatch",
+ "is_enabled":"true",
+ "path":"{{default('/configurations/ranger-env/ranger_admin_log_dir', '/var/log/ranger/admin')}}/ranger_db_patch.log"
+ },
+ {
+ "type":"ranger_usersync",
+ "rowtype":"service",
+ "path":"{{default('/configurations/ranger-env/ranger_usersync_log_dir', '/var/log/ranger/usersync')}}/usersync.log"
+ }
+ ],
+ "filter":[
+ {
+ "filter":"grok",
+ "conditions":{
+ "fields":{
+ "type":[
+ "ranger_admin",
+ "ranger_dbpatch"
+ ]
+ }
+ },
+ "log4j_format":"%d [%t] %-5p %C{6} (%F:%L) - %m%n",
+ "multiline_pattern":"^(%{TIMESTAMP_ISO8601:logtime})",
+ "message_pattern":"(?m)^%{TIMESTAMP_ISO8601:logtime}%{SPACE}\\[%{DATA:thread_name}\\]%{SPACE}%{LOGLEVEL:level}%{SPACE}%{JAVACLASS:logger_name}%{SPACE}\\(%{JAVAFILE:file}:%{INT:line_number}\\)%{SPACE}-%{SPACE}%{GREEDYDATA:log_message}",
+ "post_map_values":{
+ "logtime":{
+ "map_date":{
+ "target_date_pattern":"yyyy-MM-dd HH:mm:ss,SSS"
+ }
+ }
+ }
+ },
+ {
+ "filter":"grok",
+ "conditions":{
+ "fields":{
+ "type":[
+ "ranger_usersync"
+ ]
+ }
+ },
+ "log4j_format":"%d{dd MMM yyyy HH:mm:ss} %5p %c{1} [%t] - %m%n",
+ "multiline_pattern":"^(%{USER_SYNC_DATE:logtime})",
+ "message_pattern":"(?m)^%{USER_SYNC_DATE:logtime}%{SPACE}%{LOGLEVEL:level}%{SPACE}%{JAVACLASS:logger_name}%{SPACE}\\[%{DATA:thread_name}\\]%{SPACE}-%{SPACE}%{GREEDYDATA:log_message}",
+ "post_map_values":{
+ "logtime":{
+ "map_date":{
+ "target_date_pattern":"dd MMM yyyy HH:mm:ss"
+ }
+ }
+ }
+ }
+ ]
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_admin_pam.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_admin_pam.j2 b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_admin_pam.j2
new file mode 100644
index 0000000..d69ad6c
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_admin_pam.j2
@@ -0,0 +1,22 @@
+{#
+ # Licensed to the Apache Software Foundation (ASF) under one
+ # or more contributor license agreements. See the NOTICE file
+ # distributed with this work for additional information
+ # regarding copyright ownership. The ASF licenses this file
+ # to you under the Apache License, Version 2.0 (the
+ # "License"); you may not use this file except in compliance
+ # with the License. You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+ #}
+#%PAM-1.0
+auth sufficient pam_unix.so
+auth sufficient pam_sss.so
+account sufficient pam_unix.so
+account sufficient pam_sss.so
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_remote_pam.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_remote_pam.j2 b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_remote_pam.j2
new file mode 100644
index 0000000..d69ad6c
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_remote_pam.j2
@@ -0,0 +1,22 @@
+{#
+ # Licensed to the Apache Software Foundation (ASF) under one
+ # or more contributor license agreements. See the NOTICE file
+ # distributed with this work for additional information
+ # regarding copyright ownership. The ASF licenses this file
+ # to you under the Apache License, Version 2.0 (the
+ # "License"); you may not use this file except in compliance
+ # with the License. You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+ #}
+#%PAM-1.0
+auth sufficient pam_unix.so
+auth sufficient pam_sss.so
+account sufficient pam_unix.so
+account sufficient pam_sss.so
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_solr_jaas_conf.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_solr_jaas_conf.j2 b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_solr_jaas_conf.j2
new file mode 100644
index 0000000..a456688
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/package/templates/ranger_solr_jaas_conf.j2
@@ -0,0 +1,26 @@
+{#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#}
+
+Client {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useKeyTab=true
+ storeKey=true
+ useTicketCache=false
+ keyTab="{{solr_kerberos_keytab}}"
+ principal="{{solr_kerberos_principal}}";
+};
\ No newline at end of file
[22/26] ambari git commit: AMBARI-20985. HDP 3.0 TP - create service
definition for Ranger with configs, kerberos, widgets, etc.(vbrodetskyi)
Posted by jo...@apache.org.
AMBARI-20985. HDP 3.0 TP - create service definition for Ranger with configs, kerberos, widgets, etc.(vbrodetskyi)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/260ee2ef
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/260ee2ef
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/260ee2ef
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 260ee2efc131c8dd0d5e4d9aa960eafb6b3d62ce
Parents: 4e6babd
Author: Vitaly Brodetskyi <vb...@hortonworks.com>
Authored: Fri May 12 13:47:33 2017 +0300
Committer: Vitaly Brodetskyi <vb...@hortonworks.com>
Committed: Fri May 12 13:47:33 2017 +0300
----------------------------------------------------------------------
.../RANGER/0.7.0.3.0/alerts.json | 76 +
.../0.7.0.3.0/configuration/admin-log4j.xml | 132 ++
.../configuration/admin-properties.xml | 163 ++
.../configuration/atlas-tagsync-ssl.xml | 72 +
.../configuration/ranger-admin-site.xml | 785 ++++++++
.../0.7.0.3.0/configuration/ranger-env.xml | 513 +++++
.../0.7.0.3.0/configuration/ranger-site.xml | 30 +
.../configuration/ranger-solr-configuration.xml | 59 +
.../ranger-tagsync-policymgr-ssl.xml | 72 +
.../configuration/ranger-tagsync-site.xml | 206 ++
.../configuration/ranger-ugsync-site.xml | 574 ++++++
.../tagsync-application-properties.xml | 62 +
.../0.7.0.3.0/configuration/tagsync-log4j.xml | 90 +
.../0.7.0.3.0/configuration/usersync-log4j.xml | 89 +
.../configuration/usersync-properties.xml | 32 +
.../RANGER/0.7.0.3.0/kerberos.json | 153 ++
.../RANGER/0.7.0.3.0/metainfo.xml | 189 ++
.../alerts/alert_ranger_admin_passwd_check.py | 195 ++
.../RANGER/0.7.0.3.0/package/scripts/params.py | 448 +++++
.../0.7.0.3.0/package/scripts/ranger_admin.py | 217 ++
.../0.7.0.3.0/package/scripts/ranger_service.py | 69 +
.../0.7.0.3.0/package/scripts/ranger_tagsync.py | 139 ++
.../package/scripts/ranger_usersync.py | 124 ++
.../0.7.0.3.0/package/scripts/service_check.py | 49 +
.../0.7.0.3.0/package/scripts/setup_ranger.py | 153 ++
.../package/scripts/setup_ranger_xml.py | 853 ++++++++
.../0.7.0.3.0/package/scripts/status_params.py | 39 +
.../RANGER/0.7.0.3.0/package/scripts/upgrade.py | 31 +
.../templates/input.config-ranger.json.j2 | 79 +
.../package/templates/ranger_admin_pam.j2 | 22 +
.../package/templates/ranger_remote_pam.j2 | 22 +
.../package/templates/ranger_solr_jaas_conf.j2 | 26 +
.../properties/ranger-solrconfig.xml.j2 | 1874 ++++++++++++++++++
.../RANGER/0.7.0.3.0/quicklinks/quicklinks.json | 41 +
.../RANGER/0.7.0.3.0/role_command_order.json | 9 +
.../0.7.0.3.0/themes/theme_version_1.json | 722 +++++++
.../0.7.0.3.0/themes/theme_version_2.json | 1470 ++++++++++++++
.../0.7.0.3.0/themes/theme_version_3.json | 692 +++++++
.../0.7.0.3.0/themes/theme_version_5.json | 48 +
.../stacks/HDP/3.0/services/RANGER/metainfo.xml | 27 +
40 files changed, 10646 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/alerts.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/alerts.json b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/alerts.json
new file mode 100644
index 0000000..ab473a8
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/alerts.json
@@ -0,0 +1,76 @@
+{
+ "RANGER": {
+ "service": [],
+ "RANGER_ADMIN": [
+ {
+ "name": "ranger_admin_process",
+ "label": "Ranger Admin Process",
+ "description": "This host-level alert is triggered if the Ranger Admin Web UI is unreachable.",
+ "interval": 1,
+ "scope": "ANY",
+ "source": {
+ "type": "WEB",
+ "uri": {
+ "http": "{{admin-properties/policymgr_external_url}}/login.jsp",
+ "https": "{{admin-properties/policymgr_external_url}}/login.jsp",
+ "kerberos_keytab": "{{cluster-env/smokeuser_keytab}}",
+ "kerberos_principal": "{{cluster-env/smokeuser_principal_name}}",
+ "https_property": "{{ranger-admin-site/ranger.service.https.attrib.ssl.enabled}}",
+ "https_property_value": "true",
+ "connection_timeout": 5.0
+ },
+ "reporting": {
+ "ok": {
+ "text": "HTTP {0} response in {2:.3f}s"
+ },
+ "warning": {
+ "text": "HTTP {0} response from {1} in {2:.3f}s ({3})"
+ },
+ "critical": {
+ "text": "Connection failed to {1} ({3})"
+ }
+ }
+ }
+ },
+ {
+ "name": "ranger_admin_password_check",
+ "label": "Ranger Admin password check",
+ "description": "This alert is used to ensure that the Ranger Admin password in Ambari is correct.",
+ "interval": 30,
+ "scope": "ANY",
+ "source": {
+ "type": "SCRIPT",
+ "path": "RANGER/0.4.0/package/alerts/alert_ranger_admin_passwd_check.py",
+ "parameters": []
+ }
+ }
+ ],
+ "RANGER_USERSYNC": [
+ {
+ "name": "ranger_usersync_process",
+ "label": "Ranger Usersync Process",
+ "description": "This host-level alert is triggered if the Ranger Usersync cannot be determined to be up.",
+ "interval": 1,
+ "scope": "HOST",
+ "source": {
+ "type": "PORT",
+ "uri": "{{ranger-ugsync-site/ranger.usersync.port}}",
+ "default_port": 5151,
+ "reporting": {
+ "ok": {
+ "text": "TCP OK - {0:.3f}s response on port {1}"
+ },
+ "warning": {
+ "text": "TCP OK - {0:.3f}s response on port {1}",
+ "value": 1.5
+ },
+ "critical": {
+ "text": "Connection failed: {0} to {1}:{2}",
+ "value": 5.0
+ }
+ }
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-log4j.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-log4j.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-log4j.xml
new file mode 100644
index 0000000..fbbfac7
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-log4j.xml
@@ -0,0 +1,132 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_adding_forbidden="false">
+ <property>
+ <name>ranger_xa_log_maxfilesize</name>
+ <value>256</value>
+ <description>The maximum size of backup file before the log is rotated</description>
+ <display-name>Ranger Log: backup file size</display-name>
+ <value-attributes>
+ <unit>MB</unit>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_xa_log_maxbackupindex</name>
+ <value>20</value>
+ <description>The number of backup files</description>
+ <display-name>Ranger Log: # of backup files</display-name>
+ <value-attributes>
+ <type>int</type>
+ <minimum>0</minimum>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>content</name>
+ <display-name>admin-log4j template</display-name>
+ <description>admin-log4j.properties</description>
+ <value>
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+
+log4j.rootLogger = warn,xa_log_appender
+
+
+# xa_logger
+log4j.appender.xa_log_appender=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.xa_log_appender.file=${logdir}/xa_portal.log
+log4j.appender.xa_log_appender.datePattern='.'yyyy-MM-dd
+log4j.appender.xa_log_appender.append=true
+log4j.appender.xa_log_appender.layout=org.apache.log4j.PatternLayout
+log4j.appender.xa_log_appender.layout.ConversionPattern=%d [%t] %-5p %C{6} (%F:%L) - %m%n
+log4j.appender.xa_log_appender.MaxFileSize={{ranger_xa_log_maxfilesize}}MB
+log4j.appender.xa_log_appender.MaxBackupIndex={{ranger_xa_log_maxbackupindex}}
+
+# xa_log_appender : category and additivity
+log4j.category.org.springframework=warn,xa_log_appender
+log4j.additivity.org.springframework=false
+
+log4j.category.org.apache.ranger=info,xa_log_appender
+log4j.additivity.org.apache.ranger=false
+
+log4j.category.xa=info,xa_log_appender
+log4j.additivity.xa=false
+
+# perf_logger
+log4j.appender.perf_appender=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.perf_appender.file=${logdir}/ranger_admin_perf.log
+log4j.appender.perf_appender.datePattern='.'yyyy-MM-dd
+log4j.appender.perf_appender.append=true
+log4j.appender.perf_appender.layout=org.apache.log4j.PatternLayout
+log4j.appender.perf_appender.layout.ConversionPattern=%d [%t] %m%n
+
+
+# sql_appender
+log4j.appender.sql_appender=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.sql_appender.file=${logdir}/xa_portal_sql.log
+log4j.appender.sql_appender.datePattern='.'yyyy-MM-dd
+log4j.appender.sql_appender.append=true
+log4j.appender.sql_appender.layout=org.apache.log4j.PatternLayout
+log4j.appender.sql_appender.layout.ConversionPattern=%d [%t] %-5p %C{6} (%F:%L) - %m%n
+
+# sql_appender : category and additivity
+log4j.category.org.hibernate.SQL=warn,sql_appender
+log4j.additivity.org.hibernate.SQL=false
+
+log4j.category.jdbc.sqlonly=fatal,sql_appender
+log4j.additivity.jdbc.sqlonly=false
+
+log4j.category.jdbc.sqltiming=warn,sql_appender
+log4j.additivity.jdbc.sqltiming=false
+
+log4j.category.jdbc.audit=fatal,sql_appender
+log4j.additivity.jdbc.audit=false
+
+log4j.category.jdbc.resultset=fatal,sql_appender
+log4j.additivity.jdbc.resultset=false
+
+log4j.category.jdbc.connection=fatal,sql_appender
+log4j.additivity.jdbc.connection=false
+ </value>
+ <value-attributes>
+ <type>content</type>
+ <show-property-name>false</show-property-name>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-properties.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-properties.xml
new file mode 100644
index 0000000..1d73087
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-properties.xml
@@ -0,0 +1,163 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_final="false">
+
+
+ <property>
+ <name>SQL_CONNECTOR_JAR</name>
+ <value>{{driver_curl_target}}</value>
+ <display-name>Location of Sql Connector Jar</display-name>
+ <description>Location of DB client library (please check the location of the jar file)</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>admin-properties</type>
+ <name>DB_FLAVOR</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false" update="false"/>
+ </property>
+ <property>
+ <name>db_root_user</name>
+ <value>root</value>
+ <display-name>Database Administrator (DBA) username</display-name>
+ <description>Database admin user. This user should have DBA permission to create the Ranger Database and Ranger Database User</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property require-input="true">
+ <name>db_root_password</name>
+ <value/>
+ <property-type>PASSWORD</property-type>
+ <display-name>Database Administrator (DBA) password</display-name>
+ <description>Database password for the database admin username</description>
+ <value-attributes>
+ <type>password</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>db_host</name>
+ <value/>
+ <display-name>Ranger DB host</display-name>
+ <description>Database host</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>db_name</name>
+ <value>ranger</value>
+ <display-name>Ranger DB name</display-name>
+ <description>Database name</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>db_user</name>
+ <value>rangeradmin</value>
+ <display-name>Ranger DB username</display-name>
+ <description>Database username used for the Ranger schema</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property require-input="true">
+ <name>db_password</name>
+ <value/>
+ <property-type>PASSWORD</property-type>
+ <display-name>Ranger DB password</display-name>
+ <description>Database password for the Ranger schema</description>
+ <value-attributes>
+ <type>password</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>DB_FLAVOR</name>
+ <value>MYSQL</value>
+ <display-name>DB FLAVOR</display-name>
+ <description>The database type to be used (mysql/oracle)</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>MYSQL</value>
+ <label>MYSQL</label>
+ </entry>
+ <entry>
+ <value>ORACLE</value>
+ <label>ORACLE</label>
+ </entry>
+ <entry>
+ <value>POSTGRES</value>
+ <label>POSTGRES</label>
+ </entry>
+ <entry>
+ <value>MSSQL</value>
+ <label>MSSQL</label>
+ </entry>
+ <entry>
+ <value>SQLA</value>
+ <label>SQL Anywhere</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>policymgr_external_url</name>
+ <value/>
+ <display-name>External URL</display-name>
+ <description>Policy Manager external url eg: http://RANGER_HOST:6080</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-admin-site</type>
+ <name>ranger.service.http.enabled</name>
+ </property>
+ <property>
+ <type>ranger-admin-site</type>
+ <name>ranger.service.http.port</name>
+ </property>
+ <property>
+ <type>ranger-admin-site</type>
+ <name>ranger.service.https.port</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/atlas-tagsync-ssl.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/atlas-tagsync-ssl.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/atlas-tagsync-ssl.xml
new file mode 100644
index 0000000..d43c010
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/atlas-tagsync-ssl.xml
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration>
+ <property>
+ <name>xasecure.policymgr.clientssl.keystore</name>
+ <value>/etc/security/serverKeys/atlas-tagsync-keystore.jks</value>
+ <description>Java Keystore files</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.keystore.password</name>
+ <value>myKeyFilePassword</value>
+ <property-type>PASSWORD</property-type>
+ <description>password for keystore</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.truststore</name>
+ <value>/etc/security/serverKeys/atlas-tagsync-mytruststore.jks</value>
+ <description>java truststore file</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.truststore.password</name>
+ <value>changeit</value>
+ <property-type>PASSWORD</property-type>
+ <description>java truststore password</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.keystore.credential.file</name>
+ <value>jceks://file{{atlas_tagsync_credential_file}}</value>
+ <description>java keystore credential file</description>
+ <on-ambari-upgrade add="false" />
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.truststore.credential.file</name>
+ <value>jceks://file{{atlas_tagsync_credential_file}}</value>
+ <description>java truststore credential file</description>
+ <on-ambari-upgrade add="false" />
+ </property>
+
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-admin-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-admin-site.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-admin-site.xml
new file mode 100644
index 0000000..a9153f8
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-admin-site.xml
@@ -0,0 +1,785 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<configuration supports_final="true">
+ <property>
+ <name>ranger.service.host</name>
+ <value>{{ranger_host}}</value>
+ <description>Host where ranger service to be installed</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.service.http.enabled</name>
+ <value>true</value>
+ <display-name>HTTP enabled</display-name>
+ <description>Enable HTTP</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>boolean</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.service.http.port</name>
+ <value>6080</value>
+ <description>HTTP port</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.service.https.port</name>
+ <value>6182</value>
+ <description>HTTPS port (if SSL is enabled)</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.service.https.attrib.ssl.enabled</name>
+ <value>false</value>
+ <description>true/false, set to true if using SSL</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.service.https.attrib.clientAuth</name>
+ <value>want</value>
+ <description>Needs to be set to want for two way SSL</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.service.https.attrib.keystore.keyalias</name>
+ <value>rangeradmin</value>
+ <description>Alias for Ranger Admin key in keystore</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.service.https.attrib.keystore.pass</name>
+ <value>xasecure</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password for keystore</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.https.attrib.keystore.file</name>
+ <value>/etc/ranger/admin/conf/ranger-admin-keystore.jks</value>
+ <description>Ranger admin keystore (specify full path)</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.externalurl</name>
+ <value>{{ranger_external_url}}</value>
+ <display-name>External URL</display-name>
+ <description>URL to be used by clients to access ranger admin</description>
+ <value-attributes>
+ <visible>false</visible>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.jpa.jdbc.driver</name>
+ <value>com.mysql.jdbc.Driver</value>
+ <display-name>Driver class name for a JDBC Ranger database</display-name>
+ <description>JDBC driver class name. Example: For MySQL / MariaDB: com.mysql.jdbc.Driver, For Oracle: oracle.jdbc.OracleDriver</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>admin-properties</type>
+ <name>DB_FLAVOR</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.jpa.jdbc.url</name>
+ <value>jdbc:mysql://localhost</value>
+ <display-name>JDBC connect string for a Ranger database</display-name>
+ <description>JDBC connect string</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>admin-properties</type>
+ <name>DB_FLAVOR</name>
+ </property>
+ <property>
+ <type>admin-properties</type>
+ <name>db_host</name>
+ </property>
+ <property>
+ <type>admin-properties</type>
+ <name>db_name</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.jpa.jdbc.user</name>
+ <value>{{ranger_db_user}}</value>
+ <description>JDBC user</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.jpa.jdbc.password</name>
+ <value>_</value>
+ <property-type>PASSWORD</property-type>
+ <description>JDBC password</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.jpa.jdbc.credential.alias</name>
+ <value>rangeradmin</value>
+ <description>Alias name for storing JDBC password</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.credential.provider.path</name>
+ <value>/etc/ranger/admin/rangeradmin.jceks</value>
+ <description>File for credential store, provide full file path</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.audit.source.type</name>
+ <value>solr</value>
+ <description>db or solr, based on the audit destination used</description>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.solr</name>
+ </property>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.db</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.audit.solr.urls</name>
+ <value/>
+ <description>Solr url for audit. Example: http://solr_host:6083/solr/ranger_audits</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.authentication.method</name>
+ <value>UNIX</value>
+ <display-name>Authentication method</display-name>
+ <description>Ranger admin Authentication - UNIX/PAM/LDAP/AD/NONE</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-ugsync-site</type>
+ <name>ranger.usersync.source.impl.class</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.url</name>
+ <display-name>LDAP URL</display-name>
+ <value>{{ranger_ug_ldap_url}}</value>
+ <description>LDAP Server URL, only used if Authentication method is LDAP</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.user.dnpattern</name>
+ <value>uid={0},ou=users,dc=xasecure,dc=net</value>
+ <description>LDAP user DN, only used if Authentication method is LDAP</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.group.searchbase</name>
+ <display-name>Group Search Base</display-name>
+ <value>{{ranger_ug_ldap_group_searchbase}}</value>
+ <description>LDAP group searchbase, only used if Authentication method is LDAP</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.group.searchfilter</name>
+ <display-name>Group Search Filter</display-name>
+ <value>{{ranger_ug_ldap_group_searchfilter}}</value>
+ <description>LDAP group search filter, only used if Authentication method is LDAP</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.ldap.group.roleattribute</name>
+ <value>cn</value>
+ <description>LDAP group role attribute, only used if Authentication method is LDAP</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.base.dn</name>
+ <value>dc=example,dc=com</value>
+ <description>The Distinguished Name (DN) of the starting point for directory server searches.</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.bind.dn</name>
+ <display-name>Bind User</display-name>
+ <value>{{ranger_ug_ldap_bind_dn}}</value>
+ <description>Full distinguished name (DN), including common name (CN), of an LDAP user account that has privileges to search for users. </description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.bind.password</name>
+ <display-name>Bind User Password</display-name>
+ <value>{{ranger_usersync_ldap_ldapbindpassword}}</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password for the account that can search for users</description>
+ <value-attributes>
+ <type>password</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.referral</name>
+ <value>ignore</value>
+ <description>Set to follow if multiple LDAP servers are configured to return continuation references for results. Set to ignore (default) if no referrals should be followed. Possible values are follow|throw|ignore</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.ad.domain</name>
+ <display-name>Domain Name (Only for AD)</display-name>
+ <value/>
+ <description>AD domain, only used if Authentication method is AD</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.ad.url</name>
+ <value>{{ranger_ug_ldap_url}}</value>
+ <description>AD URL, only used if Authentication method is AD</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.ad.base.dn</name>
+ <value>dc=example,dc=com</value>
+ <description>The Distinguished Name (DN) of the starting point for directory server searches.</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.ad.bind.dn</name>
+ <value>{{ranger_ug_ldap_bind_dn}}</value>
+ <description>Full distinguished name (DN), including common name (CN), of an LDAP user account that has privileges to search for users.</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.ad.bind.password</name>
+ <value>{{ranger_usersync_ldap_ldapbindpassword}}</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password for the account that can search for users</description>
+ <value-attributes>
+ <type>password</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.ldap.ad.referral</name>
+ <value>ignore</value>
+ <description>Set to follow if multiple LDAP servers are configured to return continuation references for results. Set to ignore (default) if no referrals should be followed. Possible values are follow|throw|ignore</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+
+
+
+
+ <property>
+ <name>ranger.unixauth.remote.login.enabled</name>
+ <value>true</value>
+ <display-name>Allow remote Login</display-name>
+ <description>Remote login enabled? - only used if Authentication method is UNIX</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>Yes</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>No</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.unixauth.service.hostname</name>
+ <value>{{ugsync_host}}</value>
+ <description>Host where unix authentication service is running - only used if Authentication method is UNIX</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.unixauth.service.port</name>
+ <value>5151</value>
+ <description>Port for unix authentication service - only used if Authentication method is UNIX</description>
+ <value-attributes>
+ <type>int</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.jpa.jdbc.dialect</name>
+ <value>{{jdbc_dialect}}</value>
+ <description>JDBC dialect used for policy DB</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+
+ <property>
+ <name>ranger.audit.solr.username</name>
+ <value>ranger_solr</value>
+ <description>Solr username</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.audit.solr.password</name>
+ <value>NONE</value>
+ <property-type>PASSWORD</property-type>
+ <description>Solr password</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.sso.providerurl</name>
+ <value/>
+ <display-name>SSO provider url</display-name>
+ <description>Example: https://KNOX_HOST:KNOX_PORT/gateway/TOPOLOGY_NAME/knoxsso/api/v1/websso</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>gateway-site</type>
+ <name>gateway.port</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.sso.publicKey</name>
+ <value/>
+ <display-name>SSO public key</display-name>
+ <description>Public key for SSO cookie verification</description>
+ <value-attributes>
+ <type>multiLine</type>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.sso.enabled</name>
+ <value>false</value>
+ <display-name>Enable Ranger SSO</display-name>
+ <description/>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>boolean</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.sso.browser.useragent</name>
+ <value>Mozilla,chrome</value>
+ <display-name>SSO browser useragent</display-name>
+ <description>Comma seperated browser agent</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.binddn.credential.alias</name>
+ <value>ranger.ldap.bind.password</value>
+ <description></description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.ldap.ad.binddn.credential.alias</name>
+ <value>ranger.ldap.ad.bind.password</value>
+ <description></description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+
+
+
+
+
+
+
+
+
+
+ <property>
+ <name>ranger.admin.kerberos.token.valid.seconds</name>
+ <value>30</value>
+ <description/>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.admin.kerberos.cookie.domain</name>
+ <value>{{ranger_host}}</value>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.admin.kerberos.cookie.path</name>
+ <value>/</value>
+ <description/>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.spnego.kerberos.principal</name>
+ <value>*</value>
+ <description/>
+ <property-type>KERBEROS_PRINCIPAL</property-type>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.spnego.kerberos.keytab</name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.admin.kerberos.principal</name>
+ <value/>
+ <description/>
+ <property-type>KERBEROS_PRINCIPAL</property-type>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.admin.kerberos.keytab</name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.lookup.kerberos.principal</name>
+ <value/>
+ <description/>
+ <property-type>KERBEROS_PRINCIPAL</property-type>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.lookup.kerberos.keytab</name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.truststore.file</name>
+ <value>/etc/ranger/admin/conf/ranger-admin-keystore.jks</value>
+ <display-name>ranger.truststore.file</display-name>
+ <description>Ranger trust-store file-path</description>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.truststore.password</name>
+ <value>changeit</value>
+ <property-type>PASSWORD</property-type>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <display-name>ranger.truststore.password</display-name>
+ <description>Ranger trust-store password</description>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.audit.solr.zookeepers</name>
+ <value>NONE</value>
+ <description>Solr Zookeeper string</description>
+ <depends-on>
+ <property>
+ <type>infra-solr-env</type>
+ <name>infra_solr_znode</name>
+ </property>
+ <property>
+ <type>ranger-env</type>
+ <name>is_solrCloud_enabled</name>
+ </property>
+ <property>
+ <type>ranger-env</type>
+ <name>is_external_solrCloud_enabled</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+
+
+ <property>
+ <name>ranger.ldap.ad.user.searchfilter</name>
+ <value>(sAMAccountName={0})</value>
+ <description>Search filter used for Bind Authentication</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.ldap.user.searchfilter</name>
+ <display-name>User Search Filter</display-name>
+ <value>(uid={0})</value>
+ <description>Search filter used for Bind Authentication</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.kms.service.user.hdfs</name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>hadoop-env</type>
+ <name>hdfs_user</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+ <property>
+ <name>ranger.kms.service.user.hive</name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>hive-env</type>
+ <name>hive_user</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+ <property>
+ <name>ranger.plugins.hdfs.serviceuser</name>
+ <value>hdfs</value>
+ <depends-on>
+ <property>
+ <type>hadoop-env</type>
+ <name>hdfs_user</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+ <property>
+ <name>ranger.plugins.hive.serviceuser</name>
+ <value>hive</value>
+ <depends-on>
+ <property>
+ <type>hive-env</type>
+ <name>hive_user</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+ <property>
+ <name>ranger.plugins.hbase.serviceuser</name>
+ <value>hbase</value>
+ <depends-on>
+ <property>
+ <type>hbase-env</type>
+ <name>hbase_user</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+ <property>
+ <name>ranger.plugins.yarn.serviceuser</name>
+ <value>yarn</value>
+ <depends-on>
+ <property>
+ <type>yarn-env</type>
+ <name>yarn_user</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+ <property>
+ <name>ranger.plugins.knox.serviceuser</name>
+ <value>knox</value>
+ <depends-on>
+ <property>
+ <type>knox-env</type>
+ <name>knox_user</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+ <property>
+ <name>ranger.plugins.storm.serviceuser</name>
+ <value>storm</value>
+ <depends-on>
+ <property>
+ <type>storm-env</type>
+ <name>storm_user</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+ <property>
+ <name>ranger.plugins.kafka.serviceuser</name>
+ <value>kafka</value>
+ <depends-on>
+ <property>
+ <type>kafka-env</type>
+ <name>kafka_user</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+ <property>
+ <name>ranger.plugins.atlas.serviceuser</name>
+ <value>atlas</value>
+ <depends-on>
+ <property>
+ <type>atlas-env</type>
+ <name>metadata_user</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+ <property>
+ <name>ranger.plugins.kms.serviceuser</name>
+ <value>kms</value>
+ <depends-on>
+ <property>
+ <type>kms-env</type>
+ <name>kms_user</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+ <property>
+ <name>ranger.is.solr.kerberised</name>
+ <value>{{ranger_is_solr_kerberised}}</value>
+ <value-attributes>
+ <visible>false</visible>
+ </value-attributes>
+ <description/>
+ <on-ambari-upgrade add="true"/>
+ </property>
+
+
+
+ <property>
+ <name>ranger.truststore.alias</name>
+ <value>trustStoreAlias</value>
+ <description></description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.service.https.attrib.keystore.credential.alias</name>
+ <value>keyStoreCredentialAlias</value>
+ <description></description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-env.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-env.xml
new file mode 100644
index 0000000..3e25470
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-env.xml
@@ -0,0 +1,513 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_final="true" supports_adding_forbidden="true">
+ <property>
+ <name>ranger_user</name>
+ <value>ranger</value>
+ <property-type>USER</property-type>
+ <display-name>Ranger User</display-name>
+ <description>Ranger username</description>
+ <value-attributes>
+ <type>user</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_group</name>
+ <value>ranger</value>
+ <property-type>GROUP</property-type>
+ <display-name>Ranger Group</display-name>
+ <description>Ranger group</description>
+ <value-attributes>
+ <type>user</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_admin_log_dir</name>
+ <value>/var/log/ranger/admin</value>
+ <description/>
+ <value-attributes>
+ <type>directory</type>
+ <overridable>false</overridable>
+ <editable-only-at-install>true</editable-only-at-install>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_usersync_log_dir</name>
+ <value>/var/log/ranger/usersync</value>
+ <description/>
+ <value-attributes>
+ <type>directory</type>
+ <overridable>false</overridable>
+ <editable-only-at-install>true</editable-only-at-install>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_admin_username</name>
+ <value>amb_ranger_admin</value>
+ <property-type>TEXT</property-type>
+ <display-name>Ranger Admin username for Ambari</display-name>
+ <description>This is the ambari user created for creating repositories and policies in Ranger Admin for each plugin</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_admin_password</name>
+ <value/>
+ <property-type>PASSWORD</property-type>
+ <display-name>Ranger Admin user's password for Ambari</display-name>
+ <description>This is the ambari user password created for creating repositories and policies in Ranger Admin for each plugin</description>
+ <value-attributes>
+ <type>password</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>admin_username</name>
+ <value>admin</value>
+ <description>This is the username for default admin user that is used for creating ambari user in Ranger Admin</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>admin_password</name>
+ <value>admin</value>
+ <property-type>PASSWORD</property-type>
+ <description>This is the password for default admin user that is used for creating ambari user in Ranger Admin</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+
+ <property>
+ <name>ranger_pid_dir</name>
+ <value>/var/run/ranger</value>
+ <description/>
+ <value-attributes>
+ <type>directory</type>
+ <overridable>false</overridable>
+ <editable-only-at-install>true</editable-only-at-install>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger-hdfs-plugin-enabled</name>
+ <value>No</value>
+ <display-name>HDFS Ranger Plugin</display-name>
+ <description>Enable HDFS Ranger plugin</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>Yes</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>No</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger-hive-plugin-enabled</name>
+ <value>No</value>
+ <display-name>Hive Ranger Plugin</display-name>
+ <description>Enable Hive Ranger plugin</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>Yes</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>No</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger-hbase-plugin-enabled</name>
+ <value>No</value>
+ <display-name>Hbase Ranger Plugin</display-name>
+ <description>Enable HBase Ranger plugin</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>Yes</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>No</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger-storm-plugin-enabled</name>
+ <value>No</value>
+ <display-name>Storm Ranger Plugin</display-name>
+ <description>Enable Storm Ranger plugin</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>Yes</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>No</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger-knox-plugin-enabled</name>
+ <value>No</value>
+ <display-name>Knox Ranger Plugin</display-name>
+ <description>Enable Knox Ranger plugin</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>Yes</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>No</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+
+ <property>
+ <name>xml_configurations_supported</name>
+ <value>true</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>create_db_dbuser</name>
+ <value>true</value>
+ <display-name>Setup Database and Database User</display-name>
+ <description>If set to Yes, Ambari will create and setup Ranger Database and Database User. This will require to specify Database Admin user and password</description>
+ <value-attributes>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>Yes</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>No</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger_privelege_user_jdbc_url</name>
+ <display-name>JDBC connect string for root user</display-name>
+ <description>JDBC connect string - auto populated based on other values. This is to be used by root user</description>
+ <value>jdbc:mysql://localhost</value>
+ <value-attributes>
+ <overridable>false</overridable>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>admin-properties</type>
+ <name>DB_FLAVOR</name>
+ </property>
+ <property>
+ <type>admin-properties</type>
+ <name>db_host</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger-yarn-plugin-enabled</name>
+ <value>No</value>
+ <display-name>YARN Ranger Plugin</display-name>
+ <description>Enable YARN Ranger plugin</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>Yes</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>No</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger-kafka-plugin-enabled</name>
+ <value>No</value>
+ <display-name>Kafka Ranger Plugin</display-name>
+ <description>Enable Kafka Ranger plugin</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>Yes</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>No</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>xasecure.audit.destination.solr</name>
+ <value>true</value>
+ <display-name>Audit to Solr</display-name>
+ <description>Enable Audit to Solr for all ranger supported services. This property is overridable at service level</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>is_solrCloud_enabled</name>
+ <display-name>SolrCloud</display-name>
+ <description>SolrCloud uses zookeeper for distributed search and indexing</description>
+ <value>false</value>
+ <value-attributes>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>xasecure.audit.destination.hdfs</name>
+ <value>true</value>
+ <display-name>Audit to HDFS</display-name>
+ <description>Enable Audit to HDFS for all ranger supported services. This property is overridable at service level</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>xasecure.audit.destination.hdfs.dir</name>
+ <value>hdfs://localhost:8020</value>
+ <display-name>Destination HDFS Directory</display-name>
+ <description>HDFS folder to write audit to, make sure all service user has required permissions. This property is overridable at service level</description>
+ <depends-on>
+ <property>
+ <type>core-site</type>
+ <name>fs.defaultFS</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_solr_config_set</name>
+ <value>ranger_audits</value>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_solr_collection_name</name>
+ <value>ranger_audits</value>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_solr_shards</name>
+ <value>1</value>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_solr_replication_factor</name>
+ <value>1</value>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger-atlas-plugin-enabled</name>
+ <value>No</value>
+ <display-name>Atlas Ranger Plugin</display-name>
+ <description>Enable Atlas Ranger plugin</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>Yes</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>No</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>is_external_solrCloud_enabled</name>
+ <display-name>External SolrCloud</display-name>
+ <value>false</value>
+ <description>Using Externally managed solr cloud ?</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>is_external_solrCloud_kerberos</name>
+ <display-name>External SolrCloud kerberos</display-name>
+ <value>false</value>
+ <description>Is Externally managed solr cloud kerberos ?</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger-nifi-plugin-enabled</name>
+ <value>No</value>
+ <display-name>NIFI Ranger Plugin</display-name>
+ <description>Enable NIFI Ranger plugin</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>Yes</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>No</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-site.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-site.xml
new file mode 100644
index 0000000..c70e222
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-site.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_final="false">
+
+
+
+
+
+
+
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-solr-configuration.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-solr-configuration.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-solr-configuration.xml
new file mode 100644
index 0000000..550ce0d
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-solr-configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration>
+ <property>
+ <name>ranger_audit_max_retention_days</name>
+ <display-name>Max Retention Days</display-name>
+ <description>Days to retain audit logs in Solr</description>
+ <value>90</value>
+ <value-attributes>
+ <type>int</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger_audit_logs_merge_factor</name>
+ <display-name>Merge Factor</display-name>
+ <description>
+ The mergeFactor value tells Lucene how many segments of equal size to build before merging them into a
+ single segment. High value merge factor (e.g. 25) improves indexing speed, but slows down searching. Low value
+ (e.g. 5) improves searching, but slows down indexing.
+ </description>
+ <value>5</value>
+ <value-attributes>
+ <type>int</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>content</name>
+ <display-name>solr-config template</display-name>
+ <description>the jinja template for solrconfig.xml file used for ranger audit logs</description>
+ <value/>
+ <property-type>VALUE_FROM_PROPERTY_FILE</property-type>
+ <value-attributes>
+ <property-file-name>ranger-solrconfig.xml.j2</property-file-name>
+ <property-file-type>xml</property-file-type>
+ </value-attributes>
+ <on-ambari-upgrade add="false" />
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-policymgr-ssl.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-policymgr-ssl.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-policymgr-ssl.xml
new file mode 100644
index 0000000..a4c9441
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-policymgr-ssl.xml
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration>
+ <property>
+ <name>xasecure.policymgr.clientssl.keystore</name>
+ <value>/etc/security/serverKeys/ranger-tagsync-keystore.jks</value>
+ <description>Java Keystore files</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.keystore.password</name>
+ <value>myKeyFilePassword</value>
+ <property-type>PASSWORD</property-type>
+ <description>password for keystore</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.truststore</name>
+ <value>/etc/security/serverKeys/ranger-tagsync-mytruststore.jks</value>
+ <description>java truststore file</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.truststore.password</name>
+ <value>changeit</value>
+ <property-type>PASSWORD</property-type>
+ <description>java truststore password</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.keystore.credential.file</name>
+ <value>jceks://file{{ranger_tagsync_credential_file}}</value>
+ <description>java keystore credential file</description>
+ <on-ambari-upgrade add="false" />
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.truststore.credential.file</name>
+ <value>jceks://file{{ranger_tagsync_credential_file}}</value>
+ <description>java truststore credential file</description>
+ <on-ambari-upgrade add="false" />
+ </property>
+
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/260ee2ef/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-site.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-site.xml
new file mode 100644
index 0000000..5e60c06
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-site.xml
@@ -0,0 +1,206 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_final="true">
+ <property>
+ <name>ranger.tagsync.logdir</name>
+ <value>/var/log/ranger/tagsync</value>
+ <description>Ranger Log dir</description>
+ <value-attributes>
+ <type>directory</type>
+ <overridable>false</overridable>
+ <editable-only-at-install>true</editable-only-at-install>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.tagsync.dest.ranger.endpoint</name>
+ <value>{{ranger_external_url}}</value>
+ <description>Ranger TagAdmin REST URL</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.tagsync.source.atlas</name>
+ <display-name>Enable Atlas Tag Source</display-name>
+ <value>false</value>
+ <description/>
+ <value-attributes>
+ <type>boolean</type>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>application-properties</type>
+ <name>atlas.server.bind.address</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.tagsync.source.atlasrest</name>
+ <display-name>Enable AtlasRest Tag Source</display-name>
+ <value>false</value>
+ <description/>
+ <value-attributes>
+ <type>boolean</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.tagsync.source.file</name>
+ <display-name>Enable File Tag Source</display-name>
+ <value>false</value>
+ <description/>
+ <value-attributes>
+ <type>boolean</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.tagsync.source.file.check.interval.millis</name>
+ <display-name>File Source: File update polling interval</display-name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.tagsync.source.atlasrest.download.interval.millis</name>
+ <display-name>AtlasREST Source: Atlas source download interval</display-name>
+ <value>60000</value>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.tagsync.source.file.filename</name>
+ <display-name>File Source: Filename</display-name>
+ <value/>
+ <description>File Source Filename</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.tagsync.source.atlasrest.endpoint</name>
+ <display-name>AtlasREST Source: Atlas endpoint</display-name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ <depends-on>
+ <property>
+ <type>application-properties</type>
+ <name>atlas.server.http.port</name>
+ </property>
+ <property>
+ <type>application-properties</type>
+ <name>atlas.server.https.port</name>
+ </property>
+ <property>
+ <type>application-properties</type>
+ <name>atlas.enableTLS</name>
+ </property>
+ </depends-on>
+ </property>
+ <property>
+ <name>ranger.tagsync.kerberos.principal</name>
+ <value/>
+ <description/>
+ <property-type>KERBEROS_PRINCIPAL</property-type>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.tagsync.kerberos.keytab</name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.tagsync.dest.ranger.username</name>
+ <value>rangertagsync</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.tagsync.source.atlasrest.username</name>
+ <value>admin</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.tagsync.atlas.default.cluster.name</name>
+ <value>{{cluster_name}}</value>
+ <description>Capture cluster name</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.tagsync.keystore.filename</name>
+ <value>/usr/hdp/current/ranger-tagsync/conf/rangertagsync.jceks</value>
+ <description>Keystore file</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.tagsync.source.atlasrest.keystore.filename</name>
+ <value>/usr/hdp/current/ranger-tagsync/conf/atlasuser.jceks</value>
+ <description>Tagsync atlasrest keystore file</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.tagsync.dest.ranger.ssl.config.filename</name>
+ <value>{{stack_root}}/current/ranger-tagsync/conf/ranger-policymgr-ssl.xml</value>
+ <description>Keystore and truststore information used for tagsync, required if tagsync -> ranger admin communication is SSL enabled</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>ranger.tagsync.source.atlasrest.ssl.config.filename</name>
+ <value>{{stack_root}}/current/ranger-tagsync/conf/atlas-tagsync-ssl.xml</value>
+ <description>Keystore and truststore information used for tagsync, required if tagsync to atlas communication is SSL enabled</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
[16/26] ambari git commit: AMBARI-20989. Ambari infra manager: add
batch support (oleewere)
Posted by jo...@apache.org.
AMBARI-20989. Ambari infra manager: add batch support (oleewere)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/4e6babdf
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/4e6babdf
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/4e6babdf
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 4e6babdf1569f83c188b817c0aff5c4535b4d015
Parents: fffd07c
Author: oleewere <ol...@gmail.com>
Authored: Thu May 11 15:03:31 2017 +0200
Committer: oleewere <ol...@gmail.com>
Committed: Fri May 12 11:57:49 2017 +0200
----------------------------------------------------------------------
ambari-infra/.gitignore | 6 +
ambari-infra/ambari-infra-manager/pom.xml | 17 +-
.../conf/batch/InfraManagerBatchConfig.java | 227 +++++++++++++++++++
.../infra/job/dummy/DummyItemProcessor.java | 36 +++
.../ambari/infra/job/dummy/DummyItemWriter.java | 36 +++
.../ambari/infra/job/dummy/DummyObject.java | 40 ++++
.../apache/ambari/infra/rest/JobResource.java | 43 +++-
.../src/main/resources/dummy/dummy.txt | 3 +
.../src/main/resources/infra-manager.properties | 6 +-
9 files changed, 409 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/4e6babdf/ambari-infra/.gitignore
----------------------------------------------------------------------
diff --git a/ambari-infra/.gitignore b/ambari-infra/.gitignore
new file mode 100644
index 0000000..a7d91c4
--- /dev/null
+++ b/ambari-infra/.gitignore
@@ -0,0 +1,6 @@
+target
+.settings
+.classpath
+.project
+/bin/
+job-repository.db
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/4e6babdf/ambari-infra/ambari-infra-manager/pom.xml
----------------------------------------------------------------------
diff --git a/ambari-infra/ambari-infra-manager/pom.xml b/ambari-infra/ambari-infra-manager/pom.xml
index c3a09ab..bd5bf03 100644
--- a/ambari-infra/ambari-infra-manager/pom.xml
+++ b/ambari-infra/ambari-infra-manager/pom.xml
@@ -39,6 +39,7 @@
<jjwt.version>0.6.0</jjwt.version>
<spring-batch.version>3.0.7.RELEASE</spring-batch.version>
<jdk.version>1.7</jdk.version>
+ <sqlite.version>3.8.11.2</sqlite.version>
</properties>
<build>
@@ -360,6 +361,11 @@
<version>${spring-batch.version}</version>
</dependency>
<dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-jdbc</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>${jjwt.version}</version>
@@ -369,7 +375,16 @@
<artifactId>jersey-bean-validation</artifactId>
<version>2.25</version>
</dependency>
+ <dependency>
+ <groupId>org.xerial</groupId>
+ <artifactId>sqlite-jdbc</artifactId>
+ <version>${sqlite.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.batch</groupId>
+ <artifactId>spring-batch-admin-manager</artifactId>
+ <version>1.3.1.RELEASE</version>
+ </dependency>
</dependencies>
-
</project>
http://git-wip-us.apache.org/repos/asf/ambari/blob/4e6babdf/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/conf/batch/InfraManagerBatchConfig.java
----------------------------------------------------------------------
diff --git a/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/conf/batch/InfraManagerBatchConfig.java b/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/conf/batch/InfraManagerBatchConfig.java
new file mode 100644
index 0000000..a587ec2
--- /dev/null
+++ b/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/conf/batch/InfraManagerBatchConfig.java
@@ -0,0 +1,227 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ambari.infra.conf.batch;
+
+import org.apache.ambari.infra.job.dummy.DummyItemProcessor;
+import org.apache.ambari.infra.job.dummy.DummyItemWriter;
+import org.apache.ambari.infra.job.dummy.DummyObject;
+import org.springframework.batch.core.Job;
+import org.springframework.batch.core.Step;
+import org.springframework.batch.core.configuration.JobRegistry;
+import org.springframework.batch.core.configuration.annotation.EnableBatchProcessing;
+import org.springframework.batch.core.configuration.annotation.JobBuilderFactory;
+import org.springframework.batch.core.configuration.annotation.StepBuilderFactory;
+import org.springframework.batch.core.configuration.support.JobRegistryBeanPostProcessor;
+import org.springframework.batch.core.explore.JobExplorer;
+import org.springframework.batch.core.launch.JobLauncher;
+import org.springframework.batch.core.launch.JobOperator;
+import org.springframework.batch.core.launch.support.SimpleJobLauncher;
+import org.springframework.batch.core.launch.support.SimpleJobOperator;
+import org.springframework.batch.core.repository.JobRepository;
+import org.springframework.batch.core.repository.support.JobRepositoryFactoryBean;
+import org.springframework.batch.item.ItemProcessor;
+import org.springframework.batch.item.ItemReader;
+import org.springframework.batch.item.ItemWriter;
+import org.springframework.batch.item.file.FlatFileItemReader;
+import org.springframework.batch.item.file.LineMapper;
+import org.springframework.batch.item.file.mapping.BeanWrapperFieldSetMapper;
+import org.springframework.batch.item.file.mapping.DefaultLineMapper;
+import org.springframework.batch.item.file.mapping.FieldSetMapper;
+import org.springframework.batch.item.file.transform.DelimitedLineTokenizer;
+import org.springframework.batch.item.file.transform.LineTokenizer;
+import org.springframework.batch.support.transaction.ResourcelessTransactionManager;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+import org.springframework.core.task.SimpleAsyncTaskExecutor;
+import org.springframework.jdbc.datasource.DriverManagerDataSource;
+import org.springframework.jdbc.datasource.init.DataSourceInitializer;
+import org.springframework.jdbc.datasource.init.ResourceDatabasePopulator;
+import org.springframework.scheduling.annotation.EnableScheduling;
+import org.springframework.transaction.PlatformTransactionManager;
+
+import javax.inject.Inject;
+import javax.sql.DataSource;
+import java.net.MalformedURLException;
+
+@Configuration
+@EnableBatchProcessing
+@EnableScheduling
+public class InfraManagerBatchConfig {
+
+ @Value("classpath:org/springframework/batch/core/schema-drop-sqlite.sql")
+ private Resource dropRepositoryTables;
+
+ @Value("classpath:org/springframework/batch/core/schema-sqlite.sql")
+ private Resource dataRepositorySchema;
+
+ @Value("${infra-manager.batch.db.init:false}")
+ private boolean dropDatabaseOnStartup;
+
+ @Value("${infra-manager.batch.db.file:/etc/ambari-inra-manager/conf/repository.db}")
+ private String sqliteDbFileLocation;
+
+ @Value("${infra-manager.batch.db.username}")
+ private String databaseUsername;
+
+ @Value("${infra-manager.batch.db.password}")
+ private String databasePassword;
+
+ @Inject
+ private StepBuilderFactory steps;
+
+ @Inject
+ private JobBuilderFactory jobs;
+
+ @Inject
+ private JobRegistry jobRegistry;
+
+ @Inject
+ private JobExplorer jobExplorer;
+
+ @Bean
+ public DataSource dataSource() {
+ DriverManagerDataSource dataSource = new DriverManagerDataSource();
+ dataSource.setDriverClassName("org.sqlite.JDBC");
+ dataSource.setUrl("jdbc:sqlite:" + sqliteDbFileLocation);
+ dataSource.setUsername(databaseUsername);
+ dataSource.setUsername(databasePassword);
+ return dataSource;
+ }
+
+ @Bean
+ public DataSourceInitializer dataSourceInitializer(DataSource dataSource)
+ throws MalformedURLException {
+ ResourceDatabasePopulator databasePopulator = new ResourceDatabasePopulator();
+ if (dropDatabaseOnStartup) {
+ databasePopulator.addScript(dropRepositoryTables);
+ databasePopulator.setIgnoreFailedDrops(true);
+ }
+ databasePopulator.addScript(dataRepositorySchema);
+ databasePopulator.setContinueOnError(true);
+
+ DataSourceInitializer initializer = new DataSourceInitializer();
+ initializer.setDataSource(dataSource);
+ initializer.setDatabasePopulator(databasePopulator);
+
+ return initializer;
+ }
+
+ @Bean
+ public JobRepository jobRepository() throws Exception {
+ JobRepositoryFactoryBean factory = new JobRepositoryFactoryBean();
+ factory.setDataSource(dataSource());
+ factory.setTransactionManager(getTransactionManager());
+ factory.afterPropertiesSet();
+ return factory.getObject();
+ }
+
+ @Bean
+ public PlatformTransactionManager getTransactionManager() {
+ return new ResourcelessTransactionManager();
+ }
+
+ @Bean(name = "jobLauncher")
+ public JobLauncher jobLauncher() throws Exception {
+ SimpleJobLauncher jobLauncher = new SimpleJobLauncher();
+ jobLauncher.setJobRepository(jobRepository());
+ jobLauncher.setTaskExecutor(new SimpleAsyncTaskExecutor());
+ jobLauncher.afterPropertiesSet();
+ return jobLauncher;
+ }
+
+ @Bean
+ public JobOperator jobOperator() throws Exception {
+ SimpleJobOperator jobOperator = new SimpleJobOperator();
+ jobOperator.setJobExplorer(jobExplorer);
+ jobOperator.setJobLauncher(jobLauncher());
+ jobOperator.setJobRegistry(jobRegistry);
+ jobOperator.setJobRepository(jobRepository());
+ return jobOperator;
+ }
+
+ @Bean
+ public JobRegistryBeanPostProcessor jobRegistryBeanPostProcessor() {
+ JobRegistryBeanPostProcessor jobRegistryBeanPostProcessor = new JobRegistryBeanPostProcessor();
+ jobRegistryBeanPostProcessor.setJobRegistry(jobRegistry);
+ return jobRegistryBeanPostProcessor;
+ }
+
+ @Bean(name = "dummyStep")
+ protected Step dummyStep(ItemReader<DummyObject> reader,
+ ItemProcessor<DummyObject, String> processor,
+ ItemWriter<String> writer) {
+ return steps.get("dummyStep").<DummyObject, String> chunk(2)
+ .reader(reader).processor(processor).writer(writer).build();
+ }
+
+ @Bean(name = "dummyJob")
+ public Job job(@Qualifier("dummyStep") Step dummyStep) {
+ return jobs.get("dummyJob").start(dummyStep).build();
+ }
+
+ @Bean
+ public ItemReader<DummyObject> dummyItemReader() {
+ FlatFileItemReader<DummyObject> csvFileReader = new FlatFileItemReader<>();
+ csvFileReader.setResource(new ClassPathResource("dummy/dummy.txt"));
+ csvFileReader.setLinesToSkip(1);
+ LineMapper<DummyObject> lineMapper = dummyLineMapper();
+ csvFileReader.setLineMapper(lineMapper);
+ return csvFileReader;
+ }
+
+ @Bean
+ public ItemProcessor<DummyObject, String> dummyItemProcessor() {
+ return new DummyItemProcessor();
+ }
+
+ @Bean
+ public ItemWriter<String> dummyItemWriter() {
+ return new DummyItemWriter();
+ }
+
+ private LineMapper<DummyObject> dummyLineMapper() {
+ DefaultLineMapper<DummyObject> lineMapper = new DefaultLineMapper<>();
+
+ LineTokenizer dummyTokenizer = dummyTokenizer();
+ lineMapper.setLineTokenizer(dummyTokenizer);
+
+ FieldSetMapper<DummyObject> dummyFieldSetMapper = dummyFieldSetMapper();
+ lineMapper.setFieldSetMapper(dummyFieldSetMapper);
+
+ return lineMapper;
+ }
+
+ private FieldSetMapper<DummyObject> dummyFieldSetMapper() {
+ BeanWrapperFieldSetMapper<DummyObject> studentInformationMapper = new BeanWrapperFieldSetMapper<>();
+ studentInformationMapper.setTargetType(DummyObject.class);
+ return studentInformationMapper;
+ }
+
+ private LineTokenizer dummyTokenizer() {
+ DelimitedLineTokenizer studentLineTokenizer = new DelimitedLineTokenizer();
+ studentLineTokenizer.setDelimiter(",");
+ studentLineTokenizer.setNames(new String[]{"f1", "f2"});
+ return studentLineTokenizer;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/4e6babdf/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyItemProcessor.java
----------------------------------------------------------------------
diff --git a/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyItemProcessor.java b/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyItemProcessor.java
new file mode 100644
index 0000000..a124e4d
--- /dev/null
+++ b/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyItemProcessor.java
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ambari.infra.job.dummy;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.batch.item.ItemProcessor;
+
+public class DummyItemProcessor implements ItemProcessor<DummyObject, String> {
+
+ private static final Logger LOG = LoggerFactory.getLogger(DummyItemProcessor.class);
+
+ @Override
+ public String process(DummyObject input) throws Exception {
+ LOG.info("Dummy processing, f1: {}, f2: {}. wait 10 seconds", input.getF1(), input.getF2());
+ Thread.sleep(10000);
+ return String.format("%s, %s", input.getF1(), input.getF2());
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/4e6babdf/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyItemWriter.java
----------------------------------------------------------------------
diff --git a/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyItemWriter.java b/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyItemWriter.java
new file mode 100644
index 0000000..f495795
--- /dev/null
+++ b/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyItemWriter.java
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ambari.infra.job.dummy;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.batch.item.ItemWriter;
+
+import java.util.List;
+
+public class DummyItemWriter implements ItemWriter<String> {
+
+ private static final Logger LOG = LoggerFactory.getLogger(DummyItemWriter.class);
+
+ @Override
+ public void write(List<? extends String> values) throws Exception {
+ LOG.info("DummyItem writer called (values: {})... wait 1 seconds", values.toString());
+ Thread.sleep(1000);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/4e6babdf/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyObject.java
----------------------------------------------------------------------
diff --git a/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyObject.java b/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyObject.java
new file mode 100644
index 0000000..ce087dd
--- /dev/null
+++ b/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/job/dummy/DummyObject.java
@@ -0,0 +1,40 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ambari.infra.job.dummy;
+
+public class DummyObject {
+ private String f1;
+ private String f2;
+
+ public String getF1() {
+ return f1;
+ }
+
+ public void setF1(String f1) {
+ this.f1 = f1;
+ }
+
+ public String getF2() {
+ return f2;
+ }
+
+ public void setF2(String f2) {
+ this.f2 = f2;
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/4e6babdf/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/rest/JobResource.java
----------------------------------------------------------------------
diff --git a/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/rest/JobResource.java b/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/rest/JobResource.java
index 45b1ca5..27fed40 100644
--- a/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/rest/JobResource.java
+++ b/ambari-infra/ambari-infra-manager/src/main/java/org/apache/ambari/infra/rest/JobResource.java
@@ -20,12 +20,24 @@ package org.apache.ambari.infra.rest;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
+import org.springframework.batch.core.JobParametersBuilder;
+import org.springframework.batch.core.JobParametersInvalidException;
+import org.springframework.batch.core.explore.JobExplorer;
+import org.springframework.batch.core.launch.JobInstanceAlreadyExistsException;
+import org.springframework.batch.core.launch.JobOperator;
+import org.springframework.batch.core.launch.NoSuchJobException;
import org.springframework.context.annotation.Scope;
+import javax.inject.Inject;
import javax.inject.Named;
import javax.ws.rs.GET;
+import javax.ws.rs.POST;
import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import java.util.Date;
+import java.util.Set;
@Api(value = "jobs", description = "Job operations")
@Path("jobs")
@@ -33,11 +45,36 @@ import javax.ws.rs.Produces;
@Scope("request")
public class JobResource {
+ @Inject
+ private JobOperator jobOperator;
+
+ @Inject
+ private JobExplorer jobExplorer;
+
@GET
@Produces({"application/json"})
- @ApiOperation("Get all jobs")
- public String getAuditLogs() {
- return "jobs..."; // TODO
+ @ApiOperation("Get all job names")
+ public Set<String> getAllJobNames() {
+ return jobOperator.getJobNames();
+ }
+
+ @GET
+ @Path("executions/{jobName}")
+ @Produces({"application/json"})
+ @ApiOperation("Get the id values of all the running job instances by job name")
+ public Set<Long> getExecutionIdsByJobName(
+ @PathParam("jobName") String jobName) throws NoSuchJobException {
+ return jobOperator.getRunningExecutions(jobName);
+ }
+
+ @POST
+ @Produces({"application/json"})
+ @Path("start/{jobName}")
+ public Long startJob(@PathParam("jobName") String jobName, @QueryParam("params") String params)
+ throws JobParametersInvalidException, JobInstanceAlreadyExistsException, NoSuchJobException {
+ JobParametersBuilder jobParametersBuilder = new JobParametersBuilder();
+ jobParametersBuilder.addDate("date", new Date());
+ return jobOperator.start(jobName, jobParametersBuilder.toJobParameters() + "," + params);
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/4e6babdf/ambari-infra/ambari-infra-manager/src/main/resources/dummy/dummy.txt
----------------------------------------------------------------------
diff --git a/ambari-infra/ambari-infra-manager/src/main/resources/dummy/dummy.txt b/ambari-infra/ambari-infra-manager/src/main/resources/dummy/dummy.txt
new file mode 100644
index 0000000..41da725
--- /dev/null
+++ b/ambari-infra/ambari-infra-manager/src/main/resources/dummy/dummy.txt
@@ -0,0 +1,3 @@
+f1,f2
+v1,v2
+v3,v4
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/4e6babdf/ambari-infra/ambari-infra-manager/src/main/resources/infra-manager.properties
----------------------------------------------------------------------
diff --git a/ambari-infra/ambari-infra-manager/src/main/resources/infra-manager.properties b/ambari-infra/ambari-infra-manager/src/main/resources/infra-manager.properties
index 13878a1..fbeac78 100644
--- a/ambari-infra/ambari-infra-manager/src/main/resources/infra-manager.properties
+++ b/ambari-infra/ambari-infra-manager/src/main/resources/infra-manager.properties
@@ -11,4 +11,8 @@
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
-# limitations under the License.
\ No newline at end of file
+# limitations under the License.
+infra-manager.batch.db.file=job-repository.db
+infra-manager.batch.db.init=true
+infra-manager.batch.db.username=admin
+infra-manager.batch.db.password=admin
\ No newline at end of file
[03/26] ambari git commit: AMBARI-20937. Ambari Upgrade to 2.5 fails
due to custom service;
rpm upgrade does not preserve the custom service directory.(vbrodetskyi)
Posted by jo...@apache.org.
AMBARI-20937. Ambari Upgrade to 2.5 fails due to custom service; rpm upgrade does not preserve the custom service directory.(vbrodetskyi)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/c12c320f
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/c12c320f
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/c12c320f
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: c12c320f81de6cfed34b5d913384fc3851b71f4a
Parents: 506b847
Author: Vitaly Brodetskyi <vb...@hortonworks.com>
Authored: Wed May 10 20:55:26 2017 +0300
Committer: Vitaly Brodetskyi <vb...@hortonworks.com>
Committed: Wed May 10 20:55:26 2017 +0300
----------------------------------------------------------------------
.../main/python/ambari_server/serverUpgrade.py | 31 ++++++++++++++++----
1 file changed, 26 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/c12c320f/ambari-server/src/main/python/ambari_server/serverUpgrade.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/python/ambari_server/serverUpgrade.py b/ambari-server/src/main/python/ambari_server/serverUpgrade.py
index 6f17900..160c91d 100644
--- a/ambari-server/src/main/python/ambari_server/serverUpgrade.py
+++ b/ambari-server/src/main/python/ambari_server/serverUpgrade.py
@@ -522,7 +522,28 @@ def restore_custom_services():
print_error_msg(err)
raise FatalException(1, err)
- services = glob.glob(os.path.join(resources_dir,"stacks","*","*","services","*"))
+ stack_services_search_path = os.path.join("stacks","*","*","services","*")
+ stack_old_dir_name = "stacks_*.old"
+ stack_backup_services_search_path = os.path.join("*","*","services","*")
+ stack_old_dir_mask = r'/stacks.*old/'
+ stack_base_service_dir = '/stacks/'
+
+ find_and_copy_custom_services(resources_dir, stack_services_search_path, stack_old_dir_name,
+ stack_backup_services_search_path, stack_old_dir_mask, stack_base_service_dir)
+
+ common_services_search_path = os.path.join("common-services","*")
+ common_old_dir_name = "common-services_*.old"
+ common_backup_services_search_path = "*"
+ common_old_dir_mask = r'/common-services.*old'
+ common_base_service_dir = '/common-services/'
+
+ find_and_copy_custom_services(resources_dir, common_services_search_path, common_old_dir_name,
+ common_backup_services_search_path, common_old_dir_mask, common_base_service_dir)
+
+
+def find_and_copy_custom_services(resources_dir, services_search_path, old_dir_name, backup_services_search_path,
+ old_dir_mask, base_service_dir):
+ services = glob.glob(os.path.join(resources_dir, services_search_path))
managed_services = []
for service in services:
if os.path.isdir(service) and not os.path.basename(service) in managed_services:
@@ -530,15 +551,15 @@ def restore_custom_services():
# add deprecated managed services
managed_services.extend(["NAGIOS","GANGLIA","MAPREDUCE","WEBHCAT"])
- stack_backup_dirs = glob.glob(os.path.join(resources_dir,"stacks_*.old"))
+ stack_backup_dirs = glob.glob(os.path.join(resources_dir, old_dir_name))
if stack_backup_dirs:
last_backup_dir = max(stack_backup_dirs, key=os.path.getctime)
- backup_services = glob.glob(os.path.join(last_backup_dir,"*","*","services","*"))
+ backup_services = glob.glob(os.path.join(last_backup_dir, backup_services_search_path))
- regex = re.compile(r'/stacks.*old/')
+ regex = re.compile(old_dir_mask)
for backup_service in backup_services:
backup_base_service_dir = os.path.dirname(backup_service)
- current_base_service_dir = regex.sub('/stacks/', backup_base_service_dir)
+ current_base_service_dir = regex.sub(base_service_dir, backup_base_service_dir)
# if services dir does not exists, we do not manage this stack
if not os.path.exists(current_base_service_dir):
continue
[24/26] ambari git commit: AMBARI-21002. RU/EU: Restart Zookeeper
step failed (dgrinenko via dlysnichenko)
Posted by jo...@apache.org.
AMBARI-21002. RU/EU: Restart Zookeeper step failed (dgrinenko via dlysnichenko)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/48c9b340
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/48c9b340
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/48c9b340
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 48c9b3402610614603ae9aefa034a08a9a90c75b
Parents: 08dd15b
Author: Lisnichenko Dmitro <dl...@hortonworks.com>
Authored: Fri May 12 16:53:07 2017 +0300
Committer: Lisnichenko Dmitro <dl...@hortonworks.com>
Committed: Fri May 12 16:53:56 2017 +0300
----------------------------------------------------------------------
.../server/controller/internal/UpgradeResourceProvider.java | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/48c9b340/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeResourceProvider.java
index 623851a..c7f7980 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeResourceProvider.java
@@ -120,6 +120,7 @@ import org.apache.ambari.server.state.stack.upgrade.UpdateStackGrouping;
import org.apache.ambari.server.state.stack.upgrade.UpgradeScope;
import org.apache.ambari.server.state.stack.upgrade.UpgradeType;
import org.apache.ambari.server.state.svccomphost.ServiceComponentHostServerActionEvent;
+import org.apache.ambari.server.utils.StageUtils;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
@@ -818,7 +819,7 @@ public class UpgradeResourceProvider extends AbstractControllerResourceProvider
}
List<UpgradeGroupEntity> groupEntities = new ArrayList<>();
- RequestStageContainer req = createRequest(direction, version);
+ RequestStageContainer req = createRequest(cluster, direction, version);
// the upgrade context calculated these for us based on direction
StackId sourceStackId = upgradeContext.getOriginalStackId();
@@ -1264,13 +1265,17 @@ public class UpgradeResourceProvider extends AbstractControllerResourceProvider
}
}
- private RequestStageContainer createRequest(Direction direction, String version) {
+ private RequestStageContainer createRequest(Cluster cluster, Direction direction, String version) throws AmbariException {
ActionManager actionManager = getManagementController().getActionManager();
RequestStageContainer requestStages = new RequestStageContainer(
actionManager.getNextRequestId(), null, s_requestFactory.get(), actionManager);
requestStages.setRequestContext(String.format("%s to %s", direction.getVerb(true), version));
+ Map<String, Set<String>> clusterHostInfo = StageUtils.getClusterHostInfo(cluster);
+ String clusterHostInfoJson = StageUtils.getGson().toJson(clusterHostInfo);
+ requestStages.setClusterHostInfo(clusterHostInfoJson);
+
return requestStages;
}
[06/26] ambari git commit: AMBARI-20947. Use keytab file named
'hive.service.keytab' instead of 'hive.llap.zk.sm.keytab' in
hive_server_interactive.py for copying to slider.
Posted by jo...@apache.org.
AMBARI-20947. Use keytab file named 'hive.service.keytab' instead of 'hive.llap.zk.sm.keytab' in hive_server_interactive.py for copying to slider.
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/242d9e76
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/242d9e76
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/242d9e76
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 242d9e76f93d17532a60296d86d4e42f7299e039
Parents: 09ca031
Author: Swapan Shridhar <ss...@hortonworks.com>
Authored: Wed May 10 17:02:42 2017 -0700
Committer: Swapan Shridhar <ss...@hortonworks.com>
Committed: Wed May 10 17:02:42 2017 -0700
----------------------------------------------------------------------
.../HIVE/0.12.0.2.0/package/alerts/alert_llap_app_status.py | 4 ++--
.../HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py | 3 ---
.../HIVE/0.12.0.2.0/package/scripts/params_linux.py | 4 ++--
.../HIVE/2.1.0.3.0/package/alerts/alert_llap_app_status.py | 4 ++--
.../HIVE/2.1.0.3.0/package/scripts/hive_server_interactive.py | 3 ---
.../HIVE/2.1.0.3.0/package/scripts/params_linux.py | 4 ++--
6 files changed, 8 insertions(+), 14 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/242d9e76/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/alerts/alert_llap_app_status.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/alerts/alert_llap_app_status.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/alerts/alert_llap_app_status.py
index 095be3f..98d1899 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/alerts/alert_llap_app_status.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/alerts/alert_llap_app_status.py
@@ -47,10 +47,10 @@ UKNOWN_STATUS_CODE = 'UNKNOWN'
SECURITY_ENABLED_KEY = '{{cluster-env/security_enabled}}'
-HIVE_PRINCIPAL_KEY = '{{hive-interactive-site/hive.llap.zk.sm.principal}}'
+HIVE_PRINCIPAL_KEY = '{{hive-interactive-site/hive.llap.daemon.service.principal}}'
HIVE_PRINCIPAL_DEFAULT = 'default.hive.principal'
-HIVE_PRINCIPAL_KEYTAB_KEY = '{{hive-interactive-site/hive.llap.zk.sm.keytab.file}}'
+HIVE_PRINCIPAL_KEYTAB_KEY = '{{hive-interactive-site/hive.llap.daemon.keytab.file}}'
HIVE_PRINCIPAL_KEYTAB_DEFAULT = 'default.hive.keytab'
HIVE_AUTHENTICATION_DEFAULT = 'NOSASL'
http://git-wip-us.apache.org/repos/asf/ambari/blob/242d9e76/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
index 8f57f1e..0504d18 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
@@ -365,9 +365,6 @@ class HiveServerInteractiveDefault(HiveServerInteractive):
hive_interactive_kinit_cmd = format("{kinit_path_local} -kt {params.hive_server2_keytab} {params.hive_principal}; ")
Execute(hive_interactive_kinit_cmd, user=params.hive_user)
- llap_kinit_cmd = format("{kinit_path_local} -kt {params.hive_llap_keytab_file} {params.hive_llap_principal}; ")
- Execute(llap_kinit_cmd, user=params.hive_user)
-
"""
Get llap app status data for LLAP Tech Preview code base.
"""
http://git-wip-us.apache.org/repos/asf/ambari/blob/242d9e76/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py
index 0f03155..d854451 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py
@@ -685,8 +685,8 @@ if has_hive_interactive:
llap_extra_slider_opts = default('/configurations/hive-interactive-env/llap_extra_slider_opts', "")
hive_llap_principal = None
if security_enabled:
- hive_llap_keytab_file = config['configurations']['hive-interactive-site']['hive.llap.zk.sm.keytab.file']
- hive_llap_principal = (config['configurations']['hive-interactive-site']['hive.llap.zk.sm.principal']).replace('_HOST',hostname.lower())
+ hive_llap_keytab_file = config['configurations']['hive-interactive-site']['hive.llap.daemon.keytab.file']
+ hive_llap_principal = (config['configurations']['hive-interactive-site']['hive.llap.daemon.service.principal']).replace('_HOST',hostname.lower())
pass
if len(hive_server_hosts) == 0 and len(hive_server_interactive_hosts) > 0:
http://git-wip-us.apache.org/repos/asf/ambari/blob/242d9e76/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/alerts/alert_llap_app_status.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/alerts/alert_llap_app_status.py b/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/alerts/alert_llap_app_status.py
index 095be3f..98d1899 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/alerts/alert_llap_app_status.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/alerts/alert_llap_app_status.py
@@ -47,10 +47,10 @@ UKNOWN_STATUS_CODE = 'UNKNOWN'
SECURITY_ENABLED_KEY = '{{cluster-env/security_enabled}}'
-HIVE_PRINCIPAL_KEY = '{{hive-interactive-site/hive.llap.zk.sm.principal}}'
+HIVE_PRINCIPAL_KEY = '{{hive-interactive-site/hive.llap.daemon.service.principal}}'
HIVE_PRINCIPAL_DEFAULT = 'default.hive.principal'
-HIVE_PRINCIPAL_KEYTAB_KEY = '{{hive-interactive-site/hive.llap.zk.sm.keytab.file}}'
+HIVE_PRINCIPAL_KEYTAB_KEY = '{{hive-interactive-site/hive.llap.daemon.keytab.file}}'
HIVE_PRINCIPAL_KEYTAB_DEFAULT = 'default.hive.keytab'
HIVE_AUTHENTICATION_DEFAULT = 'NOSASL'
http://git-wip-us.apache.org/repos/asf/ambari/blob/242d9e76/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/scripts/hive_server_interactive.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/scripts/hive_server_interactive.py b/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/scripts/hive_server_interactive.py
index 8f57f1e..0504d18 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/scripts/hive_server_interactive.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/scripts/hive_server_interactive.py
@@ -365,9 +365,6 @@ class HiveServerInteractiveDefault(HiveServerInteractive):
hive_interactive_kinit_cmd = format("{kinit_path_local} -kt {params.hive_server2_keytab} {params.hive_principal}; ")
Execute(hive_interactive_kinit_cmd, user=params.hive_user)
- llap_kinit_cmd = format("{kinit_path_local} -kt {params.hive_llap_keytab_file} {params.hive_llap_principal}; ")
- Execute(llap_kinit_cmd, user=params.hive_user)
-
"""
Get llap app status data for LLAP Tech Preview code base.
"""
http://git-wip-us.apache.org/repos/asf/ambari/blob/242d9e76/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/scripts/params_linux.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/scripts/params_linux.py
index 69ef08e..c0ac535 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/scripts/params_linux.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/2.1.0.3.0/package/scripts/params_linux.py
@@ -684,8 +684,8 @@ if has_hive_interactive:
llap_extra_slider_opts = default('/configurations/hive-interactive-env/llap_extra_slider_opts', "")
hive_llap_principal = None
if security_enabled:
- hive_llap_keytab_file = config['configurations']['hive-interactive-site']['hive.llap.zk.sm.keytab.file']
- hive_llap_principal = (config['configurations']['hive-interactive-site']['hive.llap.zk.sm.principal']).replace('_HOST',hostname.lower())
+ hive_llap_keytab_file = config['configurations']['hive-interactive-site']['hive.llap.daemon.keytab.file']
+ hive_llap_principal = (config['configurations']['hive-interactive-site']['hive.llap.daemon.service.principal']).replace('_HOST',hostname.lower())
pass
if len(hive_server_hosts) == 0 and len(hive_server_interactive_hosts) > 0:
[09/26] ambari git commit: AMBARI-20872 Required properties for
services in the blueprint are validated before the cluster provisioning is
started (when the cluster creation template is posted)
Posted by jo...@apache.org.
AMBARI-20872 Required properties for services in the blueprint are validated before the cluster provisioning is started (when the cluster creation template is posted)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/3edbc2c4
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/3edbc2c4
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/3edbc2c4
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 3edbc2c41d489c20d1f503723491461eaa328fab
Parents: 55750b9
Author: lpuskas <lp...@apache.org>
Authored: Wed May 3 18:31:40 2017 +0200
Committer: lpuskas <lp...@apache.org>
Committed: Thu May 11 13:35:40 2017 +0200
----------------------------------------------------------------------
.../server/topology/BlueprintValidatorImpl.java | 88 ++----
.../RequiredConfigPropertiesValidator.java | 188 ++++++++++++
.../validators/TopologyValidatorFactory.java | 3 +-
.../server/topology/BlueprintImplTest.java | 13 -
.../RequiredConfigPropertiesValidatorTest.java | 302 +++++++++++++++++++
5 files changed, 512 insertions(+), 82 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/3edbc2c4/ambari-server/src/main/java/org/apache/ambari/server/topology/BlueprintValidatorImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/topology/BlueprintValidatorImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/topology/BlueprintValidatorImpl.java
index 9688c60..2e5995c 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/topology/BlueprintValidatorImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/topology/BlueprintValidatorImpl.java
@@ -20,7 +20,6 @@ package org.apache.ambari.server.topology;
import java.util.ArrayList;
import java.util.Collection;
-import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
@@ -49,6 +48,7 @@ public class BlueprintValidatorImpl implements BlueprintValidator {
this.blueprint = blueprint;
this.stack = blueprint.getStack();
}
+
@Override
public void validateTopology() throws InvalidTopologyException {
LOGGER.info("Validating topology for blueprint: [{}]", blueprint.getName());
@@ -57,7 +57,7 @@ public class BlueprintValidatorImpl implements BlueprintValidator {
for (HostGroup group : hostGroups) {
Map<String, Collection<DependencyInfo>> missingGroupDependencies = validateHostGroup(group);
- if (! missingGroupDependencies.isEmpty()) {
+ if (!missingGroupDependencies.isEmpty()) {
missingDependencies.put(group.getName(), missingGroupDependencies);
}
}
@@ -73,27 +73,24 @@ public class BlueprintValidatorImpl implements BlueprintValidator {
cardinalityFailures.addAll(verifyComponentInAllHostGroups(component, autoDeploy));
} else {
cardinalityFailures.addAll(verifyComponentCardinalityCount(
- component, cardinality, autoDeploy));
+ component, cardinality, autoDeploy));
}
}
}
- if (! missingDependencies.isEmpty() || ! cardinalityFailures.isEmpty()) {
+ if (!missingDependencies.isEmpty() || !cardinalityFailures.isEmpty()) {
generateInvalidTopologyException(missingDependencies, cardinalityFailures);
}
}
@Override
public void validateRequiredProperties() throws InvalidTopologyException {
- //todo: combine with RequiredPasswordValidator
- Map<String, Map<String, Collection<String>>> missingProperties =
- new HashMap<>();
// we don't want to include default stack properties so we can't just use hostGroup full properties
Map<String, Map<String, String>> clusterConfigurations = blueprint.getConfiguration().getProperties();
// we need to have real passwords, not references
- if(clusterConfigurations != null) {
+ if (clusterConfigurations != null) {
StringBuilder errorMessage = new StringBuilder();
boolean containsSecretReferences = false;
for (Map.Entry<String, Map<String, String>> configEntry : clusterConfigurations.entrySet()) {
@@ -104,16 +101,16 @@ public class BlueprintValidatorImpl implements BlueprintValidator {
String propertyValue = propertyEntry.getValue();
if (propertyValue != null) {
if (SecretReference.isSecret(propertyValue)) {
- errorMessage.append(" Config:").append(configType).append(" Property:").append(propertyName).append("\n");
+ errorMessage.append(" Config:" + configType + " Property:" + propertyName + "\n");
containsSecretReferences = true;
}
}
}
}
}
- if(containsSecretReferences) {
+ if (containsSecretReferences) {
throw new InvalidTopologyException("Secret references are not allowed in blueprints, " +
- "replace following properties with real passwords:\n"+errorMessage.toString());
+ "replace following properties with real passwords:\n" + errorMessage.toString());
}
}
@@ -129,9 +126,9 @@ public class BlueprintValidatorImpl implements BlueprintValidator {
if (component.equals("MYSQL_SERVER")) {
Map<String, String> hiveEnvConfig = clusterConfigurations.get("hive-env");
if (hiveEnvConfig != null && !hiveEnvConfig.isEmpty() && hiveEnvConfig.get("hive_database") != null
- && hiveEnvConfig.get("hive_database").startsWith("Existing")) {
+ && hiveEnvConfig.get("hive_database").startsWith("Existing")) {
throw new InvalidTopologyException("Incorrect configuration: MYSQL_SERVER component is available but hive" +
- " using existing db!");
+ " using existing db!");
}
}
if (ClusterTopologyImpl.isNameNodeHAEnabled(clusterConfigurations) && component.equals("NAMENODE")) {
@@ -162,72 +159,27 @@ public class BlueprintValidatorImpl implements BlueprintValidator {
if (component.equals("HIVE_METASTORE")) {
Map<String, String> hiveEnvConfig = clusterConfigurations.get("hive-env");
- if (hiveEnvConfig != null && !hiveEnvConfig.isEmpty() && hiveEnvConfig.get("hive_database") !=null
- && hiveEnvConfig.get("hive_database").equals("Existing SQL Anywhere Database")
- && VersionUtils.compareVersions(stack.getVersion(), "2.3.0.0") < 0
- && stack.getName().equalsIgnoreCase("HDP")) {
+ if (hiveEnvConfig != null && !hiveEnvConfig.isEmpty() && hiveEnvConfig.get("hive_database") != null
+ && hiveEnvConfig.get("hive_database").equals("Existing SQL Anywhere Database")
+ && VersionUtils.compareVersions(stack.getVersion(), "2.3.0.0") < 0
+ && stack.getName().equalsIgnoreCase("HDP")) {
throw new InvalidTopologyException("Incorrect configuration: SQL Anywhere db is available only for stack HDP-2.3+ " +
- "and repo version 2.3.2+!");
+ "and repo version 2.3.2+!");
}
}
if (component.equals("OOZIE_SERVER")) {
Map<String, String> oozieEnvConfig = clusterConfigurations.get("oozie-env");
- if (oozieEnvConfig != null && !oozieEnvConfig.isEmpty() && oozieEnvConfig.get("oozie_database") !=null
- && oozieEnvConfig.get("oozie_database").equals("Existing SQL Anywhere Database")
- && VersionUtils.compareVersions(stack.getVersion(), "2.3.0.0") < 0
- && stack.getName().equalsIgnoreCase("HDP")) {
+ if (oozieEnvConfig != null && !oozieEnvConfig.isEmpty() && oozieEnvConfig.get("oozie_database") != null
+ && oozieEnvConfig.get("oozie_database").equals("Existing SQL Anywhere Database")
+ && VersionUtils.compareVersions(stack.getVersion(), "2.3.0.0") < 0
+ && stack.getName().equalsIgnoreCase("HDP")) {
throw new InvalidTopologyException("Incorrect configuration: SQL Anywhere db is available only for stack HDP-2.3+ " +
- "and repo version 2.3.2+!");
+ "and repo version 2.3.2+!");
}
}
-
- //for now, AMBARI is not recognized as a service in Stacks
- if (! component.equals("AMBARI_SERVER")) {
- String serviceName = stack.getServiceForComponent(component);
- if (processedServices.add(serviceName)) {
- Collection<Stack.ConfigProperty> requiredServiceConfigs =
- stack.getRequiredConfigurationProperties(serviceName);
-
- for (Stack.ConfigProperty requiredConfig : requiredServiceConfigs) {
- String configCategory = requiredConfig.getType();
- String propertyName = requiredConfig.getName();
- if (! stack.isPasswordProperty(serviceName, configCategory, propertyName)) {
- Collection<String> typeRequirements = allRequiredProperties.get(configCategory);
- if (typeRequirements == null) {
- typeRequirements = new HashSet<>();
- allRequiredProperties.put(configCategory, typeRequirements);
- }
- typeRequirements.add(propertyName);
- }
- }
- }
- }
- }
- for (Map.Entry<String, Collection<String>> requiredTypeProperties : allRequiredProperties.entrySet()) {
- String requiredCategory = requiredTypeProperties.getKey();
- Collection<String> requiredProperties = requiredTypeProperties.getValue();
- Collection<String> operationalTypeProps = operationalConfiguration.containsKey(requiredCategory) ?
- operationalConfiguration.get(requiredCategory).keySet() :
- Collections.<String>emptyList();
-
- requiredProperties.removeAll(operationalTypeProps);
- if (! requiredProperties.isEmpty()) {
- String hostGroupName = hostGroup.getName();
- Map<String, Collection<String>> hostGroupMissingProps = missingProperties.get(hostGroupName);
- if (hostGroupMissingProps == null) {
- hostGroupMissingProps = new HashMap<>();
- missingProperties.put(hostGroupName, hostGroupMissingProps);
- }
- hostGroupMissingProps.put(requiredCategory, requiredProperties);
- }
}
}
-
- if (! missingProperties.isEmpty()) {
- throw new InvalidTopologyException("Missing required properties. Specify a value for these " +
- "properties in the blueprint configuration. " + missingProperties);
- }
}
/**
http://git-wip-us.apache.org/repos/asf/ambari/blob/3edbc2c4/ambari-server/src/main/java/org/apache/ambari/server/topology/validators/RequiredConfigPropertiesValidator.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/topology/validators/RequiredConfigPropertiesValidator.java b/ambari-server/src/main/java/org/apache/ambari/server/topology/validators/RequiredConfigPropertiesValidator.java
new file mode 100644
index 0000000..759d9e9
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/topology/validators/RequiredConfigPropertiesValidator.java
@@ -0,0 +1,188 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.topology.validators;
+
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+
+import org.apache.ambari.server.controller.internal.Stack;
+import org.apache.ambari.server.state.PropertyInfo;
+import org.apache.ambari.server.topology.Blueprint;
+import org.apache.ambari.server.topology.ClusterTopology;
+import org.apache.ambari.server.topology.HostGroup;
+import org.apache.ambari.server.topology.InvalidTopologyException;
+import org.apache.ambari.server.topology.TopologyValidator;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * Validates the configuration by checking the existence of required properties for the services listed in the blueprint.
+ * Required properties are specified in the stack and are tied to config types and services.
+ *
+ * The validator ignores password properties that should never be specified in the artifacts (blueprint / cluster creation template)
+ */
+public class RequiredConfigPropertiesValidator implements TopologyValidator {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(RequiredConfigPropertiesValidator.class);
+
+ /**
+ * Validates the configuration coming from the blueprint and cluster creation template and ensures that all the required properties are provided.
+ * It's expected, that a in hostrgroup containing components for a given service all required configuration for the given service is available.
+ *
+ * @param topology the topology instance holding the configuration for cluster provisioning
+ * @throws InvalidTopologyException when there are missing configuration types or properties related to services in the blueprint
+ */
+ @Override
+ public void validate(ClusterTopology topology) throws InvalidTopologyException {
+
+ // collect required properties
+ Map<String, Map<String, Collection<String>>> requiredPropertiesByService = getRequiredPropertiesByService(topology.getBlueprint());
+
+ // find missing properties in the cluster configuration
+ Map<String, Collection<String>> missingProperties = new HashMap<>();
+ Map<String, Map<String, String>> topologyConfiguration = new HashMap<>(topology.getConfiguration().getFullProperties(1));
+
+ for (HostGroup hostGroup : topology.getBlueprint().getHostGroups().values()) {
+ LOGGER.debug("Processing hostgroup configurations for hostgroup: {}", hostGroup.getName());
+
+ // copy of all configurations available in the topology hgConfig -> topologyConfig -> bpConfig
+ Map<String, Map<String, String>> operationalConfigurations = new HashMap<>(topologyConfiguration);
+
+ for (Map.Entry<String, Map<String, String>> hostgroupConfigEntry : hostGroup.getConfiguration().getProperties().entrySet()) {
+ if (operationalConfigurations.containsKey(hostgroupConfigEntry.getKey())) {
+ operationalConfigurations.get(hostgroupConfigEntry.getKey()).putAll(hostgroupConfigEntry.getValue());
+ } else {
+ operationalConfigurations.put(hostgroupConfigEntry.getKey(), hostgroupConfigEntry.getValue());
+ }
+ }
+
+ for (String hostGroupService : hostGroup.getServices()) {
+
+ if (!requiredPropertiesByService.containsKey(hostGroupService)) {
+ // there are no required properties for the service
+ LOGGER.debug("There are no required properties found for hostgroup/service: [{}/{}]", hostGroup.getName(), hostGroupService);
+ continue;
+ }
+
+ Map<String, Collection<String>> requiredPropertiesByType = requiredPropertiesByService.get(hostGroupService);
+
+ for (String configType : requiredPropertiesByType.keySet()) {
+
+ // We need a copy not to modify the original
+ Collection<String> requiredPropertiesForType = new HashSet(requiredPropertiesByType.get(configType));
+
+ if (!operationalConfigurations.containsKey(configType)) {
+ // all required configuration is missing for the config type
+ missingProperties = addTomissingProperties(missingProperties, hostGroup.getName(), requiredPropertiesForType);
+ continue;
+ }
+
+ Collection<String> operationalConfigsForType = operationalConfigurations.get(configType).keySet();
+ requiredPropertiesForType.removeAll(operationalConfigsForType);
+ if (!requiredPropertiesForType.isEmpty()) {
+ LOGGER.info("Found missing properties in hostgroup: {}, config type: {}, mising properties: {}", hostGroup.getName(),
+ configType, requiredPropertiesForType);
+ missingProperties = addTomissingProperties(missingProperties, hostGroup.getName(), requiredPropertiesForType);
+ }
+ }
+ }
+
+ }
+
+ if (!missingProperties.isEmpty()) {
+ throw new InvalidTopologyException("Missing required properties. Specify a value for these " +
+ "properties in the blueprint or cluster creation template configuration. " + missingProperties);
+ }
+
+ }
+
+
+ /**
+ * Collects required properties for services in the blueprint. Configuration properties are returned by configuration type.
+ * service -> configType -> properties
+ *
+ * @param blueprint the blueprint from the cluster topology
+ * @return a map with configuration types mapped to collections of required property names
+ */
+
+ private Map<String, Map<String, Collection<String>>> getRequiredPropertiesByService(Blueprint blueprint) {
+
+ Map<String, Map<String, Collection<String>>> requiredPropertiesForServiceByType = new HashMap<>();
+
+ for (String bpService : blueprint.getServices()) {
+ LOGGER.debug("Collecting required properties for the service: {}", bpService);
+
+ Collection<Stack.ConfigProperty> requiredConfigsForService = blueprint.getStack().getRequiredConfigurationProperties(bpService);
+ Map<String, Collection<String>> requiredPropertiesByConfigType = new HashMap<>();
+
+ for (Stack.ConfigProperty configProperty : requiredConfigsForService) {
+
+ if (configProperty.getPropertyTypes() != null && configProperty.getPropertyTypes().contains(PropertyInfo.PropertyType.PASSWORD)) {
+ LOGGER.debug("Skipping required property validation for password type: {}", configProperty.getName());
+ // skip password types
+ continue;
+ }
+
+ // add / get service related required propeByType map
+ if (requiredPropertiesForServiceByType.containsKey(bpService)) {
+ requiredPropertiesByConfigType = requiredPropertiesForServiceByType.get(bpService);
+ } else {
+ LOGGER.debug("Adding required properties entry for service: {}", bpService);
+ requiredPropertiesForServiceByType.put(bpService, requiredPropertiesByConfigType);
+ }
+
+ // add collection of required properties
+ Collection<String> requiredPropsForType = new HashSet<>();
+ if (requiredPropertiesByConfigType.containsKey(configProperty.getType())) {
+ requiredPropsForType = requiredPropertiesByConfigType.get(configProperty.getType());
+ } else {
+ LOGGER.debug("Adding required properties entry for configuration type: {}", configProperty.getType());
+ requiredPropertiesByConfigType.put(configProperty.getType(), requiredPropsForType);
+ }
+
+ requiredPropsForType.add(configProperty.getName());
+ LOGGER.debug("Added required property for service; {}, configuration type: {}, property: {}", bpService,
+ configProperty.getType(), configProperty.getName());
+ }
+ }
+
+ LOGGER.info("Identified required properties for blueprint services: {}", requiredPropertiesForServiceByType);
+ return requiredPropertiesForServiceByType;
+
+ }
+
+ private Map<String, Collection<String>> addTomissingProperties(Map<String, Collection<String>> missingProperties, String hostGroup, Collection<String> values) {
+ Map<String, Collection<String>> missing;
+
+ if (missingProperties == null) {
+ missing = new HashMap<>();
+ } else {
+ missing = new HashMap<>(missingProperties);
+ }
+
+ if (!missing.containsKey(hostGroup)) {
+ missing.put(hostGroup, new HashSet<String>());
+ }
+
+ missing.get(hostGroup).addAll(values);
+
+ return missing;
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/3edbc2c4/ambari-server/src/main/java/org/apache/ambari/server/topology/validators/TopologyValidatorFactory.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/topology/validators/TopologyValidatorFactory.java b/ambari-server/src/main/java/org/apache/ambari/server/topology/validators/TopologyValidatorFactory.java
index 0e77301..5a6f64e 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/topology/validators/TopologyValidatorFactory.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/topology/validators/TopologyValidatorFactory.java
@@ -24,7 +24,8 @@ public class TopologyValidatorFactory {
List<TopologyValidator> validators;
public TopologyValidatorFactory() {
- validators = ImmutableList.of(new RequiredPasswordValidator(), new HiveServiceValidator(), new StackConfigTypeValidator());
+ validators = ImmutableList.of(new RequiredConfigPropertiesValidator(), new RequiredPasswordValidator(), new HiveServiceValidator(),
+ new StackConfigTypeValidator());
}
public TopologyValidator createConfigurationValidatorChain() {
http://git-wip-us.apache.org/repos/asf/ambari/blob/3edbc2c4/ambari-server/src/test/java/org/apache/ambari/server/topology/BlueprintImplTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/topology/BlueprintImplTest.java b/ambari-server/src/test/java/org/apache/ambari/server/topology/BlueprintImplTest.java
index 255145c..5f4e00b 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/topology/BlueprintImplTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/topology/BlueprintImplTest.java
@@ -128,16 +128,6 @@ public class BlueprintImplTest {
assertTrue(entity.getSecurityDescriptorReference().equals("testRef"));
}
- @Test(expected = InvalidTopologyException.class)
- public void testValidateConfigurations__basic_negative() throws Exception {
- expect(group2.getConfiguration()).andReturn(EMPTY_CONFIGURATION).atLeastOnce();
- replay(stack, group1, group2);
-
- Blueprint blueprint = new BlueprintImpl("test", hostGroups, stack, configuration, null);
- blueprint.validateRequiredProperties();
- verify(stack, group1, group2);
- }
-
@Test
public void testValidateConfigurations__hostGroupConfig() throws Exception {
Map<String, Map<String, String>> group2Props = new HashMap<>();
@@ -157,7 +147,6 @@ public class BlueprintImplTest {
category2Props.put("prop2", "val");
group1Components.add("NAMENODE");
group2Components.add("NAMENODE");
- expect(stack.getServiceForComponent("NAMENODE")).andReturn("SERVICE2").atLeastOnce();
Map<String, String> hdfsProps = new HashMap<>();
properties.put("hdfs-site", hdfsProps);
hdfsProps.put("foo", "val");
@@ -195,8 +184,6 @@ public class BlueprintImplTest {
group1Components.add("ZKFC");
group2Components.add("NAMENODE");
group2Components.add("ZKFC");
- expect(stack.getServiceForComponent("NAMENODE")).andReturn("SERVICE2").atLeastOnce();
- expect(stack.getServiceForComponent("ZKFC")).andReturn("SERVICE2").atLeastOnce();
Map<String, String> hdfsProps = new HashMap<>();
properties.put("hdfs-site", hdfsProps);
hdfsProps.put("foo", "val");
http://git-wip-us.apache.org/repos/asf/ambari/blob/3edbc2c4/ambari-server/src/test/java/org/apache/ambari/server/topology/validators/RequiredConfigPropertiesValidatorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/topology/validators/RequiredConfigPropertiesValidatorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/topology/validators/RequiredConfigPropertiesValidatorTest.java
new file mode 100644
index 0000000..8ead623
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/topology/validators/RequiredConfigPropertiesValidatorTest.java
@@ -0,0 +1,302 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.topology.validators;
+
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+
+import org.apache.ambari.server.controller.internal.Stack;
+import org.apache.ambari.server.topology.Blueprint;
+import org.apache.ambari.server.topology.ClusterTopology;
+import org.apache.ambari.server.topology.Configuration;
+import org.apache.ambari.server.topology.HostGroup;
+import org.apache.ambari.server.topology.InvalidTopologyException;
+import org.easymock.EasyMock;
+import org.easymock.EasyMockRule;
+import org.easymock.EasyMockSupport;
+import org.easymock.Mock;
+import org.easymock.TestSubject;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+
+public class RequiredConfigPropertiesValidatorTest extends EasyMockSupport {
+
+ @Rule
+ public EasyMockRule mocks = new EasyMockRule(this);
+
+ @Mock
+ private ClusterTopology clusterTopologyMock;
+
+ @Mock
+ private Configuration topologyConfigurationMock;
+
+ @Mock
+ private Blueprint blueprintMock;
+
+ @Mock
+ private Stack stackMock;
+
+ @Mock
+ private HostGroup slaveHostGroupMock;
+
+ @Mock
+ private HostGroup masterHostGroupMock;
+
+ @Mock
+ private Configuration slaveHostGroupConfigurationMock;
+
+ @Mock
+ private Configuration masterHostGroupConfigurationMock;
+
+
+ private Map<String, Map<String, String>> topologyConfigurationMap = new HashMap<>();
+ private Map<String, Map<String, String>> masterHostGroupConfigurationMap = new HashMap<>();
+ private Map<String, Map<String, String>> slaveHostGroupConfigurationMap = new HashMap<>();
+ private Collection<String> bpServices = new HashSet<>();
+ private Collection<String> slaveHostGroupServices = new HashSet<>();
+ private Collection<String> masterHostGroupServices = new HashSet<>();
+ private Map<String, HostGroup> hostGroups = new HashMap<>();
+ private Map<String, Collection<String>> missingProps = new HashMap<>();
+
+ @TestSubject
+ private RequiredConfigPropertiesValidator testSubject = new RequiredConfigPropertiesValidator();
+
+ /**
+ * Assembles the basic default fixture of the test:
+ * The blueprint has 2 hostgroups, both of them contains the KERBEROS service (or KERBEROS_CLIENT)
+ * The changing items are the configurations, that my come from the topology (bp + cct) or the hostg roups
+ */
+
+ @Before
+ public void setup() {
+ resetAll();
+
+ EasyMock.expect(clusterTopologyMock.getConfiguration()).andReturn(topologyConfigurationMock);
+ EasyMock.expect(topologyConfigurationMock.getFullProperties(1)).andReturn(topologyConfigurationMap);
+
+ EasyMock.expect(clusterTopologyMock.getBlueprint()).andReturn(blueprintMock).anyTimes();
+
+ EasyMock.expect(blueprintMock.getHostGroups()).andReturn(hostGroups);
+ EasyMock.expect(blueprintMock.getServices()).andReturn(bpServices);
+ EasyMock.expect(blueprintMock.getStack()).andReturn(stackMock).anyTimes();
+
+ EasyMock.expect(masterHostGroupMock.getName()).andReturn("master").anyTimes();
+ EasyMock.expect(masterHostGroupMock.getConfiguration()).andReturn(masterHostGroupConfigurationMock).anyTimes();
+ EasyMock.expect(masterHostGroupMock.getServices()).andReturn(masterHostGroupServices);
+
+
+ EasyMock.expect(slaveHostGroupMock.getName()).andReturn("slave").anyTimes();
+ EasyMock.expect(slaveHostGroupMock.getConfiguration()).andReturn(slaveHostGroupConfigurationMock).anyTimes();
+ EasyMock.expect(slaveHostGroupMock.getServices()).andReturn(slaveHostGroupServices);
+
+ // there are 2 hostgroups to be considered by the test
+ hostGroups.put("master", masterHostGroupMock);
+ hostGroups.put("slave", slaveHostGroupMock);
+
+ // services in the blueprint
+ bpServices.addAll(Arrays.asList("KERBEROS", "OOZIE"));
+
+ // host group services
+ masterHostGroupServices.addAll(Arrays.asList("KERBEROS"));
+ slaveHostGroupServices.addAll(Arrays.asList("KERBEROS"));
+
+ EasyMock.expect(masterHostGroupConfigurationMock.getProperties()).andReturn(masterHostGroupConfigurationMap);
+ EasyMock.expect(slaveHostGroupConfigurationMock.getProperties()).andReturn(slaveHostGroupConfigurationMap);
+
+ // services in the blueprint
+ bpServices.addAll(Arrays.asList("KERBEROS", "OOZIE"));
+
+ // required properties for listed services
+ EasyMock.expect(stackMock.getRequiredConfigurationProperties("KERBEROS")).
+ andReturn(Arrays.asList(
+ new Stack.ConfigProperty("kerberos-env", "realm", "value"),
+ new Stack.ConfigProperty("kerberos-env", "kdc_type", "value"), // this is missing!
+ new Stack.ConfigProperty("krb5-conf", "domains", "smthg")));
+
+ EasyMock.expect(stackMock.getRequiredConfigurationProperties("OOZIE")).andReturn(Collections.EMPTY_LIST);
+
+ }
+
+ @Test
+ public void testShouldValidationFailWhenNoHostGroupConfigurationProvidedAndRequiredConfigTypesAreMissing() throws Exception {
+
+ // GIVEN
+ // all the configuration comes from the bp, cct hg configs are empty
+ topologyConfigurationMap.put("kerberos-env", new HashMap<String, String>());
+ topologyConfigurationMap.get("kerberos-env").put("realm", "etwas");
+ topologyConfigurationMap.get("kerberos-env").put("kdc_type", "mit-kdc");
+
+ // note, that the krb-5 config type is missing! (see the required properties in the fixture!)
+ missingProps.put("slave", Arrays.asList("domains"));
+ missingProps.put("master", Arrays.asList("domains"));
+
+ replayAll();
+
+ // WHEN
+ String expectedMsg = String.format("Missing required properties. Specify a value for these properties in the blueprint or cluster creation template configuration. %s", missingProps);
+ String actualMsg = "";
+ try {
+ testSubject.validate(clusterTopologyMock);
+ } catch (InvalidTopologyException e) {
+ actualMsg = e.getMessage();
+ }
+
+ // THEN
+ // Exception is thrown, as the krb5-conf typeeis not provided
+ Assert.assertEquals("The exception message should be the expected one", expectedMsg, actualMsg);
+ }
+
+ @Test
+ public void testShouldValidationFailWhenNoHostGroupConfigurationProvidedAndRequiredPropertiesAreMissing() throws Exception {
+ // GIVEN
+
+ // configuration from the blueprint / cluster creation template
+ topologyConfigurationMap.put("kerberos-env", new HashMap<String, String>());
+ topologyConfigurationMap.get("kerberos-env").put("realm", "etwas");
+
+ // note, that tehe kdc_type is mssing from the operational config
+
+ topologyConfigurationMap.put("krb5-conf", new HashMap<String, String>());
+ topologyConfigurationMap.get("krb5-conf").put("domains", "smthg");
+
+ missingProps.put("master", Arrays.asList("kdc_type"));
+ missingProps.put("slave", Arrays.asList("kdc_type"));
+
+ replayAll();
+
+ // WHEN
+ String expectedMsg = String.format("Missing required properties. Specify a value for these properties in the blueprint or cluster creation template configuration. %s", missingProps);
+ String actualMsg = "";
+ try {
+ testSubject.validate(clusterTopologyMock);
+ } catch (InvalidTopologyException e) {
+ actualMsg = e.getMessage();
+ }
+
+ // THEN
+ // Exception is thrown, as the krb5-conf typee is not provideds
+ Assert.assertEquals("The exception message should be the expected one", expectedMsg, actualMsg);
+
+ }
+
+
+ @Test
+ public void testShouldValidationFailWhenHostGroupConfigurationProvidedAndRequiredConfigTypesAreMissingFromBothHostgroups() throws Exception {
+ // GIVEN
+ // configuration come in the host groups, there are missing config types in both hostgroups
+
+ missingProps.put("master", Arrays.asList("kdc_type", "domains", "realm"));
+ missingProps.put("slave", Arrays.asList("kdc_type", "domains", "realm"));
+
+ replayAll();
+
+ // WHEN
+ String expectedMsg = String.format("Missing required properties. Specify a value for these properties in the blueprint or cluster creation template configuration. %s", missingProps);
+ String actualMsg = "";
+ try {
+ testSubject.validate(clusterTopologyMock);
+ } catch (InvalidTopologyException e) {
+ actualMsg = e.getMessage();
+ }
+
+ // THEN
+ // Exception is thrown, as the krb5-conf typee is not provideds
+ Assert.assertEquals("The exception message should be the expected one", expectedMsg, actualMsg);
+ }
+
+ @Test
+ public void testShouldValidationFailWhenHostGroupConfigurationProvidedAndRequiredConfigTypesAreMissingFromSlaveHostgroup() throws Exception {
+ // GIVEN
+ // configuration come in the host groups, there are missing config types in both hostgroups
+ masterHostGroupConfigurationMap.put("kerberos-env", new HashMap<String, String>());
+ masterHostGroupConfigurationMap.get("kerberos-env").put("realm", "etwas");
+ masterHostGroupConfigurationMap.get("kerberos-env").put("kdc_type", "mit-kdc");
+ masterHostGroupConfigurationMap.put("krb5-conf", new HashMap<String, String>());
+ masterHostGroupConfigurationMap.get("krb5-conf").put("domains", "smthg");
+
+ missingProps.put("slave", Arrays.asList("kdc_type", "domains", "realm"));
+
+ replayAll();
+
+ // WHEN
+ String expectedMsg = String.format("Missing required properties. Specify a value for these properties in the blueprint or cluster creation template configuration. %s", missingProps);
+ String actualMsg = "";
+ try {
+ testSubject.validate(clusterTopologyMock);
+ } catch (InvalidTopologyException e) {
+ actualMsg = e.getMessage();
+ }
+
+ // THEN
+ // Exception is thrown, as the krb5-conf typee is not provideds
+ Assert.assertEquals("The exception message should be the expected one", expectedMsg, actualMsg);
+ }
+
+ @Test
+ public void testShouldValidationPassWhenAllRequiredPropertiesAreProvidedInHostGroupConfiguration() throws Exception {
+ // GIVEN
+
+ masterHostGroupConfigurationMap.put("kerberos-env", new HashMap<String, String>());
+ masterHostGroupConfigurationMap.get("kerberos-env").put("realm", "etwas");
+ masterHostGroupConfigurationMap.get("kerberos-env").put("kdc_type", "mit-kdc");
+ masterHostGroupConfigurationMap.put("krb5-conf", new HashMap<String, String>());
+ masterHostGroupConfigurationMap.get("krb5-conf").put("domains", "smthg");
+
+ slaveHostGroupConfigurationMap.put("kerberos-env", new HashMap<String, String>());
+ slaveHostGroupConfigurationMap.get("kerberos-env").put("realm", "etwas");
+ slaveHostGroupConfigurationMap.get("kerberos-env").put("kdc_type", "mit-kdc");
+ slaveHostGroupConfigurationMap.put("krb5-conf", new HashMap<String, String>());
+ slaveHostGroupConfigurationMap.get("krb5-conf").put("domains", "smthg");
+
+ replayAll();
+
+ // WHEN
+
+ testSubject.validate(clusterTopologyMock);
+
+ // THEN
+ // no exceptions thrown
+
+ }
+
+
+ @Test
+ public void testShouldValidationPassWhenAllRequiredPropertiesAreProvidedInTopologyConfiguration() throws Exception {
+ // GIVEN
+ // configuration from the blueprint / cluster creation template
+ topologyConfigurationMap.put("kerberos-env", new HashMap<String, String>());
+ topologyConfigurationMap.get("kerberos-env").put("realm", "etwas");
+ topologyConfigurationMap.get("kerberos-env").put("kdc_type", "value");
+
+ topologyConfigurationMap.put("krb5-conf", new HashMap<String, String>());
+ topologyConfigurationMap.get("krb5-conf").put("domains", "smthg");
+
+ replayAll();
+
+ // WHEN
+ testSubject.validate(clusterTopologyMock);
+
+ // THEN
+ // no exceptions thrown
+
+ }
+
+}
\ No newline at end of file
[12/26] ambari git commit: AMBARI-20977. Journalnode should support
bulk restart o start or stop in hosts' page (zhangxiaolu via alejandro)
Posted by jo...@apache.org.
AMBARI-20977. Journalnode should support bulk restart o start or stop in hosts' page (zhangxiaolu via alejandro)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/023c819a
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/023c819a
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/023c819a
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: 023c819a3d05c5bd8fbf1933930fbc5ddfda6e16
Parents: 1d46f23
Author: Alejandro Fernandez <af...@hortonworks.com>
Authored: Thu May 11 15:21:29 2017 -0700
Committer: Alejandro Fernandez <af...@hortonworks.com>
Committed: Thu May 11 15:21:45 2017 -0700
----------------------------------------------------------------------
.../main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml | 4 ++++
1 file changed, 4 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/023c819a/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml b/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml
index 0606883..3e1a7ae 100644
--- a/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml
+++ b/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/metainfo.xml
@@ -199,6 +199,10 @@
<scriptType>PYTHON</scriptType>
<timeout>1200</timeout>
</commandScript>
+ <bulkCommands>
+ <displayName>JournalNodes</displayName>
+ <masterComponent>NAMENODE</masterComponent>
+ </bulkCommands>
<logs>
<log>
<logId>hdfs_journalnode</logId>
[04/26] ambari git commit: AMBARI-20726 - Aggregate alert does not
show status properly at Maintenance Mode change (Qin Liu via jonathanhurley)
Posted by jo...@apache.org.
AMBARI-20726 - Aggregate alert does not show status properly at Maintenance Mode change (Qin Liu via jonathanhurley)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/a60f1328
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/a60f1328
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/a60f1328
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: a60f1328bfcf3cfa8ae90ecc59bdc8b51e6daa65
Parents: c12c320
Author: Jonathan Hurley <jh...@hortonworks.com>
Authored: Wed May 10 17:04:33 2017 -0400
Committer: Jonathan Hurley <jh...@hortonworks.com>
Committed: Wed May 10 17:04:33 2017 -0400
----------------------------------------------------------------------
.../alerts/AlertMaintenanceModeListener.java | 60 +++++++++++++++++---
.../apache/ambari/server/state/AlertState.java | 4 ++
.../AlertMaintenanceModeListenerTest.java | 4 ++
3 files changed, 60 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/a60f1328/ambari-server/src/main/java/org/apache/ambari/server/events/listeners/alerts/AlertMaintenanceModeListener.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/events/listeners/alerts/AlertMaintenanceModeListener.java b/ambari-server/src/main/java/org/apache/ambari/server/events/listeners/alerts/AlertMaintenanceModeListener.java
index 847a207..1197589 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/events/listeners/alerts/AlertMaintenanceModeListener.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/events/listeners/alerts/AlertMaintenanceModeListener.java
@@ -20,17 +20,22 @@ package org.apache.ambari.server.events.listeners.alerts;
import java.util.List;
import org.apache.ambari.server.EagerSingleton;
+import org.apache.ambari.server.events.AggregateAlertRecalculateEvent;
+import org.apache.ambari.server.events.AlertEvent;
import org.apache.ambari.server.events.MaintenanceModeEvent;
+import org.apache.ambari.server.events.publishers.AlertEventPublisher;
import org.apache.ambari.server.events.publishers.AmbariEventPublisher;
import org.apache.ambari.server.orm.dao.AlertsDAO;
import org.apache.ambari.server.orm.entities.AlertCurrentEntity;
import org.apache.ambari.server.orm.entities.AlertDefinitionEntity;
import org.apache.ambari.server.orm.entities.AlertHistoryEntity;
import org.apache.ambari.server.orm.entities.AlertNoticeEntity;
+import org.apache.ambari.server.state.AlertState;
import org.apache.ambari.server.state.Host;
import org.apache.ambari.server.state.MaintenanceState;
import org.apache.ambari.server.state.Service;
import org.apache.ambari.server.state.ServiceComponentHost;
+import org.apache.ambari.server.state.alert.AggregateDefinitionMapping;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -52,12 +57,26 @@ public class AlertMaintenanceModeListener {
private static Logger LOG = LoggerFactory.getLogger(AlertMaintenanceModeListener.class);
/**
+ * Publishes {@link AlertEvent} instances.
+ */
+ @Inject
+ private AlertEventPublisher m_alertEventPublisher;
+
+ /**
* Used for updating the MM of current alerts.
*/
@Inject
private AlertsDAO m_alertsDao = null;
/**
+ * Used for quick lookups of aggregate alerts.
+ */
+ @Inject
+ private AggregateDefinitionMapping m_aggregateMapping;
+
+ private long clusterId = -1;
+
+ /**
* Constructor.
*
* @param publisher
@@ -81,6 +100,7 @@ public class AlertMaintenanceModeListener {
public void onEvent(MaintenanceModeEvent event) {
LOG.debug("Received event {}", event);
+ boolean recalculateAggregateAlert = false;
List<AlertCurrentEntity> currentAlerts = m_alertsDao.findCurrent();
MaintenanceState newMaintenanceState = MaintenanceState.OFF;
@@ -104,14 +124,16 @@ public class AlertMaintenanceModeListener {
if( null != host ){
String hostName = host.getHostName();
if( hostName.equals( alertHostName ) ){
- updateMaintenanceState(currentAlert, newMaintenanceState);
+ if (updateMaintenanceStateAndRecalculateAggregateAlert(history, currentAlert, newMaintenanceState))
+ recalculateAggregateAlert = true;
continue;
}
} else if( null != service ){
// service level maintenance
String serviceName = service.getName();
if( serviceName.equals(alertServiceName)){
- updateMaintenanceState(currentAlert, newMaintenanceState);
+ if (updateMaintenanceStateAndRecalculateAggregateAlert(history, currentAlert, newMaintenanceState))
+ recalculateAggregateAlert = true;
continue;
}
} else if( null != serviceComponentHost ){
@@ -123,7 +145,8 @@ public class AlertMaintenanceModeListener {
// match on all 3 for a service component
if (hostName.equals(alertHostName) && serviceName.equals(alertServiceName)
&& componentName.equals(alertComponentName)) {
- updateMaintenanceState(currentAlert, newMaintenanceState);
+ if (updateMaintenanceStateAndRecalculateAggregateAlert(history, currentAlert, newMaintenanceState))
+ recalculateAggregateAlert = true;
continue;
}
}
@@ -133,35 +156,56 @@ public class AlertMaintenanceModeListener {
definition.getDefinitionName(), alertHostName, exception);
}
}
+
+ if (recalculateAggregateAlert) {
+ // publish the event to recalculate aggregates
+ m_alertEventPublisher.publish(new AggregateAlertRecalculateEvent(clusterId));
+ }
}
/**
* Updates the maintenance state of the specified alert if different than the
- * supplied maintenance state.
+ * supplied maintenance state. And recalcualte aggregates if the maintenance state
+ * is changed and there is an aggregate alert for the specified alert if it is
+ * in CRITICAL or WARNING state.
*
+ * @param historyAlert
+ * the alert to check if having an aggregate alert associated with it.
* @param currentAlert
* the alert to update (not {@code null}).
* @param maintenanceState
* the maintenance state to change to, either
* {@link MaintenanceState#OFF} or {@link MaintenanceState#ON}.
*/
- private void updateMaintenanceState(AlertCurrentEntity currentAlert,
- MaintenanceState maintenanceState) {
+ private boolean updateMaintenanceStateAndRecalculateAggregateAlert (AlertHistoryEntity historyAlert,
+ AlertCurrentEntity currentAlert, MaintenanceState maintenanceState) {
// alerts only care about OFF or ON
if (maintenanceState != MaintenanceState.OFF && maintenanceState != MaintenanceState.ON) {
LOG.warn("Unable to set invalid maintenance state of {} on the alert {}", maintenanceState,
currentAlert.getAlertHistory().getAlertDefinition().getDefinitionName());
- return;
+ return false;
}
MaintenanceState currentState = currentAlert.getMaintenanceState();
if (currentState == maintenanceState) {
- return;
+ return false;
}
currentAlert.setMaintenanceState(maintenanceState);
m_alertsDao.merge(currentAlert);
+
+ AlertState alertState = historyAlert.getAlertState();
+
+ if (AlertState.RECALCULATE_AGGREGATE_ALERT_STATES.contains(alertState)){
+ clusterId = historyAlert.getClusterId();
+ String alertName = historyAlert.getAlertDefinition().getDefinitionName();
+
+ if (m_aggregateMapping.getAggregateDefinition(clusterId, alertName) != null){
+ return true;
+ }
+ }
+ return false;
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/a60f1328/ambari-server/src/main/java/org/apache/ambari/server/state/AlertState.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/AlertState.java b/ambari-server/src/main/java/org/apache/ambari/server/state/AlertState.java
index 8e04eb1..3834472 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/AlertState.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/AlertState.java
@@ -17,6 +17,8 @@
*/
package org.apache.ambari.server.state;
+import java.util.EnumSet;
+
/**
* Represents the state of an alert.
*/
@@ -48,6 +50,8 @@ public enum AlertState {
*/
SKIPPED(4);
+ public static EnumSet<AlertState> RECALCULATE_AGGREGATE_ALERT_STATES = EnumSet.of(CRITICAL, WARNING);
+
private final int intValue;
public int getIntValue() {
http://git-wip-us.apache.org/repos/asf/ambari/blob/a60f1328/ambari-server/src/test/java/org/apache/ambari/server/events/listeners/upgrade/AlertMaintenanceModeListenerTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/events/listeners/upgrade/AlertMaintenanceModeListenerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/events/listeners/upgrade/AlertMaintenanceModeListenerTest.java
index bdc662a..f1d774b 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/events/listeners/upgrade/AlertMaintenanceModeListenerTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/events/listeners/upgrade/AlertMaintenanceModeListenerTest.java
@@ -32,6 +32,7 @@ import org.apache.ambari.server.orm.dao.AlertDefinitionDAO;
import org.apache.ambari.server.orm.dao.AlertsDAO;
import org.apache.ambari.server.orm.entities.AlertCurrentEntity;
import org.apache.ambari.server.orm.entities.AlertHistoryEntity;
+import org.apache.ambari.server.state.AlertState;
import org.apache.ambari.server.state.Cluster;
import org.apache.ambari.server.state.Clusters;
import org.apache.ambari.server.state.Host;
@@ -185,10 +186,12 @@ public class AlertMaintenanceModeListenerTest {
EasyMock.expect(hostHistory.getHostName()).andReturn(HOSTNAME).atLeastOnce();
EasyMock.expect(hostHistory.getServiceName()).andReturn(null).atLeastOnce();
EasyMock.expect(hostHistory.getComponentName()).andReturn(null).atLeastOnce();
+ EasyMock.expect(hostHistory.getAlertState()).andReturn(AlertState.OK).atLeastOnce();
EasyMock.expect(serviceHistory.getHostName()).andReturn(null).atLeastOnce();
EasyMock.expect(serviceHistory.getServiceName()).andReturn(SERVICE).atLeastOnce();
EasyMock.expect(serviceHistory.getComponentName()).andReturn(null).atLeastOnce();
+ EasyMock.expect(serviceHistory.getAlertState()).andReturn(AlertState.OK).atLeastOnce();
if (testType.equals("SCH")) {
EasyMock.expect(componentHistory.getHostName()).andReturn(HOSTNAME).atLeastOnce();
@@ -199,6 +202,7 @@ public class AlertMaintenanceModeListenerTest {
EasyMock.expect(componentHistory.getServiceName()).andReturn(null).atLeastOnce();
EasyMock.expect(componentHistory.getComponentName()).andReturn(COMPONENT).atLeastOnce();
}
+ EasyMock.expect(componentHistory.getAlertState()).andReturn(AlertState.OK).atLeastOnce();
List<AlertCurrentEntity> currentAlerts = new ArrayList<>();
currentAlerts.add(hostAlert);
[15/26] ambari git commit: AMBARI-20990 : writing query properly to
hdfs file for handling unicode characters. (nitirajrathore)
Posted by jo...@apache.org.
AMBARI-20990 : writing query properly to hdfs file for handling unicode characters. (nitirajrathore)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/fffd07c7
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/fffd07c7
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/fffd07c7
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: fffd07c75ba1af09b0ba3fec347bd7a6fff87807
Parents: 461209a
Author: Nitiraj Singh Rathore <ni...@gmail.com>
Authored: Fri May 12 08:52:02 2017 +0530
Committer: Nitiraj Singh Rathore <ni...@gmail.com>
Committed: Fri May 12 08:53:38 2017 +0530
----------------------------------------------------------------------
.../ambari/view/hive2/resources/files/FileService.java | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/fffd07c7/contrib/views/hive-next/src/main/java/org/apache/ambari/view/hive2/resources/files/FileService.java
----------------------------------------------------------------------
diff --git a/contrib/views/hive-next/src/main/java/org/apache/ambari/view/hive2/resources/files/FileService.java b/contrib/views/hive-next/src/main/java/org/apache/ambari/view/hive2/resources/files/FileService.java
index 64880bb..88f8df1 100644
--- a/contrib/views/hive-next/src/main/java/org/apache/ambari/view/hive2/resources/files/FileService.java
+++ b/contrib/views/hive-next/src/main/java/org/apache/ambari/view/hive2/resources/files/FileService.java
@@ -185,9 +185,9 @@ public class FileService extends BaseService {
try {
filePath = sanitizeFilePath(filePath);
LOG.debug("Rewriting file " + filePath);
- FSDataOutputStream output = getSharedObjectsFactory().getHdfsApi().create(filePath, true);
- output.writeBytes(request.file.getFileContent());
- output.close();
+ HdfsApi hdfsApi = getSharedObjectsFactory().getHdfsApi();
+ HdfsUtil.putStringToFile(hdfsApi, filePath,
+ request.file.getFileContent());
return Response.status(204).build();
} catch (WebApplicationException ex) {
throw ex;
@@ -209,7 +209,7 @@ public class FileService extends BaseService {
try {
FSDataOutputStream output = getSharedObjectsFactory().getHdfsApi().create(request.file.getFilePath(), false);
if (request.file.getFileContent() != null) {
- output.writeBytes(request.file.getFileContent());
+ output.write(request.file.getFileContent().getBytes());
}
output.close();
} catch (FileAlreadyExistsException ex) {