You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ja...@apache.org on 2015/10/27 01:46:45 UTC
ambari git commit: Ambari-13557. Add Admin,
usersync and Audit tab in Ranger theme for Ranger 0.4.0 (HDP-2.2
stack). (jaimin)
Repository: ambari
Updated Branches:
refs/heads/branch-2.1 15c0ce192 -> b5f4d7a1e
Ambari-13557. Add Admin, usersync and Audit tab in Ranger theme for Ranger 0.4.0 (HDP-2.2 stack). (jaimin)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/b5f4d7a1
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/b5f4d7a1
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/b5f4d7a1
Branch: refs/heads/branch-2.1
Commit: b5f4d7a1e6c7d30263747a31b00c95d291c64cbc
Parents: 15c0ce1
Author: Jaimin Jetly <ja...@hortonworks.com>
Authored: Mon Oct 26 11:05:29 2015 -0700
Committer: Jaimin Jetly <ja...@hortonworks.com>
Committed: Mon Oct 26 17:45:53 2015 -0700
----------------------------------------------------------------------
.../ranger-knox-plugin-properties.xml | 20 +-
.../RANGER/0.4.0/configuration/ranger-env.xml | 80 +++
.../0.4.0/configuration/usersync-properties.xml | 47 +-
.../stacks/HDP/2.0.6/services/stack_advisor.py | 71 ++-
.../ranger-hbase-plugin-properties.xml | 21 +-
.../ranger-hdfs-plugin-properties.xml | 20 +-
.../ranger-hive-plugin-properties.xml | 22 +-
.../services/RANGER/themes/theme_version_1.json | 539 +++++++++++++++++++
.../ranger-storm-plugin-properties.xml | 20 +-
.../RANGER/configuration/admin-properties.xml | 2 -
.../RANGER/configuration/ranger-env.xml | 70 +--
.../services/RANGER/themes/theme_version_2.json | 13 +-
.../stacks/HDP/2.3/services/stack_advisor.py | 4 +-
.../stacks/2.0.6/common/test_stack_advisor.py | 71 ++-
ambari-server/src/test/python/unitTests.py | 5 +-
ambari-web/app/data/HDP2.2/site_properties.js | 81 ---
ambari-web/app/data/HDP2.3/site_properties.js | 7 -
17 files changed, 909 insertions(+), 184 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/configuration/ranger-knox-plugin-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/configuration/ranger-knox-plugin-properties.xml b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/configuration/ranger-knox-plugin-properties.xml
index f530330..1b5c6cb 100644
--- a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/configuration/ranger-knox-plugin-properties.xml
+++ b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/configuration/ranger-knox-plugin-properties.xml
@@ -81,6 +81,12 @@
<value-attributes>
<type>boolean</type>
</value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.db</name>
+ </property>
+ </depends-on>
</property>
<property>
@@ -91,12 +97,24 @@
<value-attributes>
<type>boolean</type>
</value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs</name>
+ </property>
+ </depends-on>
</property>
<property>
<name>XAAUDIT.HDFS.DESTINATION_DIRECTORY</name>
- <value>hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
+ <value>hdfs://localhost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
<description></description>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs.dir</name>
+ </property>
+ </depends-on>
</property>
<property>
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/common-services/RANGER/0.4.0/configuration/ranger-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/configuration/ranger-env.xml b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/configuration/ranger-env.xml
index 59b7d9e..459d5ec 100644
--- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/configuration/ranger-env.xml
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/configuration/ranger-env.xml
@@ -214,4 +214,84 @@
<selection-cardinality>1</selection-cardinality>
</value-attributes>
</property>
+
+ <property>
+ <name>bind_anonymous</name>
+ <display-name>Bind Anonymous</display-name>
+ <value>false</value>
+ <value-attributes>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>Yes</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>No</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ </property>
+
+ <property>
+ <name>xasecure.audit.destination.hdfs</name>
+ <value>false</value>
+ <display-name>Audit to HDFS</display-name>
+ <description>Enable Audit to HDFS for all ranger supported services. This property is overridable at service level</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ </property>
+
+ <property>
+ <name>xasecure.audit.destination.hdfs.dir</name>
+ <value>hdfs://localhost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
+ <display-name>Destination HDFS Directory</display-name>
+ <description>HDFS folder to write audit to, make sure all service user has required permissions. This property is overridable at service level</description>
+ <depends-on>
+ <property>
+ <type>core-site</type>
+ <name>fs.defaultFS</name>
+ </property>
+ </depends-on>
+ </property>
+
+ <property>
+ <name>xasecure.audit.destination.db</name>
+ <value>true</value>
+ <display-name>Audit to DB</display-name>
+ <description>Enable Audit to DB for all ranger supported services. This property is overridable at service level</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ </property>
+
</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/common-services/RANGER/0.4.0/configuration/usersync-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/configuration/usersync-properties.xml b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/configuration/usersync-properties.xml
index 742e971..007f6a4 100644
--- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/configuration/usersync-properties.xml
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/configuration/usersync-properties.xml
@@ -23,10 +23,31 @@
<property>
<name>SYNC_SOURCE</name>
<value>unix</value>
- <description></description>
+ <display-name>Sync Source</display-name>
+ <description>Sync Source</description>
+ <value-attributes>
+ <type>value-list</type>
+ <overridable>false</overridable>
+ <entries>
+ <entry>
+ <value>unix</value>
+ <label>UNIX</label>
+ </entry>
+ <entry>
+ <value>file</value>
+ <label>FILE</label>
+ </entry>
+ <entry>
+ <value>ldap</value>
+ <label>LDAP/AD</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
</property>
<property>
<name>MIN_UNIX_USER_ID_TO_SYNC</name>
+ <display-name>Minimum User ID</display-name>
<value>1000</value>
<description></description>
</property>
@@ -42,17 +63,20 @@
</property>
<property>
<name>SYNC_LDAP_URL</name>
- <value>ldap://localhost:389</value>
- <description>a sample value would be: ldap://ldap.example.com:389</description>
+ <display-name>LDAP (AD) URL</display-name>
+ <value></value>
+ <description>LDAP server URL. Example value = ldap://localhost:389</description>
</property>
<property>
<name>SYNC_LDAP_BIND_DN</name>
- <value>cn=admin,dc=xasecure,dc=net</value>
- <description>a sample value would be cn=admin,ou=users,dc=hadoop,dc=apache,dc-org</description>
+ <display-name>Bind User</display-name>
+ <value></value>
+ <description>Full distinguished name (DN), including common name (CN), of an LDAP user account that has privileges to search for users. Example: cn=admin,ou=users,dc=hadoop,dc=apache,dc-org</description>
</property>
<property>
<name>SYNC_LDAP_BIND_PASSWORD</name>
- <value>admin321</value>
+ <display-name>Bind User Password</display-name>
+ <value></value>
<property-type>PASSWORD</property-type>
<description></description>
</property>
@@ -63,34 +87,37 @@
</property>
<property>
<name>SYNC_LDAP_USER_SEARCH_BASE</name>
- <value>ou=users,dc=xasecure,dc=net</value>
+ <display-name>User Search Base</display-name>
+ <value></value>
<description>sample value would be ou=users,dc=hadoop,dc=apache,dc=org</description>
</property>
<property>
<name>SYNC_LDAP_USER_SEARCH_SCOPE</name>
+ <display-name>User Search Scope</display-name>
<value>sub</value>
<description>default value: sub</description>
</property>
<property>
<name>SYNC_LDAP_USER_OBJECT_CLASS</name>
+ <display-name>User Object Class</display-name>
<value>person</value>
<description>default value: person</description>
</property>
<property>
<name>SYNC_LDAP_USER_SEARCH_FILTER</name>
+ <display-name>User Search Filter</display-name>
<value></value>
<description>default value is empty</description>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
</property>
<property>
<name>SYNC_LDAP_USER_NAME_ATTRIBUTE</name>
+ <display-name>Username Attribute</display-name>
<value>cn</value>
<description>default value: cn</description>
</property>
<property>
<name>SYNC_LDAP_USER_GROUP_NAME_ATTRIBUTE</name>
+ <display-name>User Group Name Attribute</display-name>
<value>memberof,ismemberof</value>
<description></description>
</property>
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/stack_advisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/stack_advisor.py b/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/stack_advisor.py
index d62f44b..1b38233 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/stack_advisor.py
+++ b/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/stack_advisor.py
@@ -305,23 +305,64 @@ class HDP206StackAdvisor(DefaultStackAdvisor):
policymgr_external_url = "%s://%s:%s" % (protocol, ranger_admin_host, port)
putRangerAdminProperty('policymgr_external_url', policymgr_external_url)
- # Recommend ldap settings based on ambari.properties configuration
- # If 'ambari.ldap.isConfigured' == true
- # For stack_version 2.2
stackVersion = services["Versions"]["stack_version"]
- if stackVersion == '2.2' and 'ambari-server-properties' in services and \
+ if stackVersion == '2.2':
+ # Recommend ldap settings based on ambari.properties configuration
+ # If 'ambari.ldap.isConfigured' == true
+ # For stack_version 2.2
+ if 'ambari-server-properties' in services and \
'ambari.ldap.isConfigured' in services['ambari-server-properties'] and \
- services['ambari-server-properties']['ambari.ldap.isConfigured'].lower() == "true":
- putUserSyncProperty = self.putProperty(configurations, "usersync-properties", services)
- serverProperties = services['ambari-server-properties']
- if 'authentication.ldap.managerDn' in serverProperties:
- putUserSyncProperty('SYNC_LDAP_BIND_DN', serverProperties['authentication.ldap.managerDn'])
- if 'authentication.ldap.primaryUrl' in serverProperties:
- putUserSyncProperty('SYNC_LDAP_URL', serverProperties['authentication.ldap.primaryUrl'])
- if 'authentication.ldap.userObjectClass' in serverProperties:
- putUserSyncProperty('SYNC_LDAP_USER_OBJECT_CLASS', serverProperties['authentication.ldap.userObjectClass'])
- if 'authentication.ldap.usernameAttribute' in serverProperties:
- putUserSyncProperty('SYNC_LDAP_USER_NAME_ATTRIBUTE', serverProperties['authentication.ldap.usernameAttribute'])
+ services['ambari-server-properties']['ambari.ldap.isConfigured'].lower() == "true":
+ putUserSyncProperty = self.putProperty(configurations, "usersync-properties", services)
+ serverProperties = services['ambari-server-properties']
+ if 'authentication.ldap.managerDn' in serverProperties:
+ putUserSyncProperty('SYNC_LDAP_BIND_DN', serverProperties['authentication.ldap.managerDn'])
+ if 'authentication.ldap.primaryUrl' in serverProperties:
+ putUserSyncProperty('SYNC_LDAP_URL', serverProperties['authentication.ldap.primaryUrl'])
+ if 'authentication.ldap.userObjectClass' in serverProperties:
+ putUserSyncProperty('SYNC_LDAP_USER_OBJECT_CLASS', serverProperties['authentication.ldap.userObjectClass'])
+ if 'authentication.ldap.usernameAttribute' in serverProperties:
+ putUserSyncProperty('SYNC_LDAP_USER_NAME_ATTRIBUTE', serverProperties['authentication.ldap.usernameAttribute'])
+
+ # Recommend xasecure.audit.destination.hdfs.dir
+ # For stack_version 2.2
+ servicesList = [service["StackServices"]["service_name"] for service in services["services"]]
+ putRangerEnvProperty = self.putProperty(configurations, "ranger-env", services)
+ include_hdfs = "HDFS" in servicesList
+ if include_hdfs:
+ if 'core-site' in services['configurations'] and ('fs.defaultFS' in services['configurations']['core-site']['properties']):
+ default_fs = services['configurations']['core-site']['properties']['fs.defaultFS']
+ default_fs += '/ranger/audit/%app-type%/%time:yyyyMMdd%'
+ putRangerEnvProperty('xasecure.audit.destination.hdfs.dir', default_fs)
+
+ # Recommend Ranger Audit properties for ranger supported services
+ # For stack_version 2.2
+ ranger_services = [
+ {'service_name': 'HDFS', 'audit_file': 'ranger-hdfs-plugin-properties'},
+ {'service_name': 'HBASE', 'audit_file': 'ranger-hbase-plugin-properties'},
+ {'service_name': 'HIVE', 'audit_file': 'ranger-hive-plugin-properties'},
+ {'service_name': 'KNOX', 'audit_file': 'ranger-knox-plugin-properties'},
+ {'service_name': 'STORM', 'audit_file': 'ranger-storm-plugin-properties'}
+ ]
+
+ for item in range(len(ranger_services)):
+ if ranger_services[item]['service_name'] in servicesList:
+ component_audit_file = ranger_services[item]['audit_file']
+ if component_audit_file in services["configurations"]:
+ ranger_audit_dict = [
+ {'filename': 'ranger-env', 'configname': 'xasecure.audit.destination.db', 'target_configname': 'XAAUDIT.DB.IS_ENABLED'},
+ {'filename': 'ranger-env', 'configname': 'xasecure.audit.destination.hdfs', 'target_configname': 'XAAUDIT.HDFS.IS_ENABLED'},
+ {'filename': 'ranger-env', 'configname': 'xasecure.audit.destination.hdfs.dir', 'target_configname': 'XAAUDIT.HDFS.DESTINATION_DIRECTORY'}
+ ]
+ putRangerAuditProperty = self.putProperty(configurations, component_audit_file, services)
+
+ for item in ranger_audit_dict:
+ if item['filename'] in services["configurations"] and item['configname'] in services["configurations"][item['filename']]["properties"]:
+ if item['filename'] in configurations and item['configname'] in configurations[item['filename']]["properties"]:
+ rangerAuditProperty = configurations[item['filename']]["properties"][item['configname']]
+ else:
+ rangerAuditProperty = services["configurations"][item['filename']]["properties"][item['configname']]
+ putRangerAuditProperty(item['target_configname'], rangerAuditProperty)
def getAmsMemoryRecommendation(self, services, hosts):
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/stacks/HDP/2.2/services/HBASE/configuration/ranger-hbase-plugin-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/HBASE/configuration/ranger-hbase-plugin-properties.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/HBASE/configuration/ranger-hbase-plugin-properties.xml
index 77fdc1a..036681c 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/HBASE/configuration/ranger-hbase-plugin-properties.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/HBASE/configuration/ranger-hbase-plugin-properties.xml
@@ -75,6 +75,12 @@
<value-attributes>
<type>boolean</type>
</value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.db</name>
+ </property>
+ </depends-on>
</property>
<property>
@@ -85,13 +91,24 @@
<value-attributes>
<type>boolean</type>
</value-attributes>
-
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs</name>
+ </property>
+ </depends-on>
</property>
<property>
<name>XAAUDIT.HDFS.DESTINATION_DIRECTORY</name>
- <value>hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
+ <value>hdfs://localhost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
<description></description>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs.dir</name>
+ </property>
+ </depends-on>
</property>
<property>
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/ranger-hdfs-plugin-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/ranger-hdfs-plugin-properties.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/ranger-hdfs-plugin-properties.xml
index 68da87e..185ea5d 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/ranger-hdfs-plugin-properties.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/ranger-hdfs-plugin-properties.xml
@@ -81,6 +81,12 @@
<value-attributes>
<type>boolean</type>
</value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.db</name>
+ </property>
+ </depends-on>
</property>
<property>
@@ -91,13 +97,25 @@
<value-attributes>
<type>boolean</type>
</value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs</name>
+ </property>
+ </depends-on>
</property>
<property>
<name>XAAUDIT.HDFS.DESTINATION_DIRECTORY</name>
- <value>hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+ <value>hdfs://localhost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
</value>
<description></description>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs.dir</name>
+ </property>
+ </depends-on>
</property>
<property>
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/stacks/HDP/2.2/services/HIVE/configuration/ranger-hive-plugin-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/HIVE/configuration/ranger-hive-plugin-properties.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/HIVE/configuration/ranger-hive-plugin-properties.xml
index 3eb3c0f..4fc1423 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/HIVE/configuration/ranger-hive-plugin-properties.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/HIVE/configuration/ranger-hive-plugin-properties.xml
@@ -64,6 +64,12 @@
<value-attributes>
<type>boolean</type>
</value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.db</name>
+ </property>
+ </depends-on>
</property>
<property>
@@ -74,12 +80,24 @@
<value-attributes>
<type>boolean</type>
</value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs</name>
+ </property>
+ </depends-on>
</property>
<property>
<name>XAAUDIT.HDFS.DESTINATION_DIRECTORY</name>
- <value>hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
- <description></description>
+ <value>hdfs://localhost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
+ <description></description>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs.dir</name>
+ </property>
+ </depends-on>
</property>
<property>
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/stacks/HDP/2.2/services/RANGER/themes/theme_version_1.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/RANGER/themes/theme_version_1.json b/ambari-server/src/main/resources/stacks/HDP/2.2/services/RANGER/themes/theme_version_1.json
index 23f1a0b..a72e08e 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/RANGER/themes/theme_version_1.json
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/RANGER/themes/theme_version_1.json
@@ -7,6 +7,131 @@
"name": "default",
"tabs": [
{
+ "name": "ranger_admin_settings",
+ "display-name": "Ranger Admin",
+ "layout": {
+ "tab-columns": "2",
+ "tab-rows": "2",
+ "sections": [
+ {
+ "name": "section-ranger-admin",
+ "display-name": "Ranger Admin",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "3",
+ "column-span": "2",
+ "section-columns": "2",
+ "section-rows": "3",
+ "subsections": [
+ {
+ "name": "subsection-ranger-db-row1-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-db-row1-col2",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-db-root-user-col1",
+ "row-index": "1",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-db-root-user-col2",
+ "row-index": "1",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "name": "ranger_user_info",
+ "display-name": "Ranger User Info",
+ "layout": {
+ "tab-columns": "1",
+ "tab-rows": "1",
+ "sections": [
+ {
+ "name": "section-user-info",
+ "display-name": "Ranger User Info",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "2",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "2",
+ "subsections": [
+ {
+ "name": "subsection-ranger-user-row2-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "subsection-tabs": [
+ {
+ "name": "ldap-common-configs",
+ "display-name": "Common Configs",
+ "depends-on": [
+ {
+ "configs": [
+ "usersync-properties/SYNC_SOURCE"
+ ],
+ "if": "${usersync-properties/SYNC_SOURCE} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "name": "ldap-user-configs",
+ "display-name": "User Configs",
+ "depends-on": [
+ {
+ "configs": [
+ "usersync-properties/SYNC_SOURCE"
+ ],
+ "if": "${usersync-properties/SYNC_SOURCE} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ },
+ {
"name": "ranger_plugin",
"display-name": "Ranger Plugin",
"layout": {
@@ -48,6 +173,61 @@
}
]
}
+ },
+ {
+ "name": "ranger_audit_settings",
+ "display-name": "Ranger Audit",
+ "layout": {
+ "tab-columns": "1",
+ "tab-rows": "2",
+ "sections": [
+ {
+ "name": "section-ranger-audit-hdfs",
+ "display-name": "Audit to HDFS",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-hdfs-row1-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ },
+ {
+ "name": "section-ranger-audit-db",
+ "display-name": "Audit to DB",
+ "row-index": "1",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-ranger-audit-db-row2-col1",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ },
+ {
+ "name": "subsection-ranger-audit-db-row2-col2",
+ "row-index": "0",
+ "column-index": "1",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ }
+ ]
+ }
}
]
}
@@ -56,6 +236,161 @@
"configuration-layout": "default",
"configs": [
{
+ "config": "admin-properties/DB_FLAVOR",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "admin-properties/db_name",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "admin-properties/db_user",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "ranger-admin-site/ranger.jpa.jdbc.url",
+ "subsection-name": "subsection-ranger-db-row1-col1"
+ },
+ {
+ "config": "admin-properties/db_host",
+ "subsection-name": "subsection-ranger-db-row1-col2"
+ },
+ {
+ "config": "ranger-admin-site/ranger.jpa.jdbc.driver",
+ "subsection-name": "subsection-ranger-db-row1-col2"
+ },
+ {
+ "config": "admin-properties/db_password",
+ "subsection-name": "subsection-ranger-db-row1-col2"
+ },
+ {
+ "config": "admin-properties/db_root_user",
+ "subsection-name": "subsection-ranger-db-root-user-col1"
+ },
+ {
+ "config": "admin-properties/db_root_password",
+ "subsection-name": "subsection-ranger-db-root-user-col2"
+ },
+ {
+ "config": "usersync-properties/SYNC_SOURCE",
+ "subsection-name": "subsection-ranger-user-row2-col1"
+ },
+
+ {
+ "config": "usersync-properties/MIN_UNIX_USER_ID_TO_SYNC",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "usersync-properties/SYNC_SOURCE"
+ ],
+ "if": "${usersync-properties/SYNC_SOURCE} === unix",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_URL",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs"
+ },
+ {
+ "config": "admin-properties/xa_ldap_ad_domain",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs"
+ },
+ {
+ "config": "ranger-env/bind_anonymous",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_BIND_DN",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/bind_anonymous"
+ ],
+ "if": "${ranger-env/bind_anonymous}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_BIND_PASSWORD",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-common-configs",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/bind_anonymous"
+ ],
+ "if": "${ranger-env/bind_anonymous}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_NAME_ATTRIBUTE",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_OBJECT_CLASS",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_BASE",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_FILTER",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_SCOPE",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_GROUP_NAME_ATTRIBUTE",
+ "subsection-name": "subsection-ranger-user-row2-col1",
+ "subsection-tab-name": "ldap-user-configs"
+ },
+ {
"config": "ranger-env/ranger-hdfs-plugin-enabled",
"subsection-name": "section-ranger-plugin-row1-col1",
"depends-on": [
@@ -154,11 +489,179 @@
}
}
]
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs",
+ "subsection-name": "subsection-ranger-hdfs-row1-col1"
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs.dir",
+ "subsection-name": "subsection-ranger-hdfs-row1-col1",
+ "depends-on": [
+ {
+ "configs":[
+ "ranger-env/xasecure.audit.destination.hdfs"
+ ],
+ "if": "${ranger-env/xasecure.audit.destination.hdfs}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.db",
+ "subsection-name": "subsection-ranger-audit-db-row2-col1"
+ },
+ {
+ "config": "admin-properties/audit_db_user",
+ "subsection-name": "subsection-ranger-audit-db-row2-col1"
+ },
+ {
+ "config": "admin-properties/audit_db_name",
+ "subsection-name": "subsection-ranger-audit-db-row2-col2"
+ },
+ {
+ "config": "admin-properties/audit_db_password",
+ "subsection-name": "subsection-ranger-audit-db-row2-col2"
}
]
},
"widgets": [
{
+ "config": "admin-properties/DB_FLAVOR",
+ "widget": {
+ "type": "combo"
+ }
+ },
+ {
+ "config": "admin-properties/db_user",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_name",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-admin-site/ranger.jpa.jdbc.url",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_host",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_password",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "admin-properties/db_root_user",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/db_root_password",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_SOURCE",
+ "widget": {
+ "type": "combo"
+ }
+ },
+ {
+ "config": "usersync-properties/MIN_UNIX_USER_ID_TO_SYNC",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_URL",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/xa_ldap_ad_domain",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-env/bind_anonymous",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_BIND_DN",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_BIND_PASSWORD",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_NAME_ATTRIBUTE",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_OBJECT_CLASS",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_BASE",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_FILTER",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_SEARCH_SCOPE",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "usersync-properties/SYNC_LDAP_USER_GROUP_NAME_ATTRIBUTE",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
"config": "ranger-env/ranger-hdfs-plugin-enabled",
"widget": {
"type": "toggle"
@@ -187,6 +690,42 @@
"widget": {
"type": "toggle"
}
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.hdfs.dir",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "ranger-env/xasecure.audit.destination.db",
+ "widget": {
+ "type": "toggle"
+ }
+ },
+ {
+ "config": "admin-properties/audit_db_user",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/audit_db_name",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "admin-properties/audit_db_password",
+ "widget": {
+ "type": "password"
+ }
}
]
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/stacks/HDP/2.2/services/STORM/configuration/ranger-storm-plugin-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/STORM/configuration/ranger-storm-plugin-properties.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/STORM/configuration/ranger-storm-plugin-properties.xml
index e2ff6fe..1fef03f 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/STORM/configuration/ranger-storm-plugin-properties.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/STORM/configuration/ranger-storm-plugin-properties.xml
@@ -75,6 +75,12 @@
<value-attributes>
<type>boolean</type>
</value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.db</name>
+ </property>
+ </depends-on>
</property>
<property>
@@ -85,12 +91,24 @@
<value-attributes>
<type>boolean</type>
</value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs</name>
+ </property>
+ </depends-on>
</property>
<property>
<name>XAAUDIT.HDFS.DESTINATION_DIRECTORY</name>
- <value>hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
+ <value>hdfs://localhost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
<description></description>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs.dir</name>
+ </property>
+ </depends-on>
</property>
<property>
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/admin-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/admin-properties.xml b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/admin-properties.xml
index 5d7f7ce..67be091 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/admin-properties.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/admin-properties.xml
@@ -62,7 +62,6 @@
<description>Database admin user</description>
<value-attributes>
<overridable>false</overridable>
- <visible>false</visible>
</value-attributes>
</property>
@@ -74,7 +73,6 @@
<description>Database password for the database admin user-id</description>
<value-attributes>
<overridable>false</overridable>
- <visible>false</visible>
</value-attributes>
</property>
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-env.xml b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-env.xml
index 0f1c837..2506743 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-env.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-env.xml
@@ -54,28 +54,6 @@
</property>
<property>
- <name>bind_anonymous</name>
- <display-name>Bind Anonymous</display-name>
- <value>false</value>
- <value-attributes>
- <type>value-list</type>
- <overridable>false</overridable>
- <entries>
- <entry>
- <value>true</value>
- <label>Yes</label>
- </entry>
- <entry>
- <value>false</value>
- <label>No</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- </property>
-
- <property>
<name>ranger_privelege_user_jdbc_url</name>
<display-name>JDBC connect string for root user</display-name>
<description>JDBC connect string - auto populated based on other values. This is to be used by root user</description>
@@ -140,30 +118,8 @@
</property>
<property>
- <name>xasecure.audit.destination.db</name>
- <value>false</value>
- <display-name>Audit to DB</display-name>
- <description>Enable Audit to DB for all ranger supported services. This property is overridable at service level</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>true</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>false</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- </property>
-
- <property>
<name>xasecure.audit.destination.solr</name>
- <value>false</value>
+ <value>true</value>
<display-name>Audit to Solr</display-name>
<description>Enable Audit to Solr for all ranger supported services. This property is overridable at service level</description>
<value-attributes>
@@ -208,7 +164,7 @@
<property>
<name>xasecure.audit.destination.hdfs</name>
- <value>false</value>
+ <value>true</value>
<display-name>Audit to HDFS</display-name>
<description>Enable Audit to HDFS for all ranger supported services. This property is overridable at service level</description>
<value-attributes>
@@ -241,4 +197,26 @@
</depends-on>
</property>
+ <property>
+ <name>xasecure.audit.destination.db</name>
+ <value>false</value>
+ <display-name>Audit to DB</display-name>
+ <description>Enable Audit to DB for all ranger supported services. This property is overridable at service level</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>true</value>
+ <label>ON</label>
+ </entry>
+ <entry>
+ <value>false</value>
+ <label>OFF</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ </property>
+
</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/themes/theme_version_2.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/themes/theme_version_2.json b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/themes/theme_version_2.json
index 187942c..deb1fad 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/themes/theme_version_2.json
+++ b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/themes/theme_version_2.json
@@ -45,7 +45,7 @@
"column-span": "2"
},
{
- "name": "subsection-ranger-db-row3-col1",
+ "name": "subsection-ranger-db-root-user-col1",
"row-index": "2",
"column-index": "0",
"row-span": "1",
@@ -70,7 +70,7 @@
]
},
{
- "name": "subsection-ranger-db-row3-col2",
+ "name": "subsection-ranger-db-root-user-col2",
"row-index": "2",
"column-index": "1",
"row-span": "1",
@@ -403,19 +403,19 @@
},
{
"config": "admin-properties/db_root_user",
- "subsection-name": "subsection-ranger-db-row3-col1"
+ "subsection-name": "subsection-ranger-db-root-user-col1"
},
{
"config": "ranger-env/ranger_privelege_user_jdbc_url",
- "subsection-name": "subsection-ranger-db-row3-col1"
+ "subsection-name": "subsection-ranger-db-root-user-col1"
},
{
"config": "admin-properties/db_root_password",
- "subsection-name": "subsection-ranger-db-row3-col2"
+ "subsection-name": "subsection-ranger-db-root-user-col2"
},
{
"config": "ranger-env/test_root_db_connection",
- "subsection-name": "subsection-ranger-db-row3-col1",
+ "subsection-name": "subsection-ranger-db-root-user-col1",
"property_value_attributes": {
"ui_only_property": true
}
@@ -1269,7 +1269,6 @@
"type": "combo"
}
},
-
{
"config": "ranger-ugsync-site/ranger.usersync.ldap.url",
"widget": {
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/main/resources/stacks/HDP/2.3/services/stack_advisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.3/services/stack_advisor.py b/ambari-server/src/main/resources/stacks/HDP/2.3/services/stack_advisor.py
index 464f9cc..3f261d6 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.3/services/stack_advisor.py
+++ b/ambari-server/src/main/resources/stacks/HDP/2.3/services/stack_advisor.py
@@ -344,7 +344,7 @@ class HDP23StackAdvisor(HDP22StackAdvisor):
rangerDbName = services['configurations']["admin-properties"]["properties"]["db_name"]
ranger_db_url_dict = {
'MYSQL': {'ranger.jpa.jdbc.driver': 'com.mysql.jdbc.Driver', 'ranger.jpa.jdbc.url': 'jdbc:mysql://' + rangerDbHost + '/' + rangerDbName},
- 'ORACLE': {'ranger.jpa.jdbc.driver': 'oracle.jdbc.driver.OracleDriver', 'ranger.jpa.jdbc.url': 'jdbc:oracle:thin:@/' + rangerDbHost + ':1521/' + rangerDbName},
+ 'ORACLE': {'ranger.jpa.jdbc.driver': 'oracle.jdbc.driver.OracleDriver', 'ranger.jpa.jdbc.url': 'jdbc:oracle:thin:@//' + rangerDbHost + ':1521/' + rangerDbName},
'POSTGRES': {'ranger.jpa.jdbc.driver': 'org.postgresql.Driver', 'ranger.jpa.jdbc.url': 'jdbc:postgresql://' + rangerDbHost + ':5432/' + rangerDbName},
'MSSQL': {'ranger.jpa.jdbc.driver': 'com.microsoft.sqlserver.jdbc.SQLServerDriver', 'ranger.jpa.jdbc.url': 'jdbc:sqlserver://' + rangerDbHost + ';databaseName=' + rangerDbName},
'SQLA': {'ranger.jpa.jdbc.driver': 'sap.jdbc4.sqlanywhere.IDriver', 'ranger.jpa.jdbc.url': 'jdbc:sqlanywhere:host=' + rangerDbHost + ';database=' + rangerDbName}
@@ -360,7 +360,7 @@ class HDP23StackAdvisor(HDP22StackAdvisor):
rangerDbHost = services['configurations']["admin-properties"]["properties"]["db_host"]
ranger_db_privelege_url_dict = {
'MYSQL': {'ranger_privelege_user_jdbc_url': 'jdbc:mysql://' + rangerDbHost},
- 'ORACLE': {'ranger_privelege_user_jdbc_url': 'jdbc:oracle:thin:@/' + rangerDbHost + ':1521'},
+ 'ORACLE': {'ranger_privelege_user_jdbc_url': 'jdbc:oracle:thin:@//' + rangerDbHost + ':1521'},
'POSTGRES': {'ranger_privelege_user_jdbc_url': 'jdbc:postgresql://' + rangerDbHost + ':5432'},
'MSSQL': {'ranger_privelege_user_jdbc_url': 'jdbc:sqlserver://' + rangerDbHost + ';'},
'SQLA': {'ranger_privelege_user_jdbc_url': 'jdbc:sqlanywhere:host=' + rangerDbHost + ';'}
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/test/python/stacks/2.0.6/common/test_stack_advisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.0.6/common/test_stack_advisor.py b/ambari-server/src/test/python/stacks/2.0.6/common/test_stack_advisor.py
index ee21cdb..cec4ee3 100644
--- a/ambari-server/src/test/python/stacks/2.0.6/common/test_stack_advisor.py
+++ b/ambari-server/src/test/python/stacks/2.0.6/common/test_stack_advisor.py
@@ -698,6 +698,19 @@ class TestHDP206StackAdvisor(TestCase):
}
]
},
+ {
+ "StackServices": {
+ "service_name": "HDFS"
+ },
+ "components": [
+ {
+ "StackServiceComponents": {
+ "component_name": "NAMENODE",
+ "hostnames": ["host1"]
+ }
+ }
+ ]
+ }
],
"configurations": {
"admin-properties": {
@@ -720,10 +733,11 @@ class TestHDP206StackAdvisor(TestCase):
"policymgr_external_url": "http://host1:7777",
}
},
+ "ranger-env": {"properties": {}}
}
recommendedConfigurations = {}
self.stackAdvisor.recommendRangerConfigurations(recommendedConfigurations, clusterData, services, None)
- self.assertEquals(recommendedConfigurations, expected)
+ self.assertEquals(recommendedConfigurations, expected, "Test for not existing DB_FLAVOR and http enabled, HDP-2.3")
# Recommend for DB_FLAVOR POSTGRES and https enabled, HDP-2.3
configurations = {
@@ -748,10 +762,11 @@ class TestHDP206StackAdvisor(TestCase):
"policymgr_external_url": "https://host1:7777",
}
},
- }
+ "ranger-env": {"properties": {}}
+ }
recommendedConfigurations = {}
self.stackAdvisor.recommendRangerConfigurations(recommendedConfigurations, clusterData, services, None)
- self.assertEquals(recommendedConfigurations, expected)
+ self.assertEquals(recommendedConfigurations, expected, "Test for DB_FLAVOR POSTGRES and https enabled, HDP-2.3")
# Recommend for DB_FLAVOR ORACLE and https enabled, HDP-2.2
configurations = {
@@ -775,11 +790,12 @@ class TestHDP206StackAdvisor(TestCase):
"policymgr_external_url": "https://host1:8888",
}
},
+ "ranger-env": {"properties": {}}
}
recommendedConfigurations = {}
self.stackAdvisor.recommendRangerConfigurations(recommendedConfigurations, clusterData, services, None)
- self.assertEquals(recommendedConfigurations, expected)
+ self.assertEquals(recommendedConfigurations, expected, "Test for DB_FLAVOR ORACLE and https enabled, HDP-2.2")
# Test Recommend LDAP values
services["ambari-server-properties"] = {
@@ -805,6 +821,7 @@ class TestHDP206StackAdvisor(TestCase):
'policymgr_external_url': 'http://host1:6080',
}
},
+ 'ranger-env': {'properties': {}},
'usersync-properties': {
'properties': {
'SYNC_LDAP_URL': 'c6403.ambari.apache.org:389',
@@ -816,7 +833,51 @@ class TestHDP206StackAdvisor(TestCase):
}
recommendedConfigurations = {}
self.stackAdvisor.recommendRangerConfigurations(recommendedConfigurations, clusterData, services, None)
- self.assertEquals(recommendedConfigurations, expected)
+ self.assertEquals(recommendedConfigurations, expected, "Test Recommend LDAP values")
+
+ # Test Ranger Audit properties
+ del services["ambari-server-properties"]
+ services["configurations"] = {
+ "core-site": {
+ "properties": {
+ "fs.defaultFS": "hdfs://host1:8080",
+ }
+ },
+ "ranger-env": {
+ "properties": {
+ "xasecure.audit.destination.db": "true",
+ "xasecure.audit.destination.hdfs":"false",
+ "xasecure.audit.destination.hdfs.dir":"hdfs://localhost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%"
+ }
+ },
+ "ranger-hdfs-plugin-properties": {
+ "properties": {}
+ }
+ }
+ expected = {
+ 'admin-properties': {
+ 'properties': {
+ 'policymgr_external_url': 'http://host1:6080'
+ }
+ },
+ 'ranger-hdfs-plugin-properties': {
+ 'properties': {
+ 'XAAUDIT.HDFS.IS_ENABLED': 'false',
+ 'XAAUDIT.HDFS.DESTINATION_DIRECTORY': 'hdfs://host1:8080/ranger/audit/%app-type%/%time:yyyyMMdd%',
+ 'XAAUDIT.DB.IS_ENABLED': 'true'
+ }
+ },
+ 'ranger-env': {
+ 'properties': {
+ 'xasecure.audit.destination.hdfs.dir': 'hdfs://host1:8080/ranger/audit/%app-type%/%time:yyyyMMdd%'
+ }
+ }
+ }
+
+ recommendedConfigurations = {}
+ self.stackAdvisor.recommendRangerConfigurations(recommendedConfigurations, clusterData, services, None)
+ self.assertEquals(recommendedConfigurations, expected, "Test Ranger Audit properties")
+
def test_recommendHDFSConfigurations(self):
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-server/src/test/python/unitTests.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/unitTests.py b/ambari-server/src/test/python/unitTests.py
index fe9b60a..b39f40c 100644
--- a/ambari-server/src/test/python/unitTests.py
+++ b/ambari-server/src/test/python/unitTests.py
@@ -19,12 +19,13 @@ limitations under the License.
import unittest
import multiprocessing
import os
-import sys
-from random import shuffle
import fnmatch
import tempfile
import shutil
+import sys
+
+
#excluded directories with non-test staff from stack and service scanning,
#also we can add service or stack to skip here
STACK_EXCLUDE = ["utils", "1.3.2"]
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-web/app/data/HDP2.2/site_properties.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/data/HDP2.2/site_properties.js b/ambari-web/app/data/HDP2.2/site_properties.js
index 9235dfa..3f94e48 100644
--- a/ambari-web/app/data/HDP2.2/site_properties.js
+++ b/ambari-web/app/data/HDP2.2/site_properties.js
@@ -155,93 +155,12 @@ hdp22properties.push(
"index": 2
},
{
- "name": "DB_FLAVOR",
- "options": [
- {
- displayName: 'MYSQL'
- },
- {
- displayName: 'ORACLE'
- }
- ],
- "displayType": "radio button",
- "radioName": "RANGER DB_FLAVOR",
- "serviceName": "RANGER",
- "filename": "admin-properties.xml",
- "category": "DBSettings",
- "index": 1
- },
- {
"name": "SQL_COMMAND_INVOKER",
"serviceName": "RANGER",
"filename": "admin-properties.xml",
"category": "DBSettings"
},
{
- "name": "db_host",
- "serviceName": "RANGER",
- "filename": "admin-properties.xml",
- "category": "DBSettings",
- "index": 2
- },
- {
- "name": "db_root_user",
- "serviceName": "RANGER",
- "filename": "admin-properties.xml",
- "category": "DBSettings",
- "index": 5
- },
- {
- "name": "db_root_password",
- "serviceName": "RANGER",
- "filename": "admin-properties.xml",
- "category": "DBSettings",
- "index": 6
- },
- {
- "name": "db_name",
- "serviceName": "RANGER",
- "filename": "admin-properties.xml",
- "category": "DBSettings",
- "index": 7
- },
-
- {
- "name": "db_user",
- "serviceName": "RANGER",
- "filename": "admin-properties.xml",
- "category": "DBSettings",
- "index": 3
- },
- {
- "name": "db_password",
- "serviceName": "RANGER",
- "filename": "admin-properties.xml",
- "category": "DBSettings",
- "index": 4
- },
- {
- "name": "audit_db_name",
- "serviceName": "RANGER",
- "filename": "admin-properties.xml",
- "category": "DBSettings",
- "index": 11
- },
- {
- "name": "audit_db_user",
- "serviceName": "RANGER",
- "filename": "admin-properties.xml",
- "category": "DBSettings",
- "index": 12
- },
- {
- "name": "audit_db_password",
- "serviceName": "RANGER",
- "filename": "admin-properties.xml",
- "category": "DBSettings",
- "index": 13
- },
- {
"name": "policymgr_external_url",
"serviceName": "RANGER",
"filename": "admin-properties.xml",
http://git-wip-us.apache.org/repos/asf/ambari/blob/b5f4d7a1/ambari-web/app/data/HDP2.3/site_properties.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/data/HDP2.3/site_properties.js b/ambari-web/app/data/HDP2.3/site_properties.js
index 9f64912..3425710 100644
--- a/ambari-web/app/data/HDP2.3/site_properties.js
+++ b/ambari-web/app/data/HDP2.3/site_properties.js
@@ -21,14 +21,7 @@ var App = require('app');
var hdp22properties = require('data/HDP2.2/site_properties').configProperties;
var excludedConfigs = [
- 'DB_FLAVOR',
- 'db_name',
- 'db_user',
- 'db_password',
- 'db_root_user',
- 'db_root_password',
'nimbus.host',
- 'db_host',
'XAAUDIT.DB.IS_ENABLED',
'XAAUDIT.HDFS.IS_ENABLED',
'UPDATE_XAPOLICIES_ON_GRANT_REVOKE',