You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2015/03/09 20:10:25 UTC
ambari git commit: AMBARI-9937. Ambari must support deployment on
separate host (rlevas)
Repository: ambari
Updated Branches:
refs/heads/branch-2.0.0 8b4ef2b69 -> 7f19da96c
AMBARI-9937. Ambari must support deployment on separate host (rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/7f19da96
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/7f19da96
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/7f19da96
Branch: refs/heads/branch-2.0.0
Commit: 7f19da96cec63ce0d1c69e1be938e1b31e77f8f1
Parents: 8b4ef2b
Author: Robert Levas <rl...@hortonworks.com>
Authored: Mon Mar 9 15:06:55 2015 -0400
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Mon Mar 9 15:09:29 2015 -0400
----------------------------------------------------------------------
.../KERBEROS/configuration/kerberos-env.xml | 104 +++++++++++++++++++
1 file changed, 104 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/7f19da96/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml
new file mode 100644
index 0000000..31833cb
--- /dev/null
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml
@@ -0,0 +1,104 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+
+<configuration supports_final="false">
+ <property require-input="true">
+ <name>kdc_type</name>
+ <description>
+ The type of KDC being used. Either mit-kdc or active-directory
+ </description>
+ <value>mit-kdc</value>
+ </property>
+
+ <property require-input="true">
+ <name>ldap_url</name>
+ <description>
+ The URL to the Active Directory LDAP Interface
+ </description>
+ <value/>
+ </property>
+
+ <property require-input="true">
+ <name>container_dn</name>
+ <description>
+ The distinguished name (DN) of the container used store service principals
+ </description>
+ <value/>
+ </property>
+
+ <property require-input="true">
+ <name>encryption_types</name>
+ <description>
+ The supported list of session key encryption types that should be returned by the KDC.
+ </description>
+ <value>aes des3-cbc-sha1 rc4 des-cbc-md5</value>
+ </property>
+
+ <property require-input="true">
+ <name>realm</name>
+ <description>
+ The default realm to use when creating service principals
+ </description>
+ <value/>
+ </property>
+
+ <property require-input="true">
+ <name>kdc_host</name>
+ <description>
+ The IP address or FQDN for the KDC host. Optionally a port number may be included.
+ </description>
+ <value/>
+ </property>
+
+ <property>
+ <name>admin_server_host</name>
+ <description>
+ The IP address or FQDN for the KDC Kerberos administrative host. Optionally a port number may be included.
+ </description>
+ <value/>
+ </property>
+
+
+ <property require-input="true">
+ <name>create_attributes_template</name>
+ <description>
+ A Velocity template to use to generate a JSON-formatted document containing the set of
+ attribute names and values needed to create a new Kerberos identity in the relevant KDC.
+ Variables include:
+ principal_name, principal_primary, principal_instance, realm, realm_lowercase,
+ normalized_principal, principal digest, password, is_service, container_dn
+ </description>
+ <value>
+{
+ "objectClass": ["top", "person", "organizationalPerson", "user"],
+ "cn": "$principal_name",
+ #if( $is_service )
+ "servicePrincipalName": "$principal_name",
+ #end
+ "userPrincipalName": "$normalized_principal",
+ "unicodePwd": "$password",
+ "accountExpires": "0",
+ "userAccountControl": "66048"
+}
+ </value>
+ </property>
+</configuration>