You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Bharat Viswanadham (JIRA)" <ji...@apache.org> on 2017/04/06 20:11:41 UTC

[jira] [Created] (AMBARI-20697) Stack advisor code in 2.3 refactor logic for ranger Kafka Plugin

Bharat Viswanadham created AMBARI-20697:
-------------------------------------------

             Summary: Stack advisor code in 2.3 refactor logic for ranger Kafka Plugin
                 Key: AMBARI-20697
                 URL: https://issues.apache.org/jira/browse/AMBARI-20697
             Project: Ambari
          Issue Type: Bug
            Reporter: Bharat Viswanadham


 if ranger_plugin_enabled:
      # If ranger-kafka-plugin-properties/ranger-kafka-plugin-enabled,
      # determine if the Ranger/Kafka plug-in enabled enabled or not
      if 'ranger-kafka-plugin-properties' in configurations and \
          'ranger-kafka-plugin-enabled' in configurations['ranger-kafka-plugin-properties']['properties']:
        ranger_plugin_enabled = configurations['ranger-kafka-plugin-properties']['properties']['ranger-kafka-plugin-enabled'].lower() == 'yes'
      # If ranger-kafka-plugin-properties/ranger-kafka-plugin-enabled was not changed,
      # determine if the Ranger/Kafka plug-in enabled enabled or not
      elif 'ranger-kafka-plugin-properties' in services['configurations'] and \
          'ranger-kafka-plugin-enabled' in services['configurations']['ranger-kafka-plugin-properties']['properties']:
        ranger_plugin_enabled = services['configurations']['ranger-kafka-plugin-properties']['properties']['ranger-kafka-plugin-enabled'].lower() == 'yes'

    # Determine the value for kafka-broker/authorizer.class.name
    if ranger_plugin_enabled:
      # If the Ranger plugin for Kafka is enabled, set authorizer.class.name to
      # "org.apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer" whether Kerberos is
      # enabled or not.
      putKafkaBrokerProperty("authorizer.class.name", 'org.apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer')
    elif security_enabled:
      putKafkaBrokerProperty("authorizer.class.name", 'kafka.security.auth.SimpleAclAuthorizer')
    else:
      putKafkaBrokerAttributes('authorizer.class.name', 'delete', 'true')

In the above code after ranger_plugin_enabled is true and inside conditions don't match then also we set authorizer.class.name to RangerKafakAuthorizer.  So, to avoid this after checking ranger_plugin_enabled set to false and then continue with code checking



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)