You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by nc...@apache.org on 2016/02/18 14:33:41 UTC
[22/33] ambari git commit: AMBARI-15001: Hdfs keytab for hawq service
check on secured cluster
AMBARI-15001: Hdfs keytab for hawq service check on secured cluster
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/0ea255c5
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/0ea255c5
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/0ea255c5
Branch: refs/heads/branch-dev-patch-upgrade
Commit: 0ea255c59005eda4d5684230460d8b1c647c78f7
Parents: 5a9bb71
Author: Jun Aoki <ja...@apache.org>
Authored: Wed Feb 17 12:27:50 2016 -0800
Committer: Jun Aoki <ja...@apache.org>
Committed: Wed Feb 17 12:27:50 2016 -0800
----------------------------------------------------------------------
.../common-services/HAWQ/2.0.0/kerberos.json | 125 +++++++++----------
1 file changed, 56 insertions(+), 69 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/0ea255c5/ambari-server/src/main/resources/common-services/HAWQ/2.0.0/kerberos.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HAWQ/2.0.0/kerberos.json b/ambari-server/src/main/resources/common-services/HAWQ/2.0.0/kerberos.json
index cc11c15..da11986 100644
--- a/ambari-server/src/main/resources/common-services/HAWQ/2.0.0/kerberos.json
+++ b/ambari-server/src/main/resources/common-services/HAWQ/2.0.0/kerberos.json
@@ -1,73 +1,60 @@
{
- "services": [
+ "services": [
+ {
+ "name": "HAWQ",
+ "identities": [
{
- "name": "HAWQ",
- "identities": [
- {
- "name": "/hdfs"
- }
- ],
- "configurations": [
- {
- "hawq-site": {
- "enable_secure_filesystem": "ON",
- "krb_server_keyfile": "${keytab_dir}/hawq.service.keytab"
- }
- },
- {
- "hdfs-client": {
- "hadoop.security.authentication": "kerberos"
- }
- }
- ],
- "components": [
- {
- "identities": [
- {
- "keytab": {
- "file": "${keytab_dir}/hawq.service.keytab",
- "group": {
- "access": "",
- "name": "${cluster-env/user_group}"
- },
- "owner": {
- "access": "r",
- "name": "gpadmin"
- }
- },
- "name": "hawq_master_hawq",
- "principal": {
- "type": "service",
- "value": "postgres@${realm}"
- }
- }
- ],
- "name": "HAWQMASTER"
- },
- {
- "identities": [
- {
- "keytab": {
- "file": "${keytab_dir}/hawq.service.keytab",
- "group": {
- "access": "",
- "name": "${cluster-env/user_group}"
- },
- "owner": {
- "access": "r",
- "name": "gpadmin"
- }
- },
- "name": "hawq_standby_hawq",
- "principal": {
- "type": "service",
- "value": "postgres@${realm}"
- }
- }
- ],
- "name": "HAWQSTANDBY"
- }
- ]
+ "name": "/HDFS/NAMENODE/hdfs"
+ },
+ {
+ "name": "hawq_identity",
+ "principal": {
+ "type": "user",
+ "value": "postgres@${realm}"
+ },
+ "keytab": {
+ "file": "${keytab_dir}/hawq.service.keytab",
+ "owner": {
+ "access": "r",
+ "name": "gpadmin"
+ },
+ "group": {
+ "name": "${cluster-env/user_group}"
+ }
+ }
+ }
+ ],
+ "configurations": [
+ {
+ "hawq-site": {
+ "enable_secure_filesystem": "ON",
+ "krb_server_keyfile": "${keytab_dir}/hawq.service.keytab"
+ }
+ },
+ {
+ "hdfs-client": {
+ "hadoop.security.authentication": "kerberos"
+ }
+ }
+ ],
+ "components" : [
+ {
+ "name": "HAWQMASTER",
+ "identities": [
+ {
+ "name": "/HAWQ/hawq_identity"
+ }
+ ]
+ },
+ {
+ "name": "HAWQSTANDBY",
+ "identities": [
+ {
+ "name": "/HAWQ/hawq_identity"
+ }
+ ]
}
- ]
+ ]
+ }
+ ]
}