You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ol...@apache.org on 2016/10/03 14:19:41 UTC
[4/5] ambari git commit: AMBARI-18510. Use logsearch truststore to
look for credential in case of external authentication (Miklos Gergely via
oleewere)
http://git-wip-us.apache.org/repos/asf/ambari/blob/b72b720c/ambari-logsearch/docker/test-config/logsearch/logsearch-env.sh
----------------------------------------------------------------------
diff --git a/ambari-logsearch/docker/test-config/logsearch/logsearch-env.sh b/ambari-logsearch/docker/test-config/logsearch/logsearch-env.sh
index 2ad7055..2c2d056 100644
--- a/ambari-logsearch/docker/test-config/logsearch/logsearch-env.sh
+++ b/ambari-logsearch/docker/test-config/logsearch/logsearch-env.sh
@@ -21,7 +21,7 @@ export LOGSEARCH_PORT=61888
# path containing LogSearch.jar file
export LOGSEARCH_PATH=/root/ambari/ambari-logsearch/ambari-logsearch-portal/target/package
-export LOGSEARCH_CONF_DIR=/root/test-config/logsearch
+export LOGSEARCH_CONF_DIR=/root/config/logsearch
export LOGFILE=/var/log/ambari-logsearch-portal/logsearch.log
@@ -33,4 +33,12 @@ LOGSEARCH_JAVA_MEM=${LOGSEARCH_JAVA_MEM:-"-Xmx1024m"}
export LOGSEARCH_DEBUG=true
-export LOGSEARCH_DEBUG_PORT=5005
\ No newline at end of file
+export LOGSEARCH_DEBUG_PORT=5005
+
+export LOGSEARCH_SSL="true"
+export LOGSEARCH_KEYSTORE_LOCATION=/root/config/ssl/logsearch.keyStore.jks
+export LOGSEARCH_KEYSTORE_PASSWORD=bigdata
+export LOGSEARCH_KEYSTORE_TYPE=jks
+export LOGSEARCH_TRUSTSTORE_LOCATION=/root/config/ssl/logsearch.trustStore.jks
+export LOGSEARCH_TRUSTSTORE_PASSWORD=bigdata
+export LOGSEARCH_TRUSTSTORE_TYPE=jks
http://git-wip-us.apache.org/repos/asf/ambari/blob/b72b720c/ambari-logsearch/docker/test-config/logsearch/logsearch-https.properties
----------------------------------------------------------------------
diff --git a/ambari-logsearch/docker/test-config/logsearch/logsearch-https.properties b/ambari-logsearch/docker/test-config/logsearch/logsearch-https.properties
new file mode 100644
index 0000000..1bd8c70
--- /dev/null
+++ b/ambari-logsearch/docker/test-config/logsearch/logsearch-https.properties
@@ -0,0 +1,55 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+logsearch.solr.zk_connect_string=localhost:9983
+
+# Service Logs
+logsearch.solr.collection.service.logs=hadoop_logs
+
+logsearch.service.logs.split.interval.mins=15
+logsearch.collection.service.logs.numshards=3
+logsearch.collection.service.logs.replication.factor=2
+
+# Audit logs
+logsearch.solr.audit.logs.zk_connect_string=localhost:9983
+logsearch.solr.collection.audit.logs=audit_logs
+logsearch.solr.audit.logs.url=
+
+logsearch.audit.logs.split.interval.mins=15
+logsearch.collection.audit.logs.numshards=3
+logsearch.collection.audit.logs.replication.factor=2
+
+# History logs
+logsearch.solr.collection.history=history
+logsearch.solr.history.config.name=history
+logsearch.collection.history.replication.factor=1
+
+# Metrics
+logsearch.solr.metrics.collector.hosts=
+logsearch.solr.jmx.port=18886
+
+# Logfeeder Settings
+
+logsearch.logfeeder.include.default.level=FATAL,ERROR,WARN,INFO,DEBUG,TRACE,UNKNOWN
+
+# logsearch-admin.json
+logsearch.auth.file.enable=true
+logsearch.login.credentials.file=user_pass.json
+
+logsearch.auth.ldap.enable=false
+logsearch.auth.simple.enable=false
+logsearch.auth.external_auth.enable=false
+
+logsearch.protocol=https
http://git-wip-us.apache.org/repos/asf/ambari/blob/b72b720c/ambari-logsearch/docker/test-config/solr/solr-env-ssl.sh
----------------------------------------------------------------------
diff --git a/ambari-logsearch/docker/test-config/solr/solr-env-ssl.sh b/ambari-logsearch/docker/test-config/solr/solr-env-ssl.sh
new file mode 100644
index 0000000..faaa6ff
--- /dev/null
+++ b/ambari-logsearch/docker/test-config/solr/solr-env-ssl.sh
@@ -0,0 +1,101 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# By default the script will use JAVA_HOME to determine which java
+# to use, but you can set a specific path for Solr to use without
+# affecting other Java applications on your server/workstation.
+SOLR_JAVA_HOME=/usr/java/default
+
+# Increase Java Min/Max Heap as needed to support your indexing / query needs
+SOLR_JAVA_MEM="-Xms1024m -Xmx2048m"
+
+# Enable verbose GC logging
+GC_LOG_OPTS="-verbose:gc -XX:+PrintHeapAtGC -XX:+PrintGCDetails \
+-XX:+PrintGCDateStamps -XX:+PrintGCTimeStamps -XX:+PrintTenuringDistribution -XX:+PrintGCApplicationStoppedTime"
+
+# These GC settings have shown to work well for a number of common Solr workloads
+GC_TUNE="-XX:NewRatio=3 \
+-XX:SurvivorRatio=4 \
+-XX:TargetSurvivorRatio=90 \
+-XX:MaxTenuringThreshold=8 \
+-XX:+UseConcMarkSweepGC \
+-XX:+UseParNewGC \
+-XX:ConcGCThreads=4 -XX:ParallelGCThreads=4 \
+-XX:+CMSScavengeBeforeRemark \
+-XX:PretenureSizeThreshold=64m \
+-XX:+UseCMSInitiatingOccupancyOnly \
+-XX:CMSInitiatingOccupancyFraction=50 \
+-XX:CMSMaxAbortablePrecleanTime=6000 \
+-XX:+CMSParallelRemarkEnabled \
+-XX:+ParallelRefProcEnabled"
+
+# Set the ZooKeeper connection string if using an external ZooKeeper ensemble
+# e.g. host1:2181,host2:2181/chroot
+# Leave empty if not using SolrCloud
+#ZK_HOST="localhost:9983/ambari-solr"
+
+# Set the ZooKeeper client timeout (for SolrCloud mode)
+ZK_CLIENT_TIMEOUT="60000"
+
+# By default the start script uses "localhost"; override the hostname here
+# for production SolrCloud environments to control the hostname exposed to cluster state
+#SOLR_HOST="192.168.1.1"
+
+# By default the start script uses UTC; override the timezone if needed
+#SOLR_TIMEZONE="UTC"
+
+# Set to true to activate the JMX RMI connector to allow remote JMX client applications
+# to monitor the JVM hosting Solr; set to "false" to disable that behavior
+# (false is recommended in production environments)
+ENABLE_REMOTE_JMX_OPTS="true"
+
+# The script will use SOLR_PORT+10000 for the RMI_PORT or you can set it here
+RMI_PORT=18886
+
+# Anything you add to the SOLR_OPTS variable will be included in the java
+# start command line as-is, in ADDITION to other options. If you specify the
+# -a option on start script, those options will be appended as well. Examples:
+#SOLR_OPTS="$SOLR_OPTS -Dsolr.autoSoftCommit.maxTime=3000"
+#SOLR_OPTS="$SOLR_OPTS -Dsolr.autoCommit.maxTime=60000"
+#SOLR_OPTS="$SOLR_OPTS -Dsolr.clustering.enabled=true"
+
+# Location where the bin/solr script will save PID files for running instances
+# If not set, the script will create PID files in $SOLR_TIP/bin
+SOLR_PID_DIR=/var/run/ambari-logsearch-solr
+
+# Path to a directory where Solr creates index files, the specified directory
+# must contain a solr.xml; by default, Solr will use server/solr
+SOLR_HOME=/root/logsearch_solr_index/data
+
+# Solr provides a default Log4J configuration properties file in server/resources
+# however, you may want to customize the log settings and file appender location
+# so you can point the script to use a different log4j.properties file
+LOG4J_PROPS=/root/config/solr/log4j.properties
+
+# Location where Solr should write logs to; should agree with the file appender
+# settings in server/resources/log4j.properties
+SOLR_LOGS_DIR=/var/log/ambari-logsearch-solr
+
+# Sets the port Solr binds to, default is 8983
+SOLR_PORT=8886
+
+SOLR_SSL_KEY_STORE=/root/config/ssl/logsearch.keyStore.jks
+SOLR_SSL_KEY_STORE_PASSWORD=bigdata
+SOLR_SSL_TRUST_STORE=/root/config/ssl/logsearch.trustStore.jks
+SOLR_SSL_TRUST_STORE_PASSWORD=bigdata
+SOLR_SSL_NEED_CLIENT_AUTH=false
+SOLR_SSL_WANT_CLIENT_AUTH=false
+
http://git-wip-us.apache.org/repos/asf/ambari/blob/b72b720c/ambari-logsearch/docker/test-config/solr/solr-env.sh
----------------------------------------------------------------------
diff --git a/ambari-logsearch/docker/test-config/solr/solr-env.sh b/ambari-logsearch/docker/test-config/solr/solr-env.sh
index 92fa354..11b9fe0 100644
--- a/ambari-logsearch/docker/test-config/solr/solr-env.sh
+++ b/ambari-logsearch/docker/test-config/solr/solr-env.sh
@@ -83,11 +83,11 @@ SOLR_HOME=/root/logsearch_solr_index/data
# Solr provides a default Log4J configuration properties file in server/resources
# however, you may want to customize the log settings and file appender location
# so you can point the script to use a different log4j.properties file
-LOG4J_PROPS=/root/test-config/solr/log4j.properties
+LOG4J_PROPS=/root/config/solr/log4j.properties
# Location where Solr should write logs to; should agree with the file appender
# settings in server/resources/log4j.properties
SOLR_LOGS_DIR=/var/log/ambari-logsearch-solr
# Sets the port Solr binds to, default is 8983
-SOLR_PORT=8886
\ No newline at end of file
+SOLR_PORT=8886
http://git-wip-us.apache.org/repos/asf/ambari/blob/b72b720c/ambari-server/src/main/resources/common-services/AMBARI_INFRA/0.1.0/properties/infra-solr-env.sh.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMBARI_INFRA/0.1.0/properties/infra-solr-env.sh.j2 b/ambari-server/src/main/resources/common-services/AMBARI_INFRA/0.1.0/properties/infra-solr-env.sh.j2
index d1c1ef9..8c24fa4 100644
--- a/ambari-server/src/main/resources/common-services/AMBARI_INFRA/0.1.0/properties/infra-solr-env.sh.j2
+++ b/ambari-server/src/main/resources/common-services/AMBARI_INFRA/0.1.0/properties/infra-solr-env.sh.j2
@@ -96,8 +96,8 @@ SOLR_PORT={{infra_solr_port}}
{% if infra_solr_ssl_enabled %}
SOLR_SSL_KEY_STORE={{infra_solr_keystore_location}}
SOLR_SSL_KEY_STORE_PASSWORD={{infra_solr_keystore_password}}
-SOLR_SSL_TRUST_STORE={{infra_solr_keystore_location}}
-SOLR_SSL_TRUST_STORE_PASSWORD={{infra_solr_keystore_password}}
+SOLR_SSL_TRUST_STORE={{infra_solr_truststore_location}}
+SOLR_SSL_TRUST_STORE_PASSWORD={{infra_solr_truststore_password}}
SOLR_SSL_NEED_CLIENT_AUTH=false
SOLR_SSL_WANT_CLIENT_AUTH=false
{% endif %}
http://git-wip-us.apache.org/repos/asf/ambari/blob/b72b720c/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2 b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2
index 501603a..eb7306c 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2
@@ -38,7 +38,7 @@ export LOGSEARCH_DEBUG={{logsearch_debug_enabled}}
export LOGSEARCH_DEBUG_PORT={{logsearch_debug_port}}
-{% if infra_solr_ssl_enabled or logsearch_ui_protocol == 'https' %}
+{% if infra_solr_ssl_enabled or logsearch_ui_protocol == 'https' or ambari_server_use_ssl %}
export LOGSEARCH_SSL="true"
export LOGSEARCH_KEYSTORE_LOCATION={{logsearch_keystore_location}}
export LOGSEARCH_KEYSTORE_PASSWORD={{logsearch_keystore_password}}