You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ma...@apache.org on 2016/12/05 15:39:39 UTC
[3/3] ambari git commit: AMBARI-18065. Change Ranger Admin start
script to setup db for ranger (magyari_sandor)
AMBARI-18065. Change Ranger Admin start script to setup db for ranger (magyari_sandor)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/f5051dcb
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/f5051dcb
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/f5051dcb
Branch: refs/heads/trunk
Commit: f5051dcb7f17f0e26fed9e70eef35a3758a35e60
Parents: 431d265
Author: Sandor Magyari <sm...@hortonworks.com>
Authored: Thu Dec 1 19:36:01 2016 +0100
Committer: Sandor Magyari <sm...@hortonworks.com>
Committed: Mon Dec 5 16:39:13 2016 +0100
----------------------------------------------------------------------
.../libraries/functions/constants.py | 1 +
.../RANGER/0.4.0/package/scripts/params.py | 1 +
.../0.4.0/package/scripts/ranger_admin.py | 36 +-
.../HDP/2.0.6/properties/stack_features.json | 5 +
.../stacks/2.6/RANGER/test_ranger_admin.py | 504 ++++++++++++
.../2.6/configs/ranger-admin-default.json | 704 +++++++++++++++++
.../2.6/configs/ranger-admin-secured.json | 773 +++++++++++++++++++
7 files changed, 2010 insertions(+), 14 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/f5051dcb/ambari-common/src/main/python/resource_management/libraries/functions/constants.py
----------------------------------------------------------------------
diff --git a/ambari-common/src/main/python/resource_management/libraries/functions/constants.py b/ambari-common/src/main/python/resource_management/libraries/functions/constants.py
index 3431495..46562e0 100644
--- a/ambari-common/src/main/python/resource_management/libraries/functions/constants.py
+++ b/ambari-common/src/main/python/resource_management/libraries/functions/constants.py
@@ -97,6 +97,7 @@ class StackFeature:
RANGER_PID_SUPPORT = "ranger_pid_support"
RANGER_KMS_PID_SUPPORT = "ranger_kms_pid_support"
RANGER_ADMIN_PASSWD_CHANGE = "ranger_admin_password_change"
+ RANGER_SETUP_DB_ON_START = "ranger_setup_db_on_start"
STORM_METRICS_APACHE_CLASSES = "storm_metrics_apache_classes"
SPARK_JAVA_OPTS_SUPPORT = "spark_java_opts_support"
ATLAS_HBASE_SETUP = "atlas_hbase_setup"
http://git-wip-us.apache.org/repos/asf/ambari/blob/f5051dcb/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py
index e27b363..f2cc940 100644
--- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py
@@ -70,6 +70,7 @@ stack_supports_usersync_passwd = check_stack_feature(StackFeature.RANGER_USERSYN
stack_supports_infra_client = check_stack_feature(StackFeature.RANGER_INSTALL_INFRA_CLIENT, version_for_stack_feature_checks)
stack_supports_pid = check_stack_feature(StackFeature.RANGER_PID_SUPPORT, version_for_stack_feature_checks)
stack_supports_ranger_admin_password_change = check_stack_feature(StackFeature.RANGER_ADMIN_PASSWD_CHANGE, version_for_stack_feature_checks)
+stack_supports_ranger_setup_db_on_start = check_stack_feature(StackFeature.RANGER_SETUP_DB_ON_START, version_for_stack_feature_checks)
downgrade_from_version = default("/commandParams/downgrade_from_version", None)
upgrade_direction = default("/commandParams/upgrade_direction", None)
http://git-wip-us.apache.org/repos/asf/ambari/blob/f5051dcb/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py
index a9656c7..b849d58 100644
--- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py
@@ -45,18 +45,9 @@ class RangerAdmin(Script):
self.install_packages(env)
import params
env.set_params(params)
- if params.xml_configurations_supported:
- from setup_ranger_xml import setup_ranger_db
- setup_ranger_db()
-
- self.configure(env)
-
- if params.xml_configurations_supported:
- from setup_ranger_xml import setup_java_patch
- setup_java_patch()
-
- if params.stack_supports_ranger_admin_password_change:
- setup_ranger_admin_passwd_change()
+ # call config and setup db only in case of HDP version < 2.6
+ if not params.stack_supports_ranger_setup_db_on_start:
+ self.configure(env, setup_db=True)
def stop(self, env, upgrade_type=None):
import params
@@ -93,7 +84,9 @@ class RangerAdmin(Script):
def start(self, env, upgrade_type=None):
import params
env.set_params(params)
- self.configure(env, upgrade_type=upgrade_type)
+
+ # setup db only if in case HDP version is > 2.6
+ self.configure(env, upgrade_type=upgrade_type, setup_db=params.stack_supports_ranger_setup_db_on_start)
if params.stack_supports_infra_client and params.audit_solr_enabled and params.is_solrCloud_enabled:
solr_cloud_util.setup_solr_client(params.config, custom_log4j = params.custom_log4j)
@@ -122,7 +115,7 @@ class RangerAdmin(Script):
raise ComponentIsNotRunning()
pass
- def configure(self, env, upgrade_type=None):
+ def configure(self, env, upgrade_type=None, setup_db=False):
import params
env.set_params(params)
if params.xml_configurations_supported:
@@ -130,8 +123,23 @@ class RangerAdmin(Script):
else:
from setup_ranger import ranger
+ # set up db if we are not upgrading and setup_db is true
+ if setup_db and upgrade_type is None:
+ if params.xml_configurations_supported:
+ from setup_ranger_xml import setup_ranger_db
+ setup_ranger_db()
+
ranger('ranger_admin', upgrade_type=upgrade_type)
+ # set up java patches if we are not upgrading and setup_db is true
+ if setup_db and upgrade_type is None:
+ if params.xml_configurations_supported:
+ from setup_ranger_xml import setup_java_patch
+ setup_java_patch()
+
+ if params.stack_supports_ranger_admin_password_change:
+ setup_ranger_admin_passwd_change()
+
def set_ru_rangeradmin_in_progress(self, upgrade_marker_file):
config_dir = os.path.dirname(upgrade_marker_file)
try:
http://git-wip-us.apache.org/repos/asf/ambari/blob/f5051dcb/ambari-server/src/main/resources/stacks/HDP/2.0.6/properties/stack_features.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.0.6/properties/stack_features.json b/ambari-server/src/main/resources/stacks/HDP/2.0.6/properties/stack_features.json
index dd87b72..27a755c 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.0.6/properties/stack_features.json
+++ b/ambari-server/src/main/resources/stacks/HDP/2.0.6/properties/stack_features.json
@@ -289,6 +289,11 @@
"min_version": "2.5.0.0"
},
{
+ "name": "ranger_setup_db_on_start",
+ "description": "Allows setup of ranger db and java patches to be called multiple times on each START",
+ "min_version": "2.6.0.0"
+ },
+ {
"name": "storm_metrics_apache_classes",
"description": "Metrics sink for Storm that uses Apache class names",
"min_version": "2.5.0.0"
http://git-wip-us.apache.org/repos/asf/ambari/blob/f5051dcb/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py b/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py
new file mode 100644
index 0000000..a3ce186
--- /dev/null
+++ b/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py
@@ -0,0 +1,504 @@
+#!/usr/bin/env python
+
+'''
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+'''
+import json
+from mock.mock import MagicMock, patch
+from stacks.utils.RMFTestCase import *
+from only_for_platform import not_for_platform, PLATFORM_WINDOWS
+
+@not_for_platform(PLATFORM_WINDOWS)
+class TestRangerAdmin(RMFTestCase):
+ COMMON_SERVICES_PACKAGE_DIR = "RANGER/0.4.0/package"
+ STACK_VERSION = "2.6"
+
+ @patch("os.path.isfile")
+ def test_start_default(self, isfile_mock):
+ self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/ranger_admin.py",
+ classname = "RangerAdmin",
+ command = "start",
+ config_file="ranger-admin-default.json",
+ stack_version = self.STACK_VERSION,
+ target = RMFTestCase.TARGET_COMMON_SERVICES
+ )
+ self.assert_configure_default()
+
+ self.assertResourceCalled('Directory', '/var/log/ambari-infra-solr-client',
+ create_parents = True,
+ mode = 0755,
+ cd_access = 'a',
+ )
+ self.assertResourceCalled('Directory', '/usr/lib/ambari-infra-solr-client',
+ cd_access = 'a',
+ create_parents = True,
+ mode = 0755,
+ recursive_ownership = True,
+ )
+ self.assertResourceCalled('File', '/usr/lib/ambari-infra-solr-client/solrCloudCli.sh',
+ content = StaticFile('/usr/lib/ambari-infra-solr-client/solrCloudCli.sh'),
+ mode = 0755,
+ )
+ self.assertResourceCalled('File', '/usr/lib/ambari-infra-solr-client/log4j.properties',
+ content = InlineTemplate(self.getConfig()['configurations']['infra-solr-client-log4j']['content']),
+ mode = 0644,
+ )
+ self.assertResourceCalled('File', '/var/log/ambari-infra-solr-client/solr-client.log',
+ content = '',
+ mode = 0664,
+ )
+ self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /infra-solr --check-znode --retry 5 --interval 10')
+ self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/infra-solr --download-config --config-dir /tmp/solr_config_ranger_audits_0.[0-9]* --config-set ranger_audits --retry 30 --interval 5')
+ self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/infra-solr --upload-config --config-dir /usr/hdp/current/ranger-admin/contrib/solr_for_audit_setup/conf --config-set ranger_audits --retry 30 --interval 5')
+ self.assertResourceCalledRegexp('^Directory$', '^/tmp/solr_config_ranger_audits_0.[0-9]*',
+ action=['delete'],
+ create_parents=True)
+ self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/infra-solr --create-collection --collection ranger_audits --config-set ranger_audits --shards 1 --replication 1 --max-shards 1 --retry 5 --interval 10')
+
+ self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start',
+ environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
+ not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep',
+ user = 'ranger',
+ )
+
+ self.assertTrue(isfile_mock.called)
+ self.assertNoMoreResources()
+
+ @patch("os.path.isfile")
+ def test_start_secured(self, isfile_mock):
+ self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/ranger_admin.py",
+ classname = "RangerAdmin",
+ command = "start",
+ config_file="ranger-admin-secured.json",
+ stack_version = self.STACK_VERSION,
+ target = RMFTestCase.TARGET_COMMON_SERVICES
+ )
+ self.assert_configure_secured()
+
+ self.assertResourceCalled('Directory', '/var/log/ambari-infra-solr-client',
+ create_parents = True,
+ mode = 0755,
+ cd_access = 'a',
+ )
+ self.assertResourceCalled('Directory', '/usr/lib/ambari-infra-solr-client',
+ cd_access = 'a',
+ create_parents = True,
+ mode = 0755,
+ recursive_ownership = True,
+ )
+ self.assertResourceCalled('File', '/usr/lib/ambari-infra-solr-client/solrCloudCli.sh',
+ content = StaticFile('/usr/lib/ambari-infra-solr-client/solrCloudCli.sh'),
+ mode = 0755,
+ )
+ self.assertResourceCalled('File', '/usr/lib/ambari-infra-solr-client/log4j.properties',
+ content = InlineTemplate(self.getConfig()['configurations']['infra-solr-client-log4j']['content']),
+ mode = 0644,
+ )
+ self.assertResourceCalled('File', '/var/log/ambari-infra-solr-client/solr-client.log',
+ content = '',
+ mode = 0664,
+ )
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger_solr_jaas.conf',
+ content = Template('ranger_solr_jaas_conf.j2'),
+ owner = 'ranger',
+ )
+ self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /ambari-solr --check-znode --retry 5 --interval 10')
+ self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/ambari-solr --download-config --config-dir /tmp/solr_config_ranger_audits_0.[0-9]* --config-set ranger_audits --retry 30 --interval 5')
+ self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/ambari-solr --upload-config --config-dir /usr/hdp/current/ranger-admin/contrib/solr_for_audit_setup/conf --config-set ranger_audits --retry 30 --interval 5')
+ self.assertResourceCalledRegexp('^Directory$', '^/tmp/solr_config_ranger_audits_0.[0-9]*',
+ action=['delete'],
+ create_parents=True)
+ self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/ambari-solr --create-collection --collection ranger_audits --config-set ranger_audits --shards 1 --replication 1 --max-shards 1 --retry 5 --interval 10')
+
+ self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start',
+ environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
+ not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep',
+ user = 'ranger',
+ )
+
+ self.assertTrue(isfile_mock.called)
+ self.assertNoMoreResources()
+
+
+ def assert_setup_db(self):
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java-old.jar',
+ action = ['delete'],
+ )
+
+ self.assertResourceCalled('File', '/tmp/mysql-connector-java.jar',
+ content = DownloadSource('http://c6401.ambari.apache.org:8080/resources//mysql-connector-java.jar'),
+ mode = 0644
+ )
+
+ self.assertResourceCalled('Execute', ('cp', '--remove-destination', '/tmp/mysql-connector-java.jar',
+ '/usr/hdp/2.6.0.0-801/ranger-admin/ews/lib'),
+ sudo = True,
+ path = ['/bin', '/usr/bin/']
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/2.6.0.0-801/ranger-admin/ews/lib/mysql-connector-java.jar',
+ mode = 0644
+ )
+
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/2.6.0.0-801/ranger-admin/install.properties',
+ properties = self.getConfig()['configurations']['admin-properties'],
+ owner = 'ranger'
+ )
+
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/2.6.0.0-801/ranger-admin/install.properties',
+ owner = 'ranger',
+ properties = {'SQL_CONNECTOR_JAR':
+ '/usr/hdp/2.6.0.0-801/ranger-admin/ews/lib/mysql-connector-java.jar'}
+ )
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties',
+ owner = 'ranger',
+ properties = {'audit_store': 'solr'}
+ )
+
+ self.assertResourceCalled('Execute', ('ambari-python-wrap /usr/hdp/current/ranger-admin/dba_script.py -q'),
+ user = 'ranger',
+ environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45',
+ 'RANGER_ADMIN_HOME': u'/usr/hdp/current/ranger-admin'},
+ logoutput = True
+ )
+
+ self.assertResourceCalled('Execute', ('ambari-python-wrap /usr/hdp/current/ranger-admin/db_setup.py'),
+ user = 'ranger',
+ environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45',
+ 'RANGER_ADMIN_HOME': u'/usr/hdp/current/ranger-admin'},
+ logoutput = True
+ )
+
+ def assert_configure_default(self):
+
+ ### assert db setup
+ self.assert_setup_db()
+
+ self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/conf',
+ owner = 'ranger',
+ group = 'ranger',
+ create_parents = True
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java-old.jar',
+ action = ['delete'],
+ )
+
+ self.assertResourceCalled('File', '/tmp/mysql-connector-java.jar',
+ content = DownloadSource('http://c6401.ambari.apache.org:8080/resources//mysql-connector-java.jar'),
+ mode = 0644
+ )
+
+ self.assertResourceCalled('Execute', ('cp', '--remove-destination', '/tmp/mysql-connector-java.jar', '/usr/hdp/current/ranger-admin/ews/lib'),
+ sudo = True,
+ path = ['/bin', '/usr/bin/']
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar',
+ mode = 0644
+ )
+
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties',
+ properties = self.getConfig()['configurations']['admin-properties'],
+ owner = 'ranger'
+ )
+
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties',
+ owner = 'ranger',
+ properties = {'SQL_CONNECTOR_JAR': '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar'}
+ )
+
+ self.assertResourceCalled('File', '/usr/lib/ambari-agent/DBConnectionVerification.jar',
+ content = DownloadSource('http://c6401.ambari.apache.org:8080/resources/DBConnectionVerification.jar'),
+ mode = 0644
+ )
+
+ self.assertResourceCalled('Execute',
+ '/usr/jdk64/jdk1.7.0_45/bin/java -cp /usr/lib/ambari-agent/DBConnectionVerification.jar:/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/hdp/current/ranger-admin/ews/lib/* org.apache.ambari.server.DBConnectionVerification \'jdbc:mysql://c6401.ambari.apache.org:3306/ranger01\' rangeradmin01 rangeradmin01 com.mysql.jdbc.Driver',
+ path=['/usr/sbin:/sbin:/usr/local/bin:/bin:/usr/bin'],
+ tries=5,
+ try_sleep=10,
+ environment = {}
+ )
+
+ self.assertResourceCalled('Execute', ('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/classes/conf', '/usr/hdp/current/ranger-admin/conf'),
+ not_if = 'ls /usr/hdp/current/ranger-admin/conf',
+ only_if = 'ls /usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/classes/conf',
+ sudo = True
+ )
+
+ self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/',
+ owner='ranger',
+ group='ranger',
+ recursive_ownership = True
+ )
+
+ self.assertResourceCalled('Directory', '/var/run/ranger',
+ mode=0755,
+ owner = 'ranger',
+ group = 'hadoop',
+ cd_access = "a",
+ create_parents=True
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-env-piddir.sh',
+ content = 'export RANGER_PID_DIR_PATH=/var/run/ranger\nexport RANGER_USER=ranger',
+ owner = 'ranger',
+ group = 'ranger',
+ mode = 0755
+ )
+
+ self.assertResourceCalled('Directory', '/var/log/ranger/admin',
+ owner='ranger',
+ group='ranger',
+ create_parents = True,
+ cd_access = 'a',
+ mode = 0755
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-env-logdir.sh',
+ content = 'export RANGER_ADMIN_LOG_DIR=/var/log/ranger/admin',
+ owner = 'ranger',
+ group = 'ranger',
+ mode = 0755
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-default-site.xml',
+ owner = 'ranger',
+ group = 'ranger'
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/security-applicationContext.xml',
+ owner = 'ranger',
+ group = 'ranger'
+ )
+
+ self.assertResourceCalled('Execute', ('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/ranger-admin-services.sh', '/usr/bin/ranger-admin'),
+ not_if = 'ls /usr/bin/ranger-admin',
+ only_if = 'ls /usr/hdp/current/ranger-admin/ews/ranger-admin-services.sh',
+ sudo = True
+ )
+
+ self.assertResourceCalled('XmlConfig', 'ranger-admin-site.xml',
+ owner = 'ranger',
+ group = 'ranger',
+ conf_dir = '/usr/hdp/current/ranger-admin/conf',
+ configurations = self.getConfig()['configurations']['ranger-admin-site'],
+ configuration_attributes = self.getConfig()['configuration_attributes']['ranger-admin-site'],
+ mode = 0644
+ )
+
+ self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/conf/ranger_jaas',
+ owner ='ranger',
+ group ='ranger',
+ mode = 0700
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/log4j.properties',
+ owner = 'ranger',
+ group = 'ranger',
+ content = self.getConfig()['configurations']['admin-log4j']['content'],
+ mode = 0644
+ )
+
+ self.assertResourceCalled('Execute', ('/usr/jdk64/jdk1.7.0_45/bin/java', '-cp', '/usr/hdp/current/ranger-admin/cred/lib/*', 'org.apache.ranger.credentialapi.buildks', 'create', 'rangeradmin', '-value', 'rangeradmin01', '-provider', 'jceks://file/etc/ranger/admin/rangeradmin.jceks'),
+ environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
+ logoutput=True,
+ sudo = True
+ )
+
+ self.assertResourceCalled('File', '/etc/ranger/admin/rangeradmin.jceks',
+ owner = 'ranger',
+ group = 'ranger',
+ mode = 0640
+ )
+
+ self.assertResourceCalled('XmlConfig', 'core-site.xml',
+ owner = 'ranger',
+ group = 'ranger',
+ conf_dir = '/usr/hdp/current/ranger-admin/conf',
+ configurations = self.getConfig()['configurations']['core-site'],
+ configuration_attributes = self.getConfig()['configuration_attributes']['core-site'],
+ mode = 0644
+ )
+
+ self.assertResourceCalled('Execute', ('ambari-python-wrap /usr/hdp/current/ranger-admin/db_setup.py -javapatch'),
+ user = 'ranger',
+ environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45',
+ 'RANGER_ADMIN_HOME': u'/usr/hdp/current/ranger-admin'},
+ logoutput = True
+ )
+
+ def assert_configure_secured(self):
+
+ ### assert db setup
+ self.assert_setup_db()
+
+ self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/conf',
+ owner = 'ranger',
+ group = 'ranger',
+ create_parents = True
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java-old.jar',
+ action = ['delete'],
+ )
+
+ self.assertResourceCalled('File', '/tmp/mysql-connector-java.jar',
+ content = DownloadSource('http://c6401.ambari.apache.org:8080/resources//mysql-connector-java.jar'),
+ mode = 0644
+ )
+
+ self.assertResourceCalled('Execute', ('cp', '--remove-destination', '/tmp/mysql-connector-java.jar', '/usr/hdp/current/ranger-admin/ews/lib'),
+ sudo = True,
+ path = ['/bin', '/usr/bin/']
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar',
+ mode = 0644
+ )
+
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties',
+ properties = self.getConfig()['configurations']['admin-properties'],
+ owner = 'ranger'
+ )
+
+ self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties',
+ owner = 'ranger',
+ properties = {'SQL_CONNECTOR_JAR': '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar'}
+ )
+
+ self.assertResourceCalled('File', '/usr/lib/ambari-agent/DBConnectionVerification.jar',
+ content = DownloadSource('http://c6401.ambari.apache.org:8080/resources/DBConnectionVerification.jar'),
+ mode = 0644
+ )
+
+ self.assertResourceCalled('Execute',
+ '/usr/jdk64/jdk1.7.0_45/bin/java -cp /usr/lib/ambari-agent/DBConnectionVerification.jar:/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/hdp/current/ranger-admin/ews/lib/* org.apache.ambari.server.DBConnectionVerification \'jdbc:mysql://c6401.ambari.apache.org:3306/ranger01\' rangeradmin01 rangeradmin01 com.mysql.jdbc.Driver',
+ path=['/usr/sbin:/sbin:/usr/local/bin:/bin:/usr/bin'],
+ tries=5,
+ try_sleep=10,
+ environment = {}
+ )
+
+ self.assertResourceCalled('Execute', ('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/classes/conf', '/usr/hdp/current/ranger-admin/conf'),
+ not_if = 'ls /usr/hdp/current/ranger-admin/conf',
+ only_if = 'ls /usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/classes/conf',
+ sudo = True
+ )
+
+ self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/',
+ owner='ranger',
+ group='ranger',
+ recursive_ownership = True
+ )
+
+ self.assertResourceCalled('Directory', '/var/run/ranger',
+ mode=0755,
+ owner = 'ranger',
+ group = 'hadoop',
+ cd_access = "a",
+ create_parents=True
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-env-piddir.sh',
+ content = 'export RANGER_PID_DIR_PATH=/var/run/ranger\nexport RANGER_USER=ranger',
+ owner = 'ranger',
+ group = 'ranger',
+ mode = 0755
+ )
+
+ self.assertResourceCalled('Directory', '/var/log/ranger/admin',
+ owner='ranger',
+ group='ranger',
+ create_parents = True,
+ cd_access = 'a',
+ mode = 0755
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-env-logdir.sh',
+ content = 'export RANGER_ADMIN_LOG_DIR=/var/log/ranger/admin',
+ owner = 'ranger',
+ group = 'ranger',
+ mode = 0755
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-default-site.xml',
+ owner = 'ranger',
+ group = 'ranger'
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/security-applicationContext.xml',
+ owner = 'ranger',
+ group = 'ranger'
+ )
+
+ self.assertResourceCalled('Execute', ('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/ranger-admin-services.sh', '/usr/bin/ranger-admin'),
+ not_if = 'ls /usr/bin/ranger-admin',
+ only_if = 'ls /usr/hdp/current/ranger-admin/ews/ranger-admin-services.sh',
+ sudo = True
+ )
+
+ self.assertResourceCalled('XmlConfig', 'ranger-admin-site.xml',
+ owner = 'ranger',
+ group = 'ranger',
+ conf_dir = '/usr/hdp/current/ranger-admin/conf',
+ configurations = self.getConfig()['configurations']['ranger-admin-site'],
+ configuration_attributes = self.getConfig()['configuration_attributes']['ranger-admin-site'],
+ mode = 0644
+ )
+
+ self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/conf/ranger_jaas',
+ owner ='ranger',
+ group ='ranger',
+ mode = 0700
+ )
+
+ self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/log4j.properties',
+ owner = 'ranger',
+ group = 'ranger',
+ content = self.getConfig()['configurations']['admin-log4j']['content'],
+ mode = 0644
+ )
+
+ self.assertResourceCalled('Execute', ('/usr/jdk64/jdk1.7.0_45/bin/java', '-cp', '/usr/hdp/current/ranger-admin/cred/lib/*', 'org.apache.ranger.credentialapi.buildks', 'create', 'rangeradmin', '-value', 'rangeradmin01', '-provider', 'jceks://file/etc/ranger/admin/rangeradmin.jceks'),
+ environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'},
+ logoutput=True,
+ sudo = True
+ )
+
+ self.assertResourceCalled('File', '/etc/ranger/admin/rangeradmin.jceks',
+ owner = 'ranger',
+ group = 'ranger',
+ mode = 0640
+ )
+
+ self.assertResourceCalled('XmlConfig', 'core-site.xml',
+ owner = 'ranger',
+ group = 'ranger',
+ conf_dir = '/usr/hdp/current/ranger-admin/conf',
+ configurations = self.getConfig()['configurations']['core-site'],
+ configuration_attributes = self.getConfig()['configuration_attributes']['core-site'],
+ mode = 0644
+ )
+
+ self.assertResourceCalled('Execute', ('ambari-python-wrap /usr/hdp/current/ranger-admin/db_setup.py -javapatch'),
+ user = 'ranger',
+ environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45',
+ 'RANGER_ADMIN_HOME': u'/usr/hdp/current/ranger-admin'},
+ logoutput = True
+ )
\ No newline at end of file