You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@bigtop.apache.org by gu...@apache.org on 2022/09/16 04:21:25 UTC
[bigtop] branch master updated: BIGTOP-3802: Fix Mpack Hive fail to start when kerberos enabled (#1000)
This is an automated email from the ASF dual-hosted git repository.
guyuqi pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/bigtop.git
The following commit(s) were added to refs/heads/master by this push:
new be4442c2 BIGTOP-3802: Fix Mpack Hive fail to start when kerberos enabled (#1000)
be4442c2 is described below
commit be4442c2f0050775b4f96f717e1ac9a78f3b1471
Author: timyuer <52...@qq.com>
AuthorDate: Fri Sep 16 12:21:20 2022 +0800
BIGTOP-3802: Fix Mpack Hive fail to start when kerberos enabled (#1000)
---
.../1.0/services/HDFS/configuration/hadoop-env.xml | 12 ------
.../stacks/BGTP/1.0/services/HDFS/kerberos.json | 2 +-
.../services/HDFS/package/scripts/params_linux.py | 1 -
.../stacks/BGTP/1.0/services/HIVE/kerberos.json | 49 ++++++++++------------
.../services/HIVE/package/scripts/hive_service.py | 2 +-
.../1.0/services/TEZ/configuration/tez-env.xml | 4 --
6 files changed, 25 insertions(+), 45 deletions(-)
diff --git a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/configuration/hadoop-env.xml b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/configuration/hadoop-env.xml
index 8ed68ccf..06da0ac1 100644
--- a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/configuration/hadoop-env.xml
+++ b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/configuration/hadoop-env.xml
@@ -172,18 +172,6 @@
</value-attributes>
<on-ambari-upgrade add="true"/>
</property>
- <property>
- <name>proxyuser_group</name>
- <display-name>Proxy User Group</display-name>
- <value>users</value>
- <property-type>GROUP</property-type>
- <description>Proxy user group.</description>
- <value-attributes>
- <type>user</type>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="true"/>
- </property>
<property>
<name>hdfs_user</name>
<display-name>HDFS User</display-name>
diff --git a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/kerberos.json b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/kerberos.json
index 445a125b..2ba6c636 100644
--- a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/kerberos.json
+++ b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/kerberos.json
@@ -37,7 +37,7 @@
"hadoop.security.authentication": "kerberos",
"hadoop.http.authentication.type": "kerberos",
"hadoop.security.authorization": "true",
- "hadoop.proxyuser.HTTP.groups": "${hadoop-env/proxyuser_group}"
+ "hadoop.proxyuser.HTTP.groups": "${cluster-env/user_group}"
}
}
],
diff --git a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/package/scripts/params_linux.py b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/package/scripts/params_linux.py
index 5d947303..1b36cb33 100644
--- a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/package/scripts/params_linux.py
+++ b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HDFS/package/scripts/params_linux.py
@@ -237,7 +237,6 @@ hdfs_principal_name = default('/configurations/hadoop-env/hdfs_principal_name',
user_group = config['configurations']['cluster-env']['user_group']
root_group = "root"
-proxyuser_group = config['configurations']['hadoop-env']['proxyuser_group']
#hadoop params
hdfs_log_dir_prefix = config['configurations']['hadoop-env']['hdfs_log_dir_prefix']
diff --git a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HIVE/kerberos.json b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HIVE/kerberos.json
index bedb4e40..a24d3448 100644
--- a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HIVE/kerberos.json
+++ b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HIVE/kerberos.json
@@ -115,36 +115,33 @@
]
},
{
- "name": "HIVE_SERVER_INTERACTIVE",
+ "name": "WEBHCAT_SERVER",
"identities": [
- {
- "name": "hive_hive_server_interactive_hdfs",
- "reference": "/HDFS/NAMENODE/hdfs"
+ {
+ "name": "hive_webhcat_server_spnego",
+ "reference": "/spnego",
+ "principal": {
+ "configuration": "webhcat-site/templeton.kerberos.principal"
},
- {
- "name": "hive_hive_server_interactive_hive_server_hive",
- "reference": "/HIVE/HIVE_SERVER/hive_server_hive"
- },
- {
- "name": "hive_hive_server_interactive_spnego",
- "reference": "/HIVE/HIVE_SERVER/spnego"
- },
- {
- "name": "hive_hive_server_interactive_llap_zk_hive",
- "reference": "/YARN/NODEMANAGER/llap_zk_hive"
- },
- {
- "name": "hive_hive_server_interactive_task_scheduler_am_registry",
- "reference": "/HIVE/HIVE_SERVER/hive_server_hive",
- "principal": {
- "configuration": "hive-interactive-site/hive.llap.task.scheduler.am.registry.principal"
- },
- "keytab": {
- "configuration": "hive-interactive-site/hive.llap.task.scheduler.am.registry.keytab.file"
- }
+ "keytab": {
+ "configuration": "webhcat-site/templeton.kerberos.keytab"
+ }
+ }
+ ],
+ "configurations": [
+ {
+ "core-site": {
+ "hadoop.proxyuser.HTTP.hosts": "${clusterHostInfo/webhcat_server_hosts|append(core-site/hadoop.proxyuser.HTTP.hosts, \\\\,, true)}"
}
+ },
+ {
+ "webhcat-site": {
+ "templeton.kerberos.secret": "secret",
+ "templeton.hive.properties": "hive.metastore.local=false,hive.metastore.uris=${clusterHostInfo/hive_metastore_hosts|each(thrift://%s:9083, \\\\,, \\s*\\,\\s*)},hive.metastore.sasl.enabled=true,hive.metastore.execute.setugi=true,hive.metastore.warehouse.dir=/apps/hive/warehouse,hive.exec.mode.local.auto=false,hive.metastore.kerberos.principal=hive/_HOST@${realm}"
+ }
+ }
]
- }
+ }
]
}
]
diff --git a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HIVE/package/scripts/hive_service.py b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HIVE/package/scripts/hive_service.py
index 4085ec3d..3c0833bf 100644
--- a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HIVE/package/scripts/hive_service.py
+++ b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/HIVE/package/scripts/hive_service.py
@@ -52,7 +52,7 @@ def hive_service(name, action='start', upgrade_type=None):
cmd = format("{start_hiveserver2_path} {hive_log_dir}/hive-server2.out {hive_log_dir}/hive-server2.err {pid_file} {hive_server_conf_dir} {tez_conf_dir}")
- if params.security_enabled and check_stack_feature(StackFeature.HIVE_SERVER2_KERBERIZED_ENV, params.version_for_stack_feature_checks):
+ if params.security_enabled:
hive_kinit_cmd = format("{kinit_path_local} -kt {hive_server2_keytab} {hive_principal}; ")
Execute(hive_kinit_cmd, user=params.hive_user)
diff --git a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/TEZ/configuration/tez-env.xml b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/TEZ/configuration/tez-env.xml
index 80e66a29..e961a441 100644
--- a/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/TEZ/configuration/tez-env.xml
+++ b/bigtop-packages/src/common/bigtop-ambari-mpack/bgtp-ambari-mpack/src/main/resources/stacks/BGTP/1.0/services/TEZ/configuration/tez-env.xml
@@ -30,10 +30,6 @@
<type>user</type>
<overridable>false</overridable>
<user-groups>
- <property>
- <type>hadoop-env</type>
- <name>proxyuser_group</name>
- </property>
<property>
<type>cluster-env</type>
<name>user_group</name>