You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ma...@apache.org on 2013/02/22 06:43:27 UTC
svn commit: r1448902 - in /incubator/ambari/trunk: ./
ambari-agent/src/main/puppet/modules/hdp/manifests/java/
ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/
ambari-server/conf/unix/
ambari-server/src/main/java/org/apache/ambari/server/co...
Author: mahadev
Date: Fri Feb 22 05:43:27 2013
New Revision: 1448902
URL: http://svn.apache.org/r1448902
Log:
AMBARI-1357. Smoke Tests failing on secure cluster. (Siddharth Wagle via mahadev)
Modified:
incubator/ambari/trunk/CHANGES.txt
incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/package.pp
incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/package.pp
incubator/ambari/trunk/ambari-server/conf/unix/ambari.properties
incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py
Modified: incubator/ambari/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/CHANGES.txt?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/CHANGES.txt (original)
+++ incubator/ambari/trunk/CHANGES.txt Fri Feb 22 05:43:27 2013
@@ -315,6 +315,9 @@ Trunk (unreleased changes):
AMBARI-1439. rrd file location should be read from global config. (Siddharth
Wagle via mahadev).
+ AMBARI-1357. Smoke Tests failing on secure cluster. (Siddharth Wagle via
+ mahadev)
+
BUG FIXES
AMBARI-1455. Setting App.testMode=true, alwaysGoToInstaller=true does not
Modified: incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/package.pp
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/package.pp?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/package.pp (original)
+++ incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/package.pp Fri Feb 22 05:43:27 2013
@@ -20,16 +20,21 @@
#
define hdp::java::jce::package(
- $java_home_dir
+ $java_home_dir, $jdk_location, $jdk_bin
)
{
include hdp::params
$jce_policy_zip = $hdp::params::jce_policy_zip
$artifact_dir = $hdp::params::artifact_dir
- $jce_location = $hdp::params::jce_location
$jce_curl_target = "${artifact_dir}/${jce_policy_zip}"
-
+
+ if $jdk_location != '' and $jdk_bin != '' {
+ $jce_location = regsubst($jdk_location, $jdk_bin, '')
+ } else {
+ $jce_location = $hdp::params::jce_location
+ }
+
#TODO:SUHAS how to avoid redownload and install if correct version already present.
# may be check the file sizes for local_policy and export_US policy jars?
# UNLESS => "test -e ${java_exec}"
Modified: incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/package.pp
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/package.pp?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/package.pp (original)
+++ incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/package.pp Fri Feb 22 05:43:27 2013
@@ -60,7 +60,9 @@ define hdp::java::package(
if ($security_enabled == true) {
hdp::java::jce::package{ $name:
- java_home_dir => $java_home
+ java_home_dir => $java_home,
+ jdk_location => $jdk_location,
+ jdk_bin => $jdk_bin
}
}
Modified: incubator/ambari/trunk/ambari-server/conf/unix/ambari.properties
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/conf/unix/ambari.properties?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/conf/unix/ambari.properties (original)
+++ incubator/ambari/trunk/ambari-server/conf/unix/ambari.properties Fri Feb 22 05:43:27 2013
@@ -1,4 +1,4 @@
-# Copyright 2011 The Apache Software Foundation
+'# Copyright 2011 The Apache Software Foundation
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
@@ -19,6 +19,7 @@
security.server.keys_dir = /var/lib/ambari-server/keys
resources.dir = /var/lib/ambari-server/resources
jdk.url=http://public-repo-1.hortonworks.com/ARTIFACTS/jdk-6u31-linux-x64.bin
+jce_policy.url=http://public-repo-1.hortonworks.com/ARTIFACTS/jce_policy-6.zip
metadata.path=/var/lib/ambari-server/resources/stacks
webapp.dir=/usr/lib/ambari-server/web
bootstrap.dir=/var/run/ambari-server/bootstrap
Modified: incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java (original)
+++ incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java Fri Feb 22 05:43:27 2013
@@ -3160,17 +3160,19 @@ public class AmbariManagementControllerI
configurations.put(entry.getValue().getType(), entry.getValue().getProperties());
}
}
-
- stage.getExecutionCommandWrapper(hostName,
- actionRequest.getActionName()).getExecutionCommand()
- .setConfigurations(configurations);
-
+
+ ExecutionCommand execCmd = stage.getExecutionCommandWrapper(hostName,
+ actionRequest.getActionName()).getExecutionCommand();
+
+ execCmd.setConfigurations(configurations);
+
+ Map<String, String> params = new TreeMap<String, String>();
+ params.put("jdk_location", this.jdkResourceUrl);
+ execCmd.setHostLevelParams(params);
+
// Generate cluster host info
- stage
- .getExecutionCommandWrapper(hostName, actionRequest.getActionName())
- .getExecutionCommand()
- .setClusterHostInfo(
- StageUtils.getClusterHostInfo(clusters.getCluster(clusterName), hostsMap));
+ execCmd.setClusterHostInfo(
+ StageUtils.getClusterHostInfo(clusters.getCluster(clusterName), hostsMap));
}
private void addDecommissionDatanodeAction(
@@ -3218,10 +3220,16 @@ public class AmbariManagementControllerI
new ServiceComponentHostOpInProgressEvent(Role.DECOMMISSION_DATANODE
.toString(), namenodeHost, System.currentTimeMillis()),
clusterName, serviceName);
- stage.getExecutionCommandWrapper(namenodeHost,
- Role.DECOMMISSION_DATANODE.toString()).getExecutionCommand()
- .setConfigurations(configurations);
-
+
+ ExecutionCommand execCmd = stage.getExecutionCommandWrapper(namenodeHost,
+ Role.DECOMMISSION_DATANODE.toString()).getExecutionCommand();
+
+ execCmd.setConfigurations(configurations);
+
+ Map<String, String> params = new TreeMap<String, String>();
+ params.put("jdk_location", this.jdkResourceUrl);
+ execCmd.setHostLevelParams(params);
+
}
@Override
Modified: incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py (original)
+++ incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py Fri Feb 22 05:43:27 2013
@@ -128,7 +128,10 @@ OS_TYPE_PROPERTY = "server.os_type"
JDK_DOWNLOAD_CMD = "curl --create-dirs -o {0} {1}"
JDK_DOWNLOAD_SIZE_CMD = "curl -I {0}"
-
+#JCE Policy files
+JCE_POLICY_FILENAME = "jce_policy-6.zip"
+JCE_DOWNLOAD_CMD = "curl -o {0} {1}"
+JCE_MIN_FILESIZE = 5000
def configure_pg_hba_ambaridb_users():
args = optparse.Values()
@@ -426,6 +429,10 @@ def download_jdk(args):
if args.java_home and os.path.exists(args.java_home):
print_warning_msg("JAVA_HOME " + args.java_home
+ " must be valid on ALL hosts")
+ print_warning_msg("Please make sure the JCE Unlimited Strength "
+ "Jurisdiction Policy Files 6, "
+ "are dwonloaded on all "
+ "hosts")
write_property(JAVA_HOME_PROPERTY, args.java_home)
return 0
@@ -479,10 +486,10 @@ def download_jdk(args):
print "JDK already exists using " + dest_file
try:
- out = install_jdk(dest_file)
+ out, ok = install_jdk(dest_file)
jdk_version = re.search('Creating (jdk.*)/jre', out).group(1)
except Exception, e:
- print "Installation of JDK was failed: %s\n" % e.message
+ print "Installation of JDK has failed: %s\n" % e.message
file_exists = os.path.isfile(dest_file)
if file_exists:
ok = get_YN_input("JDK found at "+dest_file+". "
@@ -494,7 +501,7 @@ def download_jdk(args):
track_jdk(JDK_LOCAL_FILENAME, jdk_url, dest_file)
print 'Successfully re-downloaded JDK distribution to ' + dest_file
try:
- out = install_jdk(dest_file)
+ out, ok = install_jdk(dest_file)
jdk_version = re.search('Creating (jdk.*)/jre', out).group(1)
except Exception, e:
print "Installation of JDK was failed: %s\n" % e.message
@@ -509,8 +516,75 @@ def download_jdk(args):
format(JDK_INSTALL_DIR, jdk_version)
write_property(JAVA_HOME_PROPERTY, "{0}/{1}".
format(JDK_INSTALL_DIR, jdk_version))
+ jce_download = download_jce_policy(properties, ok)
+ if (jce_download == -1):
+ print "JCE Policy files are required for secure HDP setup. Please ensure " \
+ " all hosts have the JCE unlimited strength policy 6, files."
return 0
+def download_jce_policy(properties, accpeted_bcl):
+ try:
+ jce_url = properties['jce_policy.url']
+ resources_dir = properties['resources.dir']
+ except (KeyError), e:
+ print 'Property ' + str(e) + ' is not defined in properties file'
+ return -1
+ dest_file = resources_dir + os.sep + JCE_POLICY_FILENAME
+ if not os.path.exists(dest_file):
+ print 'Downloading JCE Policy archive from ' + jce_url + ' to ' + dest_file
+ try:
+ size_command = JDK_DOWNLOAD_SIZE_CMD.format(jce_url);
+ #Get Header from url,to get file size then
+ retcode, out, err = run_os_command(size_command)
+ if out.find("Content-Length") == -1:
+ print "Request header doesn't contain Content-Length";
+ return -1
+ start_with = int(out.find("Content-Length") + len("Content-Length") + 2)
+ end_with = out.find("\r\n", start_with)
+ src_size = int(out[start_with:end_with])
+ print_info_msg('JCE zip distribution size is ' + str(src_size) + 'bytes')
+ file_exists = os.path.isfile(dest_file)
+ file_size = -1
+ if file_exists:
+ file_size = os.stat(dest_file).st_size
+ if file_exists and file_size == src_size:
+ print_info_msg("File already exists")
+ else:
+ #BCL license before download
+ jce_download_cmd = JCE_DOWNLOAD_CMD.format(dest_file, jce_url)
+ print_info_msg("JCE download cmd: " + jce_download_cmd)
+ if (accpeted_bcl == True):
+ retcode, out, err = run_os_command(jce_download_cmd)
+ if retcode == 0:
+ print 'Successfully downloaded JCE Policy archive to ' + dest_file
+ else:
+ return -1
+ else:
+ ok = get_YN_input("To download the JCE Policy archive you must "
+ "accept the license terms found at "
+ "http://www.oracle.com/technetwork/java/javase"
+ "/terms/license/index.html"
+ "Not accepting might result in failure when "
+ "setting up HDP security. \nDo you accept the "
+ "Oracle Binary Code License Agreement [y/n] (y)? ", True)
+ if (ok == True):
+ retcode, out, err = run_os_command(jce_download_cmd)
+ if retcode == 0:
+ print 'Successfully downloaded JCE Policy archive to ' + dest_file
+ else:
+ return -1
+ except Exception, e:
+ print_error_msg('Failed to download JCE Policy archive: ' + str(e))
+ return -1
+ downloaded_size = os.stat(dest_file).st_size
+ if downloaded_size != src_size or downloaded_size < JCE_MIN_FILESIZE:
+ print_error_msg('Size of downloaded JCE Policy archive is '
+ + str(downloaded_size) + ' bytes, it is probably \
+ damaged or incomplete')
+ return -1
+ else:
+ print "JCE Policy archive already exists, using " + dest_file
+
class RetCodeException(Exception): pass
def install_jdk(dest_file):
@@ -532,7 +606,7 @@ def install_jdk(dest_file):
os.chdir(savedPath)
if (retcode != 0):
raise RetCodeException("Installation JDK returned code %s" % retcode)
- return out
+ return out, ok
def get_postgre_status():
retcode, out, err = run_os_command(PG_ST_CMD)