You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ma...@apache.org on 2013/02/22 06:43:27 UTC

svn commit: r1448902 - in /incubator/ambari/trunk: ./ ambari-agent/src/main/puppet/modules/hdp/manifests/java/ ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/ ambari-server/conf/unix/ ambari-server/src/main/java/org/apache/ambari/server/co...

Author: mahadev
Date: Fri Feb 22 05:43:27 2013
New Revision: 1448902

URL: http://svn.apache.org/r1448902
Log:
AMBARI-1357. Smoke Tests failing on secure cluster. (Siddharth Wagle via mahadev)

Modified:
    incubator/ambari/trunk/CHANGES.txt
    incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/package.pp
    incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/package.pp
    incubator/ambari/trunk/ambari-server/conf/unix/ambari.properties
    incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
    incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py

Modified: incubator/ambari/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/CHANGES.txt?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/CHANGES.txt (original)
+++ incubator/ambari/trunk/CHANGES.txt Fri Feb 22 05:43:27 2013
@@ -315,6 +315,9 @@ Trunk (unreleased changes):
  AMBARI-1439. rrd file location should be read from global config. (Siddharth
  Wagle via mahadev).
 
+ AMBARI-1357. Smoke Tests failing on secure cluster. (Siddharth Wagle via
+ mahadev)
+
  BUG FIXES
 
  AMBARI-1455. Setting App.testMode=true, alwaysGoToInstaller=true does not

Modified: incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/package.pp
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/package.pp?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/package.pp (original)
+++ incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/jce/package.pp Fri Feb 22 05:43:27 2013
@@ -20,16 +20,21 @@
 #
 
 define hdp::java::jce::package(
-  $java_home_dir
+  $java_home_dir, $jdk_location, $jdk_bin
 )
 {
   include hdp::params
 
   $jce_policy_zip = $hdp::params::jce_policy_zip
   $artifact_dir = $hdp::params::artifact_dir
-  $jce_location = $hdp::params::jce_location
   $jce_curl_target = "${artifact_dir}/${jce_policy_zip}"
-  
+
+  if $jdk_location != '' and $jdk_bin != ''  {
+    $jce_location = regsubst($jdk_location, $jdk_bin, '')
+  } else {
+    $jce_location = $hdp::params::jce_location
+  }
+
   #TODO:SUHAS how to avoid redownload and install if correct version already present.
   # may be check the file sizes for local_policy and export_US policy jars? 
   # UNLESS  => "test -e ${java_exec}"

Modified: incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/package.pp
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/package.pp?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/package.pp (original)
+++ incubator/ambari/trunk/ambari-agent/src/main/puppet/modules/hdp/manifests/java/package.pp Fri Feb 22 05:43:27 2013
@@ -60,7 +60,9 @@ define hdp::java::package(
  
   if ($security_enabled == true) {
     hdp::java::jce::package{ $name:
-      java_home_dir  => $java_home
+      java_home_dir  => $java_home,
+      jdk_location => $jdk_location,
+      jdk_bin => $jdk_bin
     }
   }
 

Modified: incubator/ambari/trunk/ambari-server/conf/unix/ambari.properties
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/conf/unix/ambari.properties?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/conf/unix/ambari.properties (original)
+++ incubator/ambari/trunk/ambari-server/conf/unix/ambari.properties Fri Feb 22 05:43:27 2013
@@ -1,4 +1,4 @@
-# Copyright 2011 The Apache Software Foundation
+'# Copyright 2011 The Apache Software Foundation
 #
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
@@ -19,6 +19,7 @@
 security.server.keys_dir = /var/lib/ambari-server/keys
 resources.dir = /var/lib/ambari-server/resources
 jdk.url=http://public-repo-1.hortonworks.com/ARTIFACTS/jdk-6u31-linux-x64.bin
+jce_policy.url=http://public-repo-1.hortonworks.com/ARTIFACTS/jce_policy-6.zip
 metadata.path=/var/lib/ambari-server/resources/stacks
 webapp.dir=/usr/lib/ambari-server/web
 bootstrap.dir=/var/run/ambari-server/bootstrap

Modified: incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java (original)
+++ incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java Fri Feb 22 05:43:27 2013
@@ -3160,17 +3160,19 @@ public class AmbariManagementControllerI
         configurations.put(entry.getValue().getType(), entry.getValue().getProperties());
       }
     }
-    
-    stage.getExecutionCommandWrapper(hostName,
-        actionRequest.getActionName()).getExecutionCommand()
-        .setConfigurations(configurations); 
-    
+
+    ExecutionCommand execCmd = stage.getExecutionCommandWrapper(hostName,
+      actionRequest.getActionName()).getExecutionCommand();
+
+    execCmd.setConfigurations(configurations);
+
+    Map<String, String> params = new TreeMap<String, String>();
+    params.put("jdk_location", this.jdkResourceUrl);
+    execCmd.setHostLevelParams(params);
+
     // Generate cluster host info
-    stage
-        .getExecutionCommandWrapper(hostName, actionRequest.getActionName())
-        .getExecutionCommand()
-        .setClusterHostInfo(
-            StageUtils.getClusterHostInfo(clusters.getCluster(clusterName), hostsMap));
+    execCmd.setClusterHostInfo(
+      StageUtils.getClusterHostInfo(clusters.getCluster(clusterName), hostsMap));
   }
 
   private void addDecommissionDatanodeAction(
@@ -3218,10 +3220,16 @@ public class AmbariManagementControllerI
         new ServiceComponentHostOpInProgressEvent(Role.DECOMMISSION_DATANODE
             .toString(), namenodeHost, System.currentTimeMillis()),
         clusterName, serviceName);
-    stage.getExecutionCommandWrapper(namenodeHost,
-        Role.DECOMMISSION_DATANODE.toString()).getExecutionCommand()
-        .setConfigurations(configurations);
-    
+
+    ExecutionCommand execCmd = stage.getExecutionCommandWrapper(namenodeHost,
+      Role.DECOMMISSION_DATANODE.toString()).getExecutionCommand();
+
+    execCmd.setConfigurations(configurations);
+
+    Map<String, String> params = new TreeMap<String, String>();
+    params.put("jdk_location", this.jdkResourceUrl);
+    execCmd.setHostLevelParams(params);
+
   }
 
   @Override

Modified: incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py?rev=1448902&r1=1448901&r2=1448902&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py (original)
+++ incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py Fri Feb 22 05:43:27 2013
@@ -128,7 +128,10 @@ OS_TYPE_PROPERTY = "server.os_type"
 JDK_DOWNLOAD_CMD = "curl --create-dirs -o {0} {1}"
 JDK_DOWNLOAD_SIZE_CMD = "curl -I {0}"
 
-
+#JCE Policy files
+JCE_POLICY_FILENAME = "jce_policy-6.zip"
+JCE_DOWNLOAD_CMD = "curl -o {0} {1}"
+JCE_MIN_FILESIZE = 5000
 
 def configure_pg_hba_ambaridb_users():
   args = optparse.Values()
@@ -426,6 +429,10 @@ def download_jdk(args):
   if args.java_home and os.path.exists(args.java_home):
     print_warning_msg("JAVA_HOME " + args.java_home
                     + " must be valid on ALL hosts")
+    print_warning_msg("Please make sure the JCE Unlimited Strength "
+                      "Jurisdiction Policy Files 6, "
+                      "are dwonloaded on all "
+                      "hosts")
     write_property(JAVA_HOME_PROPERTY, args.java_home)
     return 0
 
@@ -479,10 +486,10 @@ def download_jdk(args):
     print "JDK already exists using " + dest_file
   
   try:
-     out = install_jdk(dest_file)
+     out, ok = install_jdk(dest_file)
      jdk_version = re.search('Creating (jdk.*)/jre', out).group(1)
   except Exception, e:
-     print "Installation of JDK was failed: %s\n" % e.message
+     print "Installation of JDK has failed: %s\n" % e.message
      file_exists = os.path.isfile(dest_file)
      if file_exists:
         ok = get_YN_input("JDK found at "+dest_file+". "
@@ -494,7 +501,7 @@ def download_jdk(args):
            track_jdk(JDK_LOCAL_FILENAME, jdk_url, dest_file)
            print 'Successfully re-downloaded JDK distribution to ' + dest_file 
            try:
-               out = install_jdk(dest_file)
+               out, ok = install_jdk(dest_file)
                jdk_version = re.search('Creating (jdk.*)/jre', out).group(1)
            except Exception, e:
                print "Installation of JDK was failed: %s\n" % e.message
@@ -509,8 +516,75 @@ def download_jdk(args):
       format(JDK_INSTALL_DIR, jdk_version)
   write_property(JAVA_HOME_PROPERTY, "{0}/{1}".
       format(JDK_INSTALL_DIR, jdk_version))
+  jce_download = download_jce_policy(properties, ok)
+  if (jce_download == -1):
+    print "JCE Policy files are required for secure HDP setup. Please ensure " \
+          " all hosts have the JCE unlimited strength policy 6, files."
   return 0
 
+def download_jce_policy(properties, accpeted_bcl):
+  try:
+    jce_url = properties['jce_policy.url']
+    resources_dir = properties['resources.dir']
+  except (KeyError), e:
+    print 'Property ' + str(e) + ' is not defined in properties file'
+    return -1
+  dest_file = resources_dir + os.sep + JCE_POLICY_FILENAME
+  if not os.path.exists(dest_file):
+    print 'Downloading JCE Policy archive from ' + jce_url + ' to ' + dest_file
+    try:
+      size_command = JDK_DOWNLOAD_SIZE_CMD.format(jce_url);
+      #Get Header from url,to get file size then
+      retcode, out, err = run_os_command(size_command)
+      if out.find("Content-Length") == -1:
+        print "Request header doesn't contain Content-Length";
+        return -1
+      start_with = int(out.find("Content-Length") + len("Content-Length") + 2)
+      end_with = out.find("\r\n", start_with)
+      src_size = int(out[start_with:end_with])
+      print_info_msg('JCE zip distribution size is ' + str(src_size) + 'bytes')
+      file_exists = os.path.isfile(dest_file)
+      file_size = -1
+      if file_exists:
+        file_size = os.stat(dest_file).st_size
+      if file_exists and file_size == src_size:
+        print_info_msg("File already exists")
+      else:
+        #BCL license before download
+        jce_download_cmd = JCE_DOWNLOAD_CMD.format(dest_file, jce_url)
+        print_info_msg("JCE download cmd: " + jce_download_cmd)
+        if (accpeted_bcl == True):
+          retcode, out, err = run_os_command(jce_download_cmd)
+          if retcode == 0:
+            print 'Successfully downloaded JCE Policy archive to ' + dest_file
+          else:
+            return -1
+        else:
+          ok = get_YN_input("To download the JCE Policy archive you must "
+                            "accept the license terms found at "
+                            "http://www.oracle.com/technetwork/java/javase"
+                            "/terms/license/index.html"
+                            "Not accepting might result in failure when "
+                            "setting up HDP security. \nDo you accept the "
+                            "Oracle Binary Code License Agreement [y/n] (y)? ", True)
+          if (ok == True):
+            retcode, out, err = run_os_command(jce_download_cmd)
+            if retcode == 0:
+              print 'Successfully downloaded JCE Policy archive to ' + dest_file
+          else:
+            return -1
+    except Exception, e:
+      print_error_msg('Failed to download JCE Policy archive: ' + str(e))
+      return -1
+    downloaded_size = os.stat(dest_file).st_size
+    if downloaded_size != src_size or downloaded_size < JCE_MIN_FILESIZE:
+      print_error_msg('Size of downloaded JCE Policy archive is '
+                      + str(downloaded_size) + ' bytes, it is probably \
+                    damaged or incomplete')
+      return -1
+  else:
+    print "JCE Policy archive already exists, using " + dest_file
+
 class RetCodeException(Exception): pass
 
 def install_jdk(dest_file):
@@ -532,7 +606,7 @@ def install_jdk(dest_file):
   os.chdir(savedPath)
   if (retcode != 0):
        raise RetCodeException("Installation JDK returned code %s" % retcode) 
-  return out  
+  return out, ok
 
 def get_postgre_status():
   retcode, out, err = run_os_command(PG_ST_CMD)