You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by al...@apache.org on 2017/06/15 13:30:12 UTC
ambari git commit: AMBARI-20569. Configure KMS/Zookeeper settings
automatically when multiple KMS are involved (alexantonenko)
Repository: ambari
Updated Branches:
refs/heads/trunk 58d77239b -> 70f9bd620
AMBARI-20569. Configure KMS/Zookeeper settings automatically when multiple KMS are involved (alexantonenko)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/70f9bd62
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/70f9bd62
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/70f9bd62
Branch: refs/heads/trunk
Commit: 70f9bd6201ba2c3f406d414d52e40c6534abe870
Parents: 58d7723
Author: Alex Antonenko <hi...@gmail.com>
Authored: Thu Jun 15 13:32:07 2017 +0300
Committer: Alex Antonenko <hi...@gmail.com>
Committed: Thu Jun 15 16:30:07 2017 +0300
----------------------------------------------------------------------
ambari-web/app/controllers/main/host/details.js | 83 +++++++++++++++++---
.../test/controllers/main/host/details_test.js | 64 ++++++++++++---
2 files changed, 128 insertions(+), 19 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/70f9bd62/ambari-web/app/controllers/main/host/details.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/controllers/main/host/details.js b/ambari-web/app/controllers/main/host/details.js
index def75d6..6f34dfe 100644
--- a/ambari-web/app/controllers/main/host/details.js
+++ b/ambari-web/app/controllers/main/host/details.js
@@ -1407,7 +1407,10 @@ App.MainHostDetailsController = Em.Controller.extend(App.SupportClientConfigsDow
name: 'admin.get.all_configurations',
sender: this,
data: {
- urlParams: '(type=core-site&tag=' + data.Clusters.desired_configs['core-site'].tag + ')|(type=hdfs-site&tag=' + data.Clusters.desired_configs['hdfs-site'].tag + ')|(type=kms-env&tag=' + data.Clusters.desired_configs['kms-env'].tag + ')'
+ urlParams: '(type=core-site&tag=' + data.Clusters.desired_configs['core-site'].tag + ')|' +
+ '(type=hdfs-site&tag=' + data.Clusters.desired_configs['hdfs-site'].tag + ')|' +
+ '(type=kms-env&tag=' + data.Clusters.desired_configs['kms-env'].tag + ')|' +
+ '(type=kms-site&tag=' + data.Clusters.desired_configs['kms-site'].tag + ')'
},
success: params.callback
});
@@ -1420,7 +1423,7 @@ App.MainHostDetailsController = Em.Controller.extend(App.SupportClientConfigsDow
* @method onLoadRangerConfigs
*/
onLoadRangerConfigs: function (data) {
- var properties = [
+ var hdfsProperties = [
{
type: 'core-site',
name: 'hadoop.security.key.provider.path'
@@ -1430,12 +1433,47 @@ App.MainHostDetailsController = Em.Controller.extend(App.SupportClientConfigsDow
name: 'dfs.encryption.key.provider.uri'
}
],
+ kmsSiteProperties = [
+ {
+ name: 'hadoop.kms.cache.enable',
+ notHaValue: 'true',
+ haValue: 'false'
+ },
+ {
+ name: 'hadoop.kms.cache.timeout.ms',
+ notHaValue: '600000',
+ haValue: '0'
+ },
+ {
+ name: 'hadoop.kms.current.key.cache.timeout.ms',
+ notHaValue: '30000',
+ haValue: '0'
+ },
+ {
+ name: 'hadoop.kms.authentication.signer.secret.provider',
+ notHaValue: 'random',
+ haValue: 'zookeeper'
+ },
+ {
+ name: 'hadoop.kms.authentication.signer.secret.provider.zookeeper.auth.type',
+ notHaValue: 'kerberos',
+ haValue: 'none'
+ },
+ {
+ name: 'hadoop.kms.authentication.signer.secret.provider.zookeeper.connection.string',
+ notHaValue: '#HOSTNAME#:#PORT#,...',
+ haValue: this.getZookeeperConnectionString()
+ }
+ ],
hostToInstall = this.get('rangerKMSServerHost'),
- rkmsHosts = this.getRangerKMSServerHosts().join(';'),
+ rkmsHosts = this.getRangerKMSServerHosts(),
+ rkmsHostsStr = rkmsHosts.join(';'),
+ isHA = rkmsHosts.length > 1,
rkmsPort = data.items.findProperty('type', 'kms-env').properties['kms_port'],
- newValue = 'kms://http@' + rkmsHosts + ':' + rkmsPort + '/kms',
+ newValue = 'kms://http@' + rkmsHostsStr + ':' + rkmsPort + '/kms',
coreSiteConfigs = data.items.findProperty('type', 'core-site'),
hdfsSiteConfigs = data.items.findProperty('type', 'hdfs-site'),
+ kmsSiteConfigs = data.items.findProperty('type', 'kms-site'),
groups = [
{
properties: {
@@ -1446,19 +1484,27 @@ App.MainHostDetailsController = Em.Controller.extend(App.SupportClientConfigsDow
'core-site': coreSiteConfigs.properties_attributes,
'hdfs-site': hdfsSiteConfigs.properties_attributes
}
+ },
+ {
+ properties: {
+ 'kms-site': kmsSiteConfigs.properties
+ },
+ properties_attributes: {
+ 'kms-site': kmsSiteConfigs.properties_attributes
+ }
}
],
propertiesToChange = this.get('allPropertiesToChange');
this.saveLoadedConfigs(data);
- properties.forEach(function (property) {
+ hdfsProperties.forEach(function (property) {
var typeConfigs = data.items.findProperty('type', property.type).properties,
currentValue = typeConfigs[property.name],
pattern = new RegExp('^kms:\\/\\/http@(.+):' + rkmsPort + '\\/kms$'),
patternMatch = currentValue && currentValue.match(pattern),
currentHostsList = patternMatch && patternMatch[1].split(';').sort().join(';');
- if (currentHostsList !== rkmsHosts) {
+ if (currentHostsList !== rkmsHostsStr) {
typeConfigs[property.name] = newValue;
if (this.get('isReconfigureRequired')) {
var service = App.config.get('serviceByConfigTypeMap')[property.type];
@@ -1473,6 +1519,22 @@ App.MainHostDetailsController = Em.Controller.extend(App.SupportClientConfigsDow
}
}
}, this);
+
+ kmsSiteProperties.forEach(function (property) {
+ var currentValue = kmsSiteConfigs.properties[property.name];
+ var newValue = isHA ? property.haValue : property.notHaValue;
+ kmsSiteConfigs.properties[property.name] = newValue;
+
+ propertiesToChange.pushObject({
+ propertyFileName: 'kms-site',
+ propertyName: property.name,
+ serviceDisplayName: App.Service.find().findProperty('serviceName', 'RANGER_KMS').get('displayName'),
+ initialValue: currentValue,
+ recommendedValue: newValue,
+ saveRecommended: true
+ });
+ });
+
if (this.get('isReconfigureRequired')) {
this.setConfigsChanges(groups);
} else {
@@ -1492,17 +1554,20 @@ App.MainHostDetailsController = Em.Controller.extend(App.SupportClientConfigsDow
if (!!rangerKMSServerHost) {
rkmsHosts.push(rangerKMSServerHost);
- this.set('rangerKMSServerHost', '');
}
if (this.get('fromDeleteHost') || this.get('deleteRangerKMSServer')) {
- this.set('deleteRangerKMSServer', false);
- this.set('fromDeleteHost', false);
return rkmsHosts.without(this.get('content.hostName'));
}
return rkmsHosts.sort();
},
+ getZookeeperConnectionString: function () {
+ return this.getRangerKMSServerHosts().map(function (host) {
+ return host + ':2181';
+ }).join(',');
+ },
+
/**
* Delete Storm Nimbus is performed
* @type {bool}
http://git-wip-us.apache.org/repos/asf/ambari/blob/70f9bd62/ambari-web/test/controllers/main/host/details_test.js
----------------------------------------------------------------------
diff --git a/ambari-web/test/controllers/main/host/details_test.js b/ambari-web/test/controllers/main/host/details_test.js
index c7e1808..34794f7 100644
--- a/ambari-web/test/controllers/main/host/details_test.js
+++ b/ambari-web/test/controllers/main/host/details_test.js
@@ -690,6 +690,9 @@ describe('App.MainHostDetailsController', function () {
},
'core-site': {
tag: 'tag'
+ },
+ 'kms-site': {
+ tag: 'tag'
}
}
}}, null, {});
@@ -697,7 +700,7 @@ describe('App.MainHostDetailsController', function () {
expect(args[0]).exists;
expect(args[0].sender).to.be.eql(controller);
expect(args[0].data).to.be.eql({
- urlParams: '(type=core-site&tag=tag)|(type=hdfs-site&tag=tag)|(type=kms-env&tag=tag)'
+ urlParams: '(type=core-site&tag=tag)|(type=hdfs-site&tag=tag)|(type=kms-env&tag=tag)|(type=kms-site&tag=tag)'
});
});
});
@@ -720,15 +723,6 @@ describe('App.MainHostDetailsController', function () {
it('hosts list is valid', function() {
expect(this.hosts).to.eql(['host2']);
});
- it('rangerKMSServerHost is empty', function () {
- expect(controller.get('rangerKMSServerHost')).to.be.empty;
- });
- it('deleteRangerKMSServer is false', function () {
- expect(controller.get('deleteRangerKMSServer')).to.be.false;
- });
- it('fromDeleteHost is false', function () {
- expect(controller.get('fromDeleteHost')).to.be.false;
- });
});
describe("#getStormNimbusHosts()", function() {
@@ -3257,6 +3251,21 @@ describe('App.MainHostDetailsController', function () {
'core-site': undefined,
'hdfs-site': undefined
}
+ },
+ {
+ properties: {
+ 'kms-site': {
+ 'hadoop.kms.cache.enable': 'true',
+ 'hadoop.kms.cache.timeout.ms': '600000',
+ 'hadoop.kms.current.key.cache.timeout.ms': '30000',
+ 'hadoop.kms.authentication.signer.secret.provider': 'random',
+ 'hadoop.kms.authentication.signer.secret.provider.zookeeper.auth.type': 'kerberos',
+ 'hadoop.kms.authentication.signer.secret.provider.zookeeper.connection.string': '#HOSTNAME#:#PORT#,...'
+ }
+ },
+ properties_attributes: {
+ 'kms-site': undefined
+ }
}
]
},
@@ -3275,6 +3284,21 @@ describe('App.MainHostDetailsController', function () {
'core-site': undefined,
'hdfs-site': undefined
}
+ },
+ {
+ properties: {
+ 'kms-site': {
+ 'hadoop.kms.cache.enable': 'false',
+ 'hadoop.kms.cache.timeout.ms': '0',
+ 'hadoop.kms.current.key.cache.timeout.ms': '0',
+ 'hadoop.kms.authentication.signer.secret.provider': 'zookeeper',
+ 'hadoop.kms.authentication.signer.secret.provider.zookeeper.auth.type': 'none',
+ 'hadoop.kms.authentication.signer.secret.provider.zookeeper.connection.string': 'host1:2181,host2:2181'
+ }
+ },
+ properties_attributes: {
+ 'kms-site': undefined
+ }
}
]
}
@@ -3282,11 +3306,20 @@ describe('App.MainHostDetailsController', function () {
beforeEach(function () {
sinon.spy(controller, 'saveConfigsBatch');
+ sinon.stub(App.Service, 'find', function () {
+ return [
+ Em.Object.create({
+ displayName: 'service',
+ serviceName: 'RANGER_KMS'
+ })
+ ];
+ });
sinon.stub(controller, 'saveLoadedConfigs', Em.K);
});
afterEach(function () {
controller.saveConfigsBatch.restore();
+ App.Service.find.restore();
controller.saveLoadedConfigs.restore();
});
@@ -3310,6 +3343,17 @@ describe('App.MainHostDetailsController', function () {
properties: {
'dfs.encryption.key.provider.uri': 'kms://http@host2:port/kms'
}
+ },
+ {
+ type: 'kms-site',
+ properties: {
+ 'hadoop.kms.cache.enable': 'true',
+ 'hadoop.kms.cache.timeout.ms': '600000',
+ 'hadoop.kms.current.key.cache.timeout.ms': '30000',
+ 'hadoop.kms.authentication.signer.secret.provider': 'random',
+ 'hadoop.kms.authentication.signer.secret.provider.zookeeper.auth.type': 'kerberos',
+ 'hadoop.kms.authentication.signer.secret.provider.zookeeper.connection.string': '#HOSTNAME#:#PORT#,...'
+ }
}
]
};