You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ak...@apache.org on 2013/10/25 19:07:48 UTC
git commit: AMBARI-3592. Reassign Master(secure cluster): Display
principal and keytab path creation as a required manual step. (akovalenko)
Updated Branches:
refs/heads/trunk 49a3cbe9f -> ec7f70673
AMBARI-3592. Reassign Master(secure cluster): Display principal and keytab path creation as a required manual step. (akovalenko)
Project: http://git-wip-us.apache.org/repos/asf/incubator-ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ambari/commit/ec7f7067
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ambari/tree/ec7f7067
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ambari/diff/ec7f7067
Branch: refs/heads/trunk
Commit: ec7f70673b05ab1cdea7297a4135f304c3388110
Parents: 49a3cbe
Author: Aleksandr Kovalenko <ol...@ukr.net>
Authored: Fri Oct 25 19:25:50 2013 +0300
Committer: Aleksandr Kovalenko <ol...@ukr.net>
Committed: Fri Oct 25 19:25:50 2013 +0300
----------------------------------------------------------------------
ambari-web/app/controllers/main/service/item.js | 1 +
.../main/service/reassign/step4_controller.js | 21 ++++-
.../main/service/reassign_controller.js | 80 ++++++++++++++++++--
ambari-web/app/messages.js | 11 +--
ambari-web/app/routes/reassign_master_routes.js | 3 +-
.../templates/main/service/reassign/step5.hbs | 7 +-
.../views/main/service/reassign/step5_view.js | 23 +++++-
7 files changed, 123 insertions(+), 23 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/controllers/main/service/item.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/controllers/main/service/item.js b/ambari-web/app/controllers/main/service/item.js
index 6069236..64fb843 100644
--- a/ambari-web/app/controllers/main/service/item.js
+++ b/ambari-web/app/controllers/main/service/item.js
@@ -202,6 +202,7 @@ App.MainServiceItemController = Em.Controller.extend({
console.log('In Reassign Master', hostComponent);
var reassignMasterController = App.router.get('reassignMasterController');
reassignMasterController.saveComponentToReassign(component);
+ reassignMasterController.getSecurityStatus();
reassignMasterController.setCurrentStep('1');
App.router.transitionTo('reassign');
},
http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/controllers/main/service/reassign/step4_controller.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/controllers/main/service/reassign/step4_controller.js b/ambari-web/app/controllers/main/service/reassign/step4_controller.js
index 4d8df1d..bcd2461 100644
--- a/ambari-web/app/controllers/main/service/reassign/step4_controller.js
+++ b/ambari-web/app/controllers/main/service/reassign/step4_controller.js
@@ -194,11 +194,13 @@ App.ReassignMasterWizardStep4Controller = App.HighAvailabilityProgressPageContro
onLoadConfigs: function (data) {
var isHadoop2Stack = App.get('isHadoop2Stack');
+ var securityEnabled = this.get('content.securityEnabled');
var componentName = this.get('content.reassign.component_name');
var targetHostName = this.get('content.reassignHosts.target');
var sourceHostName = this.get('content.reassignHosts.source');
var configs = {};
var componentDir = '';
+ var secureConfigs = [];
this.set('configsSitesNumber', data.items.length);
this.set('configsSitesCount', 0);
data.items.forEach(function (item) {
@@ -231,6 +233,10 @@ App.ReassignMasterWizardStep4Controller = App.HighAvailabilityProgressPageContro
if (App.Service.find().someProperty('serviceName', 'HBASE')) {
configs['hbase-site']['hbase.rootdir'] = configs['hbase-site']['hbase.rootdir'].replace(/\/\/[^\/]*/, '//' + targetHostName);
}
+ if (securityEnabled) {
+ secureConfigs.push({keytab: configs['hdfs-site']['dfs.namenode.keytab.file'], principal: configs['hdfs-site']['dfs.namenode.kerberos.principal']});
+ secureConfigs.push({keytab: configs['hdfs-site']['dfs.web.authentication.kerberos.keytab'], principal: configs['hdfs-site']['dfs.web.authentication.kerberos.principal']});
+ }
break;
case 'SECONDARY_NAMENODE':
if (isHadoop2Stack) {
@@ -240,11 +246,18 @@ App.ReassignMasterWizardStep4Controller = App.HighAvailabilityProgressPageContro
componentDir = configs['core-site']['fs.checkpoint.dir'];
configs['hdfs-site']['dfs.secondary.http.address'] = targetHostName + ':50090';
}
+ if (securityEnabled) {
+ secureConfigs.push({keytab: configs['hdfs-site']['dfs.secondary.namenode.keytab.file'], principal: configs['hdfs-site']['dfs.secondary.namenode.kerberos.principal']});
+ secureConfigs.push({keytab: configs['hdfs-site']['dfs.web.authentication.kerberos.keytab'], principal: configs['hdfs-site']['dfs.web.authentication.kerberos.principal']});
+ }
break;
case 'JOBTRACKER':
configs['mapred-site']['mapreduce.history.server.http.address'] = targetHostName + ':51111';
configs['mapred-site']['mapred.job.tracker.http.address'] = targetHostName + ':50030';
configs['mapred-site']['mapred.job.tracker'] = targetHostName + ':50300';
+ if (securityEnabled) {
+ secureConfigs.push({keytab: configs['mapred-site']['mapreduce.jobtracker.keytab.file'], principal: configs['mapred-site']['mapreduce.jobtracker.kerberos.principal']});
+ }
break;
case 'RESOURCEMANAGER':
configs['yarn-site']['yarn.resourcemanager.address'] = targetHostName + ':8050';
@@ -253,10 +266,16 @@ App.ReassignMasterWizardStep4Controller = App.HighAvailabilityProgressPageContro
configs['yarn-site']['yarn.resourcemanager.scheduler.address'] = targetHostName + ':8030';
configs['yarn-site']['yarn.resourcemanager.webapp.address'] = targetHostName + ':8088';
configs['yarn-site']['yarn.resourcemanager.hostname'] = targetHostName;
+ if (securityEnabled) {
+ secureConfigs.push({keytab: configs['yarn-site']['yarn.resourcemanager.keytab'], principal: configs['yarn-site']['yarn.resourcemanager.principal']});
+ secureConfigs.push({keytab: configs['yarn-site']['yarn.resourcemanager.webapp.spnego-keytab-file'], principal: configs['yarn-site']['yarn.resourcemanager.webapp.spnego-principal']});
+ }
+
break;
}
- if (componentDir) {
+ if (componentDir || secureConfigs.length) {
App.router.get(this.get('content.controllerName')).saveComponentDir(componentDir);
+ App.router.get(this.get('content.controllerName')).saveSecureConfigs(secureConfigs);
App.clusterStatus.setClusterStatus({
clusterName: this.get('content.cluster.name'),
clusterState: this.get('clusterDeployState'),
http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/controllers/main/service/reassign_controller.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/controllers/main/service/reassign_controller.js b/ambari-web/app/controllers/main/service/reassign_controller.js
index a0efb8b..4da24b6 100644
--- a/ambari-web/app/controllers/main/service/reassign_controller.js
+++ b/ambari-web/app/controllers/main/service/reassign_controller.js
@@ -54,18 +54,60 @@ App.ReassignMasterController = App.WizardController.extend({
serviceName: 'MISC',
hdfsUser:"hdfs",
reassign: null,
- hasManualSteps: false
+ componentsWithManualCommands: ['NAMENODE', 'SECONDARY_NAMENODE'],
+ hasManualSteps: false,
+ securityEnabled: false
}),
- componentsWithManualSteps: ['NAMENODE', 'SECONDARY_NAMENODE'],
-
addManualSteps: function () {
- this.set('content.hasManualSteps', this.get('componentsWithManualSteps').contains(this.get('content.reassign.component_name')));
- }.observes('content.reassign.component_name'),
+ this.set('content.hasManualSteps', this.get('content.componentsWithManualCommands').contains(this.get('content.reassign.component_name')) || this.get('content.securityEnabled'));
+ }.observes('content.reassign.component_name', 'content.securityEnabled'),
+
+ getSecurityStatus: function () {
+ if (App.testMode) {
+ this.set('securityEnabled', !App.testEnableSecurity);
+ } else {
+ //get Security Status From Server
+ App.ajax.send({
+ name: 'config.tags.sync',
+ sender: this,
+ success: 'getSecurityStatusSuccessCallback',
+ error: 'errorCallback'
+ });
+ }
+ },
- skipStep3: function () {
- return this.get('content.reassign.service_id') == 'GANGLIA';
- }.property('content.reassign.service_id'),
+ errorCallback: function () {
+ console.error('Cannot get security status from server');
+ },
+
+ getSecurityStatusSuccessCallback: function (data) {
+ var configs = data.Clusters.desired_configs;
+ if ('global' in configs) {
+ this.getServiceConfigsFromServer(configs['global'].tag);
+ }
+ else {
+ console.error('Cannot get security status from server');
+ }
+ },
+
+ getServiceConfigsFromServer: function (tag) {
+ var tags = [
+ {
+ siteName: "global",
+ tagName: tag
+ }
+ ];
+ var data = App.router.get('configurationController').getConfigsByTags(tags);
+ var configs = data.findProperty('tag', tag).properties;
+ var result = configs && (configs['security_enabled'] === 'true' || configs['security_enabled'] === true);
+ this.saveSecurityEnabled(result);
+ App.clusterStatus.setClusterStatus({
+ clusterName: this.get('content.cluster.name'),
+ wizardControllerName: 'reassignMasterController',
+ localdb: App.db.data
+ });
+ },
/**
* return new object extended from clusterStatusTemplate
@@ -248,6 +290,27 @@ App.ReassignMasterController = App.WizardController.extend({
this.set('content.reassignHosts', reassignHosts);
},
+
+ saveSecurityEnabled: function(securityEnabled){
+ this.setDBProperty('securityEnabled', securityEnabled);
+ this.set('content.securityEnabled', securityEnabled);
+ },
+
+ loadSecurityEnabled: function(){
+ var securityEnabled = this.getDBProperty('securityEnabled');
+ this.set('content.securityEnabled', securityEnabled);
+ },
+
+ saveSecureConfigs: function(secureConfigs){
+ this.setDBProperty('secureConfigs', secureConfigs);
+ this.set('content.secureConfigs', secureConfigs);
+ },
+
+ loadSecureConfigs: function(){
+ var secureConfigs = this.getDBProperty('secureConfigs');
+ this.set('content.secureConfigs', secureConfigs);
+ },
+
/**
* Load data for all steps until <code>current step</code>
*/
@@ -256,6 +319,7 @@ App.ReassignMasterController = App.WizardController.extend({
switch (step) {
case '6':
case '5':
+ this.loadSecureConfigs();
this.loadComponentDir();
case '4':
this.loadTasksStatuses();
http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/messages.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/messages.js b/ambari-web/app/messages.js
index dbf9cb3..b68626b 100644
--- a/ambari-web/app/messages.js
+++ b/ambari-web/app/messages.js
@@ -1151,15 +1151,8 @@ Em.I18n.translations = {
'<li>Proceed next' +
'</ol>' +
'</div>',
- 'services.reassign.step5.body.jobtracker':
- '<div class="alert alert-info">' +
- '<ol>' +
- '<li>Copy contents of <b>{0}</b> from source host <b>{1}</b> to the target host <b>{2}</b> same locations</li>' +
- '<li>Login to the target host <b>{2}</b> and change permissions for the JobTracker dirs by running:' +
- '<div class="code-snippet">chown -R mapred:hadoop /hadoop/mapred/</div></li>' +
- '<li>Proceed next' +
- '</ol>'+
- '</div>',
+ 'services.reassign.step5.body.securityNotice': 'Note: {0}',
+ 'services.reassign.step5.body.securityConfigsList': 'Keytab file <b>{0}</b> containing principal <b>{1}</b> should exist on <b>{2}</b>',
'services.reassign.step6.header': 'Start and Test services',
'services.reassign.step6.task0.title': 'Delete disabled {0}',
'services.reassign.step6.task1.title': 'Start All Services',
http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/routes/reassign_master_routes.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/routes/reassign_master_routes.js b/ambari-web/app/routes/reassign_master_routes.js
index bf862a8..acc99bf 100644
--- a/ambari-web/app/routes/reassign_master_routes.js
+++ b/ambari-web/app/routes/reassign_master_routes.js
@@ -55,10 +55,11 @@ module.exports = Em.Route.extend({
reassignMasterController.set('popup', popup);
App.clusterStatus.updateFromServer();
var currentClusterStatus = App.clusterStatus.get('value');
+ App.db.data = currentClusterStatus.localdb;
+ reassignMasterController.loadSecurityEnabled();
if (currentClusterStatus) {
switch (currentClusterStatus.clusterState) {
case 'REASSIGN_MASTER_INSTALLING' :
- App.db.data = currentClusterStatus.localdb;
reassignMasterController.setCurrentStep(currentClusterStatus.localdb.ReassignMaster.currentStep);
break;
}
http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/templates/main/service/reassign/step5.hbs
----------------------------------------------------------------------
diff --git a/ambari-web/app/templates/main/service/reassign/step5.hbs b/ambari-web/app/templates/main/service/reassign/step5.hbs
index 71d0e9e..460e648 100644
--- a/ambari-web/app/templates/main/service/reassign/step5.hbs
+++ b/ambari-web/app/templates/main/service/reassign/step5.hbs
@@ -16,7 +16,12 @@
* limitations under the License.
}}
<h2>{{t services.reassign.step5.header}}</h2>
-{{{view.bodyText}}}
+{{{view.manualCommands}}}
+{{#if view.securityNotice}}
+ <div class="alert alert-info">
+ {{{view.securityNotice}}}
+ </div>
+{{/if}}
<div class="btn-area">
<a class="btn btn-success pull-right" {{bindAttr disabled="isSubmitDisabled"}} {{action next}}>{{t common.next}} →</a>
</div>
http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/views/main/service/reassign/step5_view.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/views/main/service/reassign/step5_view.js b/ambari-web/app/views/main/service/reassign/step5_view.js
index 0a78a63..40bccef 100644
--- a/ambari-web/app/views/main/service/reassign/step5_view.js
+++ b/ambari-web/app/views/main/service/reassign/step5_view.js
@@ -23,7 +23,10 @@ App.ReassignMasterWizardStep5View = Em.View.extend({
templateName: require('templates/main/service/reassign/step5'),
- bodyText: function () {
+ manualCommands: function () {
+ if (!this.get('controller.content.componentsWithManualCommands').contains(this.get('controller.content.reassign.component_name'))) {
+ return '';
+ }
var componentDir = this.get('controller.content.componentDir');
var sourceHost = this.get('controller.content.reassignHosts.source');
var targetHost = this.get('controller.content.reassignHosts.target');
@@ -32,6 +35,20 @@ App.ReassignMasterWizardStep5View = Em.View.extend({
ha = '_ha';
var nnStartedHost = this.get('controller.content.masterComponentHosts').filterProperty('component', 'NAMENODE').mapProperty('hostName').without(this.get('controller.content.reassignHosts.target'));
}
- return Em.I18n.t('services.reassign.step5.body.' + this.get('controller.content.reassign.component_name').toLowerCase() + ha).format(componentDir, sourceHost, targetHost, this.get('controller.content.hdfsUser'),nnStartedHost);
- }.property('controller.content.reassign.component_name', 'controller.content.componentDir', 'controller.content.masterComponentHosts', 'controller.content.reassign.host_id', 'controller.content.hdfsUser')
+ return Em.I18n.t('services.reassign.step5.body.' + this.get('controller.content.reassign.component_name').toLowerCase() + ha).format(componentDir, sourceHost, targetHost, this.get('controller.content.hdfsUser'), nnStartedHost);
+ }.property('controller.content.reassign.component_name', 'controller.content.componentDir', 'controller.content.masterComponentHosts', 'controller.content.reassign.host_id', 'controller.content.hdfsUser'),
+
+ securityNotice: function () {
+ var secureConfigs = this.get('controller.content.secureConfigs');
+ if (!this.get('controller.content.securityEnabled') || !secureConfigs.length) {
+ return '';
+ }
+ var formattedText = '<ul>';
+ secureConfigs.forEach(function (config) {
+ formattedText += '<li>' + Em.I18n.t('services.reassign.step5.body.securityConfigsList').format(config.keytab,
+ config.principal.replace('_HOST', this.get('controller.content.reassignHosts.target')), this.get('controller.content.reassignHosts.target')) + '</li>';
+ }, this);
+ formattedText += '</ul>';
+ return Em.I18n.t('services.reassign.step5.body.securityNotice').format(formattedText);
+ }.property('controller.content.securityEnabled', 'controller.content.secureConfigs', 'controller.content.reassignHosts.target')
});