You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Andrew Luo <an...@outlook.com> on 2020/03/06 04:28:20 UTC
Review Request 72205: RANGER-2752: Add corresponding upgrade patch for
RANGER-2550
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72205/
-----------------------------------------------------------
Review request for ranger and Pradeep Agrawal.
Bugs: RANGER-2752
https://issues.apache.org/jira/browse/RANGER-2752
Repository: ranger
Description
-------
Upgrading from 0.7.0 to the current master fails with the following error:
2020-03-04 07:38:00,523 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java -cp /opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c \; -query "insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J10015', current_timestamp, 'Ranger 2.1.0-SNAPSHOT', current_timestamp, '306a9688fa98','N') ;"
Wed Mar 04 07:38:01 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
2020-03-04 07:38:01,164 [I] java patch PatchForKafkaServiceDefUpdate_J10015 is being applied..
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
[EL Warning]: 2020-03-04 07:38:19.282-ClientSession(841450293)-Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of range value for column 'sort_order' at row 1
Error Code: 1264
Call: INSERT INTO x_access_type_def (ADDED_BY_ID, CREATE_TIME, datamask_options, def_id, item_id, label, name, sort_order, rb_key_label, rowfilter_options, UPDATE_TIME, UPD_BY_ID) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
bind => [12 parameters bound]
Query: ValueReadQuery(name="x_access_type_def_SEQ" sql="SELECT LAST_INSERT_ID()")
2020-03-04 07:38:19,406 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java -cp /opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c \; -query "delete from x_db_version_h where version = 'J10015' and active = 'N' and updated_by='306a9688fa98';"
Wed Mar 04 07:38:19 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
2020-03-04 07:38:20,091 [E] applying java patch PatchForKafkaServiceDefUpdate_J10015 failed
This seems to be due to this commit not having corresponding handling (DDL patch) for upgrade scenarios: https://github.com/apache/ranger/commit/2a6dd3d078c52cc1314af581f7b8e6c8cdab933a
Diffs
-----
security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 47618f6b3
security-admin/db/mysql/patches/048-increase-sort-order.sql PRE-CREATION
security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e59e7de61
security-admin/db/oracle/patches/048-increase-sort-order.sql PRE-CREATION
security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 37ea61912
security-admin/db/postgres/patches/048-increase-sort-order.sql PRE-CREATION
security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql bd1c47cc4
security-admin/db/sqlanywhere/patches/048-increase-sort-order.sql PRE-CREATION
security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 22e1746f2
security-admin/db/sqlserver/patches/048-increase-sort-order.sql PRE-CREATION
Diff: https://reviews.apache.org/r/72205/diff/1/
Testing
-------
Tested 0.7.0 to 2.1.0 upgrade on MySQL. Unfortunately I don't have 0.7.0 environments for upgrade testing on other DBs but I copied much of the patch syntax from patch 024, which changes the same column for other tables.
Thanks,
Andrew Luo
Re: Review Request 72205: RANGER-2752: Add corresponding upgrade
patch for RANGER-2550
Posted by Andrew Luo <an...@outlook.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72205/#review221003
-----------------------------------------------------------
Seems to be replaced by https://reviews.apache.org/r/72383/
- Andrew Luo
On March 6, 2020, 4:28 a.m., Andrew Luo wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72205/
> -----------------------------------------------------------
>
> (Updated March 6, 2020, 4:28 a.m.)
>
>
> Review request for ranger and Pradeep Agrawal.
>
>
> Bugs: RANGER-2752
> https://issues.apache.org/jira/browse/RANGER-2752
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Upgrading from 0.7.0 to the current master fails with the following error:
>
> 2020-03-04 07:38:00,523 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java -cp /opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c \; -query "insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J10015', current_timestamp, 'Ranger 2.1.0-SNAPSHOT', current_timestamp, '306a9688fa98','N') ;"
> Wed Mar 04 07:38:01 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> 2020-03-04 07:38:01,164 [I] java patch PatchForKafkaServiceDefUpdate_J10015 is being applied..
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> [EL Warning]: 2020-03-04 07:38:19.282-ClientSession(841450293)-Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd): org.eclipse.persistence.exceptions.DatabaseException
> Internal Exception: com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of range value for column 'sort_order' at row 1
> Error Code: 1264
> Call: INSERT INTO x_access_type_def (ADDED_BY_ID, CREATE_TIME, datamask_options, def_id, item_id, label, name, sort_order, rb_key_label, rowfilter_options, UPDATE_TIME, UPD_BY_ID) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
> bind => [12 parameters bound]
> Query: ValueReadQuery(name="x_access_type_def_SEQ" sql="SELECT LAST_INSERT_ID()")
> 2020-03-04 07:38:19,406 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java -cp /opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c \; -query "delete from x_db_version_h where version = 'J10015' and active = 'N' and updated_by='306a9688fa98';"
> Wed Mar 04 07:38:19 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> 2020-03-04 07:38:20,091 [E] applying java patch PatchForKafkaServiceDefUpdate_J10015 failed
>
> This seems to be due to this commit not having corresponding handling (DDL patch) for upgrade scenarios: https://github.com/apache/ranger/commit/2a6dd3d078c52cc1314af581f7b8e6c8cdab933a
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 47618f6b3
> security-admin/db/mysql/patches/048-increase-sort-order.sql PRE-CREATION
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e59e7de61
> security-admin/db/oracle/patches/048-increase-sort-order.sql PRE-CREATION
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 37ea61912
> security-admin/db/postgres/patches/048-increase-sort-order.sql PRE-CREATION
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql bd1c47cc4
> security-admin/db/sqlanywhere/patches/048-increase-sort-order.sql PRE-CREATION
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 22e1746f2
> security-admin/db/sqlserver/patches/048-increase-sort-order.sql PRE-CREATION
>
>
> Diff: https://reviews.apache.org/r/72205/diff/1/
>
>
> Testing
> -------
>
> Tested 0.7.0 to 2.1.0 upgrade on MySQL. Unfortunately I don't have 0.7.0 environments for upgrade testing on other DBs but I copied much of the patch syntax from patch 024, which changes the same column for other tables.
>
>
> Thanks,
>
> Andrew Luo
>
>