You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by vb...@apache.org on 2017/05/08 20:46:15 UTC
[1/3] ambari git commit: AMBARI-20954. HDP 3.0 TP - create service
definition for Atlas with configs, kerberos, widgets, etc.(vbrodetskyi)
Repository: ambari
Updated Branches:
refs/heads/trunk 84586cc07 -> 42a542a59
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/themes/theme.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/themes/theme.json b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/themes/theme.json
new file mode 100644
index 0000000..da3c79f
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/themes/theme.json
@@ -0,0 +1,619 @@
+{
+ "name": "default",
+ "description": "Default theme for Atlas service",
+ "configuration": {
+ "layouts": [
+ {
+ "name": "default",
+ "tabs": [
+ {
+ "name": "authentication_settings",
+ "display-name": "Authentication",
+ "layout": {
+ "tab-columns": "3",
+ "tab-rows": "2",
+ "sections": [
+ {
+ "name": "section-authentication-type",
+ "display-name": "Authentication Type",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "3",
+ "section-columns": "3",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-authentication-type",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "3"
+ }
+ ]
+ },
+ {
+ "name": "section-authentication",
+ "display-name": "LDAP/AD",
+ "row-index": "1",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "3",
+ "section-columns": "3",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-authentication",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "3"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ]
+ }
+ ],
+ "placement": {
+ "configuration-layout": "default",
+ "configs": [
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.type",
+ "subsection-name": "subsection-authentication-type"
+ },
+
+
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.url",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.userDNpattern",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.groupSearchBase",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.groupSearchFilter",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.groupRoleAttribute",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.base.dn",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.bind.dn",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.bind.password",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.referral",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.user.searchfilter",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.default.role",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+
+
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.url",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.domain",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.base.dn",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.bind.dn",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.bind.password",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.referral",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.user.searchfilter",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.default.role",
+ "subsection-name": "subsection-authentication",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ }
+ ]
+ },
+ "widgets": [
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.type",
+ "widget":{
+ "type":"combo"
+ }
+ },
+
+
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.url",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.userDNpattern",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.groupSearchBase",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.groupSearchFilter",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.groupRoleAttribute",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.base.dn",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.bind.dn",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.bind.password",
+ "widget":{
+ "type":"password"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.referral",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.user.searchfilter",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.default.role",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+
+
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.ad.url",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.ad.domain",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.ad.base.dn",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.ad.bind.dn",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.ad.bind.password",
+ "widget":{
+ "type":"password"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.ad.referral",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.ad.user.searchfilter",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.ad.default.role",
+ "widget":{
+ "type":"text-field"
+ }
+ }
+ ]
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/themes/theme_version_2.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/themes/theme_version_2.json b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/themes/theme_version_2.json
new file mode 100644
index 0000000..74d0b4e
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/themes/theme_version_2.json
@@ -0,0 +1,845 @@
+{
+ "name": "default",
+ "description": "Default theme for Atlas service",
+ "configuration": {
+ "layouts": [
+ {
+ "name": "default",
+ "tabs": [
+ {
+ "name": "authentication_settings",
+ "display-name": "Authentication",
+ "layout": {
+ "tab-columns": "1",
+ "tab-rows": "4",
+ "sections": [
+ {
+ "name": "section-authentication-type",
+ "display-name": "Authentication Methods",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-authentication-type",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ },
+ {
+ "name": "subsection-authentication-file",
+ "display-name": "File",
+ "row-index": "1",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-authentication-file",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ },
+ {
+ "name": "section-authentication-ldap",
+ "display-name": "LDAP/AD",
+ "row-index": "2",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-authentication-ldap",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "name": "section-atlas-sso",
+ "display-name": "Atlas Knox SSO",
+ "row-index": "3",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1",
+ "section-columns": "1",
+ "section-rows": "1",
+ "subsections": [
+ {
+ "name": "subsection-atlas-sso",
+ "row-index": "0",
+ "column-index": "0",
+ "row-span": "1",
+ "column-span": "1"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ]
+ }
+ ],
+ "placement": {
+ "configuration-layout": "default",
+ "configs": [
+ {
+ "config": "application-properties/atlas.authentication.method.file",
+ "subsection-name": "subsection-authentication-type"
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.file.filename",
+ "subsection-name": "subsection-authentication-file",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.file"
+ ],
+ "if": "${application-properties/atlas.authentication.method.file}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap",
+ "subsection-name": "subsection-authentication-type"
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.type",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.url",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.userDNpattern",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap && ${application-properties/atlas.authentication.method.ldap} ",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.groupSearchBase",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.groupSearchFilter",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.groupRoleAttribute",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.base.dn",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.bind.dn",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.bind.password",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.referral",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.user.searchfilter",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.default.role",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ldap && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.url",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.domain",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.base.dn",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.bind.dn",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.bind.password",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.referral",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.user.searchfilter",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.default.role",
+ "subsection-name": "subsection-authentication-ldap",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.authentication.method.ldap.type",
+ "application-properties/atlas.authentication.method.ldap"
+ ],
+ "if": "${application-properties/atlas.authentication.method.ldap.type} === ad && ${application-properties/atlas.authentication.method.ldap}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.sso.knox.enabled",
+ "subsection-name": "subsection-authentication-type"
+ },
+ {
+ "config": "application-properties/atlas.sso.knox.providerurl",
+ "subsection-name": "subsection-atlas-sso",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.sso.knox.enabled"
+ ],
+ "if": "${application-properties/atlas.sso.knox.enabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.sso.knox.publicKey",
+ "subsection-name": "subsection-atlas-sso",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.sso.knox.enabled"
+ ],
+ "if": "${application-properties/atlas.sso.knox.enabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ },
+ {
+ "config": "application-properties/atlas.sso.knox.browser.useragent",
+ "subsection-name": "subsection-atlas-sso",
+ "depends-on": [
+ {
+ "configs":[
+ "application-properties/atlas.sso.knox.enabled"
+ ],
+ "if": "${application-properties/atlas.sso.knox.enabled}",
+ "then": {
+ "property_value_attributes": {
+ "visible": true
+ }
+ },
+ "else": {
+ "property_value_attributes": {
+ "visible": false
+ }
+ }
+ }
+ ]
+ }
+ ]
+ },
+ "widgets": [
+ {
+ "config": "application-properties/atlas.authentication.method.file",
+ "widget": {
+ "type": "checkbox"
+ }
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.file.filename",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap",
+ "widget": {
+ "type": "checkbox"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.url",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.userDNpattern",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.groupSearchBase",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.groupSearchFilter",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.groupRoleAttribute",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.base.dn",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.bind.dn",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.bind.password",
+ "widget":{
+ "type":"password"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.referral",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.user.searchfilter",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.default.role",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.type",
+ "widget": {
+ "type": "combo"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.ad.url",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.ad.domain",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config":"application-properties/atlas.authentication.method.ldap.ad.base.dn",
+ "widget":{
+ "type":"text-field"
+ }
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.bind.dn",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.bind.password",
+ "widget": {
+ "type": "password"
+ }
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.referral",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.user.searchfilter",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "application-properties/atlas.authentication.method.ldap.ad.default.role",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "application-properties/atlas.sso.knox.enabled",
+ "widget": {
+ "type":"checkbox"
+ }
+ },
+ {
+ "config": "application-properties/atlas.sso.knox.providerurl",
+ "widget": {
+ "type": "text-field"
+ }
+ },
+ {
+ "config": "application-properties/atlas.sso.knox.publicKey",
+ "widget": {
+ "type": "text-area"
+ }
+ },
+ {
+ "config": "application-properties/atlas.sso.knox.browser.useragent",
+ "widget": {
+ "type": "text-field"
+ }
+ }
+ ]
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/stacks/HDP/3.0/services/ATLAS/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/3.0/services/ATLAS/metainfo.xml b/ambari-server/src/main/resources/stacks/HDP/3.0/services/ATLAS/metainfo.xml
new file mode 100644
index 0000000..e11b3ca
--- /dev/null
+++ b/ambari-server/src/main/resources/stacks/HDP/3.0/services/ATLAS/metainfo.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<metainfo>
+ <schemaVersion>2.0</schemaVersion>
+ <services>
+ <service>
+ <name>ATLAS</name>
+ <version>0.7.0.3.0</version>
+ <extends>common-services/ATLAS/0.7.0.3.0</extends>
+ </service>
+ </services>
+</metainfo>
[3/3] ambari git commit: AMBARI-20954. HDP 3.0 TP - create service
definition for Atlas with configs, kerberos, widgets, etc.(vbrodetskyi)
Posted by vb...@apache.org.
AMBARI-20954. HDP 3.0 TP - create service definition for Atlas with configs, kerberos, widgets, etc.(vbrodetskyi)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/42a542a5
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/42a542a5
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/42a542a5
Branch: refs/heads/trunk
Commit: 42a542a59f3fb2a73273f9d6dc84ead8c647d776
Parents: 84586cc
Author: Vitaly Brodetskyi <vb...@hortonworks.com>
Authored: Mon May 8 23:45:41 2017 +0300
Committer: Vitaly Brodetskyi <vb...@hortonworks.com>
Committed: Mon May 8 23:45:41 2017 +0300
----------------------------------------------------------------------
.../common-services/ATLAS/0.7.0.3.0/alerts.json | 39 +
.../configuration/application-properties.xml | 546 ++++++++++++
.../ATLAS/0.7.0.3.0/configuration/atlas-env.xml | 182 ++++
.../0.7.0.3.0/configuration/atlas-log4j.xml | 170 ++++
.../configuration/atlas-solrconfig.xml | 641 ++++++++++++++
.../configuration/ranger-atlas-audit.xml | 141 ++++
.../ranger-atlas-plugin-properties.xml | 132 +++
.../ranger-atlas-policymgr-ssl.xml | 73 ++
.../configuration/ranger-atlas-security.xml | 77 ++
.../ATLAS/0.7.0.3.0/kerberos.json | 100 +++
.../ATLAS/0.7.0.3.0/metainfo.xml | 190 +++++
.../0.7.0.3.0/package/scripts/atlas_client.py | 57 ++
.../ATLAS/0.7.0.3.0/package/scripts/metadata.py | 243 ++++++
.../package/scripts/metadata_server.py | 187 ++++
.../ATLAS/0.7.0.3.0/package/scripts/params.py | 417 +++++++++
.../0.7.0.3.0/package/scripts/service_check.py | 55 ++
.../package/scripts/setup_ranger_atlas.py | 70 ++
.../0.7.0.3.0/package/scripts/status_params.py | 60 ++
.../package/templates/atlas_hbase_setup.rb.j2 | 42 +
.../package/templates/atlas_jaas.conf.j2 | 26 +
.../package/templates/atlas_kafka_acl.sh.j2 | 41 +
.../templates/input.config-atlas.json.j2 | 48 ++
.../package/templates/kafka_jaas.conf.j2 | 41 +
.../ATLAS/0.7.0.3.0/quicklinks/quicklinks.json | 36 +
.../ATLAS/0.7.0.3.0/role_command_order.json | 7 +
.../ATLAS/0.7.0.3.0/themes/theme.json | 619 ++++++++++++++
.../ATLAS/0.7.0.3.0/themes/theme_version_2.json | 845 +++++++++++++++++++
.../stacks/HDP/3.0/services/ATLAS/metainfo.xml | 27 +
28 files changed, 5112 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/alerts.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/alerts.json b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/alerts.json
new file mode 100644
index 0000000..8a2a415
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/alerts.json
@@ -0,0 +1,39 @@
+{
+ "ATLAS": {
+ "service": [],
+ "ATLAS_SERVER": [
+ {
+ "name": "metadata_server_webui",
+ "label": "Metadata Server Web UI",
+ "description": "This host-level alert is triggered if the Metadata Server Web UI is unreachable.",
+ "interval": 1,
+ "scope": "ANY",
+ "enabled": true,
+ "source": {
+ "type": "WEB",
+ "uri": {
+ "http": "{{application-properties/atlas.server.bind.address}}:{{application-properties/atlas.server.http.port}}/api/atlas/admin/status",
+ "https": "{{application-properties/atlas.server.bind.address}}:{{application-properties/atlas.server.https.port}}/api/atlas/admin/status",
+ "https_property": "{{application-properties/atlas.enableTLS}}",
+ "https_property_value": "true",
+ "default_port": 21000,
+ "kerberos_keytab": "{{cluster-env/smokeuser_keytab}}",
+ "kerberos_principal": "{{cluster-env/smokeuser_principal_name}}",
+ "connection_timeout": 5.0
+ },
+ "reporting": {
+ "ok": {
+ "text": "HTTP {0} response in {2:.3f}s"
+ },
+ "warning":{
+ "text": "HTTP {0} response from {1} in {2:.3f}s ({3})"
+ },
+ "critical": {
+ "text": "Connection failed to {1} ({3})"
+ }
+ }
+ }
+ }
+ ]
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/application-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/application-properties.xml b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/application-properties.xml
new file mode 100644
index 0000000..36a2b55
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/application-properties.xml
@@ -0,0 +1,546 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_final="false">
+ <property>
+ <name>atlas.enableTLS</name>
+ <value>false</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>atlas.authentication.principal</name>
+ <value>atlas</value>
+ <description/>
+ <property-type>KERBEROS_PRINCIPAL</property-type>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.keytab</name>
+ <value>/etc/security/keytabs/atlas.service.keytab</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.server.bind.address</name>
+ <value>localhost</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.notification.embedded</name>
+ <value>false</value>
+ <description>Indicates whether or not the notification service should be embedded.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <!-- atlas.cluster.name is also part of Atlas Hooks -->
+ <property>
+ <name>atlas.cluster.name</name>
+ <value>{{cluster_name}}</value>
+ <description>The cluster name.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>atlas.server.http.port</name>
+ <value>21000</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.server.https.port</name>
+ <value>21443</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>atlas.audit.hbase.tablename</name>
+ <value>ATLAS_ENTITY_AUDIT_EVENTS</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.audit.zookeeper.session.timeout.ms</name>
+ <value>60000</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.audit.hbase.zookeeper.quorum</name>
+ <value/>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <!-- Storage properties -->
+ <property>
+ <name>atlas.graph.storage.hbase.table</name>
+ <value>atlas_titan</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.graph.storage.hostname</name>
+ <value/>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <!-- Overriden: previous value was berkeleyje -->
+ <property>
+ <name>atlas.graph.storage.backend</name>
+ <value>hbase</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <!-- Graph properties -->
+ <!-- Overriden: previous value was elasticsearch -->
+ <property>
+ <name>atlas.graph.index.search.backend</name>
+ <value>solr5</value>
+ <description>The Atlas indexing backend (e.g. solr5).</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.graph.index.search.solr.mode</name>
+ <value>cloud</value>
+ <description>The Solr mode (e.g. cloud).</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.graph.index.search.solr.zookeeper-url</name>
+ <value/>
+ <description>The ZooKeeper quorum setup for Solr as comma separated value.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <!-- Authentication properties -->
+ <property>
+ <name>atlas.authentication.method.kerberos</name>
+ <value>false</value>
+ <description>Indicates whether or not Kerberos is enabled.</description>
+ <on-ambari-upgrade add="false"/>
+ <value-attributes>
+ <type>boolean</type>
+ </value-attributes>
+ </property>
+ <property>
+ <name>atlas.authentication.method.file</name>
+ <display-name>Enable File Authentication</display-name>
+ <value>true</value>
+ <description>Indicates whether or not file based authentication is enabled.</description>
+ <on-ambari-upgrade add="false"/>
+ <value-attributes>
+ <type>boolean</type>
+ </value-attributes>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap</name>
+ <display-name>Enable LDAP Authentication</display-name>
+ <value>false</value>
+ <description>Indicates whether or not LDAP authentication is enabled.</description>
+ <on-ambari-upgrade add="false"/>
+ <value-attributes>
+ <type>boolean</type>
+ </value-attributes>
+ </property>
+ <property>
+ <name>atlas.authentication.method.file.filename</name>
+ <value>{{conf_dir}}/users-credentials.properties</value>
+ <description>File path for file based login.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.auth.policy.file</name>
+ <value>{{conf_dir}}/policy-store.txt</value>
+ <description>Path for the Atlas policy file.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <!-- Start: Shared Atlas Hooks that are also written out to configs for Falcon, Storm, Hive, and Sqoop.
+ There are several more properties for when Atlas is Kerberized.
+ Note that atlas.cluster.name is inherited.
+ -->
+ <!-- This property is constructed from the protocol, server, and port and generated by Stack Advisor.
+ Hence, it should be visible but not editable.
+ -->
+ <property>
+ <name>atlas.rest.address</name>
+ <value>http://localhost:21000</value>
+ <depends-on>
+ <property>
+ <type>application-properties</type>
+ <name>atlas.enableTLS</name>
+ </property>
+ <property>
+ <type>application-properties</type>
+ <name>atlas.server.http.port</name>
+ </property>
+ <property>
+ <type>application-properties</type>
+ <name>atlas.server.https.port</name>
+ </property>
+ </depends-on>
+ <value-attributes>
+ <editable-only-at-install>false</editable-only-at-install>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.kafka.bootstrap.servers</name>
+ <value/>
+ <description>Comma separated list of Kafka broker endpoints in host:port form</description>
+ <depends-on>
+ <property>
+ <type>kafka-broker</type>
+ <name>listeners</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.kafka.zookeeper.connect</name>
+ <value/>
+ <description>Comma separated list of servers forming Zookeeper quorum used by Kafka.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.kafka.hook.group.id</name>
+ <value>atlas</value>
+ <description>Kafka group id for the hook topic.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.kafka.zookeeper.session.timeout.ms</name>
+ <value>60000</value>
+ <description></description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.kafka.zookeeper.connection.timeout.ms</name>
+ <value>30000</value>
+ <description></description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.kafka.zookeeper.sync.time.ms</name>
+ <value>20</value>
+ <description></description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.kafka.auto.commit.enable</name>
+ <value>false</value>
+ <description>Kafka auto commit setting for Atlas notifications.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.notification.create.topics</name>
+ <value>true</value>
+ <description></description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.notification.replicas</name>
+ <value>1</value>
+ <description></description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.notification.topics</name>
+ <value>ATLAS_HOOK,ATLAS_ENTITIES</value>
+ <description></description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <!-- End: Atlas Hooks -->
+
+ <property>
+ <name>atlas.authorizer.impl</name>
+ <description>
+ Atlas authorizer class
+ </description>
+ <depends-on>
+ <property>
+ <type>ranger-atlas-plugin-properties</type>
+ <name>ranger-atlas-plugin-enabled</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <!-- Lineage properties -->
+ <property>
+ <name>atlas.lineage.schema.query.hive_table</name>
+ <value>hive_table where __guid='%s'\, columns</value>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.lineage.schema.query.Table</name>
+ <value>Table where __guid='%s'\, columns</value>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.solr.kerberos.enable</name>
+ <value>false</value>
+ <description>Enable kerberized Solr support for Atlas.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+
+
+ <!-- LDAP properties. They all begin with "atlas.authentication.method.ldap."
+ Must allow empty values since the user can pick either LDAP or AD.
+ -->
+ <property>
+ <name>atlas.authentication.method.ldap.url</name>
+ <value/>
+ <description>The LDAP URL.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.userDNpattern</name>
+ <value>uid=</value>
+ <description>User DN Pattern. This pattern is used to create a distinguished name (DN) for a user during login</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.groupSearchBase</name>
+ <value/>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.groupSearchFilter</name>
+ <value/>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.groupRoleAttribute</name>
+ <value>cn</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.base.dn</name>
+ <value/>
+ <description>The Distinguished Name (DN) of the starting point for directory server searches.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.bind.dn</name>
+ <value/>
+ <description>Full distinguished name (DN), including common name (CN), of an LDAP user account that has privileges to search. </description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.bind.password</name>
+ <value/>
+ <property-type>PASSWORD</property-type>
+ <description>Password for the account that can search</description>
+ <value-attributes>
+ <type>password</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.referral</name>
+ <value>ignore</value>
+ <description>Set to follow if multiple LDAP servers are configured to return continuation references for results. Set to ignore (default) if no referrals should be followed. Possible values are follow|throw|ignore</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.user.searchfilter</name>
+ <value/>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.default.role</name>
+ <value>ROLE_USER</value>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <!-- AD properties. They all begin with "atlas.authentication.method.ldap.ad."
+ Must allow empty values since the user can pick either LDAP or AD.
+ -->
+ <property>
+ <name>atlas.authentication.method.ldap.ad.domain</name>
+ <display-name>Domain Name (Only for AD)</display-name>
+ <value/>
+ <description>AD domain, only used if Authentication method is AD</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.ad.url</name>
+ <value/>
+ <description>AD URL, only used if Authentication method is AD</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.ad.base.dn</name>
+ <value/>
+ <description>The Distinguished Name (DN) of the starting point for directory server searches.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.ad.bind.dn</name>
+ <value/>
+ <description>Full distinguished name (DN), including common name (CN), of an LDAP user account that has privileges to search. </description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.ad.bind.password</name>
+ <value/>
+ <property-type>PASSWORD</property-type>
+ <description>Password for the account that can search</description>
+ <value-attributes>
+ <type>password</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.ad.referral</name>
+ <value>ignore</value>
+ <description>Set to follow if multiple AD servers are configured to return continuation references for results. Set to ignore (default) if no referrals should be followed. Possible values are follow|throw|ignore</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.ad.user.searchfilter</name>
+ <value>(sAMAccountName={0})</value>
+ <description/>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.authentication.method.ldap.ad.default.role</name>
+ <value>ROLE_USER</value>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>atlas.ssl.exclude.protocols</name>
+ <display-name>Excluded Wire Encryption Protocols</display-name>
+ <value>TLSv1.2</value>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <description>A comma-separate list of the wire encryption protocols to exclude when TLS is enabled. Some versions of cURL do not work with TLSv1.2.</description>
+ <used-by>
+ <property>
+ <type>application-properties</type>
+ <name>atlas.enableTLS</name>
+ </property>
+ </used-by>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+
+ <property>
+ <name>atlas.sso.knox.enabled</name>
+ <display-name>Enable Atlas Knox SSO</display-name>
+ <value>false</value>
+ <description/>
+ <value-attributes>
+ <type>boolean</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>atlas.sso.knox.providerurl</name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>gateway-site</type>
+ <name>gateway.port</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>atlas.sso.knox.publicKey</name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <type>multiline</type>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>atlas.sso.knox.browser.useragent</name>
+ <value/>
+ <description/>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>atlas.authentication.method.ldap.type</name>
+ <display-name>LDAP Authentication Type</display-name>
+ <value>ldap</value>
+ <description>The LDAP type (ldap, ad, or none).</description>
+ <value-attributes>
+ <overridable>false</overridable>
+ <type>value-list</type>
+ <entries>
+ <entry>
+ <value>ldap</value>
+ <label>LDAP</label>
+ </entry>
+ <entry>
+ <value>ad</value>
+ <label>AD</label>
+ </entry>
+ </entries>
+ <selection-cardinality>1</selection-cardinality>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-env.xml b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-env.xml
new file mode 100644
index 0000000..c5a4fd6
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-env.xml
@@ -0,0 +1,182 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_adding_forbidden="true">
+ <property>
+ <name>atlas_server_metadata_size</name>
+ <value>50000</value>
+ <description>Count of metadata objects that supposed to be processed by atlas instance</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas_server_xmx</name>
+ <value>2048</value>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas_server_max_new_size</name>
+ <value>614</value>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <!-- metadata-env.sh -->
+ <property require-input="false">
+ <name>metadata_log_dir</name>
+ <value>/var/log/atlas</value>
+ <description>Atlas log directory.</description>
+ <value-attributes>
+ <type>directory</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property require-input="false">
+ <name>metadata_pid_dir</name>
+ <value>/var/run/atlas</value>
+ <description>Atlas pid-file directory.</description>
+ <value-attributes>
+ <type>directory</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>metadata_user</name>
+ <display-name>Metadata User</display-name>
+ <value>atlas</value>
+ <property-type>USER</property-type>
+ <description>Metadata User Name.</description>
+ <value-attributes>
+ <type>user</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>metadata_opts</name>
+ <value>-Dlog4j.configuration=atlas-log4j.xml</value>
+ <description>Metadata Server command line options.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>metadata_classpath</name>
+ <value> </value>
+ <description>Metadata Server additional classpath.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property require-input="false">
+ <name>metadata_data_dir</name>
+ <value>/var/lib/atlas/data</value>
+ <description>Atlas data directory.</description>
+ <value-attributes>
+ <type>directory</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property require-input="false">
+ <name>metadata_expanded_war_dir</name>
+ <value>./server/webapp</value>
+ <description>Atlas expanded WAR directory.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>metadata_conf_file</name>
+ <value>atlas-application.properties</value>
+ <description>Atlas configuration file</description>
+ <value-attributes>
+ <read-only>true</read-only>
+ <overridable>false</overridable>
+ <visible>false</visible>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>atlas_solr_shards</name>
+ <value>1</value>
+ <description>The number of shards set for collections created in LogSearch SOLR.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <!-- metadata-env.sh -->
+ <property>
+ <name>content</name>
+ <display-name>atlas-env template</display-name>
+ <description>This is the jinja template for metadata-env.sh file</description>
+ <value>
+ # The java implementation to use. If JAVA_HOME is not found we expect java and jar to be in path
+ export JAVA_HOME={{java64_home}}
+
+ # any additional java opts you want to set. This will apply to both client and server operations
+ {% if security_enabled %}
+ export ATLAS_OPTS="{{metadata_opts}} -Djava.security.auth.login.config={{atlas_jaas_file}}"
+ {% else %}
+ export ATLAS_OPTS="{{metadata_opts}}"
+ {% endif %}
+
+ # metadata configuration directory
+ export ATLAS_CONF={{conf_dir}}
+
+ # Where log files are stored. Defatult is logs directory under the base install location
+ export ATLAS_LOG_DIR={{log_dir}}
+
+ # additional classpath entries
+ export ATLASCPPATH={{metadata_classpath}}
+
+ # data dir
+ export ATLAS_DATA_DIR={{data_dir}}
+
+ # pid dir
+ export ATLAS_PID_DIR={{pid_dir}}
+
+ # hbase conf dir
+ export HBASE_CONF_DIR={{hbase_conf_dir}}
+
+ # Where do you want to expand the war file. By Default it is in /server/webapp dir under the base install dir.
+ export ATLAS_EXPANDED_WEBAPP_DIR={{expanded_war_dir}}
+ export ATLAS_SERVER_OPTS="-server -XX:SoftRefLRUPolicyMSPerMB=0 -XX:+CMSClassUnloadingEnabled -XX:+UseConcMarkSweepGC -XX:+CMSParallelRemarkEnabled -XX:+PrintTenuringDistribution -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=$ATLAS_LOG_DIR/atlas_server.hprof -Xloggc:$ATLAS_LOG_DIR/gc-worker.log -verbose:gc -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=10 -XX:GCLogFileSize=1m -XX:+PrintGCDetails -XX:+PrintHeapAtGC -XX:+PrintGCTimeStamps"
+ {% if java_version == 8 %}
+ export ATLAS_SERVER_HEAP="-Xms{{atlas_server_xmx}}m -Xmx{{atlas_server_xmx}}m -XX:MaxNewSize={{atlas_server_max_new_size}}m -XX:MetaspaceSize=100m -XX:MaxMetaspaceSize=512m"
+ {% else %}
+ export ATLAS_SERVER_HEAP="-Xms{{atlas_server_xmx}}m -Xmx{{atlas_server_xmx}}m -XX:MaxNewSize={{atlas_server_max_new_size}}m -XX:MaxPermSize=512m"
+ {% endif %}
+ </value>
+ <value-attributes>
+ <type>content</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>atlas.admin.username</name>
+ <display-name>Admin username</display-name>
+ <description>Admin Login user</description>
+ <value>admin</value>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas.admin.password</name>
+ <display-name>Admin password</display-name>
+ <description>Admin Login password</description>
+ <value>admin</value>
+ <property-type>PASSWORD</property-type>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-log4j.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-log4j.xml b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-log4j.xml
new file mode 100644
index 0000000..bafd47d
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-log4j.xml
@@ -0,0 +1,170 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_adding_forbidden="true">
+
+ <property>
+ <name>atlas_log_level</name>
+ <value>info</value>
+ <description>Log level for atlas logging</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>audit_log_level</name>
+ <value>info</value>
+ <description>Log level for audit logging</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>atlas_log_max_backup_size</name>
+ <value>256</value>
+ <description>The maximum size of backup file before the log is rotated</description>
+ <display-name>Atlas Log: backup file size</display-name>
+ <value-attributes>
+ <unit>MB</unit>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>atlas_log_number_of_backup_files</name>
+ <value>20</value>
+ <description>The number of backup files</description>
+ <display-name>Atlas Log: # of backup files</display-name>
+ <value-attributes>
+ <type>int</type>
+ <minimum>0</minimum>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>content</name>
+ <display-name>atlas-log4j template</display-name>
+ <description>Custom log4j.properties</description>
+ <value><![CDATA[<?xml version="1.0" encoding="UTF-8" ?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+
+<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
+
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/">
+ <appender name="console" class="org.apache.log4j.ConsoleAppender">
+ <param name="Target" value="System.out"/>
+ <layout class="org.apache.log4j.PatternLayout">
+ <param name="ConversionPattern" value="%d %-5p - [%t:%x] ~ %m (%c{1}:%L)%n"/>
+ </layout>
+ </appender>
+
+ <appender name="FILE" class="org.apache.log4j.DailyRollingFileAppender">
+ <param name="File" value="{{log_dir}}/application.log"/>
+ <param name="Append" value="true"/>
+ <param name="MaxFileSize" value="{{atlas_log_max_backup_size}}MB" />
+ <param name="MaxBackupIndex" value="{{atlas_log_number_of_backup_files}}" />
+ <layout class="org.apache.log4j.PatternLayout">
+ <param name="ConversionPattern" value="%d %-5p - [%t:%x] ~ %m (%c{1}:%L)%n"/>
+ </layout>
+ </appender>
+
+ <!-- uncomment this block to generate performance traces
+ <appender name="perf_appender" class="org.apache.log4j.DailyRollingFileAppender">
+ <param name="File" value="{{log_dir}}/atlas_perf.log" />
+ <param name="datePattern" value="'.'yyyy-MM-dd" />
+ <param name="append" value="true" />
+ <layout class="org.apache.log4j.PatternLayout">
+ <param name="ConversionPattern" value="%d|%t|%m%n" />
+ </layout>
+ </appender>
+
+ <logger name="org.apache.atlas.perf" additivity="false">
+ <level value="debug" />
+ <appender-ref ref="perf_appender" />
+ </logger>
+ -->
+
+ <appender name="AUDIT" class="org.apache.log4j.DailyRollingFileAppender">
+ <param name="File" value="{{log_dir}}/audit.log"/>
+ <param name="Append" value="true"/>
+ <param name="Threshold" value="info"/>
+ <layout class="org.apache.log4j.PatternLayout">
+ <param name="ConversionPattern" value="%d %x %m%n"/>
+ </layout>
+ </appender>
+
+ <logger name="org.apache.atlas" additivity="false">
+ <level value="{{atlas_log_level}}"/>
+ <appender-ref ref="FILE"/>
+ </logger>
+
+
+ <logger name="com.thinkaurelius.titan" additivity="false">
+ <level value="info"/>
+ <appender-ref ref="FILE"/>
+ </logger>
+
+ <logger name="org.elasticsearch" additivity="false">
+ <level value="info"/>
+ <appender-ref ref="FILE"/>
+ </logger>
+
+ <logger name="org.apache.lucene" additivity="false">
+ <level value="info"/>
+ <appender-ref ref="FILE"/>
+ </logger>
+
+ <logger name="com.google" additivity="false">
+ <level value="info"/>
+ <appender-ref ref="FILE"/>
+ </logger>
+
+ <logger name="AUDIT" additivity="false">
+ <level value="{{audit_log_level}}"/>
+ <appender-ref ref="AUDIT"/>
+ </logger>
+
+ <root>
+ <priority value="info"/>
+ <appender-ref ref="FILE"/>
+ </root>
+
+</log4j:configuration>
+ ]]></value>
+ <value-attributes>
+ <type>content</type>
+ <show-property-name>false</show-property-name>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-solrconfig.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-solrconfig.xml b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-solrconfig.xml
new file mode 100644
index 0000000..cba4a4e
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/atlas-solrconfig.xml
@@ -0,0 +1,641 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_adding_forbidden="true">
+ <property>
+ <name>content</name>
+ <display-name>atlas-solrconfig template</display-name>
+ <description>Atlas Solr configuration</description>
+ <value><![CDATA[<?xml version="1.0" encoding="UTF-8" ?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<!--
+ ***
+ For more details about configurations options that may appear in
+ this file, see http://wiki.apache.org/solr/SolrConfigXml.
+-->
+<config>
+ <!-- In all configuration below, a prefix of "solr." for class names
+ is an alias that causes solr to search appropriate packages,
+ including org.apache.solr.(search|update|request|core|analysis)
+
+ You may also specify a fully qualified Java classname if you
+ have your own custom plugins.
+ -->
+
+ <!-- Controls what version of Lucene various components of Solr
+ adhere to. Generally, you want to use the latest version to
+ get all bug fixes and improvements. It is highly recommended
+ that you fully re-index after changing this setting as it can
+ affect both how text is indexed and queried.
+ -->
+ <luceneMatchVersion>5.5.1</luceneMatchVersion>
+
+ <!-- Data Directory
+
+ Used to specify an alternate directory to hold all index data
+ other than the default ./data under the Solr home. If
+ replication is in use, this should match the replication
+ configuration.
+ -->
+ <dataDir>${solr.data.dir:}</dataDir>
+
+
+ <!-- The DirectoryFactory to use for indexes.
+
+ solr.StandardDirectoryFactory is filesystem
+ based and tries to pick the best implementation for the current
+ JVM and platform. solr.NRTCachingDirectoryFactory, the default,
+ wraps solr.StandardDirectoryFactory and caches small files in memory
+ for better NRT performance.
+
+ One can force a particular implementation via solr.MMapDirectoryFactory,
+ solr.NIOFSDirectoryFactory, or solr.SimpleFSDirectoryFactory.
+
+ solr.RAMDirectoryFactory is memory based, not
+ persistent, and doesn't work with replication.
+ -->
+ <directoryFactory name="DirectoryFactory"
+ class="${solr.directoryFactory:solr.NRTCachingDirectoryFactory}">
+ </directoryFactory>
+
+ <!-- The CodecFactory for defining the format of the inverted index.
+ The default implementation is SchemaCodecFactory, which is the official Lucene
+ index format, but hooks into the schema to provide per-field customization of
+ the postings lists and per-document values in the fieldType element
+ (postingsFormat/docValuesFormat). Note that most of the alternative implementations
+ are experimental, so if you choose to customize the index format, it's a good
+ idea to convert back to the official format e.g. via IndexWriter.addIndexes(IndexReader)
+ before upgrading to a newer version to avoid unnecessary reindexing.
+ A "compressionMode" string element can be added to <codecFactory> to choose
+ between the existing compression modes in the default codec: "BEST_SPEED" (default)
+ or "BEST_COMPRESSION".
+ -->
+ <codecFactory class="solr.SchemaCodecFactory"/>
+
+ <!-- To disable dynamic schema REST APIs, use the following for <schemaFactory>:
+
+ <schemaFactory class="ClassicIndexSchemaFactory"/>
+
+ When ManagedIndexSchemaFactory is specified instead, Solr will load the schema from
+ the resource named in 'managedSchemaResourceName', rather than from schema.xml.
+ Note that the managed schema resource CANNOT be named schema.xml. If the managed
+ schema does not exist, Solr will create it after reading schema.xml, then rename
+ 'schema.xml' to 'schema.xml.bak'.
+
+ Do NOT hand edit the managed schema - external modifications will be ignored and
+ overwritten as a result of schema modification REST API calls.
+
+ When ManagedIndexSchemaFactory is specified with mutable = true, schema
+ modification REST API calls will be allowed; otherwise, error responses will be
+ sent back for these requests.
+ -->
+ <schemaFactory class="ManagedIndexSchemaFactory">
+ <bool name="mutable">true</bool>
+ <str name="managedSchemaResourceName">managed-schema</str>
+ </schemaFactory>
+
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ Index Config - These settings control low-level behavior of indexing
+ Most example settings here show the default value, but are commented
+ out, to more easily see where customizations have been made.
+
+ Note: This replaces <indexDefaults> and <mainIndex> from older versions
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <indexConfig>
+
+ <!-- LockFactory
+
+ This option specifies which Lucene LockFactory implementation
+ to use.
+
+ single = SingleInstanceLockFactory - suggested for a
+ read-only index or when there is no possibility of
+ another process trying to modify the index.
+ native = NativeFSLockFactory - uses OS native file locking.
+ Do not use when multiple solr webapps in the same
+ JVM are attempting to share a single index.
+ simple = SimpleFSLockFactory - uses a plain file for locking
+
+ Defaults: 'native' is default for Solr3.6 and later, otherwise
+ 'simple' is the default
+
+ More details on the nuances of each LockFactory...
+ http://wiki.apache.org/lucene-java/AvailableLockFactories
+ -->
+ <lockType>${solr.lock.type:native}</lockType>
+
+ <!-- Lucene Infostream
+
+ To aid in advanced debugging, Lucene provides an "InfoStream"
+ of detailed information when indexing.
+
+ Setting the value to true will instruct the underlying Lucene
+ IndexWriter to write its info stream to solr's log. By default,
+ this is enabled here, and controlled through log4j.properties.
+ -->
+ <infoStream>true</infoStream>
+ </indexConfig>
+
+
+ <!-- JMX
+
+ This example enables JMX if and only if an existing MBeanServer
+ is found, use this if you want to configure JMX through JVM
+ parameters. Remove this to disable exposing Solr configuration
+ and statistics to JMX.
+
+ For more details see http://wiki.apache.org/solr/SolrJmx
+ -->
+ <jmx />
+ <!-- If you want to connect to a particular server, specify the
+ agentId
+ -->
+ <!-- <jmx agentId="myAgent" /> -->
+ <!-- If you want to start a new MBeanServer, specify the serviceUrl -->
+ <!-- <jmx serviceUrl="service:jmx:rmi:///jndi/rmi://localhost:9999/solr"/>
+ -->
+
+ <!-- The default high-performance update handler -->
+ <updateHandler class="solr.DirectUpdateHandler2">
+
+ <!-- Enables a transaction log, used for real-time get, durability, and
+ and solr cloud replica recovery. The log can grow as big as
+ uncommitted changes to the index, so use of a hard autoCommit
+ is recommended (see below).
+ "dir" - the target directory for transaction logs, defaults to the
+ solr data directory.
+ "numVersionBuckets" - sets the number of buckets used to keep
+ track of max version values when checking for re-ordered
+ updates; increase this value to reduce the cost of
+ synchronizing access to version buckets during high-volume
+ indexing, this requires 8 bytes (long) * numVersionBuckets
+ of heap space per Solr core.
+ -->
+ <updateLog>
+ <str name="dir">${solr.ulog.dir:}</str>
+ <int name="numVersionBuckets">${solr.ulog.numVersionBuckets:65536}</int>
+ </updateLog>
+
+ <!-- AutoCommit
+
+ Perform a hard commit automatically under certain conditions.
+ Instead of enabling autoCommit, consider using "commitWithin"
+ when adding documents.
+
+ http://wiki.apache.org/solr/UpdateXmlMessages
+
+ maxDocs - Maximum number of documents to add since the last
+ commit before automatically triggering a new commit.
+
+ maxTime - Maximum amount of time in ms that is allowed to pass
+ since a document was added before automatically
+ triggering a new commit.
+ openSearcher - if false, the commit causes recent index changes
+ to be flushed to stable storage, but does not cause a new
+ searcher to be opened to make those changes visible.
+
+ If the updateLog is enabled, then it's highly recommended to
+ have some sort of hard autoCommit to limit the log size.
+ -->
+ <autoCommit>
+ <maxTime>${solr.autoCommit.maxTime:15000}</maxTime>
+ <openSearcher>false</openSearcher>
+ </autoCommit>
+
+ <!-- softAutoCommit is like autoCommit except it causes a
+ 'soft' commit which only ensures that changes are visible
+ but does not ensure that data is synced to disk. This is
+ faster and more near-realtime friendly than a hard commit.
+ -->
+ <autoSoftCommit>
+ <maxTime>${solr.autoSoftCommit.maxTime:-1}</maxTime>
+ </autoSoftCommit>
+
+ </updateHandler>
+
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ Query section - these settings control query time things like caches
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <query>
+ <!-- Max Boolean Clauses
+
+ Maximum number of clauses in each BooleanQuery, an exception
+ is thrown if exceeded.
+
+ ** WARNING **
+
+ This option actually modifies a global Lucene property that
+ will affect all SolrCores. If multiple solrconfig.xml files
+ disagree on this property, the value at any given moment will
+ be based on the last SolrCore to be initialized.
+
+ -->
+ <maxBooleanClauses>1024</maxBooleanClauses>
+
+
+ <!-- Solr Internal Query Caches
+
+ There are two implementations of cache available for Solr,
+ LRUCache, based on a synchronized LinkedHashMap, and
+ FastLRUCache, based on a ConcurrentHashMap.
+
+ FastLRUCache has faster gets and slower puts in single
+ threaded operation and thus is generally faster than LRUCache
+ when the hit ratio of the cache is high (> 75%), and may be
+ faster under other scenarios on multi-cpu systems.
+ -->
+
+ <!-- Filter Cache
+
+ Cache used by SolrIndexSearcher for filters (DocSets),
+ unordered sets of *all* documents that match a query. When a
+ new searcher is opened, its caches may be prepopulated or
+ "autowarmed" using data from caches in the old searcher.
+ autowarmCount is the number of items to prepopulate. For
+ LRUCache, the autowarmed items will be the most recently
+ accessed items.
+
+ Parameters:
+ class - the SolrCache implementation LRUCache or
+ (LRUCache or FastLRUCache)
+ size - the maximum number of entries in the cache
+ initialSize - the initial capacity (number of entries) of
+ the cache. (see java.util.HashMap)
+ autowarmCount - the number of entries to prepopulate from
+ and old cache.
+ -->
+ <filterCache class="solr.FastLRUCache"
+ size="512"
+ initialSize="512"
+ autowarmCount="0"/>
+
+ <!-- Query Result Cache
+
+ Caches results of searches - ordered lists of document ids
+ (DocList) based on a query, a sort, and the range of documents requested.
+ Additional supported parameter by LRUCache:
+ maxRamMB - the maximum amount of RAM (in MB) that this cache is allowed
+ to occupy
+ -->
+ <queryResultCache class="solr.LRUCache"
+ size="512"
+ initialSize="512"
+ autowarmCount="0"/>
+
+ <!-- Document Cache
+
+ Caches Lucene Document objects (the stored fields for each
+ document). Since Lucene internal document ids are transient,
+ this cache will not be autowarmed.
+ -->
+ <documentCache class="solr.LRUCache"
+ size="512"
+ initialSize="512"
+ autowarmCount="0"/>
+
+ <!-- custom cache currently used by block join -->
+ <cache name="perSegFilter"
+ class="solr.search.LRUCache"
+ size="10"
+ initialSize="0"
+ autowarmCount="10"
+ regenerator="solr.NoOpRegenerator" />
+
+ <!-- Lazy Field Loading
+
+ If true, stored fields that are not requested will be loaded
+ lazily. This can result in a significant speed improvement
+ if the usual case is to not load all stored fields,
+ especially if the skipped fields are large compressed text
+ fields.
+ -->
+ <enableLazyFieldLoading>true</enableLazyFieldLoading>
+
+ <!-- Result Window Size
+
+ An optimization for use with the queryResultCache. When a search
+ is requested, a superset of the requested number of document ids
+ are collected. For example, if a search for a particular query
+ requests matching documents 10 through 19, and queryWindowSize is 50,
+ then documents 0 through 49 will be collected and cached. Any further
+ requests in that range can be satisfied via the cache.
+ -->
+ <queryResultWindowSize>20</queryResultWindowSize>
+
+ <!-- Maximum number of documents to cache for any entry in the
+ queryResultCache.
+ -->
+ <queryResultMaxDocsCached>200</queryResultMaxDocsCached>
+
+ <!-- Use Cold Searcher
+
+ If a search request comes in and there is no current
+ registered searcher, then immediately register the still
+ warming searcher and use it. If "false" then all requests
+ will block until the first searcher is done warming.
+ -->
+ <useColdSearcher>false</useColdSearcher>
+
+ <!-- Max Warming Searchers
+
+ Maximum number of searchers that may be warming in the
+ background concurrently. An error is returned if this limit
+ is exceeded.
+
+ Recommend values of 1-2 for read-only slaves, higher for
+ masters w/o cache warming.
+ -->
+ <maxWarmingSearchers>2</maxWarmingSearchers>
+
+ </query>
+
+
+ <!-- Request Dispatcher
+
+ This section contains instructions for how the SolrDispatchFilter
+ should behave when processing requests for this SolrCore.
+
+ handleSelect is a legacy option that affects the behavior of requests
+ such as /select?qt=XXX
+
+ handleSelect="true" will cause the SolrDispatchFilter to process
+ the request and dispatch the query to a handler specified by the
+ "qt" param, assuming "/select" isn't already registered.
+
+ handleSelect="false" will cause the SolrDispatchFilter to
+ ignore "/select" requests, resulting in a 404 unless a handler
+ is explicitly registered with the name "/select"
+
+ handleSelect="true" is not recommended for new users, but is the default
+ for backwards compatibility
+ -->
+ <requestDispatcher handleSelect="false" >
+ <!-- Request Parsing
+
+ These settings indicate how Solr Requests may be parsed, and
+ what restrictions may be placed on the ContentStreams from
+ those requests
+
+ enableRemoteStreaming - enables use of the stream.file
+ and stream.url parameters for specifying remote streams.
+
+ multipartUploadLimitInKB - specifies the max size (in KiB) of
+ Multipart File Uploads that Solr will allow in a Request.
+
+ formdataUploadLimitInKB - specifies the max size (in KiB) of
+ form data (application/x-www-form-urlencoded) sent via
+ POST. You can use POST to pass request parameters not
+ fitting into the URL.
+
+ addHttpRequestToContext - if set to true, it will instruct
+ the requestParsers to include the original HttpServletRequest
+ object in the context map of the SolrQueryRequest under the
+ key "httpRequest". It will not be used by any of the existing
+ Solr components, but may be useful when developing custom
+ plugins.
+
+ *** WARNING ***
+ The settings below authorize Solr to fetch remote files, You
+ should make sure your system has some authentication before
+ using enableRemoteStreaming="true"
+
+ -->
+ <requestParsers enableRemoteStreaming="true"
+ multipartUploadLimitInKB="2048000"
+ formdataUploadLimitInKB="2048"
+ addHttpRequestToContext="false"/>
+
+ <!-- HTTP Caching
+
+ Set HTTP caching related parameters (for proxy caches and clients).
+
+ The options below instruct Solr not to output any HTTP Caching
+ related headers
+ -->
+ <httpCaching never304="true" />
+
+ </requestDispatcher>
+
+ <!-- Request Handlers
+
+ http://wiki.apache.org/solr/SolrRequestHandler
+
+ Incoming queries will be dispatched to a specific handler by name
+ based on the path specified in the request.
+
+ Legacy behavior: If the request path uses "/select" but no Request
+ Handler has that name, and if handleSelect="true" has been specified in
+ the requestDispatcher, then the Request Handler is dispatched based on
+ the qt parameter. Handlers without a leading '/' are accessed this way
+ like so: http://host/app/[core/]select?qt=name If no qt is
+ given, then the requestHandler that declares default="true" will be
+ used or the one named "standard".
+
+ If a Request Handler is declared with startup="lazy", then it will
+ not be initialized until the first request that uses it.
+
+ -->
+ <!-- SearchHandler
+
+ http://wiki.apache.org/solr/SearchHandler
+
+ For processing Search Queries, the primary Request Handler
+ provided with Solr is "SearchHandler" It delegates to a sequent
+ of SearchComponents (see below) and supports distributed
+ queries across multiple shards
+ -->
+ <requestHandler name="/select" class="solr.SearchHandler">
+ <!-- default values for query parameters can be specified, these
+ will be overridden by parameters in the request
+ -->
+ <lst name="defaults">
+ <str name="echoParams">explicit</str>
+ <int name="rows">10</int>
+ </lst>
+
+ </requestHandler>
+
+ <!-- A request handler that returns indented JSON by default -->
+ <requestHandler name="/query" class="solr.SearchHandler">
+ <lst name="defaults">
+ <str name="echoParams">explicit</str>
+ <str name="wt">json</str>
+ <str name="indent">true</str>
+ <str name="df">text</str>
+ </lst>
+ </requestHandler>
+
+ <!--
+ The export request handler is used to export full sorted result sets.
+ Do not change these defaults.
+ -->
+ <requestHandler name="/export" class="solr.SearchHandler">
+ <lst name="invariants">
+ <str name="rq">{!xport}</str>
+ <str name="wt">xsort</str>
+ <str name="distrib">false</str>
+ </lst>
+
+ <arr name="components">
+ <str>query</str>
+ </arr>
+ </requestHandler>
+
+
+ <initParams path="/update/**,/query,/select,/tvrh,/elevate,/spell">
+ <lst name="defaults">
+ <str name="df">text</str>
+ </lst>
+ </initParams>
+
+ <!-- Field Analysis Request Handler
+
+ RequestHandler that provides much the same functionality as
+ analysis.jsp. Provides the ability to specify multiple field
+ types and field names in the same request and outputs
+ index-time and query-time analysis for each of them.
+
+ Request parameters are:
+ analysis.fieldname - field name whose analyzers are to be used
+
+ analysis.fieldtype - field type whose analyzers are to be used
+ analysis.fieldvalue - text for index-time analysis
+ q (or analysis.q) - text for query time analysis
+ analysis.showmatch (true|false) - When set to true and when
+ query analysis is performed, the produced tokens of the
+ field value analysis will be marked as "matched" for every
+ token that is produces by the query analysis
+ -->
+ <requestHandler name="/analysis/field"
+ startup="lazy"
+ class="solr.FieldAnalysisRequestHandler" />
+
+
+ <!-- Document Analysis Handler
+
+ http://wiki.apache.org/solr/AnalysisRequestHandler
+
+ An analysis handler that provides a breakdown of the analysis
+ process of provided documents. This handler expects a (single)
+ content stream with the following format:
+
+ <docs>
+ <doc>
+ <field name="id">1</field>
+ <field name="name">The Name</field>
+ <field name="text">The Text Value</field>
+ </doc>
+ <doc>...</doc>
+ <doc>...</doc>
+ ...
+ </docs>
+
+ Note: Each document must contain a field which serves as the
+ unique key. This key is used in the returned response to associate
+ an analysis breakdown to the analyzed document.
+
+ Like the FieldAnalysisRequestHandler, this handler also supports
+ query analysis by sending either an "analysis.query" or "q"
+ request parameter that holds the query text to be analyzed. It
+ also supports the "analysis.showmatch" parameter which when set to
+ true, all field tokens that match the query tokens will be marked
+ as a "match".
+ -->
+ <requestHandler name="/analysis/document"
+ class="solr.DocumentAnalysisRequestHandler"
+ startup="lazy" />
+
+ <!-- Echo the request contents back to the client -->
+ <requestHandler name="/debug/dump" class="solr.DumpRequestHandler" >
+ <lst name="defaults">
+ <str name="echoParams">explicit</str>
+ <str name="echoHandler">true</str>
+ </lst>
+ </requestHandler>
+
+
+
+ <!-- Search Components
+
+ Search components are registered to SolrCore and used by
+ instances of SearchHandler (which can access them by name)
+
+ By default, the following components are available:
+
+ <searchComponent name="query" class="solr.QueryComponent" />
+ <searchComponent name="facet" class="solr.FacetComponent" />
+ <searchComponent name="mlt" class="solr.MoreLikeThisComponent" />
+ <searchComponent name="highlight" class="solr.HighlightComponent" />
+ <searchComponent name="stats" class="solr.StatsComponent" />
+ <searchComponent name="debug" class="solr.DebugComponent" />
+
+ -->
+
+ <!-- Terms Component
+
+ http://wiki.apache.org/solr/TermsComponent
+
+ A component to return terms and document frequency of those
+ terms
+ -->
+ <searchComponent name="terms" class="solr.TermsComponent"/>
+
+ <!-- A request handler for demonstrating the terms component -->
+ <requestHandler name="/terms" class="solr.SearchHandler" startup="lazy">
+ <lst name="defaults">
+ <bool name="terms">true</bool>
+ <bool name="distrib">false</bool>
+ </lst>
+ <arr name="components">
+ <str>terms</str>
+ </arr>
+ </requestHandler>
+
+ <!-- Legacy config for the admin interface -->
+ <admin>
+ <defaultQuery>*:*</defaultQuery>
+ </admin>
+
+</config>
+ ]]></value>
+ <value-attributes>
+ <type>content</type>
+ <show-property-name>false</show-property-name>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-audit.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-audit.xml b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-audit.xml
new file mode 100644
index 0000000..16c022d
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-audit.xml
@@ -0,0 +1,141 @@
+<?xml version="1.0"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration>
+
+ <property>
+ <name>xasecure.audit.is.enabled</name>
+ <value>true</value>
+ <description>Is Audit enabled?</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.audit.destination.hdfs</name>
+ <value>true</value>
+ <display-name>Audit to HDFS</display-name>
+ <description>Is Audit to HDFS enabled?</description>
+ <value-attributes>
+ <type>boolean</type>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.audit.destination.hdfs.dir</name>
+ <value>hdfs://NAMENODE_HOSTNAME:8020/ranger/audit</value>
+ <description>HDFS folder to write audit to, make sure the service user has requried permissions</description>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.hdfs.dir</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.audit.destination.hdfs.batch.filespool.dir</name>
+ <value>/var/log/atlas/audit/hdfs/spool</value>
+ <description>/var/log/atlas/audit/hdfs/spool</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.audit.destination.solr</name>
+ <value>false</value>
+ <display-name>Audit to SOLR</display-name>
+ <description>Is Solr audit enabled?</description>
+ <value-attributes>
+ <type>boolean</type>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>xasecure.audit.destination.solr</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.audit.destination.solr.urls</name>
+ <value></value>
+ <description>Solr URL</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <depends-on>
+ <property>
+ <type>ranger-admin-site</type>
+ <name>ranger.audit.solr.urls</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.audit.destination.solr.zookeepers</name>
+ <value>NONE</value>
+ <description>Solr Zookeeper string</description>
+ <depends-on>
+ <property>
+ <type>ranger-admin-site</type>
+ <name>ranger.audit.solr.zookeepers</name>
+ </property>
+ </depends-on>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.audit.destination.solr.batch.filespool.dir</name>
+ <value>/var/log/atlas/audit/solr/spool</value>
+ <description>/var/log/atlas/audit/solr/spool</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.audit.provider.summary.enabled</name>
+ <value>false</value>
+ <display-name>Audit provider summary enabled</display-name>
+ <description>Enable Summary audit?</description>
+ <value-attributes>
+ <type>boolean</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.plugin.atlas.ambari.cluster.name</name>
+ <value>{{cluster_name}}</value>
+ <description>Capture cluster name from where Ranger atlas plugin is enabled.</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-plugin-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-plugin-properties.xml b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-plugin-properties.xml
new file mode 100644
index 0000000..d66afa1
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-plugin-properties.xml
@@ -0,0 +1,132 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration supports_final="true">
+
+ <property>
+ <name>policy_user</name>
+ <value>atlas</value>
+ <display-name>Policy user for Atlas</display-name>
+ <description>This user must be system user and also present at Ranger
+ admin portal</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>common.name.for.certificate</name>
+ <value></value>
+ <description>Common name for certificate, this value should match what is specified in repo within ranger admin</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger-atlas-plugin-enabled</name>
+ <value>No</value>
+ <display-name>Enable Ranger for Atlas</display-name>
+ <description>Enable ranger Atlas plugin</description>
+ <depends-on>
+ <property>
+ <type>ranger-env</type>
+ <name>ranger-atlas-plugin-enabled</name>
+ </property>
+ </depends-on>
+ <value-attributes>
+ <type>boolean</type>
+ <overridable>false</overridable>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+
+
+
+
+ <property>
+ <name>external_admin_username</name>
+ <value></value>
+ <display-name>External Ranger admin username</display-name>
+ <description>Add ranger default admin username if want to communicate to external ranger</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>external_admin_password</name>
+ <value></value>
+ <display-name>External Ranger admin password</display-name>
+ <property-type>PASSWORD</property-type>
+ <description>Add ranger default admin password if want to communicate to external ranger</description>
+ <value-attributes>
+ <type>password</type>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>external_ranger_admin_username</name>
+ <value></value>
+ <display-name>External Ranger Ambari admin username</display-name>
+ <description>Add ranger default ambari admin username if want to communicate to external ranger</description>
+ <value-attributes>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>external_ranger_admin_password</name>
+ <value></value>
+ <display-name>External Ranger Ambari admin password</display-name>
+ <property-type>PASSWORD</property-type>
+ <description>Add ranger default ambari admin password if want to communicate to external ranger</description>
+ <value-attributes>
+ <type>password</type>
+ <empty-value-valid>true</empty-value-valid>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>REPOSITORY_CONFIG_USERNAME</name>
+ <value>admin</value>
+ <display-name>Ranger repository config user</display-name>
+ <description>Used for repository creation on ranger admin
+ </description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>REPOSITORY_CONFIG_PASSWORD</name>
+ <value>admin</value>
+ <display-name>Ranger repository config password</display-name>
+ <property-type>PASSWORD</property-type>
+ <description>Used for repository creation on ranger admin
+ </description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+</configuration>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-policymgr-ssl.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-policymgr-ssl.xml b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-policymgr-ssl.xml
new file mode 100644
index 0000000..dcffb63
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-policymgr-ssl.xml
@@ -0,0 +1,73 @@
+<?xml version="1.0"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.keystore</name>
+ <value>/usr/hdp/current/atlas-server/conf/ranger-plugin-keystore.jks</value>
+ <description>Java Keystore files</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.keystore.password</name>
+ <value>myKeyFilePassword</value>
+ <property-type>PASSWORD</property-type>
+ <description>password for keystore</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.truststore</name>
+ <value>/usr/hdp/current/atlas-server/conf/ranger-plugin-truststore.jks</value>
+ <description>java truststore file</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.truststore.password</name>
+ <value>changeit</value>
+ <property-type>PASSWORD</property-type>
+ <description>java truststore password</description>
+ <value-attributes>
+ <type>password</type>
+ </value-attributes>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.keystore.credential.file</name>
+ <value>jceks://file{{credential_file}}</value>
+ <description>java keystore credential file</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.policymgr.clientssl.truststore.credential.file</name>
+ <value>jceks://file{{credential_file}}</value>
+ <description>java truststore credential file</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+</configuration>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-security.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-security.xml b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-security.xml
new file mode 100644
index 0000000..8fac342
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/configuration/ranger-atlas-security.xml
@@ -0,0 +1,77 @@
+<?xml version="1.0"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration>
+ <property>
+ <name>ranger.plugin.atlas.service.name</name>
+ <value>{{repo_name}}</value>
+ <description>Name of the Ranger service containing Atlas policies</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.plugin.atlas.policy.source.impl</name>
+ <value>org.apache.ranger.admin.client.RangerAdminRESTClient</value>
+ <description>Class to retrieve policies from the source</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.plugin.atlas.policy.rest.url</name>
+ <value>{{policymgr_mgr_url}}</value>
+ <description>URL to Ranger Admin</description>
+ <on-ambari-upgrade add="false"/>
+ <depends-on>
+ <property>
+ <type>admin-properties</type>
+ <name>policymgr_external_url</name>
+ </property>
+ </depends-on>
+ </property>
+
+ <property>
+ <name>ranger.plugin.atlas.policy.rest.ssl.config.file</name>
+ <value>/usr/hdp/current/atlas-server/conf/ranger-policymgr-ssl.xml</value>
+ <description>Path to the file containing SSL details to contact Ranger Admin</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.plugin.atlas.policy.pollIntervalMs</name>
+ <value>30000</value>
+ <description>How often to poll for changes in policies?</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>ranger.plugin.atlas.policy.cache.dir</name>
+ <value>/etc/ranger/{{repo_name}}/policycache</value>
+ <description>Directory where Ranger policies are cached after successful retrieval from the source</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+ <property>
+ <name>xasecure.add-hadoop-authorization</name>
+ <value>true</value>
+ <description>Enable/Disable the default hadoop authorization (based on rwxrwxrwx permission on the resource) if Ranger Authorization fails.</description>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+</configuration>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/kerberos.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/kerberos.json b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/kerberos.json
new file mode 100644
index 0000000..7d10ccc
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/kerberos.json
@@ -0,0 +1,100 @@
+{
+ "services": [
+ {
+ "name": "ATLAS",
+ "configurations": [
+ {
+ "application-properties": {
+ "atlas.authentication.method.kerberos": "true",
+ "atlas.kafka.sasl.kerberos.service.name": "${kafka-env/kafka_user}",
+ "atlas.kafka.security.protocol": "PLAINTEXTSASL",
+ "atlas.jaas.KafkaClient.loginModuleName": "com.sun.security.auth.module.Krb5LoginModule",
+ "atlas.jaas.KafkaClient.loginModuleControlFlag": "required",
+ "atlas.jaas.KafkaClient.option.useKeyTab": "true",
+ "atlas.jaas.KafkaClient.option.storeKey": "true",
+ "atlas.jaas.KafkaClient.option.serviceName": "${kafka-env/kafka_user}",
+ "atlas.solr.kerberos.enable": "true",
+ "atlas.server.ha.zookeeper.acl" : "auth:"
+ }
+ },
+ {
+ "ranger-atlas-audit": {
+ "xasecure.audit.jaas.Client.loginModuleName": "com.sun.security.auth.module.Krb5LoginModule",
+ "xasecure.audit.jaas.Client.loginModuleControlFlag": "required",
+ "xasecure.audit.jaas.Client.option.useKeyTab": "true",
+ "xasecure.audit.jaas.Client.option.storeKey": "false",
+ "xasecure.audit.jaas.Client.option.serviceName": "solr",
+ "xasecure.audit.destination.solr.force.use.inmemory.jaas.config": "true"
+ }
+ }
+ ],
+ "auth_to_local_properties" : [
+ "application-properties/atlas.authentication.method.kerberos.name.rules|new_lines_escaped"
+ ],
+ "components": [
+ {
+ "name": "ATLAS_SERVER",
+ "identities": [
+ {
+ "name": "atlas",
+ "principal": {
+ "value": "atlas/_HOST@${realm}",
+ "type" : "service",
+ "configuration": "application-properties/atlas.jaas.KafkaClient.option.principal",
+ "local_username" : "${atlas-env/metadata_user}"
+ },
+ "keytab": {
+ "file": "${keytab_dir}/atlas.service.keytab",
+ "owner": {
+ "name": "${atlas-env/metadata_user}",
+ "access": "r"
+ },
+ "group": {
+ "name": "${cluster-env/user_group}",
+ "access": ""
+ },
+ "configuration": "application-properties/atlas.jaas.KafkaClient.option.keyTab"
+ }
+ },
+ {
+ "name": "atlas_auth",
+ "reference": "/ATLAS/ATLAS_SERVER/atlas",
+ "principal": {
+ "configuration": "application-properties/atlas.authentication.principal"
+ },
+ "keytab": {
+ "configuration": "application-properties/atlas.authentication.keytab"
+ }
+ },
+ {
+ "name": "/spnego",
+ "principal": {
+ "value": "HTTP/_HOST@${realm}",
+ "configuration": "application-properties/atlas.authentication.method.kerberos.principal"
+ },
+ "keytab": {
+ "configuration": "application-properties/atlas.authentication.method.kerberos.keytab"
+ }
+ },
+ {
+ "name": "ranger_atlas_audit",
+ "reference": "/ATLAS/ATLAS_SERVER/atlas",
+ "principal": {
+ "configuration": "ranger-atlas-audit/xasecure.audit.jaas.Client.option.principal"
+ },
+ "keytab": {
+ "configuration": "ranger-atlas-audit/xasecure.audit.jaas.Client.option.keyTab"
+ }
+ },
+ {
+ "name": "/KAFKA/KAFKA_BROKER/kafka_broker"
+ },
+ {
+ "name": "/AMBARI_INFRA/INFRA_SOLR/infra-solr"
+ }
+ ]
+ }
+ ]
+ }
+ ]
+}
[2/3] ambari git commit: AMBARI-20954. HDP 3.0 TP - create service
definition for Atlas with configs, kerberos, widgets, etc.(vbrodetskyi)
Posted by vb...@apache.org.
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/metainfo.xml b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/metainfo.xml
new file mode 100644
index 0000000..11ebf45
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/metainfo.xml
@@ -0,0 +1,190 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<metainfo>
+ <schemaVersion>2.0</schemaVersion>
+ <services>
+ <service>
+ <name>ATLAS</name>
+ <displayName>Atlas</displayName>
+ <comment>Atlas Metadata and Governance platform</comment>
+ <version>0.7.0.3.0</version>
+
+ <components>
+ <component>
+ <name>ATLAS_SERVER</name>
+ <displayName>Atlas Metadata Server</displayName>
+ <category>MASTER</category>
+ <cardinality>1+</cardinality>
+ <versionAdvertised>true</versionAdvertised>
+ <dependencies>
+ <dependency>
+ <name>AMBARI_INFRA/INFRA_SOLR_CLIENT</name>
+ <scope>host</scope>
+ <auto-deploy>
+ <enabled>true</enabled>
+ </auto-deploy>
+ </dependency>
+ <dependency>
+ <name>HBASE/HBASE_CLIENT</name>
+ <scope>host</scope>
+ <auto-deploy>
+ <enabled>true</enabled>
+ </auto-deploy>
+ </dependency>
+ <dependency>
+ <name>HDFS/HDFS_CLIENT</name>
+ <scope>host</scope>
+ <auto-deploy>
+ <enabled>true</enabled>
+ </auto-deploy>
+ </dependency>
+ <dependency>
+ <name>KAFKA/KAFKA_BROKER</name>
+ <scope>cluster</scope>
+ <auto-deploy>
+ <enabled>true</enabled>
+ </auto-deploy>
+ </dependency>
+ </dependencies>
+ <commandScript>
+ <script>scripts/metadata_server.py</script>
+ <scriptType>PYTHON</scriptType>
+ <timeout>1200</timeout>
+ </commandScript>
+ <logs>
+ <log>
+ <logId>atlas_app</logId>
+ <primary>true</primary>
+ </log>
+ </logs>
+ </component>
+
+ <component>
+ <name>ATLAS_CLIENT</name>
+ <displayName>Atlas Metadata Client</displayName>
+ <category>CLIENT</category>
+ <cardinality>1+</cardinality>
+ <versionAdvertised>true</versionAdvertised>
+ <dependencies>
+ </dependencies>
+ <commandScript>
+ <script>scripts/atlas_client.py</script>
+ <scriptType>PYTHON</scriptType>
+ </commandScript>
+ <configFiles>
+ <configFile>
+ <type>properties</type>
+ <fileName>application.properties</fileName>
+ <dictionaryName>application-properties</dictionaryName>
+ </configFile>
+ <configFile>
+ <type>env</type>
+ <fileName>atlas-env.sh</fileName>
+ <dictionaryName>atlas-env</dictionaryName>
+ </configFile>
+ <configFile>
+ <type>env</type>
+ <fileName>atlas-log4j.xml</fileName>
+ <dictionaryName>atlas-log4j</dictionaryName>
+ </configFile>
+ <configFile>
+ <type>env</type>
+ <fileName>atlas-solrconfig.xml</fileName>
+ <dictionaryName>atlas-solrconfig</dictionaryName>
+ </configFile>
+ </configFiles>
+ </component>
+ </components>
+
+ <quickLinksConfigurations>
+ <quickLinksConfiguration>
+ <fileName>quicklinks.json</fileName>
+ <default>true</default>
+ </quickLinksConfiguration>
+ </quickLinksConfigurations>
+
+ <requiredServices>
+ <service>KAFKA</service>
+ </requiredServices>
+
+ <themes>
+ <theme>
+ <fileName>theme.json</fileName>
+ <default>true</default>
+ </theme>
+ <theme>
+ <fileName>theme_version_2.json</fileName>
+ <default>true</default>
+ </theme>
+ </themes>
+
+ <osSpecifics>
+ <osSpecific>
+ <osFamily>redhat7,amazon2015,redhat6,suse11,suse12</osFamily>
+ <packages>
+ <package>
+ <name>atlas-metadata_${stack_version}</name>
+ </package>
+ <package>
+ <name>ambari-infra-solr-client</name>
+ <condition>should_install_infra_solr_client</condition>
+ </package>
+ <package>
+ <name>kafka_${stack_version}</name>
+ </package>
+ </packages>
+ </osSpecific>
+ <osSpecific>
+ <osFamily>debian7,ubuntu12,ubuntu14,ubuntu16</osFamily>
+ <packages>
+ <package>
+ <name>atlas-metadata-${stack_version}</name>
+ </package>
+ <package>
+ <name>ambari-infra-solr-client</name>
+ <condition>should_install_infra_solr_client</condition>
+ </package>
+ <package>
+ <name>kafka-${stack_version}</name>
+ </package>
+ </packages>
+ </osSpecific>
+ </osSpecifics>
+
+ <commandScript>
+ <script>scripts/service_check.py</script>
+ <scriptType>PYTHON</scriptType>
+ <timeout>300</timeout>
+ </commandScript>
+
+ <configuration-dependencies>
+ <config-type>application-properties</config-type>
+ <config-type>atlas-env</config-type>
+ <config-type>atlas-log4j</config-type>
+ <config-type>core-site</config-type>
+ <config-type>hdfs-site</config-type>
+ <config-type>atlas-solrconfig</config-type>
+ <config-type>ranger-atlas-audit</config-type>
+ <config-type>ranger-atlas-plugin-properties</config-type>
+ <config-type>ranger-atlas-policymgr-ssl</config-type>
+ <config-type>ranger-atlas-security</config-type>
+ </configuration-dependencies>
+
+ </service>
+ </services>
+</metainfo>
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/atlas_client.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/atlas_client.py b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/atlas_client.py
new file mode 100644
index 0000000..26742ae
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/atlas_client.py
@@ -0,0 +1,57 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+
+import sys
+from resource_management.libraries.script.script import Script
+from resource_management.libraries.functions import conf_select, stack_select
+from resource_management.libraries.functions.stack_features import check_stack_feature
+from resource_management.libraries.functions.constants import StackFeature
+from resource_management.core.exceptions import ClientComponentHasNoStatus
+
+from metadata import metadata
+
+
+class AtlasClient(Script):
+
+ def get_component_name(self):
+ return "atlas-client"
+
+ def pre_upgrade_restart(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ if check_stack_feature(StackFeature.ATLAS_UPGRADE_SUPPORT, params.version):
+ conf_select.select(params.stack_name, "atlas", params.version)
+ stack_select.select("atlas-client", params.version)
+
+ def install(self, env):
+ self.install_packages(env)
+ self.configure(env)
+
+ def configure(self, env, upgrade_type=None, config_dir=None):
+ import params
+ env.set_params(params)
+ metadata('client')
+
+ def status(self, env):
+ raise ClientComponentHasNoStatus()
+
+if __name__ == "__main__":
+ AtlasClient().execute()
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/metadata.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/metadata.py b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/metadata.py
new file mode 100644
index 0000000..36c4598
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/metadata.py
@@ -0,0 +1,243 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+import os
+import hashlib
+
+from resource_management import Package
+from resource_management import StackFeature
+from resource_management.core.resources.system import Directory, File, Execute
+from resource_management.core.source import StaticFile, InlineTemplate, Template
+from resource_management.core.exceptions import Fail
+from resource_management.libraries.functions.format import format
+from resource_management.libraries.functions.decorator import retry
+from resource_management.libraries.functions import solr_cloud_util
+from resource_management.libraries.functions.stack_features import check_stack_feature, get_stack_feature_version
+from resource_management.libraries.resources.properties_file import PropertiesFile
+from resource_management.libraries.resources.template_config import TemplateConfig
+from resource_management.libraries.resources.xml_config import XmlConfig
+from resource_management.libraries.functions.is_empty import is_empty
+from resource_management.libraries.resources.modify_properties_file import ModifyPropertiesFile
+
+
+def metadata(type='server'):
+ import params
+
+ # Needed by both Server and Client
+ Directory(params.conf_dir,
+ mode=0755,
+ cd_access='a',
+ owner=params.metadata_user,
+ group=params.user_group,
+ create_parents = True
+ )
+
+ if type == "server":
+ Directory([params.pid_dir],
+ mode=0755,
+ cd_access='a',
+ owner=params.metadata_user,
+ group=params.user_group,
+ create_parents = True
+ )
+ Directory(format('{conf_dir}/solr'),
+ mode=0755,
+ cd_access='a',
+ owner=params.metadata_user,
+ group=params.user_group,
+ create_parents = True,
+ recursive_ownership=True
+ )
+ Directory(params.log_dir,
+ mode=0755,
+ cd_access='a',
+ owner=params.metadata_user,
+ group=params.user_group,
+ create_parents = True
+ )
+ Directory(params.data_dir,
+ mode=0644,
+ cd_access='a',
+ owner=params.metadata_user,
+ group=params.user_group,
+ create_parents = True
+ )
+ Directory(params.expanded_war_dir,
+ mode=0644,
+ cd_access='a',
+ owner=params.metadata_user,
+ group=params.user_group,
+ create_parents = True
+ )
+ File(format("{expanded_war_dir}/atlas.war"),
+ content = StaticFile(format('{metadata_home}/server/webapp/atlas.war'))
+ )
+ File(format("{conf_dir}/atlas-log4j.xml"),
+ mode=0644,
+ owner=params.metadata_user,
+ group=params.user_group,
+ content=InlineTemplate(params.metadata_log4j_content)
+ )
+ File(format("{conf_dir}/atlas-env.sh"),
+ owner=params.metadata_user,
+ group=params.user_group,
+ mode=0755,
+ content=InlineTemplate(params.metadata_env_content)
+ )
+
+ if not is_empty(params.atlas_admin_username) and not is_empty(params.atlas_admin_password):
+ psswd_output = hashlib.sha256(params.atlas_admin_password).hexdigest()
+ ModifyPropertiesFile(format("{conf_dir}/users-credentials.properties"),
+ properties = {format('{atlas_admin_username}') : format('ROLE_ADMIN::{psswd_output}')},
+ owner = params.metadata_user
+ )
+
+ files_to_chown = [format("{conf_dir}/policy-store.txt"), format("{conf_dir}/users-credentials.properties")]
+ for file in files_to_chown:
+ if os.path.exists(file):
+ Execute(('chown', format('{metadata_user}:{user_group}'), file),
+ sudo=True
+ )
+ Execute(('chmod', '644', file),
+ sudo=True
+ )
+
+ if params.metadata_solrconfig_content:
+ File(format("{conf_dir}/solr/solrconfig.xml"),
+ mode=0644,
+ owner=params.metadata_user,
+ group=params.user_group,
+ content=InlineTemplate(params.metadata_solrconfig_content)
+ )
+
+ # Needed by both Server and Client
+ PropertiesFile(format('{conf_dir}/{conf_file}'),
+ properties = params.application_properties,
+ mode=0644,
+ owner=params.metadata_user,
+ group=params.user_group
+ )
+
+ if params.security_enabled:
+ TemplateConfig(format(params.atlas_jaas_file),
+ owner=params.metadata_user)
+
+ if type == 'server' and params.search_backend_solr and params.has_infra_solr:
+ solr_cloud_util.setup_solr_client(params.config)
+ check_znode()
+ jaasFile=params.atlas_jaas_file if params.security_enabled else None
+ upload_conf_set('atlas_configs', jaasFile)
+
+ if params.security_enabled: # update permissions before creating the collections
+ solr_cloud_util.add_solr_roles(params.config,
+ roles = [params.infra_solr_role_atlas, params.infra_solr_role_ranger_audit, params.infra_solr_role_dev],
+ new_service_principals = [params.atlas_jaas_principal])
+
+ create_collection('vertex_index', 'atlas_configs', jaasFile)
+ create_collection('edge_index', 'atlas_configs', jaasFile)
+ create_collection('fulltext_index', 'atlas_configs', jaasFile)
+
+ if params.security_enabled:
+ secure_znode(format('{infra_solr_znode}/configs/atlas_configs'), jaasFile)
+ secure_znode(format('{infra_solr_znode}/collections/vertex_index'), jaasFile)
+ secure_znode(format('{infra_solr_znode}/collections/edge_index'), jaasFile)
+ secure_znode(format('{infra_solr_znode}/collections/fulltext_index'), jaasFile)
+
+ File(params.atlas_hbase_setup,
+ group=params.user_group,
+ owner=params.hbase_user,
+ content=Template("atlas_hbase_setup.rb.j2")
+ )
+
+ is_atlas_upgrade_support = check_stack_feature(StackFeature.ATLAS_UPGRADE_SUPPORT, get_stack_feature_version(params.config))
+
+ if is_atlas_upgrade_support and params.security_enabled:
+
+ File(params.atlas_kafka_setup,
+ group=params.user_group,
+ owner=params.kafka_user,
+ content=Template("atlas_kafka_acl.sh.j2"))
+
+ # files required only in case if kafka broker is not present on the host as configured component
+ if not params.host_with_kafka:
+ File(format("{kafka_conf_dir}/kafka-env.sh"),
+ owner=params.kafka_user,
+ content=InlineTemplate(params.kafka_env_sh_template))
+
+ File(format("{kafka_conf_dir}/kafka_jaas.conf"),
+ group=params.user_group,
+ owner=params.kafka_user,
+ content=Template("kafka_jaas.conf.j2"))
+
+ if params.stack_supports_atlas_hdfs_site_on_namenode_ha and len(params.namenode_host) > 1:
+ XmlConfig("hdfs-site.xml",
+ conf_dir=params.conf_dir,
+ configurations=params.config['configurations']['hdfs-site'],
+ configuration_attributes=params.config['configuration_attributes']['hdfs-site'],
+ owner=params.metadata_user,
+ group=params.user_group,
+ mode=0644
+ )
+ else:
+ File(format('{conf_dir}/hdfs-site.xml'), action="delete")
+
+
+def upload_conf_set(config_set, jaasFile):
+ import params
+
+ solr_cloud_util.upload_configuration_to_zk(
+ zookeeper_quorum=params.zookeeper_quorum,
+ solr_znode=params.infra_solr_znode,
+ config_set_dir=format("{conf_dir}/solr"),
+ config_set=config_set,
+ tmp_dir=params.tmp_dir,
+ java64_home=params.java64_home,
+ solrconfig_content=InlineTemplate(params.metadata_solrconfig_content),
+ jaas_file=jaasFile,
+ retry=30, interval=5)
+
+def create_collection(collection, config_set, jaasFile):
+ import params
+
+ solr_cloud_util.create_collection(
+ zookeeper_quorum=params.zookeeper_quorum,
+ solr_znode=params.infra_solr_znode,
+ collection = collection,
+ config_set=config_set,
+ java64_home=params.java64_home,
+ jaas_file=jaasFile,
+ shards=params.atlas_solr_shards,
+ replication_factor = params.infra_solr_replication_factor)
+
+def secure_znode(znode, jaasFile):
+ import params
+ solr_cloud_util.secure_znode(config=params.config, zookeeper_quorum=params.zookeeper_quorum,
+ solr_znode=znode,
+ jaas_file=jaasFile,
+ java64_home=params.java64_home, sasl_users=[params.atlas_jaas_principal])
+
+
+
+@retry(times=10, sleep_time=5, err_class=Fail)
+def check_znode():
+ import params
+ solr_cloud_util.check_znode(
+ zookeeper_quorum=params.zookeeper_quorum,
+ solr_znode=params.infra_solr_znode,
+ java64_home=params.java64_home)
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/metadata_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/metadata_server.py b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/metadata_server.py
new file mode 100644
index 0000000..1ef77cf
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/metadata_server.py
@@ -0,0 +1,187 @@
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+# Python Imports
+import os
+
+# Local Imports
+from metadata import metadata
+from resource_management import Fail
+from resource_management.libraries.functions import conf_select, stack_select
+from resource_management.core.resources.system import Execute, File
+from resource_management.libraries.script.script import Script
+from resource_management.libraries.functions.version import format_stack_version
+from resource_management.libraries.functions.check_process_status import check_process_status
+from resource_management.libraries.functions.format import format
+from resource_management.libraries.functions.security_commons import build_expectations, \
+ get_params_from_filesystem, validate_security_config_properties, \
+ FILE_TYPE_PROPERTIES
+from resource_management.libraries.functions.show_logs import show_logs
+from resource_management.libraries.functions.stack_features import check_stack_feature, get_stack_feature_version
+from resource_management.libraries.functions.constants import StackFeature
+from resource_management.core.resources.system import Directory
+from resource_management.core.logger import Logger
+from setup_ranger_atlas import setup_ranger_atlas
+from resource_management.core.resources.zkmigrator import ZkMigrator
+
+class MetadataServer(Script):
+
+ def get_component_name(self):
+ return "atlas-server"
+
+ def install(self, env):
+ import params
+ env.set_params(params)
+
+ Directory(format("{expanded_war_dir}/atlas"),
+ action = "delete",
+ )
+
+ self.install_packages(env)
+
+ def configure(self, env, upgrade_type=None, config_dir=None):
+ import params
+ env.set_params(params)
+ metadata()
+
+ def pre_upgrade_restart(self, env, upgrade_type=None):
+ import params
+ env.set_params(params)
+
+ if check_stack_feature(StackFeature.ATLAS_UPGRADE_SUPPORT, params.version):
+ conf_select.select(params.stack_name, "atlas", params.version)
+ stack_select.select("atlas-server", params.version)
+
+ def start(self, env, upgrade_type=None):
+ import params
+
+ env.set_params(params)
+ self.configure(env)
+
+ daemon_cmd = format('source {params.conf_dir}/atlas-env.sh ; {params.metadata_start_script}')
+ no_op_test = format('ls {params.pid_file} >/dev/null 2>&1 && ps -p `cat {params.pid_file}` >/dev/null 2>&1')
+ atlas_hbase_setup_command = format("cat {atlas_hbase_setup} | hbase shell -n")
+ atlas_kafka_setup_command = format("bash {atlas_kafka_setup}")
+ secure_atlas_hbase_setup_command = format("kinit -kt {hbase_user_keytab} {hbase_principal_name}; ") + atlas_hbase_setup_command
+ # in case if principal was distributed across several hosts, pattern need to be replaced to right one
+ secure_atlas_kafka_setup_command = format("kinit -kt {kafka_keytab} {kafka_principal_name}; ").replace("_HOST", params.hostname) + atlas_kafka_setup_command
+
+ if params.stack_supports_atlas_ranger_plugin:
+ Logger.info('Atlas plugin is enabled, configuring Atlas plugin.')
+ setup_ranger_atlas(upgrade_type=upgrade_type)
+ else:
+ Logger.info('Atlas plugin is not supported or enabled.')
+
+ try:
+ effective_version = get_stack_feature_version(params.config)
+
+ if check_stack_feature(StackFeature.ATLAS_HBASE_SETUP, effective_version):
+ if params.security_enabled and params.has_hbase_master:
+ Execute(secure_atlas_hbase_setup_command,
+ tries = 5,
+ try_sleep = 10,
+ user=params.hbase_user
+ )
+ elif params.enable_ranger_hbase and not params.security_enabled:
+ Execute(atlas_hbase_setup_command,
+ tries = 5,
+ try_sleep = 10,
+ user=params.hbase_user
+ )
+
+ if check_stack_feature(StackFeature.ATLAS_UPGRADE_SUPPORT, effective_version) and params.security_enabled:
+ try:
+ Execute(secure_atlas_kafka_setup_command,
+ user=params.kafka_user,
+ tries=5,
+ try_sleep=10
+ )
+ except Fail:
+ pass # do nothing and do not block Atlas start, fail logs would be available via Execute internals
+
+ Execute(daemon_cmd,
+ user=params.metadata_user,
+ not_if=no_op_test
+ )
+ except:
+ show_logs(params.log_dir, params.metadata_user)
+ raise
+
+ def stop(self, env, upgrade_type=None):
+ import params
+
+ env.set_params(params)
+ daemon_cmd = format('source {params.conf_dir}/atlas-env.sh; {params.metadata_stop_script}')
+
+ # If the pid dir doesn't exist, this means either
+ # 1. The user just added Atlas service and issued a restart command (stop+start). So stop should be a no-op
+ # since there's nothing to stop.
+ # OR
+ # 2. The user changed the value of the pid dir config and incorrectly issued a restart command.
+ # In which case the stop command cannot do anything since Ambari doesn't know which process to kill.
+ # The start command will spawn another instance.
+ # The user should have issued a stop, changed the config, and then started it.
+ if not os.path.isdir(params.pid_dir):
+ Logger.info("*******************************************************************")
+ Logger.info("Will skip the stop command since this is the first time stopping/restarting Atlas "
+ "and the pid dir does not exist, %s\n" % params.pid_dir)
+ return
+
+ try:
+ Execute(daemon_cmd,
+ user=params.metadata_user,
+ )
+ except:
+ show_logs(params.log_dir, params.metadata_user)
+ raise
+
+ File(params.pid_file, action="delete")
+
+ def disable_security(self, env):
+ import params
+ if not params.zookeeper_quorum:
+ Logger.info("No zookeeper connection string. Skipping reverting ACL")
+ return
+ zkmigrator = ZkMigrator(params.zookeeper_quorum, params.java_exec, params.java64_home, params.atlas_jaas_file, params.metadata_user)
+ zkmigrator.set_acls(params.zk_root if params.zk_root.startswith('/') else '/' + params.zk_root, 'world:anyone:crdwa')
+ if params.atlas_kafka_group_id:
+ zkmigrator.set_acls(format('/consumers/{params.atlas_kafka_group_id}'), 'world:anyone:crdwa')
+
+ def status(self, env):
+ import status_params
+
+ env.set_params(status_params)
+ check_process_status(status_params.pid_file)
+
+ def get_log_folder(self):
+ import params
+
+ return params.log_dir
+
+ def get_user(self):
+ import params
+
+ return params.metadata_user
+
+
+ def get_pid_files(self):
+ import status_params
+ return [status_params.pid_file]
+
+if __name__ == "__main__":
+ MetadataServer().execute()
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/params.py
new file mode 100644
index 0000000..d26df33
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/params.py
@@ -0,0 +1,417 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+import os
+import sys
+
+from ambari_commons import OSCheck
+from resource_management import get_bare_principal
+from resource_management.libraries.functions.version import format_stack_version
+from resource_management.libraries.script.script import Script
+from resource_management.libraries.functions.format import format
+from resource_management.libraries.functions.default import default
+
+# Local Imports
+from status_params import *
+from resource_management.libraries.functions.stack_features import check_stack_feature
+from resource_management.libraries.functions import StackFeature
+from resource_management.libraries.functions.is_empty import is_empty
+from resource_management.libraries.functions.expect import expect
+from resource_management.libraries.functions.setup_ranger_plugin_xml import generate_ranger_service_config
+
+
+def configs_for_ha(atlas_hosts, metadata_port, is_atlas_ha_enabled, metadata_protocol):
+ """
+ Return a dictionary of additional configs to merge if Atlas HA is enabled.
+ :param atlas_hosts: List of hostnames that contain Atlas
+ :param metadata_port: Port number
+ :param is_atlas_ha_enabled: None, True, or False
+ :param metadata_protocol: http or https
+ :return: Dictionary with additional configs to merge to application-properties if HA is enabled.
+ """
+ additional_props = {}
+ if atlas_hosts is None or len(atlas_hosts) == 0 or metadata_port is None:
+ return additional_props
+
+ # Sort to guarantee each host sees the same values, assuming restarted at the same time.
+ atlas_hosts = sorted(atlas_hosts)
+
+ # E.g., id1,id2,id3,...,idn
+ _server_id_list = ["id" + str(i) for i in range(1, len(atlas_hosts) + 1)]
+ atlas_server_ids = ",".join(_server_id_list)
+ additional_props["atlas.server.ids"] = atlas_server_ids
+
+ i = 0
+ for curr_hostname in atlas_hosts:
+ id = _server_id_list[i]
+ prop_name = "atlas.server.address." + id
+ prop_value = curr_hostname + ":" + metadata_port
+ additional_props[prop_name] = prop_value
+ if "atlas.rest.address" in additional_props:
+ additional_props["atlas.rest.address"] += "," + metadata_protocol + "://" + prop_value
+ else:
+ additional_props["atlas.rest.address"] = metadata_protocol + "://" + prop_value
+
+ i += 1
+
+ # This may override the existing property
+ if i == 1 or (i > 1 and is_atlas_ha_enabled is False):
+ additional_props["atlas.server.ha.enabled"] = "false"
+ elif i > 1:
+ additional_props["atlas.server.ha.enabled"] = "true"
+
+ return additional_props
+
+# server configurations
+config = Script.get_config()
+exec_tmp_dir = Script.get_tmp_dir()
+stack_root = Script.get_stack_root()
+
+# Needed since this is an Atlas Hook service.
+cluster_name = config['clusterName']
+
+java_version = expect("/hostLevelParams/java_version", int)
+
+zk_root = default('/configurations/application-properties/atlas.server.ha.zookeeper.zkroot', '/apache_atlas')
+stack_supports_zk_security = check_stack_feature(StackFeature.SECURE_ZOOKEEPER, version_for_stack_feature_checks)
+atlas_kafka_group_id = default('/configurations/application-properties/atlas.kafka.hook.group.id', None)
+
+if security_enabled:
+ _hostname_lowercase = config['hostname'].lower()
+ _atlas_principal_name = config['configurations']['application-properties']['atlas.authentication.principal']
+ atlas_jaas_principal = _atlas_principal_name.replace('_HOST',_hostname_lowercase)
+ atlas_keytab_path = config['configurations']['application-properties']['atlas.authentication.keytab']
+
+# New Cluster Stack Version that is defined during the RESTART of a Stack Upgrade
+version = default("/commandParams/version", None)
+
+# stack version
+stack_version_unformatted = config['hostLevelParams']['stack_version']
+stack_version_formatted = format_stack_version(stack_version_unformatted)
+
+metadata_home = format('{stack_root}/current/atlas-server')
+metadata_bin = format("{metadata_home}/bin")
+
+python_binary = os.environ['PYTHON_EXE'] if 'PYTHON_EXE' in os.environ else sys.executable
+metadata_start_script = format("{metadata_bin}/atlas_start.py")
+metadata_stop_script = format("{metadata_bin}/atlas_stop.py")
+
+# metadata local directory structure
+log_dir = config['configurations']['atlas-env']['metadata_log_dir']
+
+# service locations
+hadoop_conf_dir = os.path.join(os.environ["HADOOP_HOME"], "conf") if 'HADOOP_HOME' in os.environ else '/etc/hadoop/conf'
+
+# some commands may need to supply the JAAS location when running as atlas
+atlas_jaas_file = format("{conf_dir}/atlas_jaas.conf")
+
+# user
+user_group = config['configurations']['cluster-env']['user_group']
+
+# metadata env
+java64_home = config['hostLevelParams']['java_home']
+java_exec = format("{java64_home}/bin/java")
+env_sh_template = config['configurations']['atlas-env']['content']
+
+# credential provider
+credential_provider = format( "jceks://file@{conf_dir}/atlas-site.jceks")
+
+# command line args
+ssl_enabled = default("/configurations/application-properties/atlas.enableTLS", False)
+http_port = default("/configurations/application-properties/atlas.server.http.port", "21000")
+https_port = default("/configurations/application-properties/atlas.server.https.port", "21443")
+if ssl_enabled:
+ metadata_port = https_port
+ metadata_protocol = 'https'
+else:
+ metadata_port = http_port
+ metadata_protocol = 'http'
+
+metadata_host = config['hostname']
+
+atlas_hosts = sorted(default('/clusterHostInfo/atlas_server_hosts', []))
+metadata_server_host = atlas_hosts[0] if len(atlas_hosts) > 0 else "UNKNOWN_HOST"
+
+# application properties
+application_properties = dict(config['configurations']['application-properties'])
+application_properties["atlas.server.bind.address"] = metadata_host
+
+# trimming knox_key
+if 'atlas.sso.knox.publicKey' in application_properties:
+ knox_key = application_properties['atlas.sso.knox.publicKey']
+ knox_key_without_new_line = knox_key.replace("\n","")
+ application_properties['atlas.sso.knox.publicKey'] = knox_key_without_new_line
+
+if check_stack_feature(StackFeature.ATLAS_UPGRADE_SUPPORT, version_for_stack_feature_checks):
+ metadata_server_url = application_properties["atlas.rest.address"]
+else:
+ # In HDP 2.3 and 2.4 the property was computed and saved to the local config but did not exist in the database.
+ metadata_server_url = format('{metadata_protocol}://{metadata_server_host}:{metadata_port}')
+ application_properties["atlas.rest.address"] = metadata_server_url
+
+# Atlas HA should populate
+# atlas.server.ids = id1,id2,...,idn
+# atlas.server.address.id# = host#:port
+# User should not have to modify this property, but still allow overriding it to False if multiple Atlas servers exist
+# This can be None, True, or False
+is_atlas_ha_enabled = default("/configurations/application-properties/atlas.server.ha.enabled", None)
+additional_ha_props = configs_for_ha(atlas_hosts, metadata_port, is_atlas_ha_enabled, metadata_protocol)
+for k,v in additional_ha_props.iteritems():
+ application_properties[k] = v
+
+
+metadata_env_content = config['configurations']['atlas-env']['content']
+
+metadata_opts = config['configurations']['atlas-env']['metadata_opts']
+metadata_classpath = config['configurations']['atlas-env']['metadata_classpath']
+data_dir = format("{stack_root}/current/atlas-server/data")
+expanded_war_dir = os.environ['METADATA_EXPANDED_WEBAPP_DIR'] if 'METADATA_EXPANDED_WEBAPP_DIR' in os.environ else format("{stack_root}/current/atlas-server/server/webapp")
+
+metadata_log4j_content = config['configurations']['atlas-log4j']['content']
+
+metadata_solrconfig_content = default("/configurations/atlas-solrconfig/content", None)
+
+atlas_log_level = config['configurations']['atlas-log4j']['atlas_log_level']
+audit_log_level = config['configurations']['atlas-log4j']['audit_log_level']
+atlas_log_max_backup_size = default("/configurations/atlas-log4j/atlas_log_max_backup_size", 256)
+atlas_log_number_of_backup_files = default("/configurations/atlas-log4j/atlas_log_number_of_backup_files", 20)
+
+# smoke test
+smoke_test_user = config['configurations']['cluster-env']['smokeuser']
+smoke_test_password = 'smoke'
+smokeuser_principal = config['configurations']['cluster-env']['smokeuser_principal_name']
+smokeuser_keytab = config['configurations']['cluster-env']['smokeuser_keytab']
+
+
+security_check_status_file = format('{log_dir}/security_check.status')
+
+# hbase
+hbase_conf_dir = "/etc/hbase/conf"
+
+atlas_search_backend = default("/configurations/application-properties/atlas.graph.index.search.backend", "")
+search_backend_solr = atlas_search_backend.startswith('solr')
+
+# infra solr
+infra_solr_znode = default("/configurations/infra-solr-env/infra_solr_znode", None)
+infra_solr_hosts = default("/clusterHostInfo/infra_solr_hosts", [])
+infra_solr_replication_factor = 2 if len(infra_solr_hosts) > 1 else 1
+atlas_solr_shards = default("/configurations/atlas-env/atlas_solr-shards", 1)
+has_infra_solr = len(infra_solr_hosts) > 0
+infra_solr_role_atlas = default('configurations/infra-solr-security-json/infra_solr_role_atlas', 'atlas_user')
+infra_solr_role_dev = default('configurations/infra-solr-security-json/infra_solr_role_dev', 'dev')
+infra_solr_role_ranger_audit = default('configurations/infra-solr-security-json/infra_solr_role_ranger_audit', 'ranger_audit_user')
+
+# zookeeper
+zookeeper_hosts = config['clusterHostInfo']['zookeeper_hosts']
+zookeeper_port = default('/configurations/zoo.cfg/clientPort', None)
+
+# get comma separated lists of zookeeper hosts from clusterHostInfo
+index = 0
+zookeeper_quorum = ""
+for host in zookeeper_hosts:
+ zookeeper_host = host
+ if zookeeper_port is not None:
+ zookeeper_host = host + ":" + str(zookeeper_port)
+
+ zookeeper_quorum += zookeeper_host
+ index += 1
+ if index < len(zookeeper_hosts):
+ zookeeper_quorum += ","
+
+stack_supports_atlas_hdfs_site_on_namenode_ha = check_stack_feature(StackFeature.ATLAS_HDFS_SITE_ON_NAMENODE_HA, version_for_stack_feature_checks)
+
+atlas_server_xmx = default("configurations/atlas-env/atlas_server_xmx", 2048)
+atlas_server_max_new_size = default("configurations/atlas-env/atlas_server_max_new_size", 614)
+
+hbase_master_hosts = default('/clusterHostInfo/hbase_master_hosts', [])
+has_hbase_master = not len(hbase_master_hosts) == 0
+
+atlas_hbase_setup = format("{exec_tmp_dir}/atlas_hbase_setup.rb")
+atlas_kafka_setup = format("{exec_tmp_dir}/atlas_kafka_acl.sh")
+atlas_graph_storage_hbase_table = default('/configurations/application-properties/atlas.graph.storage.hbase.table', None)
+atlas_audit_hbase_tablename = default('/configurations/application-properties/atlas.audit.hbase.tablename', None)
+
+hbase_user_keytab = default('/configurations/hbase-env/hbase_user_keytab', None)
+hbase_principal_name = default('/configurations/hbase-env/hbase_principal_name', None)
+
+# ToDo: Kafka port to Atlas
+# Used while upgrading the stack in a kerberized cluster and running kafka-acls.sh
+hosts_with_kafka = default('/clusterHostInfo/kafka_broker_hosts', [])
+host_with_kafka = hostname in hosts_with_kafka
+
+ranger_tagsync_hosts = default("/clusterHostInfo/ranger_tagsync_hosts", [])
+has_ranger_tagsync = len(ranger_tagsync_hosts) > 0
+rangertagsync_user = "rangertagsync"
+
+kafka_keytab = default('/configurations/kafka-env/kafka_keytab', None)
+kafka_principal_name = default('/configurations/kafka-env/kafka_principal_name', None)
+default_replication_factor = default('/configurations/application-properties/atlas.notification.replicas', None)
+
+if check_stack_feature(StackFeature.ATLAS_UPGRADE_SUPPORT, version_for_stack_feature_checks):
+ default_replication_factor = default('/configurations/application-properties/atlas.notification.replicas', None)
+
+ kafka_env_sh_template = config['configurations']['kafka-env']['content']
+ kafka_home = os.path.join(stack_root, "current", "kafka-broker")
+ kafka_conf_dir = os.path.join(kafka_home, "config")
+
+ kafka_zk_endpoint = default("/configurations/kafka-broker/zookeeper.connect", None)
+ kafka_kerberos_enabled = (('security.inter.broker.protocol' in config['configurations']['kafka-broker']) and
+ ((config['configurations']['kafka-broker']['security.inter.broker.protocol'] == "PLAINTEXTSASL") or
+ (config['configurations']['kafka-broker']['security.inter.broker.protocol'] == "SASL_PLAINTEXT")))
+ if security_enabled and stack_version_formatted != "" and 'kafka_principal_name' in config['configurations']['kafka-env'] \
+ and check_stack_feature(StackFeature.KAFKA_KERBEROS, stack_version_formatted):
+ _hostname_lowercase = config['hostname'].lower()
+ _kafka_principal_name = config['configurations']['kafka-env']['kafka_principal_name']
+ kafka_jaas_principal = _kafka_principal_name.replace('_HOST', _hostname_lowercase)
+ kafka_keytab_path = config['configurations']['kafka-env']['kafka_keytab']
+ kafka_bare_jaas_principal = get_bare_principal(_kafka_principal_name)
+ kafka_kerberos_params = "-Djava.security.auth.login.config={0}/kafka_jaas.conf".format(kafka_conf_dir)
+ else:
+ kafka_kerberos_params = ''
+ kafka_jaas_principal = None
+ kafka_keytab_path = None
+
+namenode_host = set(default("/clusterHostInfo/namenode_host", []))
+has_namenode = not len(namenode_host) == 0
+
+# ranger altas plugin section start
+
+# ranger host
+ranger_admin_hosts = default("/clusterHostInfo/ranger_admin_hosts", [])
+has_ranger_admin = not len(ranger_admin_hosts) == 0
+
+retry_enabled = default("/commandParams/command_retry_enabled", False)
+
+stack_supports_atlas_ranger_plugin = check_stack_feature(StackFeature.ATLAS_RANGER_PLUGIN_SUPPORT, version_for_stack_feature_checks)
+stack_supports_ranger_kerberos = check_stack_feature(StackFeature.RANGER_KERBEROS_SUPPORT, version_for_stack_feature_checks)
+
+# ranger support xml_configuration flag, instead of depending on ranger xml_configurations_supported/ranger-env, using stack feature
+xml_configurations_supported = check_stack_feature(StackFeature.RANGER_XML_CONFIGURATION, version_for_stack_feature_checks)
+
+# ranger atlas plugin enabled property
+enable_ranger_atlas = default("/configurations/ranger-atlas-plugin-properties/ranger-atlas-plugin-enabled", "No")
+enable_ranger_atlas = True if enable_ranger_atlas.lower() == "yes" else False
+
+# ranger hbase plugin enabled property
+enable_ranger_hbase = default("/configurations/ranger-hbase-plugin-properties/ranger-hbase-plugin-enabled", "No")
+enable_ranger_hbase = True if enable_ranger_hbase.lower() == 'yes' else False
+
+if stack_supports_atlas_ranger_plugin and enable_ranger_atlas:
+ # for create_hdfs_directory
+ hdfs_user = config['configurations']['hadoop-env']['hdfs_user'] if has_namenode else None
+ hdfs_user_keytab = config['configurations']['hadoop-env']['hdfs_user_keytab'] if has_namenode else None
+ hdfs_principal_name = config['configurations']['hadoop-env']['hdfs_principal_name'] if has_namenode else None
+ hdfs_site = config['configurations']['hdfs-site']
+ default_fs = config['configurations']['core-site']['fs.defaultFS']
+ dfs_type = default("/commandParams/dfs_type", "")
+
+ import functools
+ from resource_management.libraries.resources.hdfs_resource import HdfsResource
+ from resource_management.libraries.functions.get_not_managed_resources import get_not_managed_resources
+ #create partial functions with common arguments for every HdfsResource call
+ #to create hdfs directory we need to call params.HdfsResource in code
+
+ HdfsResource = functools.partial(
+ HdfsResource,
+ user = hdfs_user,
+ hdfs_resource_ignore_file = "/var/lib/ambari-agent/data/.hdfs_resource_ignore",
+ security_enabled = security_enabled,
+ keytab = hdfs_user_keytab,
+ kinit_path_local = kinit_path_local,
+ hadoop_bin_dir = hadoop_bin_dir,
+ hadoop_conf_dir = hadoop_conf_dir,
+ principal_name = hdfs_principal_name,
+ hdfs_site = hdfs_site,
+ default_fs = default_fs,
+ immutable_paths = get_not_managed_resources(),
+ dfs_type = dfs_type
+ )
+
+ # ranger atlas service/repository name
+ repo_name = str(config['clusterName']) + '_atlas'
+ repo_name_value = config['configurations']['ranger-atlas-security']['ranger.plugin.atlas.service.name']
+ if not is_empty(repo_name_value) and repo_name_value != "{{repo_name}}":
+ repo_name = repo_name_value
+
+ ssl_keystore_password = config['configurations']['ranger-atlas-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']
+ ssl_truststore_password = config['configurations']['ranger-atlas-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']
+ credential_file = format('/etc/ranger/{repo_name}/cred.jceks')
+ xa_audit_hdfs_is_enabled = default('/configurations/ranger-atlas-audit/xasecure.audit.destination.hdfs', False)
+
+ # get ranger policy url
+ policymgr_mgr_url = config['configurations']['ranger-atlas-security']['ranger.plugin.atlas.policy.rest.url']
+
+ if not is_empty(policymgr_mgr_url) and policymgr_mgr_url.endswith('/'):
+ policymgr_mgr_url = policymgr_mgr_url.rstrip('/')
+
+ downloaded_custom_connector = None
+ driver_curl_source = None
+ driver_curl_target = None
+
+ ranger_env = config['configurations']['ranger-env']
+
+ # create ranger-env config having external ranger credential properties
+ if not has_ranger_admin and enable_ranger_atlas:
+ external_admin_username = default('/configurations/ranger-atlas-plugin-properties/external_admin_username', 'admin')
+ external_admin_password = default('/configurations/ranger-atlas-plugin-properties/external_admin_password', 'admin')
+ external_ranger_admin_username = default('/configurations/ranger-atlas-plugin-properties/external_ranger_admin_username', 'amb_ranger_admin')
+ external_ranger_admin_password = default('/configurations/ranger-atlas-plugin-properties/external_ranger_admin_password', 'amb_ranger_admin')
+ ranger_env = {}
+ ranger_env['admin_username'] = external_admin_username
+ ranger_env['admin_password'] = external_admin_password
+ ranger_env['ranger_admin_username'] = external_ranger_admin_username
+ ranger_env['ranger_admin_password'] = external_ranger_admin_password
+
+ ranger_plugin_properties = config['configurations']['ranger-atlas-plugin-properties']
+ ranger_atlas_audit = config['configurations']['ranger-atlas-audit']
+ ranger_atlas_audit_attrs = config['configuration_attributes']['ranger-atlas-audit']
+ ranger_atlas_security = config['configurations']['ranger-atlas-security']
+ ranger_atlas_security_attrs = config['configuration_attributes']['ranger-atlas-security']
+ ranger_atlas_policymgr_ssl = config['configurations']['ranger-atlas-policymgr-ssl']
+ ranger_atlas_policymgr_ssl_attrs = config['configuration_attributes']['ranger-atlas-policymgr-ssl']
+
+ policy_user = config['configurations']['ranger-atlas-plugin-properties']['policy_user']
+
+ atlas_repository_configuration = {
+ 'username' : config['configurations']['ranger-atlas-plugin-properties']['REPOSITORY_CONFIG_USERNAME'],
+ 'password' : unicode(config['configurations']['ranger-atlas-plugin-properties']['REPOSITORY_CONFIG_PASSWORD']),
+ 'atlas.rest.address' : metadata_server_url,
+ 'commonNameForCertificate' : config['configurations']['ranger-atlas-plugin-properties']['common.name.for.certificate'],
+ 'ambari.service.check.user' : policy_user
+ }
+
+ custom_ranger_service_config = generate_ranger_service_config(ranger_plugin_properties)
+ if len(custom_ranger_service_config) > 0:
+ atlas_repository_configuration.update(custom_ranger_service_config)
+
+ if security_enabled:
+ atlas_repository_configuration['policy.download.auth.users'] = metadata_user
+ atlas_repository_configuration['tag.download.auth.users'] = metadata_user
+
+ atlas_ranger_plugin_repo = {
+ 'isEnabled': 'true',
+ 'configs': atlas_repository_configuration,
+ 'description': 'atlas repo',
+ 'name': repo_name,
+ 'type': 'atlas',
+ }
+# ranger atlas plugin section end
+# atlas admin login username password
+atlas_admin_username = config['configurations']['atlas-env']['atlas.admin.username']
+atlas_admin_password = config['configurations']['atlas-env']['atlas.admin.password']
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/service_check.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/service_check.py b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/service_check.py
new file mode 100644
index 0000000..cada8c3
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/service_check.py
@@ -0,0 +1,55 @@
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+
+from resource_management.libraries.script.script import Script
+from resource_management.libraries.functions.format import format
+from resource_management.core.logger import Logger
+from resource_management.core.resources.system import Execute
+from resource_management.core.exceptions import ComponentIsNotRunning
+from resource_management.core.exceptions import Fail
+
+class AtlasServiceCheck(Script):
+
+ def service_check(self, env):
+ import params
+
+ env.set_params(params)
+
+ if params.security_enabled:
+ Execute(format("{kinit_path_local} -kt {smokeuser_keytab} {smokeuser_principal}"),
+ user=params.smoke_test_user)
+ atlas_host_call_count = 0
+
+ for atlas_host in params.atlas_hosts:
+ if params.security_enabled:
+ smoke_cmd = format('curl -k --negotiate -u : -b ~/cookiejar.txt -c ~/cookiejar.txt -s -o /dev/null -w "%{{http_code}}" {metadata_protocol}://{atlas_host}:{metadata_port}/')
+ else:
+ smoke_cmd = format('curl -k -s -o /dev/null -w "%{{http_code}}" {metadata_protocol}://{atlas_host}:{metadata_port}/')
+ try:
+ Execute(smoke_cmd , user=params.smoke_test_user, tries = 5,
+ try_sleep = 10)
+ except Exception, err:
+ atlas_host_call_count = atlas_host_call_count + 1
+ Logger.error("ATLAS service check failed for host {0} with error {1}".format(atlas_host,err))
+ if atlas_host_call_count == len(params.atlas_hosts):
+ raise Fail("All instances of ATLAS METADATA SERVER are down.")
+
+
+if __name__ == "__main__":
+ AtlasServiceCheck().execute()
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/setup_ranger_atlas.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/setup_ranger_atlas.py b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/setup_ranger_atlas.py
new file mode 100644
index 0000000..c47c75c
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/setup_ranger_atlas.py
@@ -0,0 +1,70 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+from resource_management.core.logger import Logger
+
+def setup_ranger_atlas(upgrade_type=None):
+ import params
+
+ if params.enable_ranger_atlas:
+
+ from resource_management.libraries.functions.setup_ranger_plugin_xml import setup_ranger_plugin
+
+ if params.retry_enabled:
+ Logger.info("ATLAS: Setup ranger: command retry enables thus retrying if ranger admin is down !")
+ else:
+ Logger.info("ATLAS: Setup ranger: command retry not enabled thus skipping if ranger admin is down !")
+
+ if params.enable_ranger_atlas and params.xa_audit_hdfs_is_enabled:
+ if params.has_namenode:
+ params.HdfsResource("/ranger/audit",
+ type="directory",
+ action="create_on_execute",
+ owner=params.metadata_user,
+ group=params.user_group,
+ mode=0755,
+ recursive_chmod=True
+ )
+ params.HdfsResource("/ranger/audit/atlas",
+ type="directory",
+ action="create_on_execute",
+ owner=params.metadata_user,
+ group=params.user_group,
+ mode=0700,
+ recursive_chmod=True
+ )
+ params.HdfsResource(None, action="execute")
+
+ setup_ranger_plugin('atlas-server', 'atlas',None,
+ params.downloaded_custom_connector, params.driver_curl_source,
+ params.driver_curl_target, params.java64_home,
+ params.repo_name, params.atlas_ranger_plugin_repo,
+ params.ranger_env, params.ranger_plugin_properties,
+ params.policy_user, params.policymgr_mgr_url,
+ params.enable_ranger_atlas, conf_dict=params.conf_dir,
+ component_user=params.metadata_user, component_group=params.user_group, cache_service_list=['atlas'],
+ plugin_audit_properties=params.config['configurations']['ranger-atlas-audit'], plugin_audit_attributes=params.config['configuration_attributes']['ranger-atlas-audit'],
+ plugin_security_properties=params.config['configurations']['ranger-atlas-security'], plugin_security_attributes=params.config['configuration_attributes']['ranger-atlas-security'],
+ plugin_policymgr_ssl_properties=params.config['configurations']['ranger-atlas-policymgr-ssl'], plugin_policymgr_ssl_attributes=params.config['configuration_attributes']['ranger-atlas-policymgr-ssl'],
+ component_list=['atlas-server'], audit_db_is_enabled=False,
+ credential_file=params.credential_file, xa_audit_db_password=None,
+ ssl_truststore_password=params.ssl_truststore_password, ssl_keystore_password=params.ssl_keystore_password,
+ api_version = 'v2', skip_if_rangeradmin_down = not params.retry_enabled, is_security_enabled = params.security_enabled,
+ is_stack_supports_ranger_kerberos = params.stack_supports_ranger_kerberos,
+ component_user_principal=params.atlas_jaas_principal if params.security_enabled else None,
+ component_user_keytab=params.atlas_keytab_path if params.security_enabled else None)
+ else:
+ Logger.info('Ranger Atlas plugin is not enabled')
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/status_params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/status_params.py b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/status_params.py
new file mode 100644
index 0000000..852a9cb
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/scripts/status_params.py
@@ -0,0 +1,60 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+import os
+from resource_management.libraries.script.script import Script
+from resource_management.libraries.functions.format import format
+from resource_management.libraries.functions import get_kinit_path, format_stack_version
+from resource_management.libraries.functions.default import default
+from resource_management.libraries.functions import conf_select
+from resource_management.libraries.functions import stack_select
+
+from resource_management.libraries.functions.stack_features import check_stack_feature, get_stack_feature_version
+from resource_management.libraries.functions import StackFeature
+
+
+config = Script.get_config()
+stack_root = Script.get_stack_root()
+
+default_conf_file = "application.properties"
+
+# get the correct version to use for checking stack features
+version_for_stack_feature_checks = get_stack_feature_version(config)
+
+if check_stack_feature(StackFeature.ATLAS_UPGRADE_SUPPORT, version_for_stack_feature_checks):
+ default_conf_file = "atlas-application.properties"
+
+conf_file = default("/configurations/atlas-env/metadata_conf_file", default_conf_file)
+conf_dir = format("{stack_root}/current/atlas-server/conf")
+pid_dir = default("/configurations/atlas-env/metadata_pid_dir", "/var/run/atlas")
+pid_file = format("{pid_dir}/atlas.pid")
+
+metadata_user = default("/configurations/atlas-env/metadata_user", None)
+hbase_user = default("/configurations/hbase-env/hbase_user", None)
+kafka_user = default("/configurations/kafka-env/kafka_user", None)
+
+# Security related/required params
+hostname = config['hostname']
+security_enabled = default("/configurations/cluster-env/security_enabled", None)
+kinit_path_local = get_kinit_path(default('/configurations/kerberos-env/executable_search_paths', None))
+tmp_dir = Script.get_tmp_dir()
+
+stack_name = default("/hostLevelParams/stack_name", None)
+hadoop_conf_dir = conf_select.get_hadoop_conf_dir()
+hadoop_bin_dir = stack_select.get_hadoop_dir("bin")
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_hbase_setup.rb.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_hbase_setup.rb.j2 b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_hbase_setup.rb.j2
new file mode 100644
index 0000000..14167dc
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_hbase_setup.rb.j2
@@ -0,0 +1,42 @@
+{#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#}
+
+_tbl_titan = '{{atlas_graph_storage_hbase_table}}'
+_tbl_audit = '{{atlas_audit_hbase_tablename}}'
+_usr_atlas = '{{metadata_user}}'
+
+
+if not list.include? _tbl_titan
+ begin
+ create _tbl_titan,{NAME => 'e',DATA_BLOCK_ENCODING => 'FAST_DIFF', COMPRESSION =>'GZ', BLOOMFILTER =>'ROW'},{NAME => 'g',DATA_BLOCK_ENCODING => 'FAST_DIFF', COMPRESSION =>'GZ', BLOOMFILTER =>'ROW'},{NAME => 'i',DATA_BLOCK_ENCODING => 'FAST_DIFF', COMPRESSION =>'GZ', BLOOMFILTER =>'ROW'},{NAME => 's',DATA_BLOCK_ENCODING => 'FAST_DIFF', COMPRESSION =>'GZ', BLOOMFILTER =>'ROW'},{NAME => 'm',DATA_BLOCK_ENCODING => 'FAST_DIFF', COMPRESSION =>'GZ', BLOOMFILTER =>'ROW'},{NAME => 'l',DATA_BLOCK_ENCODING => 'FAST_DIFF', COMPRESSION =>'GZ', BLOOMFILTER =>'ROW', TTL => 604800, KEEP_DELETED_CELLS =>false}
+ rescue RuntimeError => e
+ raise e if not e.message.include? "Table already exists"
+ end
+end
+
+
+if not list.include? _tbl_audit
+ begin
+ create _tbl_audit, {NAME => 'dt', DATA_BLOCK_ENCODING => 'FAST_DIFF', COMPRESSION =>'GZ', BLOOMFILTER =>'ROW'}
+ rescue RuntimeError => e
+ raise e if not e.message.include? "Table already exists"
+ end
+end
+
+grant _usr_atlas, 'RWCA', _tbl_titan
+grant _usr_atlas, 'RWCA', _tbl_audit
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_jaas.conf.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_jaas.conf.j2 b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_jaas.conf.j2
new file mode 100644
index 0000000..68eb088
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_jaas.conf.j2
@@ -0,0 +1,26 @@
+{#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#}
+Client {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useKeyTab=true
+ useTicketCache=false
+ storeKey=true
+ doNotPrompt=false
+ keyTab="{{atlas_keytab_path}}"
+ principal="{{atlas_jaas_principal}}";
+};
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_kafka_acl.sh.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_kafka_acl.sh.j2 b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_kafka_acl.sh.j2
new file mode 100644
index 0000000..6a2edc6
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/atlas_kafka_acl.sh.j2
@@ -0,0 +1,41 @@
+{#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#}
+#!/bin/bash
+
+
+create_topic() {
+ topic_name=$1
+ topics=`{{kafka_home}}/bin/kafka-topics.sh --zookeeper {{kafka_zk_endpoint}} --topic $topic_name --list`
+ if [ -z $topics ]; then
+ {{kafka_home}}/bin/kafka-topics.sh --zookeeper {{kafka_zk_endpoint}} --topic $topic_name --create --partitions 1 --replication-factor {{default_replication_factor}}
+ echo "Created topic $topic_name with replication factor {{default_replication_factor}}"
+ else
+ echo "Topic $topic_name already exists"
+ fi
+}
+
+create_topic ATLAS_HOOK
+create_topic ATLAS_ENTITIES
+
+{{kafka_home}}/bin/kafka-acls.sh --authorizer-properties zookeeper.connect={{kafka_zk_endpoint}} --add --topic ATLAS_HOOK --allow-principal User:* --producer
+{{kafka_home}}/bin/kafka-acls.sh --authorizer-properties zookeeper.connect={{kafka_zk_endpoint}} --add --topic ATLAS_HOOK --allow-principal User:{{metadata_user}} --consumer --group atlas
+{{kafka_home}}/bin/kafka-acls.sh --authorizer-properties zookeeper.connect={{kafka_zk_endpoint}} --add --topic ATLAS_ENTITIES --allow-principal User:{{metadata_user}} --producer
+
+{% if has_ranger_tagsync %}
+{{kafka_home}}/bin/kafka-acls.sh --authorizer-properties zookeeper.connect={{kafka_zk_endpoint}} --add --topic ATLAS_ENTITIES --allow-principal User:{{rangertagsync_user}} --consumer --group ranger_entities_consumer
+{% endif %}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/input.config-atlas.json.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/input.config-atlas.json.j2 b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/input.config-atlas.json.j2
new file mode 100644
index 0000000..2d977b9
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/input.config-atlas.json.j2
@@ -0,0 +1,48 @@
+{#
+ # Licensed to the Apache Software Foundation (ASF) under one
+ # or more contributor license agreements. See the NOTICE file
+ # distributed with this work for additional information
+ # regarding copyright ownership. The ASF licenses this file
+ # to you under the Apache License, Version 2.0 (the
+ # "License"); you may not use this file except in compliance
+ # with the License. You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+ #}
+{
+ "input":[
+ {
+ "type":"atlas_app",
+ "rowtype":"service",
+ "path":"{{default('/configurations/atlas-env/metadata_log_dir', '/var/log/atlas')}}/application.log"
+ }
+ ],
+ "filter":[
+ {
+ "filter":"grok",
+ "conditions":{
+ "fields":{
+ "type":[
+ "atlas_app"
+ ]
+ }
+ },
+ "log4j_format":"%d %-5p - [%t:%x] ~ %m (%c{1}:%L)%n",
+ "multiline_pattern":"^(%{TIMESTAMP_ISO8601:logtime})",
+ "message_pattern":"(?m)^%{TIMESTAMP_ISO8601:logtime}%{SPACE}%{LOGLEVEL:level}%{SPACE}%{SPACE}-%{SPACE}\\[%{DATA:thread_name}\\]%{SPACE}~%{SPACE}%{GREEDYDATA:log_message}",
+ "post_map_values":{
+ "logtime":{
+ "map_date":{
+ "target_date_pattern":"yyyy-MM-dd HH:mm:ss,SSS"
+ }
+ }
+ }
+ }
+ ]
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/kafka_jaas.conf.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/kafka_jaas.conf.j2 b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/kafka_jaas.conf.j2
new file mode 100644
index 0000000..56c558d
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/package/templates/kafka_jaas.conf.j2
@@ -0,0 +1,41 @@
+{#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#}
+KafkaServer {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useKeyTab=true
+ keyTab="{{kafka_keytab_path}}"
+ storeKey=true
+ useTicketCache=false
+ serviceName="{{kafka_bare_jaas_principal}}"
+ principal="{{kafka_jaas_principal}}";
+};
+KafkaClient {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useTicketCache=true
+ renewTicket=true
+ serviceName="{{kafka_bare_jaas_principal}}";
+};
+Client {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useKeyTab=true
+ keyTab="{{kafka_keytab_path}}"
+ storeKey=true
+ useTicketCache=false
+ serviceName="zookeeper"
+ principal="{{kafka_jaas_principal}}";
+};
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/quicklinks/quicklinks.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/quicklinks/quicklinks.json b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/quicklinks/quicklinks.json
new file mode 100644
index 0000000..0a7d0a0
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/quicklinks/quicklinks.json
@@ -0,0 +1,36 @@
+{
+ "name": "default",
+ "description": "default quick links configuration",
+ "configuration": {
+ "protocol":
+ {
+ "type":"https",
+ "checks":[
+ {
+ "property":"atlas.enableTLS",
+ "desired":"true",
+ "site":"application-properties"
+ }
+ ]
+ },
+
+ "links": [
+ {
+ "name": "atlas_dashboard",
+ "label": "Atlas Dashboard",
+ "requires_user_name": "true",
+ "component_name": "ATLAS_SERVER",
+ "url": "%@://%@:%@/",
+ "attributes": ["authenticated", "sso"],
+ "port":{
+ "http_property": "atlas.server.http.port",
+ "http_default_port": "21000",
+ "https_property": "atlas.server.https.port",
+ "https_default_port": "21443",
+ "regex": "^(\\d+)$",
+ "site": "application-properties"
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/42a542a5/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/role_command_order.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/role_command_order.json b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/role_command_order.json
new file mode 100644
index 0000000..4d66dfc
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/ATLAS/0.7.0.3.0/role_command_order.json
@@ -0,0 +1,7 @@
+{
+ "general_deps" : {
+ "_comment" : "dependencies for ATLAS",
+ "ATLAS_SERVICE_CHECK-SERVICE_CHECK": ["ATLAS_SERVER-START"],
+ "ATLAS_SERVER-START": ["KAFKA_BROKER-START", "INFRA_SOLR-START", "HBASE_MASTER-START", "HBASE_REGIONSERVER-START"]
+ }
+}