You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Andrew Luo <an...@outlook.com> on 2020/06/14 22:25:18 UTC
Re: Review Request 72205: RANGER-2752: Add corresponding upgrade
patch for RANGER-2550
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72205/#review221003
-----------------------------------------------------------
Seems to be replaced by https://reviews.apache.org/r/72383/
- Andrew Luo
On March 6, 2020, 4:28 a.m., Andrew Luo wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72205/
> -----------------------------------------------------------
>
> (Updated March 6, 2020, 4:28 a.m.)
>
>
> Review request for ranger and Pradeep Agrawal.
>
>
> Bugs: RANGER-2752
> https://issues.apache.org/jira/browse/RANGER-2752
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Upgrading from 0.7.0 to the current master fails with the following error:
>
> 2020-03-04 07:38:00,523 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java -cp /opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c \; -query "insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J10015', current_timestamp, 'Ranger 2.1.0-SNAPSHOT', current_timestamp, '306a9688fa98','N') ;"
> Wed Mar 04 07:38:01 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> 2020-03-04 07:38:01,164 [I] java patch PatchForKafkaServiceDefUpdate_J10015 is being applied..
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> [EL Warning]: 2020-03-04 07:38:19.282-ClientSession(841450293)-Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd): org.eclipse.persistence.exceptions.DatabaseException
> Internal Exception: com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of range value for column 'sort_order' at row 1
> Error Code: 1264
> Call: INSERT INTO x_access_type_def (ADDED_BY_ID, CREATE_TIME, datamask_options, def_id, item_id, label, name, sort_order, rb_key_label, rowfilter_options, UPDATE_TIME, UPD_BY_ID) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
> bind => [12 parameters bound]
> Query: ValueReadQuery(name="x_access_type_def_SEQ" sql="SELECT LAST_INSERT_ID()")
> 2020-03-04 07:38:19,406 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java -cp /opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c \; -query "delete from x_db_version_h where version = 'J10015' and active = 'N' and updated_by='306a9688fa98';"
> Wed Mar 04 07:38:19 UTC 2020 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
> 2020-03-04 07:38:20,091 [E] applying java patch PatchForKafkaServiceDefUpdate_J10015 failed
>
> This seems to be due to this commit not having corresponding handling (DDL patch) for upgrade scenarios: https://github.com/apache/ranger/commit/2a6dd3d078c52cc1314af581f7b8e6c8cdab933a
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 47618f6b3
> security-admin/db/mysql/patches/048-increase-sort-order.sql PRE-CREATION
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e59e7de61
> security-admin/db/oracle/patches/048-increase-sort-order.sql PRE-CREATION
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 37ea61912
> security-admin/db/postgres/patches/048-increase-sort-order.sql PRE-CREATION
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql bd1c47cc4
> security-admin/db/sqlanywhere/patches/048-increase-sort-order.sql PRE-CREATION
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 22e1746f2
> security-admin/db/sqlserver/patches/048-increase-sort-order.sql PRE-CREATION
>
>
> Diff: https://reviews.apache.org/r/72205/diff/1/
>
>
> Testing
> -------
>
> Tested 0.7.0 to 2.1.0 upgrade on MySQL. Unfortunately I don't have 0.7.0 environments for upgrade testing on other DBs but I copied much of the patch syntax from patch 024, which changes the same column for other tables.
>
>
> Thanks,
>
> Andrew Luo
>
>