You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by jo...@apache.org on 2017/07/17 16:20:27 UTC
[09/26] ambari git commit: AMBARI-21234. Ambari rack awareness for
Kafka. (Ambud Sharma via stoader)
AMBARI-21234. Ambari rack awareness for Kafka. (Ambud Sharma via stoader)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/84b3c713
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/84b3c713
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/84b3c713
Branch: refs/heads/branch-feature-AMBARI-21348
Commit: 84b3c7139486e733a5fbc3de628e51510eb0b261
Parents: bc06736
Author: Ambud Sharma <am...@hortonworks.com>
Authored: Fri Jul 14 14:28:55 2017 +0200
Committer: Toader, Sebastian <st...@hortonworks.com>
Committed: Fri Jul 14 14:28:55 2017 +0200
----------------------------------------------------------------------
.../0.10.0/configuration/ranger-kafka-audit.xml | 58 ++++++++++++++
.../common-services/KAFKA/0.10.0/kerberos.json | 79 ++++++++++++++++++++
.../common-services/KAFKA/0.10.0/metainfo.xml | 28 +++++++
.../KAFKA/0.8.1/package/scripts/kafka.py | 12 +++
.../KAFKA/0.8.1/package/scripts/params.py | 3 +
.../stacks/HDP/2.5/services/KAFKA/metainfo.xml | 1 +
6 files changed, 181 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/84b3c713/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/configuration/ranger-kafka-audit.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/configuration/ranger-kafka-audit.xml b/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/configuration/ranger-kafka-audit.xml
new file mode 100644
index 0000000..fff9132
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/configuration/ranger-kafka-audit.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+<configuration>
+ <property>
+ <name>xasecure.audit.destination.db</name>
+ <deleted>true</deleted>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>xasecure.audit.destination.db.jdbc.url</name>
+ <deleted>true</deleted>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>xasecure.audit.destination.db.user</name>
+ <deleted>true</deleted>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>xasecure.audit.destination.db.password</name>
+ <deleted>true</deleted>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>xasecure.audit.destination.db.jdbc.driver</name>
+ <deleted>true</deleted>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>xasecure.audit.credential.provider.file</name>
+ <deleted>true</deleted>
+ <on-ambari-upgrade add="false"/>
+ </property>
+ <property>
+ <name>xasecure.audit.destination.db.batch.filespool.dir</name>
+ <deleted>true</deleted>
+ <on-ambari-upgrade add="false"/>
+ </property>
+
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/84b3c713/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/kerberos.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/kerberos.json b/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/kerberos.json
new file mode 100644
index 0000000..b4d0018
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/kerberos.json
@@ -0,0 +1,79 @@
+{
+ "services": [
+ {
+ "name": "KAFKA",
+ "identities": [
+ {
+ "name": "/smokeuser"
+ }
+ ],
+ "configurations": [
+ {
+ "kafka-broker": {
+ "authorizer.class.name": "kafka.security.auth.SimpleAclAuthorizer",
+ "principal.to.local.class":"kafka.security.auth.KerberosPrincipalToLocal",
+ "super.users": "user:${kafka-env/kafka_user}",
+ "security.inter.broker.protocol": "PLAINTEXTSASL",
+ "zookeeper.set.acl": "true",
+ "listeners": "${kafka-broker/listeners|replace(\\bPLAINTEXT\\b, PLAINTEXTSASL)}"
+ }
+ },
+ {
+ "ranger-kafka-audit": {
+ "xasecure.audit.jaas.Client.loginModuleName": "com.sun.security.auth.module.Krb5LoginModule",
+ "xasecure.audit.jaas.Client.loginModuleControlFlag": "required",
+ "xasecure.audit.jaas.Client.option.useKeyTab": "true",
+ "xasecure.audit.jaas.Client.option.storeKey": "false",
+ "xasecure.audit.jaas.Client.option.serviceName": "solr",
+ "xasecure.audit.destination.solr.force.use.inmemory.jaas.config": "true"
+ }
+ }
+ ],
+ "auth_to_local_properties" : [
+ "kafka-broker/sasl.kerberos.principal.to.local.rules|comma"
+ ],
+ "components": [
+ {
+ "name": "KAFKA_BROKER",
+ "identities": [
+ {
+ "name": "kafka_broker",
+ "principal": {
+ "value": "${kafka-env/kafka_user}/_HOST@${realm}",
+ "type": "service",
+ "configuration": "kafka-env/kafka_principal_name"
+ },
+ "keytab": {
+ "file": "${keytab_dir}/kafka.service.keytab",
+ "owner": {
+ "name": "${kafka-env/kafka_user}",
+ "access": "r"
+ },
+ "group": {
+ "name": "${cluster-env/user_group}",
+ "access": ""
+ },
+ "configuration": "kafka-env/kafka_keytab"
+ }
+ },
+ {
+ "name": "/KAFKA/KAFKA_BROKER/kafka_broker",
+ "principal": {
+ "configuration": "ranger-kafka-audit/xasecure.audit.jaas.Client.option.principal"
+ },
+ "keytab": {
+ "configuration": "ranger-kafka-audit/xasecure.audit.jaas.Client.option.keyTab"
+ }
+ },
+ {
+ "name": "/HDFS/NAMENODE/hdfs",
+ "when" : {
+ "contains" : ["services", "HDFS"]
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ]
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/84b3c713/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/metainfo.xml b/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/metainfo.xml
new file mode 100644
index 0000000..c1fcde8
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/KAFKA/0.10.0/metainfo.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<metainfo>
+ <schemaVersion>2.0</schemaVersion>
+ <services>
+ <service>
+ <name>KAFKA</name>
+ <extends>common-services/KAFKA/0.9.0</extends>
+ <version>0.10.0</version>
+ <restartRequiredAfterRackChange>true</restartRequiredAfterRackChange>
+ </service>
+ </services>
+</metainfo>
http://git-wip-us.apache.org/repos/asf/ambari/blob/84b3c713/ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/kafka.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/kafka.py b/ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/kafka.py
index 1327090..e6d7339 100644
--- a/ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/kafka.py
+++ b/ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/kafka.py
@@ -108,6 +108,18 @@ def kafka(upgrade_type=None):
kafka_data_dir = kafka_server_config['log.dirs']
kafka_data_dirs = filter(None, kafka_data_dir.split(","))
+
+ rack="/default-rack"
+ i=0
+ if len(params.all_racks) > 0:
+ for host in params.all_hosts:
+ if host == params.hostname:
+ rack=params.all_racks[i]
+ break
+ i=i+1
+
+ kafka_server_config['broker.rack']=rack
+
Directory(kafka_data_dirs,
mode=0755,
cd_access='a',
http://git-wip-us.apache.org/repos/asf/ambari/blob/84b3c713/ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/params.py b/ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/params.py
index c36a10f..8aa4fc2 100644
--- a/ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/params.py
+++ b/ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/params.py
@@ -105,6 +105,9 @@ zookeeper_hosts.sort()
secure_acls = default("/configurations/kafka-broker/zookeeper.set.acl", False)
kafka_security_migrator = os.path.join(kafka_home, "bin", "zookeeper-security-migration.sh")
+all_hosts = default("/clusterHostInfo/all_hosts", [])
+all_racks = default("/clusterHostInfo/all_racks", [])
+
#Kafka log4j
kafka_log_maxfilesize = default('/configurations/kafka-log4j/kafka_log_maxfilesize',256)
kafka_log_maxbackupindex = default('/configurations/kafka-log4j/kafka_log_maxbackupindex',20)
http://git-wip-us.apache.org/repos/asf/ambari/blob/84b3c713/ambari-server/src/main/resources/stacks/HDP/2.5/services/KAFKA/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.5/services/KAFKA/metainfo.xml b/ambari-server/src/main/resources/stacks/HDP/2.5/services/KAFKA/metainfo.xml
index 12f6c45..14367ea 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.5/services/KAFKA/metainfo.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.5/services/KAFKA/metainfo.xml
@@ -21,6 +21,7 @@
<service>
<name>KAFKA</name>
<version>0.10.0.2.5</version>
+ <extends>common-services/KAFKA/0.10.0</extends>
</service>
</services>
</metainfo>