You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ab...@apache.org on 2017/07/07 14:58:06 UTC
[19/36] ambari git commit: AMBARI-21058 HDP 3.0 - Changing common
service version for Ranger & Ranger Kms (mugdha)
AMBARI-21058 HDP 3.0 - Changing common service version for Ranger & Ranger Kms (mugdha)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/3dc51b0c
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/3dc51b0c
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/3dc51b0c
Branch: refs/heads/branch-feature-logsearch-ui
Commit: 3dc51b0c93bf13089dddd0f0f937b44d84f5017a
Parents: 19d4200
Author: Mugdha Varadkar <mu...@apache.org>
Authored: Tue Jun 27 15:52:53 2017 +0530
Committer: Mugdha Varadkar <mu...@apache.org>
Committed: Thu Jul 6 09:48:45 2017 +0530
----------------------------------------------------------------------
.../HDFS/3.0.0.3.0/service_advisor.py | 53 +
.../RANGER/0.7.0.3.0/alerts.json | 76 -
.../0.7.0.3.0/configuration/admin-log4j.xml | 132 --
.../configuration/admin-properties.xml | 163 --
.../configuration/atlas-tagsync-ssl.xml | 72 -
.../configuration/ranger-admin-site.xml | 785 --------
.../0.7.0.3.0/configuration/ranger-env.xml | 513 -----
.../0.7.0.3.0/configuration/ranger-site.xml | 30 -
.../configuration/ranger-solr-configuration.xml | 59 -
.../ranger-tagsync-policymgr-ssl.xml | 72 -
.../configuration/ranger-tagsync-site.xml | 206 --
.../configuration/ranger-ugsync-site.xml | 577 ------
.../tagsync-application-properties.xml | 62 -
.../0.7.0.3.0/configuration/tagsync-log4j.xml | 90 -
.../0.7.0.3.0/configuration/usersync-log4j.xml | 89 -
.../configuration/usersync-properties.xml | 32 -
.../RANGER/0.7.0.3.0/kerberos.json | 153 --
.../RANGER/0.7.0.3.0/metainfo.xml | 189 --
.../alerts/alert_ranger_admin_passwd_check.py | 195 --
.../RANGER/0.7.0.3.0/package/scripts/params.py | 448 -----
.../0.7.0.3.0/package/scripts/ranger_admin.py | 217 --
.../0.7.0.3.0/package/scripts/ranger_service.py | 69 -
.../0.7.0.3.0/package/scripts/ranger_tagsync.py | 139 --
.../package/scripts/ranger_usersync.py | 124 --
.../0.7.0.3.0/package/scripts/service_check.py | 49 -
.../0.7.0.3.0/package/scripts/setup_ranger.py | 153 --
.../package/scripts/setup_ranger_xml.py | 853 --------
.../0.7.0.3.0/package/scripts/status_params.py | 39 -
.../RANGER/0.7.0.3.0/package/scripts/upgrade.py | 31 -
.../templates/input.config-ranger.json.j2 | 79 -
.../package/templates/ranger_admin_pam.j2 | 22 -
.../package/templates/ranger_remote_pam.j2 | 22 -
.../package/templates/ranger_solr_jaas_conf.j2 | 26 -
.../properties/ranger-solrconfig.xml.j2 | 1874 ------------------
.../RANGER/0.7.0.3.0/quicklinks/quicklinks.json | 41 -
.../RANGER/0.7.0.3.0/role_command_order.json | 9 -
.../RANGER/0.7.0.3.0/service_advisor.py | 793 --------
.../0.7.0.3.0/themes/theme_version_1.json | 722 -------
.../0.7.0.3.0/themes/theme_version_2.json | 1470 --------------
.../0.7.0.3.0/themes/theme_version_3.json | 692 -------
.../0.7.0.3.0/themes/theme_version_5.json | 48 -
.../RANGER/1.0.0.3.0/alerts.json | 76 +
.../1.0.0.3.0/configuration/admin-log4j.xml | 132 ++
.../configuration/admin-properties.xml | 161 ++
.../configuration/atlas-tagsync-ssl.xml | 72 +
.../configuration/ranger-admin-site.xml | 751 +++++++
.../1.0.0.3.0/configuration/ranger-env.xml | 503 +++++
.../configuration/ranger-solr-configuration.xml | 59 +
.../ranger-tagsync-policymgr-ssl.xml | 72 +
.../configuration/ranger-tagsync-site.xml | 201 ++
.../configuration/ranger-ugsync-site.xml | 571 ++++++
.../tagsync-application-properties.xml | 62 +
.../1.0.0.3.0/configuration/tagsync-log4j.xml | 90 +
.../1.0.0.3.0/configuration/usersync-log4j.xml | 89 +
.../RANGER/1.0.0.3.0/kerberos.json | 153 ++
.../RANGER/1.0.0.3.0/metainfo.xml | 177 ++
.../alerts/alert_ranger_admin_passwd_check.py | 195 ++
.../RANGER/1.0.0.3.0/package/scripts/params.py | 449 +++++
.../1.0.0.3.0/package/scripts/ranger_admin.py | 210 ++
.../1.0.0.3.0/package/scripts/ranger_service.py | 69 +
.../1.0.0.3.0/package/scripts/ranger_tagsync.py | 139 ++
.../package/scripts/ranger_usersync.py | 120 ++
.../1.0.0.3.0/package/scripts/service_check.py | 49 +
.../package/scripts/setup_ranger_xml.py | 853 ++++++++
.../1.0.0.3.0/package/scripts/status_params.py | 39 +
.../RANGER/1.0.0.3.0/package/scripts/upgrade.py | 31 +
.../templates/input.config-ranger.json.j2 | 79 +
.../package/templates/ranger_admin_pam.j2 | 22 +
.../package/templates/ranger_remote_pam.j2 | 22 +
.../package/templates/ranger_solr_jaas_conf.j2 | 26 +
.../properties/ranger-solrconfig.xml.j2 | 1874 ++++++++++++++++++
.../RANGER/1.0.0.3.0/quicklinks/quicklinks.json | 41 +
.../RANGER/1.0.0.3.0/role_command_order.json | 9 +
.../RANGER/1.0.0.3.0/service_advisor.py | 774 ++++++++
.../1.0.0.3.0/themes/theme_version_1.json | 1821 +++++++++++++++++
.../RANGER_KMS/0.5.0.3.0/alerts.json | 32 -
.../0.5.0.3.0/configuration/dbks-site.xml | 206 --
.../0.5.0.3.0/configuration/kms-env.xml | 116 --
.../0.5.0.3.0/configuration/kms-log4j.xml | 120 --
.../0.5.0.3.0/configuration/kms-properties.xml | 166 --
.../0.5.0.3.0/configuration/kms-site.xml | 133 --
.../configuration/ranger-kms-audit.xml | 124 --
.../configuration/ranger-kms-policymgr-ssl.xml | 68 -
.../configuration/ranger-kms-security.xml | 64 -
.../0.5.0.3.0/configuration/ranger-kms-site.xml | 104 -
.../RANGER_KMS/0.5.0.3.0/kerberos.json | 84 -
.../RANGER_KMS/0.5.0.3.0/metainfo.xml | 115 --
.../RANGER_KMS/0.5.0.3.0/package/scripts/kms.py | 677 -------
.../0.5.0.3.0/package/scripts/kms_server.py | 117 --
.../0.5.0.3.0/package/scripts/kms_service.py | 58 -
.../0.5.0.3.0/package/scripts/params.py | 331 ----
.../0.5.0.3.0/package/scripts/service_check.py | 41 -
.../0.5.0.3.0/package/scripts/status_params.py | 36 -
.../0.5.0.3.0/package/scripts/upgrade.py | 30 -
.../templates/input.config-ranger-kms.json.j2 | 48 -
.../0.5.0.3.0/role_command_order.json | 7 -
.../RANGER_KMS/0.5.0.3.0/service_advisor.py | 281 ---
.../0.5.0.3.0/themes/theme_version_1.json | 303 ---
.../0.5.0.3.0/themes/theme_version_2.json | 124 --
.../RANGER_KMS/1.0.0.3.0/alerts.json | 32 +
.../1.0.0.3.0/configuration/dbks-site.xml | 206 ++
.../1.0.0.3.0/configuration/kms-env.xml | 115 ++
.../1.0.0.3.0/configuration/kms-log4j.xml | 120 ++
.../1.0.0.3.0/configuration/kms-properties.xml | 166 ++
.../1.0.0.3.0/configuration/kms-site.xml | 133 ++
.../configuration/ranger-kms-audit.xml | 118 ++
.../configuration/ranger-kms-policymgr-ssl.xml | 68 +
.../configuration/ranger-kms-security.xml | 64 +
.../1.0.0.3.0/configuration/ranger-kms-site.xml | 110 +
.../RANGER_KMS/1.0.0.3.0/kerberos.json | 84 +
.../RANGER_KMS/1.0.0.3.0/metainfo.xml | 111 ++
.../RANGER_KMS/1.0.0.3.0/package/scripts/kms.py | 675 +++++++
.../1.0.0.3.0/package/scripts/kms_server.py | 117 ++
.../1.0.0.3.0/package/scripts/kms_service.py | 58 +
.../1.0.0.3.0/package/scripts/params.py | 331 ++++
.../1.0.0.3.0/package/scripts/service_check.py | 41 +
.../1.0.0.3.0/package/scripts/status_params.py | 36 +
.../1.0.0.3.0/package/scripts/upgrade.py | 30 +
.../templates/input.config-ranger-kms.json.j2 | 48 +
.../1.0.0.3.0/role_command_order.json | 7 +
.../RANGER_KMS/1.0.0.3.0/service_advisor.py | 358 ++++
.../1.0.0.3.0/themes/theme_version_1.json | 409 ++++
.../stacks/HDP/3.0/services/RANGER/metainfo.xml | 4 +-
.../HDP/3.0/services/RANGER_KMS/metainfo.xml | 4 +-
124 files changed, 13485 insertions(+), 14804 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/3dc51b0c/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/service_advisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/service_advisor.py b/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/service_advisor.py
index 356ad59..e135275 100644
--- a/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/service_advisor.py
+++ b/ambari-server/src/main/resources/common-services/HDFS/3.0.0.3.0/service_advisor.py
@@ -138,6 +138,7 @@ class HDFSServiceAdvisor(service_advisor.ServiceAdvisor):
# Due to the existing stack inheritance, make it clear where each calculation came from.
recommender = HDFSRecommender()
recommender.recommendConfigurationsFromHDP206(configurations, clusterData, services, hosts)
+ recommender.recommendConfigurationsFromHDP22(configurations, clusterData, services, hosts)
recommender.recommendConfigurationsFromHDP23(configurations, clusterData, services, hosts)
recommender.recommendConfigurationsFromHDP26(configurations, clusterData, services, hosts)
@@ -253,6 +254,58 @@ class HDFSRecommender(service_advisor.ServiceAdvisor):
# recommendations for "hadoop.proxyuser.*.hosts", "hadoop.proxyuser.*.groups" properties in core-site
self.recommendHadoopProxyUsers(configurations, services, hosts)
+ def recommendConfigurationsFromHDP22(self, configurations, clusterData, services, hosts):
+ """
+ Recommend configurations for this service based on HDP 2.2
+ """
+ putHdfsSiteProperty = self.putProperty(configurations, "hdfs-site", services)
+ putCoreSiteProperty = self.putProperty(configurations, "core-site", services)
+ servicesList = [service["StackServices"]["service_name"] for service in services["services"]]
+
+ keyserverHostsString = None
+ keyserverPortString = None
+ if "hadoop-env" in services["configurations"] and "keyserver_host" in services["configurations"]["hadoop-env"]["properties"] and "keyserver_port" in services["configurations"]["hadoop-env"]["properties"]:
+ keyserverHostsString = services["configurations"]["hadoop-env"]["properties"]["keyserver_host"]
+ keyserverPortString = services["configurations"]["hadoop-env"]["properties"]["keyserver_port"]
+
+ # Irrespective of what hadoop-env has, if Ranger-KMS is installed, we use its values.
+ rangerKMSServerHosts = self.getHostsWithComponent("RANGER_KMS", "RANGER_KMS_SERVER", services, hosts)
+ if rangerKMSServerHosts is not None and len(rangerKMSServerHosts) > 0:
+ rangerKMSServerHostsArray = []
+ for rangeKMSServerHost in rangerKMSServerHosts:
+ rangerKMSServerHostsArray.append(rangeKMSServerHost["Hosts"]["host_name"])
+ keyserverHostsString = ";".join(rangerKMSServerHostsArray)
+ if "kms-env" in services["configurations"] and "kms_port" in services["configurations"]["kms-env"]["properties"]:
+ keyserverPortString = services["configurations"]["kms-env"]["properties"]["kms_port"]
+
+ if keyserverHostsString is not None and len(keyserverHostsString.strip()) > 0:
+ urlScheme = "http"
+ if "ranger-kms-site" in services["configurations"] and \
+ "ranger.service.https.attrib.ssl.enabled" in services["configurations"]["ranger-kms-site"]["properties"] and \
+ services["configurations"]["ranger-kms-site"]["properties"]["ranger.service.https.attrib.ssl.enabled"].lower() == "true":
+ urlScheme = "https"
+
+ if keyserverPortString is None or len(keyserverPortString.strip()) < 1:
+ keyserverPortString = ":9292"
+ else:
+ keyserverPortString = ":" + keyserverPortString.strip()
+
+ kmsPath = "kms://" + urlScheme + "@" + keyserverHostsString.strip() + keyserverPortString + "/kms"
+ putCoreSiteProperty("hadoop.security.key.provider.path", kmsPath)
+ putHdfsSiteProperty("dfs.encryption.key.provider.uri", kmsPath)
+
+ putHdfsSitePropertyAttribute = self.putPropertyAttribute(configurations, "hdfs-site")
+ putCoreSitePropertyAttribute = self.putPropertyAttribute(configurations, "core-site")
+ if not "RANGER_KMS" in servicesList:
+ putCoreSitePropertyAttribute('hadoop.security.key.provider.path','delete','true')
+ putHdfsSitePropertyAttribute('dfs.encryption.key.provider.uri','delete','true')
+
+ if "ranger-env" in services["configurations"] and "ranger-hdfs-plugin-properties" in services["configurations"] and \
+ "ranger-hdfs-plugin-enabled" in services["configurations"]["ranger-env"]["properties"]:
+ putHdfsRangerPluginProperty = self.putProperty(configurations, "ranger-hdfs-plugin-properties", services)
+ rangerEnvHdfsPluginProperty = services["configurations"]["ranger-env"]["properties"]["ranger-hdfs-plugin-enabled"]
+ putHdfsRangerPluginProperty("ranger-hdfs-plugin-enabled", rangerEnvHdfsPluginProperty)
+
def recommendConfigurationsFromHDP23(self, configurations, clusterData, services, hosts):
"""
Recommend configurations for this service based on HDP 2.3.
http://git-wip-us.apache.org/repos/asf/ambari/blob/3dc51b0c/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/alerts.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/alerts.json b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/alerts.json
deleted file mode 100644
index ab473a8..0000000
--- a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/alerts.json
+++ /dev/null
@@ -1,76 +0,0 @@
-{
- "RANGER": {
- "service": [],
- "RANGER_ADMIN": [
- {
- "name": "ranger_admin_process",
- "label": "Ranger Admin Process",
- "description": "This host-level alert is triggered if the Ranger Admin Web UI is unreachable.",
- "interval": 1,
- "scope": "ANY",
- "source": {
- "type": "WEB",
- "uri": {
- "http": "{{admin-properties/policymgr_external_url}}/login.jsp",
- "https": "{{admin-properties/policymgr_external_url}}/login.jsp",
- "kerberos_keytab": "{{cluster-env/smokeuser_keytab}}",
- "kerberos_principal": "{{cluster-env/smokeuser_principal_name}}",
- "https_property": "{{ranger-admin-site/ranger.service.https.attrib.ssl.enabled}}",
- "https_property_value": "true",
- "connection_timeout": 5.0
- },
- "reporting": {
- "ok": {
- "text": "HTTP {0} response in {2:.3f}s"
- },
- "warning": {
- "text": "HTTP {0} response from {1} in {2:.3f}s ({3})"
- },
- "critical": {
- "text": "Connection failed to {1} ({3})"
- }
- }
- }
- },
- {
- "name": "ranger_admin_password_check",
- "label": "Ranger Admin password check",
- "description": "This alert is used to ensure that the Ranger Admin password in Ambari is correct.",
- "interval": 30,
- "scope": "ANY",
- "source": {
- "type": "SCRIPT",
- "path": "RANGER/0.4.0/package/alerts/alert_ranger_admin_passwd_check.py",
- "parameters": []
- }
- }
- ],
- "RANGER_USERSYNC": [
- {
- "name": "ranger_usersync_process",
- "label": "Ranger Usersync Process",
- "description": "This host-level alert is triggered if the Ranger Usersync cannot be determined to be up.",
- "interval": 1,
- "scope": "HOST",
- "source": {
- "type": "PORT",
- "uri": "{{ranger-ugsync-site/ranger.usersync.port}}",
- "default_port": 5151,
- "reporting": {
- "ok": {
- "text": "TCP OK - {0:.3f}s response on port {1}"
- },
- "warning": {
- "text": "TCP OK - {0:.3f}s response on port {1}",
- "value": 1.5
- },
- "critical": {
- "text": "Connection failed: {0} to {1}:{2}",
- "value": 5.0
- }
- }
- }
- }
- ]
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/3dc51b0c/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-log4j.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-log4j.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-log4j.xml
deleted file mode 100644
index fbbfac7..0000000
--- a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-log4j.xml
+++ /dev/null
@@ -1,132 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
--->
-<configuration supports_adding_forbidden="false">
- <property>
- <name>ranger_xa_log_maxfilesize</name>
- <value>256</value>
- <description>The maximum size of backup file before the log is rotated</description>
- <display-name>Ranger Log: backup file size</display-name>
- <value-attributes>
- <unit>MB</unit>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger_xa_log_maxbackupindex</name>
- <value>20</value>
- <description>The number of backup files</description>
- <display-name>Ranger Log: # of backup files</display-name>
- <value-attributes>
- <type>int</type>
- <minimum>0</minimum>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>content</name>
- <display-name>admin-log4j template</display-name>
- <description>admin-log4j.properties</description>
- <value>
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-
-log4j.rootLogger = warn,xa_log_appender
-
-
-# xa_logger
-log4j.appender.xa_log_appender=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.xa_log_appender.file=${logdir}/xa_portal.log
-log4j.appender.xa_log_appender.datePattern='.'yyyy-MM-dd
-log4j.appender.xa_log_appender.append=true
-log4j.appender.xa_log_appender.layout=org.apache.log4j.PatternLayout
-log4j.appender.xa_log_appender.layout.ConversionPattern=%d [%t] %-5p %C{6} (%F:%L) - %m%n
-log4j.appender.xa_log_appender.MaxFileSize={{ranger_xa_log_maxfilesize}}MB
-log4j.appender.xa_log_appender.MaxBackupIndex={{ranger_xa_log_maxbackupindex}}
-
-# xa_log_appender : category and additivity
-log4j.category.org.springframework=warn,xa_log_appender
-log4j.additivity.org.springframework=false
-
-log4j.category.org.apache.ranger=info,xa_log_appender
-log4j.additivity.org.apache.ranger=false
-
-log4j.category.xa=info,xa_log_appender
-log4j.additivity.xa=false
-
-# perf_logger
-log4j.appender.perf_appender=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.perf_appender.file=${logdir}/ranger_admin_perf.log
-log4j.appender.perf_appender.datePattern='.'yyyy-MM-dd
-log4j.appender.perf_appender.append=true
-log4j.appender.perf_appender.layout=org.apache.log4j.PatternLayout
-log4j.appender.perf_appender.layout.ConversionPattern=%d [%t] %m%n
-
-
-# sql_appender
-log4j.appender.sql_appender=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.sql_appender.file=${logdir}/xa_portal_sql.log
-log4j.appender.sql_appender.datePattern='.'yyyy-MM-dd
-log4j.appender.sql_appender.append=true
-log4j.appender.sql_appender.layout=org.apache.log4j.PatternLayout
-log4j.appender.sql_appender.layout.ConversionPattern=%d [%t] %-5p %C{6} (%F:%L) - %m%n
-
-# sql_appender : category and additivity
-log4j.category.org.hibernate.SQL=warn,sql_appender
-log4j.additivity.org.hibernate.SQL=false
-
-log4j.category.jdbc.sqlonly=fatal,sql_appender
-log4j.additivity.jdbc.sqlonly=false
-
-log4j.category.jdbc.sqltiming=warn,sql_appender
-log4j.additivity.jdbc.sqltiming=false
-
-log4j.category.jdbc.audit=fatal,sql_appender
-log4j.additivity.jdbc.audit=false
-
-log4j.category.jdbc.resultset=fatal,sql_appender
-log4j.additivity.jdbc.resultset=false
-
-log4j.category.jdbc.connection=fatal,sql_appender
-log4j.additivity.jdbc.connection=false
- </value>
- <value-attributes>
- <type>content</type>
- <show-property-name>false</show-property-name>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/3dc51b0c/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-properties.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-properties.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-properties.xml
deleted file mode 100644
index 1d73087..0000000
--- a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/admin-properties.xml
+++ /dev/null
@@ -1,163 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
-<!--
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
--->
-<configuration supports_final="false">
-
-
- <property>
- <name>SQL_CONNECTOR_JAR</name>
- <value>{{driver_curl_target}}</value>
- <display-name>Location of Sql Connector Jar</display-name>
- <description>Location of DB client library (please check the location of the jar file)</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <depends-on>
- <property>
- <type>admin-properties</type>
- <name>DB_FLAVOR</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="false" update="false"/>
- </property>
- <property>
- <name>db_root_user</name>
- <value>root</value>
- <display-name>Database Administrator (DBA) username</display-name>
- <description>Database admin user. This user should have DBA permission to create the Ranger Database and Ranger Database User</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property require-input="true">
- <name>db_root_password</name>
- <value/>
- <property-type>PASSWORD</property-type>
- <display-name>Database Administrator (DBA) password</display-name>
- <description>Database password for the database admin username</description>
- <value-attributes>
- <type>password</type>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>db_host</name>
- <value/>
- <display-name>Ranger DB host</display-name>
- <description>Database host</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>db_name</name>
- <value>ranger</value>
- <display-name>Ranger DB name</display-name>
- <description>Database name</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>db_user</name>
- <value>rangeradmin</value>
- <display-name>Ranger DB username</display-name>
- <description>Database username used for the Ranger schema</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property require-input="true">
- <name>db_password</name>
- <value/>
- <property-type>PASSWORD</property-type>
- <display-name>Ranger DB password</display-name>
- <description>Database password for the Ranger schema</description>
- <value-attributes>
- <type>password</type>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>DB_FLAVOR</name>
- <value>MYSQL</value>
- <display-name>DB FLAVOR</display-name>
- <description>The database type to be used (mysql/oracle)</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>MYSQL</value>
- <label>MYSQL</label>
- </entry>
- <entry>
- <value>ORACLE</value>
- <label>ORACLE</label>
- </entry>
- <entry>
- <value>POSTGRES</value>
- <label>POSTGRES</label>
- </entry>
- <entry>
- <value>MSSQL</value>
- <label>MSSQL</label>
- </entry>
- <entry>
- <value>SQLA</value>
- <label>SQL Anywhere</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>policymgr_external_url</name>
- <value/>
- <display-name>External URL</display-name>
- <description>Policy Manager external url eg: http://RANGER_HOST:6080</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <depends-on>
- <property>
- <type>ranger-admin-site</type>
- <name>ranger.service.http.enabled</name>
- </property>
- <property>
- <type>ranger-admin-site</type>
- <name>ranger.service.http.port</name>
- </property>
- <property>
- <type>ranger-admin-site</type>
- <name>ranger.service.https.port</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="false"/>
- </property>
-</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/3dc51b0c/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/atlas-tagsync-ssl.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/atlas-tagsync-ssl.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/atlas-tagsync-ssl.xml
deleted file mode 100644
index d43c010..0000000
--- a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/atlas-tagsync-ssl.xml
+++ /dev/null
@@ -1,72 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
--->
-<configuration>
- <property>
- <name>xasecure.policymgr.clientssl.keystore</name>
- <value>/etc/security/serverKeys/atlas-tagsync-keystore.jks</value>
- <description>Java Keystore files</description>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>xasecure.policymgr.clientssl.keystore.password</name>
- <value>myKeyFilePassword</value>
- <property-type>PASSWORD</property-type>
- <description>password for keystore</description>
- <value-attributes>
- <type>password</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>xasecure.policymgr.clientssl.truststore</name>
- <value>/etc/security/serverKeys/atlas-tagsync-mytruststore.jks</value>
- <description>java truststore file</description>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>xasecure.policymgr.clientssl.truststore.password</name>
- <value>changeit</value>
- <property-type>PASSWORD</property-type>
- <description>java truststore password</description>
- <value-attributes>
- <type>password</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>xasecure.policymgr.clientssl.keystore.credential.file</name>
- <value>jceks://file{{atlas_tagsync_credential_file}}</value>
- <description>java keystore credential file</description>
- <on-ambari-upgrade add="false" />
- </property>
-
- <property>
- <name>xasecure.policymgr.clientssl.truststore.credential.file</name>
- <value>jceks://file{{atlas_tagsync_credential_file}}</value>
- <description>java truststore credential file</description>
- <on-ambari-upgrade add="false" />
- </property>
-
-</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/3dc51b0c/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-admin-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-admin-site.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-admin-site.xml
deleted file mode 100644
index a9153f8..0000000
--- a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-admin-site.xml
+++ /dev/null
@@ -1,785 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-<configuration supports_final="true">
- <property>
- <name>ranger.service.host</name>
- <value>{{ranger_host}}</value>
- <description>Host where ranger service to be installed</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.service.http.enabled</name>
- <value>true</value>
- <display-name>HTTP enabled</display-name>
- <description>Enable HTTP</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>boolean</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.service.http.port</name>
- <value>6080</value>
- <description>HTTP port</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.service.https.port</name>
- <value>6182</value>
- <description>HTTPS port (if SSL is enabled)</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.service.https.attrib.ssl.enabled</name>
- <value>false</value>
- <description>true/false, set to true if using SSL</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.service.https.attrib.clientAuth</name>
- <value>want</value>
- <description>Needs to be set to want for two way SSL</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.service.https.attrib.keystore.keyalias</name>
- <value>rangeradmin</value>
- <description>Alias for Ranger Admin key in keystore</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.service.https.attrib.keystore.pass</name>
- <value>xasecure</value>
- <property-type>PASSWORD</property-type>
- <description>Password for keystore</description>
- <value-attributes>
- <type>password</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.https.attrib.keystore.file</name>
- <value>/etc/ranger/admin/conf/ranger-admin-keystore.jks</value>
- <description>Ranger admin keystore (specify full path)</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.externalurl</name>
- <value>{{ranger_external_url}}</value>
- <display-name>External URL</display-name>
- <description>URL to be used by clients to access ranger admin</description>
- <value-attributes>
- <visible>false</visible>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.jpa.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- <display-name>Driver class name for a JDBC Ranger database</display-name>
- <description>JDBC driver class name. Example: For MySQL / MariaDB: com.mysql.jdbc.Driver, For Oracle: oracle.jdbc.OracleDriver</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <depends-on>
- <property>
- <type>admin-properties</type>
- <name>DB_FLAVOR</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.jpa.jdbc.url</name>
- <value>jdbc:mysql://localhost</value>
- <display-name>JDBC connect string for a Ranger database</display-name>
- <description>JDBC connect string</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <depends-on>
- <property>
- <type>admin-properties</type>
- <name>DB_FLAVOR</name>
- </property>
- <property>
- <type>admin-properties</type>
- <name>db_host</name>
- </property>
- <property>
- <type>admin-properties</type>
- <name>db_name</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.jpa.jdbc.user</name>
- <value>{{ranger_db_user}}</value>
- <description>JDBC user</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.jpa.jdbc.password</name>
- <value>_</value>
- <property-type>PASSWORD</property-type>
- <description>JDBC password</description>
- <value-attributes>
- <type>password</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.jpa.jdbc.credential.alias</name>
- <value>rangeradmin</value>
- <description>Alias name for storing JDBC password</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.credential.provider.path</name>
- <value>/etc/ranger/admin/rangeradmin.jceks</value>
- <description>File for credential store, provide full file path</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.audit.source.type</name>
- <value>solr</value>
- <description>db or solr, based on the audit destination used</description>
- <depends-on>
- <property>
- <type>ranger-env</type>
- <name>xasecure.audit.destination.solr</name>
- </property>
- <property>
- <type>ranger-env</type>
- <name>xasecure.audit.destination.db</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.audit.solr.urls</name>
- <value/>
- <description>Solr url for audit. Example: http://solr_host:6083/solr/ranger_audits</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.authentication.method</name>
- <value>UNIX</value>
- <display-name>Authentication method</display-name>
- <description>Ranger admin Authentication - UNIX/PAM/LDAP/AD/NONE</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <depends-on>
- <property>
- <type>ranger-ugsync-site</type>
- <name>ranger.usersync.source.impl.class</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.url</name>
- <display-name>LDAP URL</display-name>
- <value>{{ranger_ug_ldap_url}}</value>
- <description>LDAP Server URL, only used if Authentication method is LDAP</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.user.dnpattern</name>
- <value>uid={0},ou=users,dc=xasecure,dc=net</value>
- <description>LDAP user DN, only used if Authentication method is LDAP</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.group.searchbase</name>
- <display-name>Group Search Base</display-name>
- <value>{{ranger_ug_ldap_group_searchbase}}</value>
- <description>LDAP group searchbase, only used if Authentication method is LDAP</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.group.searchfilter</name>
- <display-name>Group Search Filter</display-name>
- <value>{{ranger_ug_ldap_group_searchfilter}}</value>
- <description>LDAP group search filter, only used if Authentication method is LDAP</description>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>ranger.ldap.group.roleattribute</name>
- <value>cn</value>
- <description>LDAP group role attribute, only used if Authentication method is LDAP</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.base.dn</name>
- <value>dc=example,dc=com</value>
- <description>The Distinguished Name (DN) of the starting point for directory server searches.</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.bind.dn</name>
- <display-name>Bind User</display-name>
- <value>{{ranger_ug_ldap_bind_dn}}</value>
- <description>Full distinguished name (DN), including common name (CN), of an LDAP user account that has privileges to search for users. </description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.bind.password</name>
- <display-name>Bind User Password</display-name>
- <value>{{ranger_usersync_ldap_ldapbindpassword}}</value>
- <property-type>PASSWORD</property-type>
- <description>Password for the account that can search for users</description>
- <value-attributes>
- <type>password</type>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.referral</name>
- <value>ignore</value>
- <description>Set to follow if multiple LDAP servers are configured to return continuation references for results. Set to ignore (default) if no referrals should be followed. Possible values are follow|throw|ignore</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.ad.domain</name>
- <display-name>Domain Name (Only for AD)</display-name>
- <value/>
- <description>AD domain, only used if Authentication method is AD</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.ad.url</name>
- <value>{{ranger_ug_ldap_url}}</value>
- <description>AD URL, only used if Authentication method is AD</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.ad.base.dn</name>
- <value>dc=example,dc=com</value>
- <description>The Distinguished Name (DN) of the starting point for directory server searches.</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.ad.bind.dn</name>
- <value>{{ranger_ug_ldap_bind_dn}}</value>
- <description>Full distinguished name (DN), including common name (CN), of an LDAP user account that has privileges to search for users.</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.ad.bind.password</name>
- <value>{{ranger_usersync_ldap_ldapbindpassword}}</value>
- <property-type>PASSWORD</property-type>
- <description>Password for the account that can search for users</description>
- <value-attributes>
- <type>password</type>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>ranger.ldap.ad.referral</name>
- <value>ignore</value>
- <description>Set to follow if multiple LDAP servers are configured to return continuation references for results. Set to ignore (default) if no referrals should be followed. Possible values are follow|throw|ignore</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
-
-
-
-
- <property>
- <name>ranger.unixauth.remote.login.enabled</name>
- <value>true</value>
- <display-name>Allow remote Login</display-name>
- <description>Remote login enabled? - only used if Authentication method is UNIX</description>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- <type>value-list</type>
- <overridable>false</overridable>
- <entries>
- <entry>
- <value>true</value>
- <label>Yes</label>
- </entry>
- <entry>
- <value>false</value>
- <label>No</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.unixauth.service.hostname</name>
- <value>{{ugsync_host}}</value>
- <description>Host where unix authentication service is running - only used if Authentication method is UNIX</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.unixauth.service.port</name>
- <value>5151</value>
- <description>Port for unix authentication service - only used if Authentication method is UNIX</description>
- <value-attributes>
- <type>int</type>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.jpa.jdbc.dialect</name>
- <value>{{jdbc_dialect}}</value>
- <description>JDBC dialect used for policy DB</description>
- <on-ambari-upgrade add="false"/>
- </property>
-
-
- <property>
- <name>ranger.audit.solr.username</name>
- <value>ranger_solr</value>
- <description>Solr username</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.audit.solr.password</name>
- <value>NONE</value>
- <property-type>PASSWORD</property-type>
- <description>Solr password</description>
- <value-attributes>
- <type>password</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.sso.providerurl</name>
- <value/>
- <display-name>SSO provider url</display-name>
- <description>Example: https://KNOX_HOST:KNOX_PORT/gateway/TOPOLOGY_NAME/knoxsso/api/v1/websso</description>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <depends-on>
- <property>
- <type>gateway-site</type>
- <name>gateway.port</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.sso.publicKey</name>
- <value/>
- <display-name>SSO public key</display-name>
- <description>Public key for SSO cookie verification</description>
- <value-attributes>
- <type>multiLine</type>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>ranger.sso.enabled</name>
- <value>false</value>
- <display-name>Enable Ranger SSO</display-name>
- <description/>
- <value-attributes>
- <overridable>false</overridable>
- <type>boolean</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>ranger.sso.browser.useragent</name>
- <value>Mozilla,chrome</value>
- <display-name>SSO browser useragent</display-name>
- <description>Comma seperated browser agent</description>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.binddn.credential.alias</name>
- <value>ranger.ldap.bind.password</value>
- <description></description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.ldap.ad.binddn.credential.alias</name>
- <value>ranger.ldap.ad.bind.password</value>
- <description></description>
- <on-ambari-upgrade add="false"/>
- </property>
-
-
-
-
-
-
-
-
-
-
-
- <property>
- <name>ranger.admin.kerberos.token.valid.seconds</name>
- <value>30</value>
- <description/>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.admin.kerberos.cookie.domain</name>
- <value>{{ranger_host}}</value>
- <description/>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.admin.kerberos.cookie.path</name>
- <value>/</value>
- <description/>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.spnego.kerberos.principal</name>
- <value>*</value>
- <description/>
- <property-type>KERBEROS_PRINCIPAL</property-type>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.spnego.kerberos.keytab</name>
- <value/>
- <description/>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.admin.kerberos.principal</name>
- <value/>
- <description/>
- <property-type>KERBEROS_PRINCIPAL</property-type>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.admin.kerberos.keytab</name>
- <value/>
- <description/>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.lookup.kerberos.principal</name>
- <value/>
- <description/>
- <property-type>KERBEROS_PRINCIPAL</property-type>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.lookup.kerberos.keytab</name>
- <value/>
- <description/>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.truststore.file</name>
- <value>/etc/ranger/admin/conf/ranger-admin-keystore.jks</value>
- <display-name>ranger.truststore.file</display-name>
- <description>Ranger trust-store file-path</description>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.truststore.password</name>
- <value>changeit</value>
- <property-type>PASSWORD</property-type>
- <value-attributes>
- <type>password</type>
- </value-attributes>
- <display-name>ranger.truststore.password</display-name>
- <description>Ranger trust-store password</description>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.audit.solr.zookeepers</name>
- <value>NONE</value>
- <description>Solr Zookeeper string</description>
- <depends-on>
- <property>
- <type>infra-solr-env</type>
- <name>infra_solr_znode</name>
- </property>
- <property>
- <type>ranger-env</type>
- <name>is_solrCloud_enabled</name>
- </property>
- <property>
- <type>ranger-env</type>
- <name>is_external_solrCloud_enabled</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
-
-
-
- <property>
- <name>ranger.ldap.ad.user.searchfilter</name>
- <value>(sAMAccountName={0})</value>
- <description>Search filter used for Bind Authentication</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.ldap.user.searchfilter</name>
- <display-name>User Search Filter</display-name>
- <value>(uid={0})</value>
- <description>Search filter used for Bind Authentication</description>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.kms.service.user.hdfs</name>
- <value/>
- <description/>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <depends-on>
- <property>
- <type>hadoop-env</type>
- <name>hdfs_user</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
- <property>
- <name>ranger.kms.service.user.hive</name>
- <value/>
- <description/>
- <value-attributes>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <depends-on>
- <property>
- <type>hive-env</type>
- <name>hive_user</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
-
- <property>
- <name>ranger.plugins.hdfs.serviceuser</name>
- <value>hdfs</value>
- <depends-on>
- <property>
- <type>hadoop-env</type>
- <name>hdfs_user</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
-
- <property>
- <name>ranger.plugins.hive.serviceuser</name>
- <value>hive</value>
- <depends-on>
- <property>
- <type>hive-env</type>
- <name>hive_user</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
-
- <property>
- <name>ranger.plugins.hbase.serviceuser</name>
- <value>hbase</value>
- <depends-on>
- <property>
- <type>hbase-env</type>
- <name>hbase_user</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
-
- <property>
- <name>ranger.plugins.yarn.serviceuser</name>
- <value>yarn</value>
- <depends-on>
- <property>
- <type>yarn-env</type>
- <name>yarn_user</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
-
- <property>
- <name>ranger.plugins.knox.serviceuser</name>
- <value>knox</value>
- <depends-on>
- <property>
- <type>knox-env</type>
- <name>knox_user</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
-
- <property>
- <name>ranger.plugins.storm.serviceuser</name>
- <value>storm</value>
- <depends-on>
- <property>
- <type>storm-env</type>
- <name>storm_user</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
-
- <property>
- <name>ranger.plugins.kafka.serviceuser</name>
- <value>kafka</value>
- <depends-on>
- <property>
- <type>kafka-env</type>
- <name>kafka_user</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
-
- <property>
- <name>ranger.plugins.atlas.serviceuser</name>
- <value>atlas</value>
- <depends-on>
- <property>
- <type>atlas-env</type>
- <name>metadata_user</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
-
- <property>
- <name>ranger.plugins.kms.serviceuser</name>
- <value>kms</value>
- <depends-on>
- <property>
- <type>kms-env</type>
- <name>kms_user</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="true"/>
- </property>
-
- <property>
- <name>ranger.is.solr.kerberised</name>
- <value>{{ranger_is_solr_kerberised}}</value>
- <value-attributes>
- <visible>false</visible>
- </value-attributes>
- <description/>
- <on-ambari-upgrade add="true"/>
- </property>
-
-
-
- <property>
- <name>ranger.truststore.alias</name>
- <value>trustStoreAlias</value>
- <description></description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger.service.https.attrib.keystore.credential.alias</name>
- <value>keyStoreCredentialAlias</value>
- <description></description>
- <on-ambari-upgrade add="false"/>
- </property>
-</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/3dc51b0c/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-env.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-env.xml
deleted file mode 100644
index 3e25470..0000000
--- a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-env.xml
+++ /dev/null
@@ -1,513 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
--->
-<configuration supports_final="true" supports_adding_forbidden="true">
- <property>
- <name>ranger_user</name>
- <value>ranger</value>
- <property-type>USER</property-type>
- <display-name>Ranger User</display-name>
- <description>Ranger username</description>
- <value-attributes>
- <type>user</type>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger_group</name>
- <value>ranger</value>
- <property-type>GROUP</property-type>
- <display-name>Ranger Group</display-name>
- <description>Ranger group</description>
- <value-attributes>
- <type>user</type>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger_admin_log_dir</name>
- <value>/var/log/ranger/admin</value>
- <description/>
- <value-attributes>
- <type>directory</type>
- <overridable>false</overridable>
- <editable-only-at-install>true</editable-only-at-install>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger_usersync_log_dir</name>
- <value>/var/log/ranger/usersync</value>
- <description/>
- <value-attributes>
- <type>directory</type>
- <overridable>false</overridable>
- <editable-only-at-install>true</editable-only-at-install>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger_admin_username</name>
- <value>amb_ranger_admin</value>
- <property-type>TEXT</property-type>
- <display-name>Ranger Admin username for Ambari</display-name>
- <description>This is the ambari user created for creating repositories and policies in Ranger Admin for each plugin</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger_admin_password</name>
- <value/>
- <property-type>PASSWORD</property-type>
- <display-name>Ranger Admin user's password for Ambari</display-name>
- <description>This is the ambari user password created for creating repositories and policies in Ranger Admin for each plugin</description>
- <value-attributes>
- <type>password</type>
- <overridable>false</overridable>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>admin_username</name>
- <value>admin</value>
- <description>This is the username for default admin user that is used for creating ambari user in Ranger Admin</description>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>admin_password</name>
- <value>admin</value>
- <property-type>PASSWORD</property-type>
- <description>This is the password for default admin user that is used for creating ambari user in Ranger Admin</description>
- <value-attributes>
- <type>password</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
-
- <property>
- <name>ranger_pid_dir</name>
- <value>/var/run/ranger</value>
- <description/>
- <value-attributes>
- <type>directory</type>
- <overridable>false</overridable>
- <editable-only-at-install>true</editable-only-at-install>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger-hdfs-plugin-enabled</name>
- <value>No</value>
- <display-name>HDFS Ranger Plugin</display-name>
- <description>Enable HDFS Ranger plugin</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>Yes</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>No</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger-hive-plugin-enabled</name>
- <value>No</value>
- <display-name>Hive Ranger Plugin</display-name>
- <description>Enable Hive Ranger plugin</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>Yes</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>No</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger-hbase-plugin-enabled</name>
- <value>No</value>
- <display-name>Hbase Ranger Plugin</display-name>
- <description>Enable HBase Ranger plugin</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>Yes</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>No</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger-storm-plugin-enabled</name>
- <value>No</value>
- <display-name>Storm Ranger Plugin</display-name>
- <description>Enable Storm Ranger plugin</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>Yes</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>No</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger-knox-plugin-enabled</name>
- <value>No</value>
- <display-name>Knox Ranger Plugin</display-name>
- <description>Enable Knox Ranger plugin</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>Yes</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>No</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
-
- <property>
- <name>xml_configurations_supported</name>
- <value>true</value>
- <description/>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>create_db_dbuser</name>
- <value>true</value>
- <display-name>Setup Database and Database User</display-name>
- <description>If set to Yes, Ambari will create and setup Ranger Database and Database User. This will require to specify Database Admin user and password</description>
- <value-attributes>
- <type>value-list</type>
- <overridable>false</overridable>
- <entries>
- <entry>
- <value>true</value>
- <label>Yes</label>
- </entry>
- <entry>
- <value>false</value>
- <label>No</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>ranger_privelege_user_jdbc_url</name>
- <display-name>JDBC connect string for root user</display-name>
- <description>JDBC connect string - auto populated based on other values. This is to be used by root user</description>
- <value>jdbc:mysql://localhost</value>
- <value-attributes>
- <overridable>false</overridable>
- </value-attributes>
- <depends-on>
- <property>
- <type>admin-properties</type>
- <name>DB_FLAVOR</name>
- </property>
- <property>
- <type>admin-properties</type>
- <name>db_host</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger-yarn-plugin-enabled</name>
- <value>No</value>
- <display-name>YARN Ranger Plugin</display-name>
- <description>Enable YARN Ranger plugin</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>Yes</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>No</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger-kafka-plugin-enabled</name>
- <value>No</value>
- <display-name>Kafka Ranger Plugin</display-name>
- <description>Enable Kafka Ranger plugin</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>Yes</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>No</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>xasecure.audit.destination.solr</name>
- <value>true</value>
- <display-name>Audit to Solr</display-name>
- <description>Enable Audit to Solr for all ranger supported services. This property is overridable at service level</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>true</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>false</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>is_solrCloud_enabled</name>
- <display-name>SolrCloud</display-name>
- <description>SolrCloud uses zookeeper for distributed search and indexing</description>
- <value>false</value>
- <value-attributes>
- <type>value-list</type>
- <overridable>false</overridable>
- <entries>
- <entry>
- <value>true</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>false</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- <empty-value-valid>true</empty-value-valid>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>xasecure.audit.destination.hdfs</name>
- <value>true</value>
- <display-name>Audit to HDFS</display-name>
- <description>Enable Audit to HDFS for all ranger supported services. This property is overridable at service level</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>true</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>false</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>xasecure.audit.destination.hdfs.dir</name>
- <value>hdfs://localhost:8020</value>
- <display-name>Destination HDFS Directory</display-name>
- <description>HDFS folder to write audit to, make sure all service user has required permissions. This property is overridable at service level</description>
- <depends-on>
- <property>
- <type>core-site</type>
- <name>fs.defaultFS</name>
- </property>
- </depends-on>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger_solr_config_set</name>
- <value>ranger_audits</value>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger_solr_collection_name</name>
- <value>ranger_audits</value>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger_solr_shards</name>
- <value>1</value>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger_solr_replication_factor</name>
- <value>1</value>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger-atlas-plugin-enabled</name>
- <value>No</value>
- <display-name>Atlas Ranger Plugin</display-name>
- <description>Enable Atlas Ranger plugin</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>Yes</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>No</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>is_external_solrCloud_enabled</name>
- <display-name>External SolrCloud</display-name>
- <value>false</value>
- <description>Using Externally managed solr cloud ?</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>true</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>false</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>is_external_solrCloud_kerberos</name>
- <display-name>External SolrCloud kerberos</display-name>
- <value>false</value>
- <description>Is Externally managed solr cloud kerberos ?</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>true</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>false</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>ranger-nifi-plugin-enabled</name>
- <value>No</value>
- <display-name>NIFI Ranger Plugin</display-name>
- <description>Enable NIFI Ranger plugin</description>
- <value-attributes>
- <overridable>false</overridable>
- <type>value-list</type>
- <entries>
- <entry>
- <value>Yes</value>
- <label>ON</label>
- </entry>
- <entry>
- <value>No</value>
- <label>OFF</label>
- </entry>
- </entries>
- <selection-cardinality>1</selection-cardinality>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/3dc51b0c/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-site.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-site.xml
deleted file mode 100644
index c70e222..0000000
--- a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-site.xml
+++ /dev/null
@@ -1,30 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
-<!--
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
--->
-<configuration supports_final="false">
-
-
-
-
-
-
-
-</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/3dc51b0c/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-solr-configuration.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-solr-configuration.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-solr-configuration.xml
deleted file mode 100644
index 550ce0d..0000000
--- a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-solr-configuration.xml
+++ /dev/null
@@ -1,59 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
-<!--
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
--->
-<configuration>
- <property>
- <name>ranger_audit_max_retention_days</name>
- <display-name>Max Retention Days</display-name>
- <description>Days to retain audit logs in Solr</description>
- <value>90</value>
- <value-attributes>
- <type>int</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>ranger_audit_logs_merge_factor</name>
- <display-name>Merge Factor</display-name>
- <description>
- The mergeFactor value tells Lucene how many segments of equal size to build before merging them into a
- single segment. High value merge factor (e.g. 25) improves indexing speed, but slows down searching. Low value
- (e.g. 5) improves searching, but slows down indexing.
- </description>
- <value>5</value>
- <value-attributes>
- <type>int</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
- <property>
- <name>content</name>
- <display-name>solr-config template</display-name>
- <description>the jinja template for solrconfig.xml file used for ranger audit logs</description>
- <value/>
- <property-type>VALUE_FROM_PROPERTY_FILE</property-type>
- <value-attributes>
- <property-file-name>ranger-solrconfig.xml.j2</property-file-name>
- <property-file-type>xml</property-file-type>
- </value-attributes>
- <on-ambari-upgrade add="false" />
- </property>
-</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/3dc51b0c/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-policymgr-ssl.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-policymgr-ssl.xml b/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-policymgr-ssl.xml
deleted file mode 100644
index a4c9441..0000000
--- a/ambari-server/src/main/resources/common-services/RANGER/0.7.0.3.0/configuration/ranger-tagsync-policymgr-ssl.xml
+++ /dev/null
@@ -1,72 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
--->
-<configuration>
- <property>
- <name>xasecure.policymgr.clientssl.keystore</name>
- <value>/etc/security/serverKeys/ranger-tagsync-keystore.jks</value>
- <description>Java Keystore files</description>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>xasecure.policymgr.clientssl.keystore.password</name>
- <value>myKeyFilePassword</value>
- <property-type>PASSWORD</property-type>
- <description>password for keystore</description>
- <value-attributes>
- <type>password</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>xasecure.policymgr.clientssl.truststore</name>
- <value>/etc/security/serverKeys/ranger-tagsync-mytruststore.jks</value>
- <description>java truststore file</description>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>xasecure.policymgr.clientssl.truststore.password</name>
- <value>changeit</value>
- <property-type>PASSWORD</property-type>
- <description>java truststore password</description>
- <value-attributes>
- <type>password</type>
- </value-attributes>
- <on-ambari-upgrade add="false"/>
- </property>
-
- <property>
- <name>xasecure.policymgr.clientssl.keystore.credential.file</name>
- <value>jceks://file{{ranger_tagsync_credential_file}}</value>
- <description>java keystore credential file</description>
- <on-ambari-upgrade add="false" />
- </property>
-
- <property>
- <name>xasecure.policymgr.clientssl.truststore.credential.file</name>
- <value>jceks://file{{ranger_tagsync_credential_file}}</value>
- <description>java truststore credential file</description>
- <on-ambari-upgrade add="false" />
- </property>
-
-</configuration>