You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by sw...@apache.org on 2014/09/30 23:40:59 UTC
[3/3] git commit: AMBARI-7570. Add Storm Kerberos Support.
AMBARI-7570. Add Storm Kerberos Support.
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/73c169e3
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/73c169e3
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/73c169e3
Branch: refs/heads/trunk
Commit: 73c169e32ed3e9c4e8d73dcb7b88dac3fb0bd98e
Parents: 1acb739
Author: Siddharth Wagle <sw...@hortonworks.com>
Authored: Tue Sep 30 14:36:08 2014 -0700
Committer: Siddharth Wagle <sw...@hortonworks.com>
Committed: Tue Sep 30 14:36:08 2014 -0700
----------------------------------------------------------------------
.../services/STORM/package/scripts/params.py | 17 +-
.../2.1/services/STORM/package/scripts/storm.py | 19 +-
.../STORM/package/scripts/supervisor.py | 1 -
.../STORM/package/scripts/yaml_config.py | 72 ----
.../STORM/package/scripts/yaml_utils.py | 49 +++
.../STORM/package/templates/storm.yaml.j2 | 60 +++
.../STORM/package/templates/storm_jaas.conf.j2 | 22 +-
.../services/STORM/configuration/storm-site.xml | 83 +++++
.../services/STORM/configuration/storm-site.xml | 38 +-
.../python/stacks/2.1/STORM/test_storm_base.py | 119 ++++++
.../stacks/2.1/STORM/test_storm_drpc_server.py | 90 +----
.../2.1/STORM/test_storm_jaas_configuration.py | 77 ++++
.../stacks/2.1/STORM/test_storm_nimbus.py | 105 +-----
.../stacks/2.1/STORM/test_storm_nimbus_prod.py | 89 +----
.../2.1/STORM/test_storm_rest_api_service.py | 87 +----
.../stacks/2.1/STORM/test_storm_supervisor.py | 42 ++-
.../2.1/STORM/test_storm_supervisor_prod.py | 86 +----
.../stacks/2.1/STORM/test_storm_ui_server.py | 93 +----
.../stacks/2.1/configs/default-storm-start.json | 356 ++++++++++++++++++
.../stacks/2.1/configs/secured-storm-start.json | 373 +++++++++++++++++++
ambari-web/app/app.js | 7 +-
.../main/admin/security/add/step2.js | 37 +-
.../main/admin/security/add/step3.js | 156 ++++----
ambari-web/app/data/HDP2.2/site_properties.js | 29 ++
ambari-web/app/data/HDP2/secure_configs.js | 16 +-
ambari-web/app/data/HDP2/secure_properties.js | 207 +++++++---
.../app/mixins/wizard/addSecurityConfigs.js | 35 +-
ambari-web/app/utils/config.js | 6 +-
28 files changed, 1609 insertions(+), 762 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py
index a5750fb..151529b 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py
+++ b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py
@@ -42,7 +42,6 @@ conf_dir = "/etc/storm/conf"
local_dir = config['configurations']['storm-site']['storm.local.dir']
user_group = config['configurations']['cluster-env']['user_group']
java64_home = config['hostLevelParams']['java_home']
-nimbus_host = config['configurations']['storm-site']['nimbus.host']
nimbus_port = config['configurations']['storm-site']['nimbus.thrift.port']
nimbus_host = config['configurations']['storm-site']['nimbus.host']
rest_api_port = "8745"
@@ -58,11 +57,25 @@ if 'ganglia_server_host' in config['clusterHostInfo'] and \
else:
ganglia_installed = False
+is_compatible_to_2_2_stack = str(config['hostLevelParams']['stack_version']).startswith('2.2')
+
security_enabled = config['configurations']['cluster-env']['security_enabled']
if security_enabled:
_hostname_lowercase = config['hostname'].lower()
- _kerberos_domain = config['configurations']['cluster-env']['kerberos_domain']
+ kerberos_domain = config['configurations']['cluster-env']['kerberos_domain']
_storm_principal_name = config['configurations']['storm-env']['storm_principal_name']
storm_jaas_principal = _storm_principal_name.replace('_HOST',_hostname_lowercase)
storm_keytab_path = config['configurations']['storm-env']['storm_keytab']
+
+ if is_compatible_to_2_2_stack:
+ storm_ui_keytab_path = config['configurations']['storm-env']['strom_ui_keytab']
+ _storm_ui_jaas_principal_name = config['configurations']['storm-env']['strom_ui_principal_name']
+ storm_ui_host = default("/clusterHostInfo/storm_ui_server_hosts", [])
+ storm_ui_jaas_principal = _storm_ui_jaas_principal_name.replace('_HOST',storm_ui_host[0].lower())
+
+
+ _nimbus_principal_name = config['configurations']['storm-env']['nimbus_principal_name']
+ nimbus_jaas_principal = _nimbus_principal_name.replace('_HOST',nimbus_host.lower())
+ nimbus_bare_jaas_principal = _nimbus_principal_name.replace('/_HOST','').replace('@'+kerberos_domain,'')
+ nimbus_keytab_path = config['configurations']['storm-env']['nimbus_keytab']
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/storm.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/storm.py b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/storm.py
index 5fe2cf4..8b0c094 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/storm.py
+++ b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/storm.py
@@ -19,10 +19,9 @@ limitations under the License.
"""
from resource_management import *
-from yaml_config import yaml_config
+from yaml_utils import escape_yaml_propetry
import sys
-
def storm():
import params
@@ -38,11 +37,15 @@ def storm():
group=params.user_group
)
- yaml_config("storm.yaml",
- conf_dir=params.conf_dir,
- configurations=params.config['configurations']['storm-site'],
- owner=params.storm_user,
- group=params.user_group
+ configurations = params.config['configurations']['storm-site']
+
+ File(format("{conf_dir}/storm.yaml"),
+ content=Template(
+ "storm.yaml.j2",
+ extra_imports=[escape_yaml_propetry],
+ configurations = configurations),
+ owner=params.storm_user,
+ group=params.user_group
)
File(format("{conf_dir}/storm-env.sh"),
@@ -53,4 +56,4 @@ def storm():
if params.security_enabled:
TemplateConfig(format("{conf_dir}/storm_jaas.conf"),
owner=params.storm_user
- )
+ )
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/supervisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/supervisor.py b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/supervisor.py
index d519e27..1ebe187 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/supervisor.py
+++ b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/supervisor.py
@@ -20,7 +20,6 @@ limitations under the License.
import sys
from resource_management import *
-from yaml_config import yaml_config
from storm import storm
from service import service
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/yaml_config.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/yaml_config.py b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/yaml_config.py
deleted file mode 100644
index d25089c..0000000
--- a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/yaml_config.py
+++ /dev/null
@@ -1,72 +0,0 @@
-#!/usr/bin/env python
-"""
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
-"""
-
-import re
-from resource_management import *
-
-def escape_yaml_propetry(value):
- unquouted = False
- unquouted_values = ["null","Null","NULL","true","True","TRUE","false","False","FALSE","YES","Yes","yes","NO","No","no","ON","On","on","OFF","Off","off"]
-
- if value in unquouted_values:
- unquouted = True
-
- # if is list [a,b,c]
- if re.match('^\w*\[.+\]\w*$', value):
- unquouted = True
-
- try:
- int(value)
- unquouted = True
- except ValueError:
- pass
-
- try:
- float(value)
- unquouted = True
- except ValueError:
- pass
-
- if not unquouted:
- value = value.replace("'","''")
- value = "'"+value+"'"
-
- return value
-
-def yaml_inline_template(configurations):
- return source.InlineTemplate('''{% for key, value in configurations_dict.items() %}{{ key }}: {{ escape_yaml_propetry(value) }}
-{% endfor %}''', configurations_dict=configurations, extra_imports=[escape_yaml_propetry])
-
-def yaml_config(
- filename,
- configurations = None,
- conf_dir = None,
- mode = None,
- owner = None,
- group = None
-):
- config_content = yaml_inline_template(configurations)
-
- File (format("{conf_dir}/{filename}"),
- content = config_content,
- owner = owner,
- group = group,
- mode = mode
- )
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/yaml_utils.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/yaml_utils.py b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/yaml_utils.py
new file mode 100644
index 0000000..8187666
--- /dev/null
+++ b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/yaml_utils.py
@@ -0,0 +1,49 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+
+import re
+
+def escape_yaml_propetry(value):
+ unquouted = False
+ unquouted_values = ["null","Null","NULL","true","True","TRUE","false","False","FALSE","YES","Yes","yes","NO","No","no","ON","On","on","OFF","Off","off"]
+ if value in unquouted_values:
+ unquouted = True
+
+ # if is list [a,b,c]
+ if re.match('^\w*\[.+\]\w*$', value):
+ unquouted = True
+
+ try:
+ int(value)
+ unquouted = True
+ except ValueError:
+ pass
+
+ try:
+ float(value)
+ unquouted = True
+ except ValueError:
+ pass
+
+ if not unquouted:
+ value = value.replace("'","''")
+ value = "'"+value+"'"
+
+ return value
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/templates/storm.yaml.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/templates/storm.yaml.j2 b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/templates/storm.yaml.j2
new file mode 100644
index 0000000..8491457
--- /dev/null
+++ b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/templates/storm.yaml.j2
@@ -0,0 +1,60 @@
+{#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#}
+{% macro replace_jaas_placeholder(name) -%}
+{% if name.find('_JAAS_PLACEHOLDER') > -1 -%}
+ {%- if security_enabled -%}
+ {{ name.replace('_JAAS_PLACEHOLDER', '-Djava.security.auth.login.config=' +conf_dir + '/storm_jaas.conf') }}
+ {%- else -%}
+ {{ name.replace('_JAAS_PLACEHOLDER', '') }}
+ {%- endif -%}
+{%- else -%}
+ {{name}}
+{%- endif -%}
+{%- endmacro %}
+
+{% for key, value in configurations|dictsort if not key.startswith('_') %}
+{{key}} : {{ escape_yaml_propetry(replace_jaas_placeholder(value)) }}
+{% endfor %}
+
+{% if is_compatible_to_2_2_stack %}
+storm.thrift.transport : "{% if security_enabled %}{{configurations['_storm.thrift.secure.transport']}}{% else %}{{configurations['_storm.thrift.nonsecure.transport']}}{% endif %}"
+{% endif %}
+
+{% if security_enabled and is_compatible_to_2_2_stack %}
+#
+# Kerberos security section. For the reference please use: https://github.com/hortonworks/storm/blob/champlain/SECURITY.md for details
+#
+
+storm.principal.tolocal: "backtype.storm.security.auth.KerberosPrincipalToLocal"
+storm.zookeeper.superACL: "sasl:{{storm_user}}"
+java.security.auth.login.config: "{{conf_dir}}/storm_jaas.conf"
+nimbus.admins:
+ - "{{storm_user}}"
+nimbus.supervisor.users:
+ - "{{storm_user}}"
+nimbus.authorizer: "backtype.storm.security.auth.authorizer.SimpleACLAuthorizer"
+drpc.authorizer: "backtype.storm.security.auth.authorizer.DRPCSimpleACLAuthorizer"
+
+ui.filter: "org.apache.hadoop.security.authentication.server.AuthenticationFilter"
+ui.filter.params:
+ "type": "kerberos"
+ "kerberos.principal": "{{storm_ui_jaas_principal}}"
+ "kerberos.keytab": "{{storm_ui_keytab_path}}"
+ "kerberos.name.rules": "DEFAULT"
+supervisor.enable: true
+{% endif %}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/templates/storm_jaas.conf.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/templates/storm_jaas.conf.j2 b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/templates/storm_jaas.conf.j2
index fc19af1..f5e3ccf 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/templates/storm_jaas.conf.j2
+++ b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/templates/storm_jaas.conf.j2
@@ -15,7 +15,26 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#}
-
+{% if is_compatible_to_2_2_stack %}
+StormServer {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useKeyTab=true
+ keyTab="{{nimbus_keytab_path}}"
+ storeKey=true
+ useTicketCache=false
+ principal="{{nimbus_jaas_principal}}";
+};
+StormClient {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useKeyTab=true
+ keyTab="{{storm_keytab_path}}"
+ storeKey=true
+ useTicketCache=false
+ serviceName="{{nimbus_bare_jaas_principal}}"
+ debug=true
+ principal="{{storm_jaas_principal}}";
+};
+{% endif %}
Client {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
@@ -23,5 +42,6 @@ Client {
storeKey=true
useTicketCache=false
serviceName="zookeeper"
+ debug=true
principal="{{storm_jaas_principal}}";
};
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/main/resources/stacks/HDP/2.2.1/services/STORM/configuration/storm-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.1/services/STORM/configuration/storm-site.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.1/services/STORM/configuration/storm-site.xml
new file mode 100644
index 0000000..eefcde0
--- /dev/null
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2.1/services/STORM/configuration/storm-site.xml
@@ -0,0 +1,83 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+
+<configuration supports_final="true">
+
+ <property>
+ <name>storm.thrift.transport</name>
+ <deleted>true</deleted>
+ <description>This is calculated field that is based of security state and _storm.thrift.nonsecure.transport and _storm.thrift.secure.transport
+ </description>
+ </property>
+ <property>
+ <name>_storm.thrift.nonsecure.transport</name>
+ <value>backtype.storm.security.auth.SimpleTransportPlugin</value>
+ <description>The transport plug-in that used for non-secure mode for for Thrift client/server communication.</description>
+ </property>
+ <property>
+ <name>_storm.thrift.secure.transport</name>
+ <value>backtype.storm.security.auth.kerberos.KerberosSaslTransportPlugin</value>
+ <description>The transport plug-in that used for secure mode for Thrift client/server communication.</description>
+ </property>
+
+ <property>
+ <name>nimbus.childopts</name>
+ <value>-Xmx1024m _JAAS_PLACEHOLDER -javaagent:/usr/lib/storm/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=localhost,port=8649,wireformat31x=true,mode=multicast,config=/usr/lib/storm/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Nimbus_JVM</value>
+ <description>
+ This parameter is used by the storm-deploy project to configure the jvm options for the
+ nimbus daemon. _JAAS_PLACEHOLDER will be replaced by -Djava.security.auth.login.config=path/to/jaas.conf
+ when security is enabled and empty string otherwise
+ </description>
+ </property>
+
+ <property>
+ <name>worker.childopts</name>
+ <value>-Xmx768m _JAAS_PLACEHOLDER -javaagent:/usr/lib/storm/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=localhost,port=8650,wireformat31x=true,mode=multicast,config=/usr/lib/storm/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Worker_%ID%_JVM</value>
+ <description>The jvm opts provided to workers launched by this supervisor. All \"%ID%\" substrings are replaced with an identifier for this worker.</description>
+ </property>
+
+ <property>
+ <name>ui.childopts</name>
+ <value>-Xmx768m _JAAS_PLACEHOLDER</value>
+ <description>Childopts for Storm UI Java process.</description>
+ </property>
+
+ <property>
+ <name>supervisor.childopts</name>
+ <value>-Xmx256m _JAAS_PLACEHOLDER -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=56431 -javaagent:/usr/lib/storm/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=localhost,port=8650,wireformat31x=true,mode=multicast,config=/usr/lib/storm/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Supervisor_JVM</value>
+ <description>This parameter is used by the storm-deploy project to configure the jvm options for the supervisor daemon.</description>
+ </property>
+
+ <property>
+ <name>logviewer.childopts</name>
+ <value>-Xmx128m _JAAS_PLACEHOLDER</value>
+ <description>Childopts for log viewer java process.</description>
+ </property>
+
+ <property>
+ <name>drpc.childopts</name>
+ <value>-Xmx768m _JAAS_PLACEHOLDER</value>
+ <description>Childopts for Storm DRPC Java process.</description>
+ </property>
+
+
+</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/main/resources/stacks/HDP/2.2/services/STORM/configuration/storm-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/STORM/configuration/storm-site.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/STORM/configuration/storm-site.xml
index 1befb09..db49793 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/STORM/configuration/storm-site.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/STORM/configuration/storm-site.xml
@@ -23,6 +23,24 @@
<configuration supports_final="true">
<property>
+ <name>storm.thrift.transport</name>
+ <value>--</value>
+ <deleted>true</deleted>
+ <description>This is calculated field that is based of security state and _storm.thrift.nonsecure.transport and _storm.thrift.secure.transport
+ </description>
+ </property>
+ <property>
+ <name>_storm.thrift.nonsecure.transport</name>
+ <value>backtype.storm.security.auth.SimpleTransportPlugin</value>
+ <description>The transport plug-in that used for non-secure mode for for Thrift client/server communication.</description>
+ </property>
+ <property>
+ <name>_storm.thrift.secure.transport</name>
+ <value>backtype.storm.security.auth.kerberos.KerberosSaslTransportPlugin</value>
+ <description>The transport plug-in that used for secure mode for Thrift client/server communication.</description>
+ </property>
+
+ <property>
<name>java.library.path</name>
<value>/usr/local/lib:/opt/local/lib:/usr/lib:/usr/hdp/current/storm/lib</value>
<description>This value is passed to spawned JVMs (e.g., Nimbus, Supervisor, and Workers)
@@ -33,26 +51,38 @@
<property>
<name>nimbus.childopts</name>
- <value>-Xmx1024m -javaagent:/usr/hdp/current/storm/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=localhost,port=8649,wireformat31x=true,mode=multicast,config=/usr/hdp/current/storm/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Nimbus_JVM</value>
+ <value>-Xmx1024m _JAAS_PLACEHOLDER -javaagent:/usr/hdp/current/storm/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=localhost,port=8649,wireformat31x=true,mode=multicast,config=/usr/hdp/current/storm/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Nimbus_JVM</value>
<description>This parameter is used by the storm-deploy project to configure the jvm options for the nimbus daemon.</description>
</property>
<property>
<name>worker.childopts</name>
- <value>-Xmx768m -javaagent:/usr/hdp/current/storm/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=localhost,port=8650,wireformat31x=true,mode=multicast,config=/usr/hdp/current/storm/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Worker_%ID%_JVM</value>
+ <value>-Xmx768m _JAAS_PLACEHOLDER -javaagent:/usr/hdp/current/storm/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=localhost,port=8650,wireformat31x=true,mode=multicast,config=/usr/hdp/current/storm/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Worker_%ID%_JVM</value>
<description>The jvm opts provided to workers launched by this supervisor. All \"%ID%\" substrings are replaced with an identifier for this worker.</description>
</property>
<property>
<name>ui.childopts</name>
- <value>-Xmx768m</value>
+ <value>-Xmx768m _JAAS_PLACEHOLDER</value>
<description>Childopts for Storm UI Java process.</description>
</property>
<property>
<name>supervisor.childopts</name>
- <value>-Xmx256m -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=56431 -javaagent:/usr/hdp/current/storm/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=localhost,port=8650,wireformat31x=true,mode=multicast,config=/usr/hdp/current/storm/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Supervisor_JVM</value>
+ <value>-Xmx256m _JAAS_PLACEHOLDER -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=56431 -javaagent:/usr/hdp/current/storm/contrib/storm-jmxetric/lib/jmxetric-1.0.4.jar=host=localhost,port=8650,wireformat31x=true,mode=multicast,config=/usr/hdp/current/storm/contrib/storm-jmxetric/conf/jmxetric-conf.xml,process=Supervisor_JVM</value>
<description>This parameter is used by the storm-deploy project to configure the jvm options for the supervisor daemon.</description>
</property>
+
+ <property>
+ <name>logviewer.childopts</name>
+ <value>-Xmx128m _JAAS_PLACEHOLDER</value>
+ <description>Childopts for log viewer java process.</description>
+ </property>
+
+ <property>
+ <name>drpc.childopts</name>
+ <value>-Xmx768m _JAAS_PLACEHOLDER</value>
+ <description>Childopts for Storm DRPC Java process.</description>
+ </property>
</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_base.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_base.py b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_base.py
new file mode 100644
index 0000000..887c67e
--- /dev/null
+++ b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_base.py
@@ -0,0 +1,119 @@
+#!/usr/bin/env python
+
+'''
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+'''
+
+from mock.mock import MagicMock, call, patch
+from stacks.utils.RMFTestCase import *
+import resource_management.core.source
+import re
+
+
+class TestStormBase(RMFTestCase):
+ def assert_configure_default(self):
+ import params
+ self.assertResourceCalled('Directory', '/var/log/storm',
+ owner = 'storm',
+ group = 'hadoop',
+ recursive = True,
+ )
+ self.assertResourceCalled('Directory', '/var/run/storm',
+ owner = 'storm',
+ group = 'hadoop',
+ recursive = True,
+ )
+ self.assertResourceCalled('Directory', '/hadoop/storm',
+ owner = 'storm',
+ group = 'hadoop',
+ recursive = True,
+ )
+ self.assertResourceCalled('Directory', '/etc/storm/conf',
+ owner = 'storm',
+ group = 'hadoop',
+ recursive = True,
+ )
+ self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
+ owner = 'storm',
+ content = Template('config.yaml.j2'),
+ group = 'hadoop',
+ )
+
+ storm_yarn_content = self.call_storm_template_and_assert()
+
+ self.assertTrue(storm_yarn_content.find('_JAAS_PLACEHOLDER') == -1, 'Placeholder have to be substituted')
+
+ self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
+ owner = 'storm',
+ content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
+ )
+ return storm_yarn_content
+
+ def assert_configure_secured(self):
+ import params
+ self.assertResourceCalled('Directory', '/var/log/storm',
+ owner = 'storm',
+ group = 'hadoop',
+ recursive = True,
+ )
+ self.assertResourceCalled('Directory', '/var/run/storm',
+ owner = 'storm',
+ group = 'hadoop',
+ recursive = True,
+ )
+ self.assertResourceCalled('Directory', '/hadoop/storm',
+ owner = 'storm',
+ group = 'hadoop',
+ recursive = True,
+ )
+ self.assertResourceCalled('Directory', '/etc/storm/conf',
+ owner = 'storm',
+ group = 'hadoop',
+ recursive = True,
+ )
+ self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
+ owner = 'storm',
+ content = Template('config.yaml.j2'),
+ group = 'hadoop',
+ )
+ storm_yarn_content = self.call_storm_template_and_assert()
+
+ self.assertTrue(storm_yarn_content.find('_JAAS_PLACEHOLDER') == -1, 'Placeholder have to be substituted')
+
+ self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
+ owner = 'storm',
+ content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
+ )
+ self.assertResourceCalled('TemplateConfig', '/etc/storm/conf/storm_jaas.conf',
+ owner = 'storm',
+ )
+ return storm_yarn_content
+
+ def call_storm_template_and_assert(self):
+ import yaml_utils
+ storm_yarn_template = Template(
+ "storm.yaml.j2",
+ extra_imports=[yaml_utils.escape_yaml_propetry],
+ configurations = self.getConfig()['configurations']['storm-site'])
+ storm_yarn_content = storm_yarn_template.get_content()
+
+ self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
+ owner = 'storm',
+ content= storm_yarn_template,
+ group = 'hadoop'
+ )
+ return storm_yarn_content
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_drpc_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_drpc_server.py b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_drpc_server.py
index d8b028f..5d31bf0 100644
--- a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_drpc_server.py
+++ b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_drpc_server.py
@@ -21,8 +21,9 @@ limitations under the License.
from mock.mock import MagicMock, call, patch
from stacks.utils.RMFTestCase import *
import resource_management.core.source
+from test_storm_base import TestStormBase
-class TestStormDrpcServer(RMFTestCase):
+class TestStormDrpcServer(TestStormBase):
def test_configure_default(self):
self.executeScript("2.1/services/STORM/package/scripts/drpc_server.py",
@@ -76,7 +77,7 @@ class TestStormDrpcServer(RMFTestCase):
self.assertResourceCalled('Execute', 'rm -f /var/run/storm/drpc.pid')
self.assertNoMoreResources()
- def test_configure_default(self):
+ def test_configure_secured(self):
self.executeScript("2.1/services/STORM/package/scripts/drpc_server.py",
classname = "DrpcServer",
command = "configure",
@@ -126,88 +127,3 @@ class TestStormDrpcServer(RMFTestCase):
)
self.assertResourceCalled('Execute', 'rm -f /var/run/storm/drpc.pid')
self.assertNoMoreResources()
-
- def assert_configure_default(self):
-
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- owner = 'storm',
- content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content']),
- )
-
-
- def assert_configure_secured(self):
-
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- content=InlineTemplate(self.getConfig()['configurations']['storm-env']['content']),
- owner='storm',
- )
- self.assertResourceCalled('TemplateConfig', '/etc/storm/conf/storm_jaas.conf',
- owner='storm',
- )
-
- def get_yaml_inline_template(self, configurations):
- with self.env:
- from yaml_config import yaml_inline_template
- return yaml_inline_template(configurations)
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_jaas_configuration.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_jaas_configuration.py b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_jaas_configuration.py
new file mode 100644
index 0000000..ddca5bc
--- /dev/null
+++ b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_jaas_configuration.py
@@ -0,0 +1,77 @@
+#!/usr/bin/env python
+
+'''
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+'''
+
+from mock.mock import MagicMock, call, patch
+from stacks.utils.RMFTestCase import *
+import resource_management.core.source
+from test_storm_base import TestStormBase
+
+class TestStormJaasConfiguration(TestStormBase):
+
+ def test_configure_default(self):
+ self.executeScript("2.1/services/STORM/package/scripts/nimbus.py",
+ classname = "Nimbus",
+ command = "configure",
+ config_file = "default-storm-start.json"
+ )
+ self.assert_configure_default()
+ def test_start_default(self):
+
+ self.executeScript("2.1/services/STORM/package/scripts/nimbus.py",
+ classname = "Nimbus",
+ command = "start",
+ config_file = "default-storm-start.json"
+ )
+ self.assert_configure_default()
+
+
+ def test_configure_secured(self):
+ self.executeScript("2.1/services/STORM/package/scripts/nimbus.py",
+ classname = "Nimbus",
+ command = "configure",
+ config_file = "secured-storm-start.json"
+ )
+ self.assert_configure_secured()
+
+ def test_start_secured(self):
+ self.executeScript("2.1/services/STORM/package/scripts/nimbus.py",
+ classname = "Nimbus",
+ command = "start",
+ config_file = "secured-storm-start.json"
+ )
+ self.assert_configure_secured()
+
+ def assert_configure_default(self):
+ storm_yarn_content = super(TestStormJaasConfiguration, self).assert_configure_default()
+
+ self.assertTrue(storm_yarn_content.find('_JAAS_PLACEHOLDER') == -1, 'Placeholder have to be substituted')
+
+ self.assertTrue(storm_yarn_content.find('-Djava.security.auth.login.config') == -1, 'JAAS security settings has not to be present')
+ self.assertTrue(storm_yarn_content.find('NON_SECURED_TRANSPORT_CLASS') >= 0, 'Non secured transport class should be used')
+
+
+ def assert_configure_secured(self):
+ storm_yarn_content = super(TestStormJaasConfiguration, self).assert_configure_secured()
+
+ self.assertTrue(storm_yarn_content.find('_JAAS_PLACEHOLDER') == -1, 'Placeholder have to be substituted')
+ self.assertTrue(storm_yarn_content.find('_storm') == -1, 'pairs start with _strom has to be removed')
+
+ self.assertTrue(storm_yarn_content.find('-Djava.security.auth.login.config') >= 0, 'JAAS security settings has to be present')
+ self.assertTrue(storm_yarn_content.find('SECURED_TRANSPORT_CLASS') >= 0, 'Secured transport class should be used')
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_nimbus.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_nimbus.py b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_nimbus.py
index 005bc63..59f8fca 100644
--- a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_nimbus.py
+++ b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_nimbus.py
@@ -20,9 +20,11 @@ limitations under the License.
from mock.mock import MagicMock, call, patch
from stacks.utils.RMFTestCase import *
-import resource_management.core.source
+import resource_management.core.source
+from test_storm_base import TestStormBase
-class TestStormNimbus(RMFTestCase):
+
+class TestStormNimbus(TestStormBase):
def test_configure_default(self):
self.executeScript("2.1/services/STORM/package/scripts/nimbus.py",
@@ -75,7 +77,7 @@ class TestStormNimbus(RMFTestCase):
self.assertResourceCalled('Execute', 'rm -f /var/run/storm/nimbus.pid')
self.assertNoMoreResources()
- def test_configure_default(self):
+ def test_configure_secured(self):
self.executeScript("2.1/services/STORM/package/scripts/nimbus.py",
classname = "Nimbus",
command = "configure",
@@ -126,85 +128,18 @@ class TestStormNimbus(RMFTestCase):
self.assertResourceCalled('Execute', 'rm -f /var/run/storm/nimbus.pid')
self.assertNoMoreResources()
- def assert_configure_default(self):
-
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- owner = 'storm',
- content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
- )
-
- def assert_configure_secured(self):
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- owner = 'storm',
- content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
- )
- self.assertResourceCalled('TemplateConfig', '/etc/storm/conf/storm_jaas.conf',
- owner = 'storm',
- )
-
- def get_yaml_inline_template(self, configurations):
- with self.env:
- from yaml_config import yaml_inline_template
- return yaml_inline_template(configurations)
\ No newline at end of file
+
+# def call_storm_template_and_assert(self):
+# import yaml_utils
+# storm_yarn_template = Template(
+# "storm.yaml.j2",
+# extra_imports=[yaml_utils.escape_yaml_propetry],
+# configurations = self.getConfig()['configurations']['storm-site'])
+# storm_yarn_content = storm_yarn_template.get_content()
+#
+# self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
+# owner = 'storm',
+# content= storm_yarn_template,
+# group = 'hadoop'
+# )
+# return storm_yarn_content
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_nimbus_prod.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_nimbus_prod.py b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_nimbus_prod.py
index 0fe3564..e7a2761 100644
--- a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_nimbus_prod.py
+++ b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_nimbus_prod.py
@@ -21,8 +21,9 @@ limitations under the License.
from mock.mock import MagicMock, call, patch
from stacks.utils.RMFTestCase import *
import resource_management.core.source
+from test_storm_base import TestStormBase
-class TestStormNimbus(RMFTestCase):
+class TestStormNimbus(TestStormBase):
def test_configure_default(self):
self.executeScript("2.1/services/STORM/package/scripts/nimbus_prod.py",
@@ -58,7 +59,7 @@ class TestStormNimbus(RMFTestCase):
)
self.assertNoMoreResources()
- def test_configure_default(self):
+ def test_configure_secured(self):
self.executeScript("2.1/services/STORM/package/scripts/nimbus_prod.py",
classname = "Nimbus",
command = "configure",
@@ -90,86 +91,4 @@ class TestStormNimbus(RMFTestCase):
self.assertResourceCalled('Execute', 'supervisorctl stop storm-nimbus',
wait_for_finish = False,
)
- self.assertNoMoreResources()
-
- def assert_configure_default(self):
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- owner = 'storm',
- content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
- )
-
- def assert_configure_secured(self):
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- owner = 'storm',
- content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
- )
- self.assertResourceCalled('TemplateConfig', '/etc/storm/conf/storm_jaas.conf',
- owner = 'storm',
- )
-
- def get_yaml_inline_template(self, configurations):
- with self.env:
- from yaml_config import yaml_inline_template
- return yaml_inline_template(configurations)
\ No newline at end of file
+ self.assertNoMoreResources()
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_rest_api_service.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_rest_api_service.py b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_rest_api_service.py
index 877bb72..7836f6b 100644
--- a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_rest_api_service.py
+++ b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_rest_api_service.py
@@ -21,8 +21,9 @@ limitations under the License.
from mock.mock import MagicMock, call, patch
from stacks.utils.RMFTestCase import *
import resource_management.core.source
+from test_storm_base import TestStormBase
-class TestStormRestApi(RMFTestCase):
+class TestStormRestApi(TestStormBase):
def test_configure_default(self):
self.executeScript("2.1/services/STORM/package/scripts/rest_api.py",
@@ -75,7 +76,7 @@ class TestStormRestApi(RMFTestCase):
self.assertResourceCalled('Execute', 'rm -f /var/run/storm/restapi.pid')
self.assertNoMoreResources()
- def test_configure_default(self):
+ def test_configure_secured(self):
self.executeScript("2.1/services/STORM/package/scripts/rest_api.py",
classname = "StormRestApi",
command = "configure",
@@ -126,85 +127,3 @@ class TestStormRestApi(RMFTestCase):
self.assertResourceCalled('Execute', 'rm -f /var/run/storm/restapi.pid')
self.assertNoMoreResources()
- def assert_configure_default(self):
-
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- owner = 'storm',
- content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
- )
-
- def assert_configure_secured(self):
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- owner = 'storm',
- content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
- )
- self.assertResourceCalled('TemplateConfig', '/etc/storm/conf/storm_jaas.conf',
- owner = 'storm',
- )
-
- def get_yaml_inline_template(self, configurations):
- with self.env:
- from yaml_config import yaml_inline_template
- return yaml_inline_template(configurations)
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_supervisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_supervisor.py b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_supervisor.py
index 76ae58f..33c64c7 100644
--- a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_supervisor.py
+++ b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_supervisor.py
@@ -21,8 +21,9 @@ limitations under the License.
from mock.mock import MagicMock, call, patch
from stacks.utils.RMFTestCase import *
import resource_management.core.source
+from test_storm_base import TestStormBase
-class TestStormSupervisor(RMFTestCase):
+class TestStormSupervisor(TestStormBase):
def test_configure_default(self):
self.executeScript("2.1/services/STORM/package/scripts/supervisor.py",
@@ -97,7 +98,7 @@ class TestStormSupervisor(RMFTestCase):
self.assertResourceCalled('Execute', 'rm -f /var/run/storm/logviewer.pid')
self.assertNoMoreResources()
- def test_configure_default(self):
+ def test_configure_secured(self):
self.executeScript("2.1/services/STORM/package/scripts/supervisor.py",
classname = "Supervisor",
command = "configure",
@@ -196,12 +197,8 @@ class TestStormSupervisor(RMFTestCase):
content = Template('config.yaml.j2'),
group = 'hadoop',
)
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
+ #assert that storm.yam was properly configured
+ self.call_storm_template_and_assert()
self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
owner = 'storm',
content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
@@ -233,12 +230,15 @@ class TestStormSupervisor(RMFTestCase):
content = Template('config.yaml.j2'),
group = 'hadoop',
)
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
+# self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
+# owner = 'storm',
+# content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
+# group = 'hadoop',
+# mode = None,
+# )
+ #assert that storm.yam was properly configured
+ self.call_storm_template_and_assert()
+
self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
owner = 'storm',
content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
@@ -247,7 +247,13 @@ class TestStormSupervisor(RMFTestCase):
owner = 'storm',
)
- def get_yaml_inline_template(self, configurations):
- with self.env:
- from yaml_config import yaml_inline_template
- return yaml_inline_template(configurations)
\ No newline at end of file
+# def get_yaml_inline_template(self, configurations):
+# with self.env:
+# from yaml_config import yaml_inline_template
+# from storm import enrich_kerberos_settings
+# import params
+#
+# if params.security_enabled:
+# return yaml_inline_template(enrich_kerberos_settings(configurations, params.conf_dir, "EXAMPLE.COM"))
+# else:
+# return yaml_inline_template(configurations)
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_supervisor_prod.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_supervisor_prod.py b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_supervisor_prod.py
index 1a77f951..41c89c9 100644
--- a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_supervisor_prod.py
+++ b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_supervisor_prod.py
@@ -20,9 +20,10 @@ limitations under the License.
from mock.mock import MagicMock, call, patch
from stacks.utils.RMFTestCase import *
-import resource_management.core.source
+import resource_management.core.source
+from test_storm_base import TestStormBase
-class TestStormSupervisor(RMFTestCase):
+class TestStormSupervisor(TestStormBase):
def test_configure_default(self):
self.executeScript("2.1/services/STORM/package/scripts/supervisor_prod.py",
@@ -141,84 +142,3 @@ class TestStormSupervisor(RMFTestCase):
self.assertNoMoreResources()
- def assert_configure_default(self):
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- owner = 'storm',
- content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
- )
-
- def assert_configure_secured(self):
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- owner = 'storm',
- content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
- )
- self.assertResourceCalled('TemplateConfig', '/etc/storm/conf/storm_jaas.conf',
- owner = 'storm',
- )
-
- def get_yaml_inline_template(self, configurations):
- with self.env:
- from yaml_config import yaml_inline_template
- return yaml_inline_template(configurations)
http://git-wip-us.apache.org/repos/asf/ambari/blob/73c169e3/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_ui_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_ui_server.py b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_ui_server.py
index 46a1523..256c376 100644
--- a/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_ui_server.py
+++ b/ambari-server/src/test/python/stacks/2.1/STORM/test_storm_ui_server.py
@@ -20,9 +20,9 @@ limitations under the License.
from mock.mock import MagicMock, call, patch
from stacks.utils.RMFTestCase import *
-import resource_management.core.source
-
-class TestStormUiServer(RMFTestCase):
+import resource_management.core.source
+from test_storm_base import TestStormBase
+class TestStormUiServer(TestStormBase):
def test_configure_default(self):
self.executeScript("2.1/services/STORM/package/scripts/ui_server.py",
@@ -75,7 +75,7 @@ class TestStormUiServer(RMFTestCase):
self.assertResourceCalled('Execute', 'rm -f /var/run/storm/ui.pid')
self.assertNoMoreResources()
- def test_configure_default(self):
+ def test_configure_secured(self):
self.executeScript("2.1/services/STORM/package/scripts/ui_server.py",
classname = "UiServer",
command = "configure",
@@ -124,87 +124,4 @@ class TestStormUiServer(RMFTestCase):
ignore_failures=True
)
self.assertResourceCalled('Execute', 'rm -f /var/run/storm/ui.pid')
- self.assertNoMoreResources()
-
- def assert_configure_default(self):
-
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- owner = 'storm',
- content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
- )
-
- def assert_configure_secured(self):
- self.assertResourceCalled('Directory', '/var/log/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/var/run/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/hadoop/storm',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('Directory', '/etc/storm/conf',
- owner = 'storm',
- group = 'hadoop',
- recursive = True,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/config.yaml',
- owner = 'storm',
- content = Template('config.yaml.j2'),
- group = 'hadoop',
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm.yaml',
- owner = 'storm',
- content = self.get_yaml_inline_template(self.getConfig()['configurations']['storm-site']),
- group = 'hadoop',
- mode = None,
- )
- self.assertResourceCalled('File', '/etc/storm/conf/storm-env.sh',
- owner = 'storm',
- content = InlineTemplate(self.getConfig()['configurations']['storm-env']['content'])
- )
- self.assertResourceCalled('TemplateConfig', '/etc/storm/conf/storm_jaas.conf',
- owner = 'storm',
- )
-
- def get_yaml_inline_template(self, configurations):
- with self.env:
- from yaml_config import yaml_inline_template
- return yaml_inline_template(configurations)
+ self.assertNoMoreResources()
\ No newline at end of file