You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by al...@apache.org on 2015/04/29 23:25:25 UTC
ambari git commit: AMBARI-10825. Missed Support for Wire Encyption
(alexantonenko)
Repository: ambari
Updated Branches:
refs/heads/trunk 36f92c70b -> 53bc491ca
AMBARI-10825. Missed Support for Wire Encyption (alexantonenko)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/53bc491c
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/53bc491c
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/53bc491c
Branch: refs/heads/trunk
Commit: 53bc491ca4d8bf828e699bbe1587e12687efe1eb
Parents: 36f92c7
Author: Alex Antonenko <hi...@gmail.com>
Authored: Thu Apr 30 00:25:10 2015 +0300
Committer: Alex Antonenko <hi...@gmail.com>
Committed: Thu Apr 30 00:25:21 2015 +0300
----------------------------------------------------------------------
.../HDFS/2.1.0.2.0/configuration/ssl-client.xml | 24 ++++++++++++++++-
.../HDFS/2.1.0.2.0/configuration/ssl-server.xml | 28 ++++++++++----------
.../YARN/configuration-mapred/ssl-client.xml | 24 ++++++++++++++++-
.../YARN/configuration-mapred/ssl-server.xml | 28 ++++++++++----------
.../YARN/configuration-mapred/ssl-client.xml | 24 ++++++++++++++++-
.../YARN/configuration-mapred/ssl-server.xml | 28 ++++++++++----------
6 files changed, 111 insertions(+), 45 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-client.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-client.xml b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-client.xml
index ec8cfac..74f89f5 100644
--- a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-client.xml
+++ b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-client.xml
@@ -21,11 +21,33 @@
<property>
<name>ssl.client.truststore.location</name>
<value>/etc/security/clientKeys/all.jks</value>
- <description>Truststore to be used by clients. Must be specified.</description>
+ <description>Location of the trust store file.</description>
</property>
<property>
<name>ssl.client.truststore.type</name>
<value>jks</value>
<description>Optional. Default value is "jks".</description>
</property>
+ <property>
+ <name>sssl.client.truststore.password</name>
+ <value>bigdata</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password to open the trust store file.</description>
+ </property>
+ <property>
+ <name>ssl.client.truststore.reload.interval</name>
+ <value>10000</value>
+ <description>Truststore reload interval, in milliseconds.</description>
+ </property>
+ <property>
+ <name>ssl.client.keystore.location</name>
+ <value>/etc/security/clientKeys/keystore.jks</value>
+ <description>Location of the keystore file.</description>
+ </property>
+ <property>
+ <name>ssl.client.keystore.password</name>
+ <value>bigdata</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password to open the keystore file.</description>
+ </property>
</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-server.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-server.xml b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-server.xml
index 20b8b1e..c152711 100644
--- a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-server.xml
+++ b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-server.xml
@@ -20,8 +20,8 @@
<configuration>
<property>
<name>ssl.server.truststore.location</name>
- <value>/etc/security/serverKeys/truststore.jks</value>
- <description>Truststore to be used by NN and DN. Must be specified.</description>
+ <value>/etc/security/clientKeys/all.jks</value>
+ <description>Location of the trust store file.</description>
</property>
<property>
<name>ssl.server.truststore.type</name>
@@ -29,25 +29,25 @@
<description>Optional. Default value is "jks".</description>
</property>
<property>
- <name>ssl.server.keystore.location</name>
- <value>/etc/security/serverKeys/keystore.jks</value>
- <description>Keystore to be used by NN and DN. Must be specified.</description>
+ <name>sssl.server.truststore.password</name>
+ <value>bigdata</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password to open the trust store file.</description>
</property>
<property>
- <name>ssl.server.keystore.password</name>
- <property-type>PASSWORD</property-type>
- <value>bigdata</value>
- <description>Must be specified.</description>
+ <name>ssl.server.truststore.reload.interval</name>
+ <value>10000</value>
+ <description>Truststore reload interval, in milliseconds.</description>
</property>
<property>
- <name>ssl.server.keystore.type</name>
- <value>jks</value>
- <description>Optional. Default value is "jks".</description>
+ <name>ssl.server.keystore.location</name>
+ <value>/etc/security/clientKeys/keystore.jks</value>
+ <description>Location of the keystore file.</description>
</property>
<property>
- <name>ssl.server.keystore.keypassword</name>
+ <name>ssl.server.keystore.password</name>
<value>bigdata</value>
<property-type>PASSWORD</property-type>
- <description>Must be specified.</description>
+ <description>Password to open the keystore file.</description>
</property>
</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml b/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml
index ec8cfac..74f89f5 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml
@@ -21,11 +21,33 @@
<property>
<name>ssl.client.truststore.location</name>
<value>/etc/security/clientKeys/all.jks</value>
- <description>Truststore to be used by clients. Must be specified.</description>
+ <description>Location of the trust store file.</description>
</property>
<property>
<name>ssl.client.truststore.type</name>
<value>jks</value>
<description>Optional. Default value is "jks".</description>
</property>
+ <property>
+ <name>sssl.client.truststore.password</name>
+ <value>bigdata</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password to open the trust store file.</description>
+ </property>
+ <property>
+ <name>ssl.client.truststore.reload.interval</name>
+ <value>10000</value>
+ <description>Truststore reload interval, in milliseconds.</description>
+ </property>
+ <property>
+ <name>ssl.client.keystore.location</name>
+ <value>/etc/security/clientKeys/keystore.jks</value>
+ <description>Location of the keystore file.</description>
+ </property>
+ <property>
+ <name>ssl.client.keystore.password</name>
+ <value>bigdata</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password to open the keystore file.</description>
+ </property>
</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml b/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml
index 20b8b1e..c152711 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml
@@ -20,8 +20,8 @@
<configuration>
<property>
<name>ssl.server.truststore.location</name>
- <value>/etc/security/serverKeys/truststore.jks</value>
- <description>Truststore to be used by NN and DN. Must be specified.</description>
+ <value>/etc/security/clientKeys/all.jks</value>
+ <description>Location of the trust store file.</description>
</property>
<property>
<name>ssl.server.truststore.type</name>
@@ -29,25 +29,25 @@
<description>Optional. Default value is "jks".</description>
</property>
<property>
- <name>ssl.server.keystore.location</name>
- <value>/etc/security/serverKeys/keystore.jks</value>
- <description>Keystore to be used by NN and DN. Must be specified.</description>
+ <name>sssl.server.truststore.password</name>
+ <value>bigdata</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password to open the trust store file.</description>
</property>
<property>
- <name>ssl.server.keystore.password</name>
- <property-type>PASSWORD</property-type>
- <value>bigdata</value>
- <description>Must be specified.</description>
+ <name>ssl.server.truststore.reload.interval</name>
+ <value>10000</value>
+ <description>Truststore reload interval, in milliseconds.</description>
</property>
<property>
- <name>ssl.server.keystore.type</name>
- <value>jks</value>
- <description>Optional. Default value is "jks".</description>
+ <name>ssl.server.keystore.location</name>
+ <value>/etc/security/clientKeys/keystore.jks</value>
+ <description>Location of the keystore file.</description>
</property>
<property>
- <name>ssl.server.keystore.keypassword</name>
+ <name>ssl.server.keystore.password</name>
<value>bigdata</value>
<property-type>PASSWORD</property-type>
- <description>Must be specified.</description>
+ <description>Password to open the keystore file.</description>
</property>
</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml
index ec8cfac..74f89f5 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml
@@ -21,11 +21,33 @@
<property>
<name>ssl.client.truststore.location</name>
<value>/etc/security/clientKeys/all.jks</value>
- <description>Truststore to be used by clients. Must be specified.</description>
+ <description>Location of the trust store file.</description>
</property>
<property>
<name>ssl.client.truststore.type</name>
<value>jks</value>
<description>Optional. Default value is "jks".</description>
</property>
+ <property>
+ <name>sssl.client.truststore.password</name>
+ <value>bigdata</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password to open the trust store file.</description>
+ </property>
+ <property>
+ <name>ssl.client.truststore.reload.interval</name>
+ <value>10000</value>
+ <description>Truststore reload interval, in milliseconds.</description>
+ </property>
+ <property>
+ <name>ssl.client.keystore.location</name>
+ <value>/etc/security/clientKeys/keystore.jks</value>
+ <description>Location of the keystore file.</description>
+ </property>
+ <property>
+ <name>ssl.client.keystore.password</name>
+ <value>bigdata</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password to open the keystore file.</description>
+ </property>
</configuration>
http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml
index 20b8b1e..c152711 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml
@@ -20,8 +20,8 @@
<configuration>
<property>
<name>ssl.server.truststore.location</name>
- <value>/etc/security/serverKeys/truststore.jks</value>
- <description>Truststore to be used by NN and DN. Must be specified.</description>
+ <value>/etc/security/clientKeys/all.jks</value>
+ <description>Location of the trust store file.</description>
</property>
<property>
<name>ssl.server.truststore.type</name>
@@ -29,25 +29,25 @@
<description>Optional. Default value is "jks".</description>
</property>
<property>
- <name>ssl.server.keystore.location</name>
- <value>/etc/security/serverKeys/keystore.jks</value>
- <description>Keystore to be used by NN and DN. Must be specified.</description>
+ <name>sssl.server.truststore.password</name>
+ <value>bigdata</value>
+ <property-type>PASSWORD</property-type>
+ <description>Password to open the trust store file.</description>
</property>
<property>
- <name>ssl.server.keystore.password</name>
- <property-type>PASSWORD</property-type>
- <value>bigdata</value>
- <description>Must be specified.</description>
+ <name>ssl.server.truststore.reload.interval</name>
+ <value>10000</value>
+ <description>Truststore reload interval, in milliseconds.</description>
</property>
<property>
- <name>ssl.server.keystore.type</name>
- <value>jks</value>
- <description>Optional. Default value is "jks".</description>
+ <name>ssl.server.keystore.location</name>
+ <value>/etc/security/clientKeys/keystore.jks</value>
+ <description>Location of the keystore file.</description>
</property>
<property>
- <name>ssl.server.keystore.keypassword</name>
+ <name>ssl.server.keystore.password</name>
<value>bigdata</value>
<property-type>PASSWORD</property-type>
- <description>Must be specified.</description>
+ <description>Password to open the keystore file.</description>
</property>
</configuration>