ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jai...@apache.org
Subject git commit: AMBARI-5060. Security Wizard: enable Kerberos setup for Storm. (jaimin)
Date Thu, 13 Mar 2014 01:18:41 GMT
Repository: ambari
Updated Branches:
  refs/heads/trunk 9320e9d2a -> ba276b489


AMBARI-5060. Security Wizard: enable Kerberos setup for Storm. (jaimin)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/ba276b48
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/ba276b48
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/ba276b48

Branch: refs/heads/trunk
Commit: ba276b489250a1df0db186ba71e9d30e8df1a47b
Parents: 9320e9d
Author: Jaimin Jetly <jaimin@hortonworks.com>
Authored: Wed Mar 12 18:18:13 2014 -0700
Committer: Jaimin Jetly <jaimin@hortonworks.com>
Committed: Wed Mar 12 18:18:24 2014 -0700

----------------------------------------------------------------------
 .../services/STORM/package/scripts/params.py    |   4 +-
 .../main/admin/security/add/step2.js            |  21 ++-
 .../main/admin/security/add/step3.js            |  13 --
 .../main/admin/security/add/step4.js            |   5 +-
 ambari-web/app/data/HDP2/secure_configs.js      |   4 +-
 ambari-web/app/data/HDP2/secure_properties.js   | 138 ++-----------------
 .../storm_defaults_provider.js                  |   3 +-
 7 files changed, 30 insertions(+), 158 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py
b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py
index 138abe0..c0f3e18 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py
+++ b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py
@@ -54,7 +54,5 @@ if security_enabled:
   _hostname_lowercase = config['hostname'].lower()
   _kerberos_domain = config['configurations']['global']['kerberos_domain']
   _storm_principal_name = config['configurations']['global']['storm_principal_name']
-  
-  storm_jaas_principal = format("{_storm_principal_name}/{_hostname_lowercase}@{_kerberos_domain}")
+  storm_jaas_principal = _storm_principal_name.replace('_HOST',_hostname_lowercase)
   storm_keytab_path = config['configurations']['global']['storm_keytab']
-

http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/controllers/main/admin/security/add/step2.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/controllers/main/admin/security/add/step2.js b/ambari-web/app/controllers/main/admin/security/add/step2.js
index f951aa6..aa3370c 100644
--- a/ambari-web/app/controllers/main/admin/security/add/step2.js
+++ b/ambari-web/app/controllers/main/admin/security/add/step2.js
@@ -253,19 +253,16 @@ App.MainAdminSecurityAddStep2Controller = Em.Controller.extend({
     this.setHostsToConfig(zooKeeperService, 'zookeeperserver_hosts', 'ZOOKEEPER_SERVER');
     this.setHostsToConfig(falconService, 'falcon_server_host', 'FALCON_SERVER');
     if (stormService) {
-      var stormMasterComponents = [
-        {
-          configName: 'storm_ui_server_host',
-          componentName: 'STORM_UI_SERVER'
-        },
-        {
-          configName: 'nimbus_host',
-          componentName: 'NIMBUS'
-        }
-      ];
-      stormMasterComponents.forEach(function(masterComponent) {
-        this.setHostsToConfig(stormService, masterComponent.configName, masterComponent.componentName);
+      var stormComponents = ['STORM_UI_SERVER','NIMBUS','SUPERVISOR'];
+      var stormHosts = [];
+      stormComponents.forEach(function(componentName) {
+        stormHosts.pushObjects(App.Service.find(stormService.serviceName)
+          .get('hostComponents')
+          .filterProperty('componentName', componentName)
+          .mapProperty('host.hostName'));
       }, this);
+      var hosts = stormService.configs.findProperty('name', 'storm_host');
+      hosts.defaultValue  = stormHosts.uniq();
     }
 
     // Oozie, Falcon, WebHcat and Nagios does not support _HOST in the principal name. Actual
hostname should be set instead of _HOST

http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/controllers/main/admin/security/add/step3.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/controllers/main/admin/security/add/step3.js b/ambari-web/app/controllers/main/admin/security/add/step3.js
index 035467b..7c8c7fb 100644
--- a/ambari-web/app/controllers/main/admin/security/add/step3.js
+++ b/ambari-web/app/controllers/main/admin/security/add/step3.js
@@ -77,7 +77,6 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({
     var smokeUserKeytabPath = generalConfigs.findProperty('name', 'smokeuser_keytab').value;
     var hdfsUserKeytabPath = generalConfigs.findProperty('name', 'hdfs_user_keytab').value;
     var hbaseUserKeytabPath = generalConfigs.findProperty('name', 'hbase_user_keytab').value;
-    var stormUserKeytabPath = generalConfigs.findProperty('name', 'storm_keytab').value;
 
     var hadoopHttpPrincipal = hdfsConfigs.findProperty('name', 'hadoop_http_principal_name');
     var hadoopHttpKeytabPath = hdfsConfigs.findProperty('name', 'hadoop_http_keytab').value;
@@ -138,18 +137,6 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({
           acl: '440'
         });
       }
-      if (isStormInstalled) {
-        result.push({
-          host: host.get('hostName'),
-          component: Em.I18n.t('admin.addSecurity.user.stormUser'),
-          principal: stormUser,
-          keytabFile: stringUtils.getFileFromPath(stormUserKeytabPath),
-          keytab: stringUtils.getPath(stormUserKeytabPath),
-          owner: stormUserId,
-          group: hadoopGroupId,
-          acl: '440'
-        });
-      }
 
       this.setComponentConfig(result,host,'NAMENODE','HDFS','hadoop_http_principal_name','hadoop_http_keytab',Em.I18n.t('admin.addSecurity.hdfs.user.httpUser'),hadoopGroupId);
       this.setComponentConfig(result,host,'SECONDARY_NAMENODE','HDFS','hadoop_http_principal_name','hadoop_http_keytab',Em.I18n.t('admin.addSecurity.hdfs.user.httpUser'),hadoopGroupId);

http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/controllers/main/admin/security/add/step4.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/controllers/main/admin/security/add/step4.js b/ambari-web/app/controllers/main/admin/security/add/step4.js
index c9ec96e..cc9284a 100644
--- a/ambari-web/app/controllers/main/admin/security/add/step4.js
+++ b/ambari-web/app/controllers/main/admin/security/add/step4.js
@@ -353,6 +353,10 @@ App.MainAdminSecurityAddStep4Controller = App.MainAdminSecurityProgressControlle
             var zkPrincipalName = this.get('globalProperties').findProperty('name', 'zookeeper_principal_name');
             zkPrincipalName.value = zkPrincipalName.value + '@' + realmName.value;
           }
+          if (this.get('secureServices').someProperty('serviceName', 'STORM')) {
+            var stormPrincipalName = this.get('globalProperties').findProperty('name', 'storm_principal_name');
+            stormPrincipalName.value = stormPrincipalName.value + '@' + realmName.value;
+          }
           this.get('globalProperties').forEach(function (_globalProperty) {
             if (!/_hosts?$/.test(_globalProperty.name)) {
               _serviceConfigTags.configs[_globalProperty.name] = _globalProperty.value;
@@ -402,7 +406,6 @@ App.MainAdminSecurityAddStep4Controller = App.MainAdminSecurityProgressControlle
     console.warn('Error: Can\'t delete APP_TIMELINE_SERVER');
   },
 
-
   onJsError: function () {
     App.ModalPopup.show({
       header: Em.I18n.t('common.error'),

http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/data/HDP2/secure_configs.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/data/HDP2/secure_configs.js b/ambari-web/app/data/HDP2/secure_configs.js
index d69c77f..7b3444e 100644
--- a/ambari-web/app/data/HDP2/secure_configs.js
+++ b/ambari-web/app/data/HDP2/secure_configs.js
@@ -132,9 +132,7 @@ module.exports = [
     displayName: 'Storm',
     filename: 'storm-site',
     configCategories: [
-      App.ServiceConfigCategory.create({ name: 'NIMBUS', displayName:  'Nimbus'}),
-      App.ServiceConfigCategory.create({ name: 'STORM_UI_SERVER', displayName:  'Storm UI
Server'}),
-      App.ServiceConfigCategory.create({ name: 'SUPERVISOR', displayName:  'Supervisor'})
+      App.ServiceConfigCategory.create({ name: 'Storm Topology', displayName:  'Storm Topology'})
     ],
     sites: ['storm-site'],
     configs: configProperties.filterProperty('serviceName', 'STORM')

http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/data/HDP2/secure_properties.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/data/HDP2/secure_properties.js b/ambari-web/app/data/HDP2/secure_properties.js
index 7667dd4..fae3623 100644
--- a/ambari-web/app/data/HDP2/secure_properties.js
+++ b/ambari-web/app/data/HDP2/secure_properties.js
@@ -924,143 +924,30 @@ module.exports =
   /**********************************************STORM***************************************/
     {
       "id": "puppet var",
-      "name": "supervisor_hosts",
-      "displayName": "Supervisor hosts",
+      "name": "storm_host",
+      "displayName": "Storm component hosts",
       "value": "",
       "defaultValue": "",
-      "description": "The host that the master server is running on.",
+      "description": "Storm component hosts",
       "displayType": "slaveHosts",
       "isVisible": true,
       "isOverridable": false,
       "serviceName": "STORM",
-      "category": "SUPERVISOR"
+      "category": "Storm Topology"
     },
     {
       "id": "puppet var",
-      "name": "storm_ui_server_host",
-      "displayName": "Storm UI Server host",
-      "value": "",
-      "defaultValue": "",
-      "description": "Storm UI Server host",
-      "displayType": "masterHost",
-      "isVisible": true,
-      "isOverridable": false,
-      "serviceName": "STORM",
-      "category": "STORM_UI_SERVER"
-    },
-    {
-      "id": "puppet var",
-      "name": "nimbus_host",
-      "displayName": "Nimbus host",
-      "value": "",
-      "defaultValue": "",
-      "description": "Nimbus host",
-      "displayType": "masterHost",
-      "isVisible": true,
-      "isOverridable": false,
-      "serviceName": "STORM",
-      "category": "NIMBUS"
-    },
-    {
-      "id": "puppet var",
-      "name": "supervisor_keytab",
-      "displayName": "Path to Supervisor keytab file",
-      "value": "",
-      "defaultValue": "/etc/security/keytabs/storm.service.keytab",
-      "description": "Path to the Storm Service keytab file",
-      "displayType": "directory",
-      "isVisible": true,
-      "isOverridable": false,
-      "serviceName": "STORM",
-      "category": "SUPERVISOR",
-      "component": "SUPERVISOR"
-    },
-    {
-      "id": "puppet var",
-      "name": "supervisor_principal_name",
-      "displayName": "Supervisor principal name",
-      "value": "",
-      "defaultValue": "storm/_HOST",
-      "description": "Principal name for Supervisor. _HOST will get automatically replaced
with actual hostname at an instance of Supervisor.",
-      "displayType": "principal",
-      "isVisible": true,
-      "isOverridable": false,
-      "isConfigurable": false,
-      "serviceName": "STORM",
-      "category": "SUPERVISOR",
-      "component": "SUPERVISOR"
-    },
-    {
-      "id": "puppet var",
-      "name": "nimbus_keytab",
-      "displayName": "Path to Nimbus keytab file",
-      "value": "",
-      "defaultValue": "/etc/security/keytabs/storm.service.keytab",
-      "description": "Path to the Nimbus keytab file",
-      "displayType": "directory",
-      "isVisible": true,
-      "isOverridable": false,
-      "serviceName": "STORM",
-      "category": "NIMBUS",
-      "component": "NIMBUS"
-    },
-    {
-      "id": "puppet var",
-      "name": "nimbus_principal_name",
-      "displayName": "Nimbus principal name",
-      "value": "",
-      "defaultValue": "storm/_HOST",
-      "description": "Principal name for Nimbus. _HOST will get automatically replaced with
actual hostname at an instance of Nimbus.",
-      "displayType": "principal",
-      "isVisible": true,
-      "isOverridable": false,
-      "isConfigurable": false,
-      "serviceName": "STORM",
-      "category": "NIMBUS",
-      "component": "NIMBUS"
-    },
-    {
-      "id": "puppet var",
-      "name": "storm_ui_server_keytab",
-      "displayName": "Path to Storm UI Server keytab file",
-      "value": "",
-      "defaultValue": "/etc/security/keytabs/storm.service.keytab",
-      "description": "Path to the Storm UI Server keytab file",
-      "displayType": "directory",
-      "isVisible": true,
-      "isOverridable": false,
-      "serviceName": "STORM",
-      "category": "STORM_UI_SERVER",
-      "component": "STORM_UI_SERVER"
-    },
-    {
-      "id": "puppet var",
-      "name": "storm_ui_server_principal_name",
-      "displayName": "Storm UI Server principal name",
+      "name": "storm_principal_name",
+      "displayName": " Storm principal name",
       "value": "",
       "defaultValue": "storm/_HOST",
-      "description": "Principal name for Storm UI Server. _HOST will get automatically replaced
with actual hostname at an instance of Storm UI Server.",
+      "description": "Principal name for Supervisor. _HOST will get automatically replaced
with actual hostname at an instance of every storm component.",
       "displayType": "principal",
       "isVisible": true,
       "isOverridable": false,
-      "isConfigurable": false,
       "serviceName": "STORM",
-      "category": "STORM_UI_SERVER",
-      "component": "STORM_UI_SERVER"
-    },
-    {
-      "id": "puppet var",
-      "name": "storm_principal_name",
-      "displayName": "Storm principal name",
-      "value": "",
-      "defaultValue": "storm",
-      "description": "This is the principal name for Storm user",
-      "displayType": "principal",
-      "isVisible": true,
-      "isOverridable": false,
-      "isConfigurable": false,
-      "serviceName": "GENERAL",
-      "category": "AMBARI"
+      "category": "Storm Topology",
+      "components": ["SUPERVISOR", "NIMBUS", "STORM_UI_SERVER"]
     },
     {
       "id": "puppet var",
@@ -1068,12 +955,13 @@ module.exports =
       "displayName": "Path to Storm keytab file",
       "value": "",
       "defaultValue": "/etc/security/keytabs/storm.service.keytab",
-      "description": "Path to the Storm Service keytab file",
+      "description": "Path to the storm keytab file",
       "displayType": "directory",
       "isVisible": true,
       "isOverridable": false,
-      "serviceName": "GENERAL",
-      "category": "AMBARI"
+      "serviceName": "STORM",
+      "category": "Storm Topology",
+      "components": ["SUPERVISOR", "NIMBUS"]
     },
 
   /**********************************************Falcon***************************************/

http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/utils/configs/defaults_providers/storm_defaults_provider.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/utils/configs/defaults_providers/storm_defaults_provider.js b/ambari-web/app/utils/configs/defaults_providers/storm_defaults_provider.js
index ce8704d..e49e282 100644
--- a/ambari-web/app/utils/configs/defaults_providers/storm_defaults_provider.js
+++ b/ambari-web/app/utils/configs/defaults_providers/storm_defaults_provider.js
@@ -41,7 +41,8 @@ App.STORMDefaultsProvider = App.DefaultsProvider.extend({
       return configs;
     }
     configs['drpc.childopts'] = '-Xmx768m';
-    configs['ui.childopts'] = '-Xmx768m';
+    //ui childopts value should be taken from stack
+    //configs['ui.childopts'] = '-Xmx768m';
     configs['logviewer.childopts'] = '-Xmx128m';
     return configs;
   },


Mime
View raw message