ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From srima...@apache.org
Subject [2/2] git commit: AMBARI-7824. Slider View: Unable to create app when cluster is secured - keytab doesnt exist (srimanth)
Date Fri, 17 Oct 2014 16:57:32 GMT
AMBARI-7824. Slider View: Unable to create app when cluster is secured - keytab doesnt exist
(srimanth)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/1940122a
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/1940122a
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/1940122a

Branch: refs/heads/branch-1.7.0
Commit: 1940122af153cab71512dd8e1a06721c59998ca7
Parents: eb81775
Author: Srimanth Gunturi <sgunturi@hortonworks.com>
Authored: Thu Oct 16 18:52:57 2014 -0700
Committer: Srimanth Gunturi <sgunturi@hortonworks.com>
Committed: Fri Oct 17 09:46:10 2014 -0700

----------------------------------------------------------------------
 .../0.51.0/slider-agent-0.51.0.tar.gz           | Bin 472393 -> 471859 bytes
 .../slider-core/0.51.0/slider-core-0.51.0.jar   | Bin 1155217 -> 1167680 bytes
 contrib/views/slider/pom.xml                    |   5 ++
 .../slider/SliderAppsViewControllerImpl.java    |  49 +++++++++++++++++--
 4 files changed, 50 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/1940122a/contrib/views/slider/lib/org/apache/slider/slider-agent/0.51.0/slider-agent-0.51.0.tar.gz
----------------------------------------------------------------------
diff --git a/contrib/views/slider/lib/org/apache/slider/slider-agent/0.51.0/slider-agent-0.51.0.tar.gz
b/contrib/views/slider/lib/org/apache/slider/slider-agent/0.51.0/slider-agent-0.51.0.tar.gz
index f724da9..9d22825 100644
Binary files a/contrib/views/slider/lib/org/apache/slider/slider-agent/0.51.0/slider-agent-0.51.0.tar.gz
and b/contrib/views/slider/lib/org/apache/slider/slider-agent/0.51.0/slider-agent-0.51.0.tar.gz
differ

http://git-wip-us.apache.org/repos/asf/ambari/blob/1940122a/contrib/views/slider/lib/org/apache/slider/slider-core/0.51.0/slider-core-0.51.0.jar
----------------------------------------------------------------------
diff --git a/contrib/views/slider/lib/org/apache/slider/slider-core/0.51.0/slider-core-0.51.0.jar
b/contrib/views/slider/lib/org/apache/slider/slider-core/0.51.0/slider-core-0.51.0.jar
index 7c2e42f..cbcca5c 100644
Binary files a/contrib/views/slider/lib/org/apache/slider/slider-core/0.51.0/slider-core-0.51.0.jar
and b/contrib/views/slider/lib/org/apache/slider/slider-core/0.51.0/slider-core-0.51.0.jar
differ

http://git-wip-us.apache.org/repos/asf/ambari/blob/1940122a/contrib/views/slider/pom.xml
----------------------------------------------------------------------
diff --git a/contrib/views/slider/pom.xml b/contrib/views/slider/pom.xml
index 3f311c8..cb07dd4 100644
--- a/contrib/views/slider/pom.xml
+++ b/contrib/views/slider/pom.xml
@@ -252,6 +252,11 @@
 		</dependency>
 		<dependency>
 			<groupId>org.apache.hadoop</groupId>
+			<artifactId>hadoop-yarn-registry</artifactId>
+			<version>${hadoop.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.hadoop</groupId>
 			<artifactId>hadoop-yarn-common</artifactId>
 			<version>${hadoop.version}</version>
 		</dependency>

http://git-wip-us.apache.org/repos/asf/ambari/blob/1940122a/contrib/views/slider/src/main/java/org/apache/ambari/view/slider/SliderAppsViewControllerImpl.java
----------------------------------------------------------------------
diff --git a/contrib/views/slider/src/main/java/org/apache/ambari/view/slider/SliderAppsViewControllerImpl.java
b/contrib/views/slider/src/main/java/org/apache/ambari/view/slider/SliderAppsViewControllerImpl.java
index 92f95c9..bdd3c0f 100644
--- a/contrib/views/slider/src/main/java/org/apache/ambari/view/slider/SliderAppsViewControllerImpl.java
+++ b/contrib/views/slider/src/main/java/org/apache/ambari/view/slider/SliderAppsViewControllerImpl.java
@@ -66,6 +66,7 @@ import org.apache.slider.client.SliderClient;
 import org.apache.slider.common.params.ActionCreateArgs;
 import org.apache.slider.common.params.ActionFlexArgs;
 import org.apache.slider.common.params.ActionFreezeArgs;
+import org.apache.slider.common.params.ActionInstallKeytabArgs;
 import org.apache.slider.common.params.ActionInstallPackageArgs;
 import org.apache.slider.common.params.ActionThawArgs;
 import org.apache.slider.core.exceptions.SliderException;
@@ -84,6 +85,7 @@ import com.google.gson.JsonArray;
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
 import com.google.gson.JsonParser;
+import com.google.gson.JsonPrimitive;
 import com.google.inject.Inject;
 import com.google.inject.Singleton;
 
@@ -134,7 +136,7 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController
{
             ambariUsername, ambariPassword);
         try {
           AmbariClusterInfo clusterInfo = ambariClient.getClusterInfo();
-          if (clusterName.equals(clusterInfo.getName())) {
+          if (clusterInfo!=null && clusterName.equals(clusterInfo.getName())) {
             AmbariCluster cluster = ambariClient.getCluster(clusterInfo);
             AmbariServiceInfo hdfsServiceInfo = null;
             AmbariServiceInfo yarnServiceInfo = null;
@@ -1039,6 +1041,7 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController
{
       final String appType = json.get("typeName").getAsString();
       final String appName = json.get("name").getAsString();
       final String queueName = json.has("queue") ? json.get("queue").getAsString() : null;
+      final boolean securityEnabled = Boolean.valueOf(getHadoopConfigs().get("security_enabled"));
       JsonObject configs = json.get("typeConfigs").getAsJsonObject();
       JsonObject resourcesObj = json.get("resources").getAsJsonObject();
       JsonArray componentsArray = resourcesObj.get("components").getAsJsonArray();
@@ -1070,7 +1073,7 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController
{
       appCreateFolder.mkdirs();
       File appConfigJsonFile = new File(appCreateFolder, "appConfig.json");
       File resourcesJsonFile = new File(appCreateFolder, "resources.json");
-      saveAppConfigs(configs, componentsArray, appConfigJsonFile);
+      saveAppConfigs(configs, componentsArray, appName, securityEnabled, appConfigJsonFile);
       saveAppResources(resourcesObj, resourcesJsonFile);
 
       final ActionCreateArgs createArgs = new ActionCreateArgs();
@@ -1087,9 +1090,16 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController
{
       installArgs.packageURI = getAppsFolderPath() + "/" + localAppPackageFileName;
       installArgs.replacePkg = true;
 
+      final ActionInstallKeytabArgs keytabArgs = new ActionInstallKeytabArgs();
+      keytabArgs.keytabUri = getUserToRunAsKeytab();
+      keytabArgs.folder = appName;
+
       return invokeSliderClientRunnable(new SliderClientContextRunnable<String>() {
         @Override
         public String run(SliderClient sliderClient) throws YarnException, IOException, InterruptedException
{
+          if (securityEnabled) {
+            sliderClient.actionInstallKeytab(keytabArgs);
+          }
           sliderClient.actionInstallPkg(installArgs);
           sliderClient.actionCreate(appName, createArgs);
           ApplicationId applicationId = sliderClient.applicationId;
@@ -1157,8 +1167,28 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController
{
     }
   }
 
+  /*
+   * When security is enabled, the AppMaster itself needs the keytab identifying the calling
user.
+   * The user's keytab should be at the same location as the view's keytab, and should be
+   * named as ${username}.headless.keytab
+   */
+  private String getUserToRunAsKeytab() {
+    String viewKeytab = viewContext.getProperties().get(PARAM_VIEW_PRINCIPAL_KEYTAB);
+    String prefix = "";
+    int index = viewKeytab.lastIndexOf('/');
+    if (index > -1) {
+      prefix = viewKeytab.substring(0, index);
+    }
+    String username = getUserToRunAs();
+    String userKeytab = prefix + "/" + username + ".headless.keytab";
+    if (logger.isDebugEnabled()) {
+      logger.debug(username + " keytab: " + userKeytab);
+    }
+    return userKeytab;
+  }
+
   private void saveAppConfigs(JsonObject configs, JsonArray componentsArray,
-      File appConfigJsonFile) throws IOException {
+      String appName, boolean securityEnabled, File appConfigJsonFile) throws IOException
{
     JsonObject appConfigs = new JsonObject();
     appConfigs.addProperty("schema", "http://example.org/specification/v2.0.0");
     appConfigs.add("metadata", new JsonObject());
@@ -1173,7 +1203,15 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController
{
         }
       }
     }
-    appConfigs.add("components", componentsObj);
+    if (securityEnabled) {
+      JsonObject appMasterComponent = new JsonObject();
+      String userToRunAsKeytab = getUserToRunAsKeytab();
+      String fileName = userToRunAsKeytab.substring(userToRunAsKeytab.lastIndexOf('/') +
1);
+      appMasterComponent.add("slider.am.login.keytab.name", new JsonPrimitive(fileName));
+      appMasterComponent.add("slider.hdfs.keytab.dir", new JsonPrimitive(".slider/keytabs/"
+ appName));
+      componentsObj.add("slider-appmaster", appMasterComponent);
+    }
+   appConfigs.add("components", componentsObj);
     String jsonString = new GsonBuilder().setPrettyPrinting().create().toJson(appConfigs);
     FileOutputStream fos = null;
     try {
@@ -1184,6 +1222,9 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController
{
         fos.close();
       }
     }
+    if (logger.isDebugEnabled()) {
+      logger.debug("Saved appConfigs.json at " + appConfigJsonFile.getAbsolutePath());
+    }
   }
 
   @Override


Mime
View raw message