ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From yus...@apache.org
Subject ambari git commit: Revert "AMBARI-9468. Support secure HDFS with AMS in distributed mode service (rlevas)" Reverting since this is a suspect for causing NPE failure when trying to Add Service. This reverts commit e36b23166e4a40b456ded2bc72a7d045ad019175.
Date Sat, 07 Feb 2015 06:55:40 GMT
Repository: ambari
Updated Branches:
  refs/heads/trunk b9a06522e -> 7f67f34c0


Revert "AMBARI-9468. Support secure HDFS with AMS in distributed mode service (rlevas)"
Reverting since this is a suspect for causing NPE failure when trying to Add Service.
This reverts commit e36b23166e4a40b456ded2bc72a7d045ad019175.


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/7f67f34c
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/7f67f34c
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/7f67f34c

Branch: refs/heads/trunk
Commit: 7f67f34c09e6d54b93524f1c844a907f6d2563f5
Parents: b9a0652
Author: Yusaku Sako <yusaku@hortonworks.com>
Authored: Fri Feb 6 22:54:50 2015 -0800
Committer: Yusaku Sako <yusaku@hortonworks.com>
Committed: Fri Feb 6 22:55:36 2015 -0800

----------------------------------------------------------------------
 .../conf/unix/ambari-metrics-collector          |   2 +-
 .../AMS/0.1.0/configuration/ams-env.xml         |   6 -
 .../AMS/0.1.0/configuration/ams-hbase-env.xml   |  13 +-
 .../configuration/ams-hbase-security-site.xml   |  79 ------------
 .../AMS/0.1.0/configuration/ams-hbase-site.xml  |   4 +-
 .../common-services/AMS/0.1.0/kerberos.json     | 122 -------------------
 .../common-services/AMS/0.1.0/metainfo.xml      |   1 -
 .../AMS/0.1.0/package/scripts/ams.py            |  20 +--
 .../AMS/0.1.0/package/scripts/hbase.py          |  18 +--
 .../0.1.0/package/scripts/metric_collector.py   |  64 ----------
 .../AMS/0.1.0/package/scripts/params.py         |  34 ++----
 .../AMS/0.1.0/package/scripts/params_linux.py   |   4 +-
 .../AMS/0.1.0/package/scripts/status_params.py  |  13 +-
 .../templates/ams_collector_jaas.conf.j2        |  26 ----
 .../templates/ams_zookeeper_jaas.conf.j2        |  26 ----
 pom.xml                                         |   3 +-
 16 files changed, 29 insertions(+), 406 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-metrics/ambari-metrics-timelineservice/conf/unix/ambari-metrics-collector
----------------------------------------------------------------------
diff --git a/ambari-metrics/ambari-metrics-timelineservice/conf/unix/ambari-metrics-collector
b/ambari-metrics/ambari-metrics-timelineservice/conf/unix/ambari-metrics-collector
index 1e4d657..4ec13da 100644
--- a/ambari-metrics/ambari-metrics-timelineservice/conf/unix/ambari-metrics-collector
+++ b/ambari-metrics/ambari-metrics-timelineservice/conf/unix/ambari-metrics-collector
@@ -228,7 +228,7 @@ case "$1" in
         rm -f "${PIDFILE}" >/dev/null 2>&1
     fi
 
-    nohup "${JAVA}" "-cp" "/usr/lib/ambari-metrics-collector/*:${COLLECTOR_CONF_DIR}" ${AMS_COLLECTOR_OPTS}
"-Djava.net.preferIPv4Stack=true" "-Dams.log.dir=${AMS_COLLECTOR_LOG_DIR}" "-Dproc_${DAEMON_NAME}"
"${CLASS}" "$@" > $OUTFILE 2>&1 &
+    nohup "${JAVA}" "-cp" "/usr/lib/ambari-metrics-collector/*:${COLLECTOR_CONF_DIR}" "-Djava.net.preferIPv4Stack=true"
"-Dams.log.dir=${AMS_COLLECTOR_LOG_DIR}" "-Dproc_${DAEMON_NAME}" "${CLASS}" "$@" > $OUTFILE
2>&1 &
     PID=$!
     write_pidfile "${PIDFILE}"
     sleep 2

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-env.xml
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-env.xml
index 4bb82e7..8e09cc5 100644
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-env.xml
+++ b/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-env.xml
@@ -68,12 +68,6 @@ export AMS_MONITOR_PID_DIR={{ams_monitor_pid_dir}}
 
 # AMS HBase pid directory
 export AMS_HBASE_PID_DIR={{hbase_pid_dir}}
-
-export AMS_COLLECTOR_OPTS=
-{% if security_enabled %}
-export AMS_COLLECTOR_OPTS="-Djava.security.auth.login.config={{ams_collector_jaas_config_file}}"
-{% endif %}
-
     </value>
   </property>
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-env.xml
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-env.xml
index 4b23d2f..cc84f62 100644
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-env.xml
+++ b/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-env.xml
@@ -120,17 +120,18 @@ export HBASE_MANAGES_ZK=false
 export HBASE_OPTS="$HBASE_OPTS -Djava.security.auth.login.config={{client_jaas_config_file}}"
 export HBASE_MASTER_OPTS="$HBASE_MASTER_OPTS -Djava.security.auth.login.config={{master_jaas_config_file}}"
 export HBASE_REGIONSERVER_OPTS="$HBASE_REGIONSERVER_OPTS -Djava.security.auth.login.config={{regionserver_jaas_config_file}}"
-export HBASE_ZOOKEEPER_OPTS="$HBASE_ZOOKEEPER_OPTS -Djava.security.auth.login.config={{ams_zookeeper_jaas_config_file}}"
 {% endif %}
 
-# use embedded native libs
+#Specify native libraries of installed Hadoop paltform
+#_HADOOP_IN_PATH=$(PATH="${HADOOP_HOME:-${HADOOP_PREFIX}}/bin:$PATH" which hadoop 2>/dev/null)
+#_HADOOP_CLASSPATH="/usr/lib/ams-hbase/lib/*"
+#_HADOOP_JAVA_LIBRARY_PATH=$(HADOOP_CLASSPATH="$_HADOOP_CLASSPATH" ${_HADOOP_IN_PATH} org.apache.hadoop.hbase.util.GetJavaProperty
java.library.path)
+#use embedded native libs
 _HADOOP_NATIVE_LIB="/usr/lib/ams-hbase/lib/hadoop-native/"
 export HBASE_OPTS="$HBASE_OPTS -Djava.library.path=${_HADOOP_NATIVE_LIB}"
 
-{% if disable_hadoop_environment %}
-# Unset HADOOP_HOME to avoid importing HADOOP installed cluster related configs like: /usr/hdp/2.2.0.0-2041/hadoop/conf/
-export HADOOP_HOME=`pwd`	138	export HADOOP_HOME=`pwd`
-{% endif %}
+#"Unsetting" HADOOP_HOME to avoid importing HADOOP installed cluster related configs like:
/usr/hdp/2.2.0.0-2041/hadoop/conf/ 
+export HADOOP_HOME=`pwd`
     </value>
   </property>
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-security-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-security-site.xml
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-security-site.xml
deleted file mode 100644
index 85321f8..0000000
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-security-site.xml
+++ /dev/null
@@ -1,79 +0,0 @@
-<?xml version="1.0"?>
-<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
-<!--
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
--->
-<configuration>
-  <property>
-    <name>ams.zookeeper.keytab</name>
-  </property>
-  <property>
-    <name>ams.zookeeper.principal</name>
-  </property>
-  <property>
-    <name>hadoop.security.authentication</name>
-  </property>
-  <property>
-    <name>hbase.coprocessor.master.classes</name>
-  </property>
-  <property>
-    <name>hbase.coprocessor.region.classes</name>
-  </property>
-  <property>
-    <name>hbase.master.kerberos.principal</name>
-  </property>
-  <property>
-    <name>hbase.master.keytab.file</name>
-  </property>
-  <property>
-    <name>hbase.myclient.keytab</name>
-  </property>
-  <property>
-    <name>hbase.myclient.principal</name>
-  </property>
-  <property>
-    <name>hbase.regionserver.kerberos.principal</name>
-  </property>
-  <property>
-    <name>hbase.regionserver.keytab.file</name>
-  </property>
-  <property>
-    <name>hbase.security.authentication</name>
-  </property>
-  <property>
-    <name>hbase.security.authorization</name>
-  </property>
-  <property>
-    <name>hbase.zookeeper.property.authProvider.1</name>
-  </property>
-  <property>
-    <name>hbase.zookeeper.property.jaasLoginRenew</name>
-  </property>
-  <property>
-    <name>hbase.zookeeper.property.kerberos.removeHostFromPrincipal
-    </name>
-  </property>
-  <property>
-    <name>hbase.zookeeper.property.kerberos.removeRealmFromPrincipal
-    </name>
-  </property>
-  <property>
-    <name>zookeeper.znode.parent</name>
-  </property>
-</configuration>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-site.xml
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-site.xml
index b8c96ca..8de4f30 100644
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-site.xml
+++ b/ambari-server/src/main/resources/common-services/AMS/0.1.0/configuration/ams-hbase-site.xml
@@ -48,7 +48,7 @@
   </property>
   <property>
     <name>hbase.cluster.distributed</name>
-    <value>{{hbase_cluster_distributed}}</value>
+    <value>false</value>
     <description>
       The mode the cluster will be in. Possible values are false for
       standalone mode and true for distributed mode. If false, startup will run
@@ -64,7 +64,7 @@
   </property>
   <property>
     <name>hbase.zookeeper.quorum</name>
-    <value>{{zookeeper_quorum_hosts}}</value>
+    <value>localhost</value>
     <description>Comma separated list of servers in the ZooKeeper Quorum.
       For example, "host1.mydomain.com,host2.mydomain.com,host3.mydomain.com".
       By default this is set to localhost for local and pseudo-distributed modes

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/kerberos.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/kerberos.json b/ambari-server/src/main/resources/common-services/AMS/0.1.0/kerberos.json
deleted file mode 100644
index 7b92469..0000000
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/kerberos.json
+++ /dev/null
@@ -1,122 +0,0 @@
-{
-  "services": [
-    {
-      "name": "AMS",
-      "identities": [
-        {
-          "name": "/spnego"
-        },
-        {
-          "name": "/hdfs"
-        }
-      ],
-      "components": [
-        {
-          "name": "METRIC_COLLECTOR",
-          "identities": [
-            {
-              "name": "ams_hbase_master_hbase",
-              "principal": {
-                "value": "amshbase/_HOST@${realm}",
-                "type": "service",
-                "configuration": "ams-hbase-security-site/hbase.master.kerberos.principal",
-                "local_username": "${ams-hbase-env/hbase_user}"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/ams-hbase.master.keytab",
-                "owner": {
-                  "name": "${ams-hbase-env/hbase_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                },
-                "configuration": "ams-hbase-security-site/hbase.master.keytab.file"
-              }
-            },
-            {
-              "name": "ams_hbase_regionserver_hbase",
-              "principal": {
-                "value": "amshbase/_HOST@${realm}",
-                "type": "service",
-                "configuration": "ams-hbase-security-site/hbase.regionserver.kerberos.principal",
-                "local_username": "${ams-hbase-env/hbase_user}"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/ams-hbase.regionserver.keytab",
-                "owner": {
-                  "name": "${ams-hbase-env/hbase_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                },
-                "configuration": "ams-hbase-security-site/hbase.regionserver.keytab.file"
-              }
-            },
-            {
-              "name": "ams_collector",
-              "principal": {
-                "value": "amshbase/_HOST@${realm}",
-                "type": "service",
-                "configuration": "ams-hbase-security-site/hbase.myclient.principal",
-                "local_username": "${ams-hbase-env/hbase_user}"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/ams.collector.keytab",
-                "owner": {
-                  "name": "${ams-hbase-env/hbase_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                },
-                "configuration": "ams-hbase-security-site/hbase.myclient.keytab"
-              }
-            },
-            {
-              "name": "ams_zookeeper",
-              "principal": {
-                "value": "zookeeper/_HOST@${realm}",
-                "type": "service",
-                "configuration": "ams-hbase-security-site/ams.zookeeper.principal",
-                "local_username": "${ams-hbase-env/hbase_user}"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/zk.service.ams.keytab",
-                "owner": {
-                  "name": "${ams-hbase-env/hbase_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                },
-                "configuration": "ams-hbase-security-site/ams.zookeeper.keytab"
-              }
-            }
-          ],
-          "configurations": [
-            {
-              "ams-hbase-security-site": {
-                "hbase.security.authentication": "kerberos",
-                "hbase.security.authorization": "true",
-                "hadoop.security.authentication": "kerberos",
-                "hbase.coprocessor.master.classes": "org.apache.hadoop.hbase.security.access.AccessController",
-                "hbase.coprocessor.region.classes": "org.apache.hadoop.hbase.security.token.TokenProvider,org.apache.hadoop.hbase.security.access.AccessController",
-                "zookeeper.znode.parent": "/ams-hbase-secure",
-                "hbase.zookeeper.property.kerberos.removeHostFromPrincipal": "true",
-                "hbase.zookeeper.property.kerberos.removeRealmFromPrincipal": "true",
-                "hbase.zookeeper.property.authProvider.1": "org.apache.zookeeper.server.auth.SASLAuthenticationProvider",
-                "hbase.zookeeper.property.jaasLoginRenew": "3600000"
-              }
-            }
-          ]
-        }
-      ]
-    }
-  ]
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/metainfo.xml b/ambari-server/src/main/resources/common-services/AMS/0.1.0/metainfo.xml
index 27b3376..77f57cd 100644
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/metainfo.xml
+++ b/ambari-server/src/main/resources/common-services/AMS/0.1.0/metainfo.xml
@@ -125,7 +125,6 @@
         <config-type>ams-log4j</config-type>
         <config-type>ams-hbase-policy</config-type>
         <config-type>ams-hbase-site</config-type>
-        <config-type>ams-hbase-security-site</config-type>
         <config-type>ams-hbase-env</config-type>
         <config-type>ams-hbase-log4j</config-type>
       </configuration-dependencies>

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/ams.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/ams.py
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/ams.py
index 7d46753..20c4223 100644
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/ams.py
+++ b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/ams.py
@@ -18,7 +18,6 @@ limitations under the License.
 
 """
 
-import os
 from resource_management import *
 from ambari_commons import OSConst
 from service_mapping import *
@@ -50,14 +49,9 @@ def ams(name=None):
               owner=params.ams_user,
     )
 
-    merged_ams_hbase_site = {}
-    merged_ams_hbase_site.update(params.config['configurations']['ams-hbase-site'])
-    if params.security_enabled:
-      merged_ams_hbase_site.update(params.config['configurations']['ams-hbase-security-site'])
-
     XmlConfig( "hbase-site.xml",
                conf_dir = params.ams_collector_conf_dir,
-               configurations = merged_ams_hbase_site,
+               configurations = params.config['configurations']['ams-hbase-site'],
                configuration_attributes=params.config['configuration_attributes']['ams-hbase-site'],
                owner = params.ams_user,
     )
@@ -136,24 +130,14 @@ def ams(name=None):
               group=params.user_group
     )
 
-    merged_ams_hbase_site = {}
-    merged_ams_hbase_site.update(params.config['configurations']['ams-hbase-site'])
-    if params.security_enabled:
-      merged_ams_hbase_site.update(params.config['configurations']['ams-hbase-security-site'])
-
     XmlConfig( "hbase-site.xml",
                conf_dir = params.ams_collector_conf_dir,
-               configurations = merged_ams_hbase_site,
+               configurations = params.config['configurations']['ams-hbase-site'],
                configuration_attributes=params.config['configuration_attributes']['ams-hbase-site'],
                owner = params.ams_user,
                group = params.user_group
     )
 
-    if params.security_enabled:
-      TemplateConfig(os.path.join(params.hbase_conf_dir, "ams_collector_jaas.conf"),
-                     owner = params.ams_user,
-                     template_tag = None)
-
     if (params.log4j_props != None):
       File(format("{params.ams_collector_conf_dir}/log4j.properties"),
            mode=0644,

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/hbase.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/hbase.py
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/hbase.py
index b3bca89..0ccddde 100644
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/hbase.py
+++ b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/hbase.py
@@ -114,14 +114,9 @@ def hbase(name=None # 'master' or 'regionserver' or 'client'
              recursive = True
   )
 
-  merged_ams_hbase_site = {}
-  merged_ams_hbase_site.update(params.config['configurations']['ams-hbase-site'])
-  if params.security_enabled:
-    merged_ams_hbase_site.update(params.config['configurations']['ams-hbase-security-site'])
-
   XmlConfig("hbase-site.xml",
             conf_dir = params.hbase_conf_dir,
-            configurations = merged_ams_hbase_site,
+            configurations = params.config['configurations']['ams-hbase-site'],
             configuration_attributes=params.config['configuration_attributes']['ams-hbase-site'],
             owner = params.hbase_user,
             group = params.user_group
@@ -162,9 +157,7 @@ def hbase(name=None # 'master' or 'regionserver' or 'client'
 
   if params.security_enabled:
     hbase_TemplateConfig( format("hbase_{name}_jaas.conf"), user=params.hbase_user)
-    hbase_TemplateConfig( format("hbase_client_jaas.conf"), user=params.hbase_user)
-    hbase_TemplateConfig( format("ams_zookeeper_jaas.conf"), user=params.hbase_user)
-
+  
   if name in ["master","regionserver"]:
 
     if params.is_hbase_distributed:
@@ -174,13 +167,6 @@ def hbase(name=None # 'master' or 'regionserver' or 'client'
                            owner=params.hbase_user,
                            mode=0775
       )
-
-      params.HdfsDirectory(params.hbase_staging_dir,
-                           action="create_delayed",
-                           owner=params.hbase_user,
-                           mode=0711
-      )
-
       params.HdfsDirectory(None, action="create")
 
     else:

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/metric_collector.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/metric_collector.py
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/metric_collector.py
index 2a2e181..addfc33 100644
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/metric_collector.py
+++ b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/metric_collector.py
@@ -19,9 +19,6 @@ limitations under the License.
 """
 
 from resource_management import *
-from resource_management.libraries.functions.security_commons import build_expectations,
\
-  cached_kinit_executor, get_params_from_filesystem, validate_security_config_properties,
\
-  FILE_TYPE_XML
 from ams import ams
 from ams_service import ams_service
 from hbase import hbase
@@ -59,66 +56,5 @@ class AmsCollector(Script):
     check_service_status(name='collector')
 
 
-  def security_status(self, env):
-    import status_params
-
-    env.set_params(status_params)
-    props_value_check = {"hbase.security.authentication": "kerberos",
-                         "hbase.security.authorization": "true"}
-
-    props_empty_check = ["hbase.zookeeper.property.authProvider.1",
-                         "hbase.master.keytab.file",
-                         "hbase.master.kerberos.principal",
-                         "hbase.regionserver.keytab.file",
-                         "hbase.regionserver.kerberos.principal"
-    ]
-    props_read_check = ['hbase.master.keytab.file', 'hbase.regionserver.keytab.file']
-    ams_hbase_site_expectations = build_expectations('hbase-site', props_value_check,
-                                                     props_empty_check,
-                                                     props_read_check)
-
-    expectations = {}
-    expectations.update(ams_hbase_site_expectations)
-
-    security_params = get_params_from_filesystem(status_params.ams_hbase_conf_dir,
-                                                 {'hbase-site.xml': FILE_TYPE_XML})
-
-    is_hbase_distributed = security_params['hbase-site']['hbase.rootdir'].startswith('hdfs://')
-    # for embedded mode, when HBase is backed by file, security state is SECURED_KERBEROS
by definition when cluster is secured
-    if status_params.security_enabled and not is_hbase_distributed:
-      self.put_structured_out({"securityState": "SECURED_KERBEROS"})
-      return
-
-    result_issues = validate_security_config_properties(security_params, expectations)
-
-    if not result_issues:  # If all validations passed successfully
-      try:
-        # Double check the dict before calling execute
-        if ('hbase-site' not in security_params or
-                'hbase.master.keytab.file' not in security_params['hbase-site'] or
-                'hbase.master.kerberos.principal' not in security_params['hbase-site']):
-          self.put_structured_out({"securityState": "UNSECURED"})
-          self.put_structured_out(
-            {"securityIssuesFound": "Keytab file or principal are not set property."})
-          return
-
-        cached_kinit_executor(status_params.kinit_path_local,
-                              status_params.hbase_user,
-                              security_params['hbase-site']['hbase.master.keytab.file'],
-                              security_params['hbase-site']['hbase.master.kerberos.principal'],
-                              status_params.hostname,
-                              status_params.tmp_dir)
-        self.put_structured_out({"securityState": "SECURED_KERBEROS"})
-      except Exception as e:
-        self.put_structured_out({"securityState": "ERROR"})
-        self.put_structured_out({"securityStateErrorInfo": str(e)})
-    else:
-      issues = []
-      for cf in result_issues:
-        issues.append("Configuration file %s did not pass the validation. Reason: %s" % (
-        cf, result_issues[cf]))
-      self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
-      self.put_structured_out({"securityState": "UNSECURED"})
-
 if __name__ == "__main__":
   AmsCollector().execute()

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/params.py
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/params.py
index eb064f5..c596ddf 100644
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/params.py
+++ b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/params.py
@@ -65,9 +65,7 @@ hbase_root_dir = config['configurations']['ams-hbase-site']['hbase.rootdir']
 is_hbase_distributed = hbase_root_dir.startswith('hdfs://')
 
 # security is disabled for embedded mode, when HBase is backed by file
-security_enabled = False if not is_hbase_distributed else config['configurations']['cluster-env']['security_enabled']
-# if cluster is secured and embedded we have to disable haddop env
-disable_hadoop_environment = config['configurations']['cluster-env']['security_enabled']
and not is_hbase_distributed
+security_enabled = False if not is_hbase_distributed else config['configurations']['cluster-env']['security_enabled']

 
 # this is "hadoop-metrics.properties" for 1.x stacks
 metric_prop_file_name = "hadoop-metrics2-hbase.properties"
@@ -85,9 +83,6 @@ regionserver_xmn_size = calc_xmn_from_xms(regionserver_heapsize, regionserver_xm
 # For embedded mode
 hbase_heapsize = master_heapsize
 
-zookeeper_quorum_hosts = ','.join(ams_collector_hosts) if is_hbase_distributed else 'localhost'
-hbase_cluster_distributed = 'true' if is_hbase_distributed else 'false'
-
 ams_checkpoint_dir = config['configurations']['ams-site']['timeline.metrics.aggregator.checkpoint.dir']
 hbase_pid_dir = status_params.hbase_pid_dir
 hbase_tmp_dir = config['configurations']['ams-hbase-site']['hbase.tmp.dir']
@@ -107,30 +102,21 @@ service_check_data = functions.get_unique_id_and_date()
 user_group = config['configurations']['cluster-env']["user_group"]
 hadoop_user = "hadoop"
 
-kinit_cmd = ""
-
 if security_enabled:
   _hostname_lowercase = config['hostname'].lower()
+  master_jaas_princ = default('/configurations/ams-hbase-site/hbase.master.kerberos.principal',
'hbase/_HOST@EXAMPLE.COM').replace('_HOST',_hostname_lowercase)
+  regionserver_jaas_princ = default('/configurations/ams-hbase-site/hbase.regionserver.kerberos.principal',
'hbase/_HOST@EXAMPLE.COM').replace('_HOST',_hostname_lowercase)
 
-  client_jaas_config_file = format("{hbase_conf_dir}/hbase_client_jaas.conf")
+  master_keytab_path = config['configurations']['ams-hbase-site']['hbase.master.keytab.file']
+  regionserver_keytab_path = config['configurations']['ams-hbase-site']['hbase.regionserver.keytab.file']
   smoke_user_keytab = config['configurations']['cluster-env']['smokeuser_keytab']
   hbase_user_keytab = config['configurations']['ams-hbase-env']['hbase_user_keytab']
+  kinit_path_local = functions.get_kinit_path(["/usr/bin", "/usr/kerberos/bin", "/usr/sbin"])
 
-  ams_collector_jaas_config_file = format("{hbase_conf_dir}/ams_collector_jaas.conf")
-  ams_collector_keytab_path = config['configurations']['ams-hbase-security-site']['hbase.myclient.keytab']
-  ams_collector_jaas_princ = config['configurations']['ams-hbase-security-site']['hbase.myclient.principal'].replace('_HOST',_hostname_lowercase)
-
-  ams_zookeeper_jaas_config_file = format("{hbase_conf_dir}/ams_zookeeper_jaas.conf")
-  ams_zookeeper_keytab = config['configurations']['ams-hbase-security-site']['ams.zookeeper.keytab']
-  ams_zookeeper_principal_name = config['configurations']['ams-hbase-security-site']['ams.zookeeper.principal'].replace('_HOST',_hostname_lowercase)
-
-  master_jaas_config_file = format("{hbase_conf_dir}/hbase_master_jaas.conf")
-  master_keytab_path = config['configurations']['ams-hbase-security-site']['hbase.master.keytab.file']
-  master_jaas_princ = config['configurations']['ams-hbase-security-site']['hbase.master.kerberos.principal'].replace('_HOST',_hostname_lowercase)
-
-  regionserver_jaas_config_file = format("{hbase_conf_dir}/hbase_regionserver_jaas.conf")
-  regionserver_keytab_path = config['configurations']['ams-hbase-security-site']['hbase.regionserver.keytab.file']
-  regionserver_jaas_princ = config['configurations']['ams-hbase-security-site']['hbase.regionserver.kerberos.principal'].replace('_HOST',_hostname_lowercase)
+if security_enabled:
+   kinit_cmd = format("{kinit_path_local} -kt {hbase_user_keytab} {hbase_user};")
+else:
+   kinit_cmd = ""
 
 #log4j.properties
 if (('ams-hbase-log4j' in config['configurations']) and ('content' in config['configurations']['ams-hbase-log4j'])):

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/params_linux.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/params_linux.py
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/params_linux.py
index 44d90b7..c67f75c 100644
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/params_linux.py
+++ b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/params_linux.py
@@ -20,12 +20,12 @@ limitations under the License.
 
 from resource_management import *
 from ambari_commons import OSCheck
-
+import status_params
 config = Script.get_config()
 
 ams_collector_conf_dir = "/etc/ambari-metrics-collector/conf"
 ams_monitor_conf_dir = "/etc/ambari-metrics-monitor/conf/"
-ams_user = config['configurations']['ams-env']['ams_user']
+ams_user = status_params.ams_user
 #RPM versioning support
 rpm_version = default("/configurations/hadoop-env/rpm_version", None)
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/status_params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/status_params.py
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/status_params.py
index 947c992..a19034c 100644
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/status_params.py
+++ b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/scripts/status_params.py
@@ -20,20 +20,11 @@ limitations under the License.
 
 from resource_management import *
 
-from ambari_commons import OSCheck
-if OSCheck.is_windows_family():
-    from params_windows import *
-else:
-    from params_linux import *
+config = Script.get_config()
 
 hbase_pid_dir = config['configurations']['ams-hbase-env']['hbase_pid_dir']
+ams_user = config['configurations']['ams-env']['ams_user']
 hbase_user = ams_user
 ams_collector_pid_dir = config['configurations']['ams-env']['ams_collector_pid_dir']
 ams_monitor_pid_dir = config['configurations']['ams-env']['ams_monitor_pid_dir']
 
-security_enabled = config['configurations']['cluster-env']['security_enabled']
-ams_hbase_conf_dir = format("{hbase_conf_dir}")
-
-kinit_path_local = functions.get_kinit_path(["/usr/bin", "/usr/kerberos/bin", "/usr/sbin"])
-hostname = config['hostname']
-tmp_dir = Script.get_tmp_dir()

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/templates/ams_collector_jaas.conf.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/templates/ams_collector_jaas.conf.j2
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/templates/ams_collector_jaas.conf.j2
deleted file mode 100644
index 9ce7cd7..0000000
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/templates/ams_collector_jaas.conf.j2
+++ /dev/null
@@ -1,26 +0,0 @@
-{#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#}
-
-Client {
-com.sun.security.auth.module.Krb5LoginModule required
-useKeyTab=true
-storeKey=true
-useTicketCache=false
-keyTab="{{ams_collector_keytab_path}}"
-principal="{{ams_collector_jaas_princ}}";
-};
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/templates/ams_zookeeper_jaas.conf.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/templates/ams_zookeeper_jaas.conf.j2
b/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/templates/ams_zookeeper_jaas.conf.j2
deleted file mode 100644
index f1750b9..0000000
--- a/ambari-server/src/main/resources/common-services/AMS/0.1.0/package/templates/ams_zookeeper_jaas.conf.j2
+++ /dev/null
@@ -1,26 +0,0 @@
-{#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#}
-
-Server {
-com.sun.security.auth.module.Krb5LoginModule required
-useKeyTab=true
-storeKey=true
-useTicketCache=false
-keyTab="{{ams_zookeeper_keytab}}"
-principal="{{ams_zookeeper_principal_name}}";
-};
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ambari/blob/7f67f34c/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index b05fb29..d33828b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -271,8 +271,7 @@
             <exclude>ambari-metrics/ambari-metrics-timelineservice/src/test/resources/lib/org/apache/phoenix/phoenix-core-tests/4.2.0/phoenix-core-tests-4.2.0.pom</exclude>
             <exclude>ambari-metrics/ambari-metrics-timelineservice/src/test/resources/lib/org/apache/phoenix/phoenix-core-tests/maven-metadata-local.xml</exclude>
             <exclude>ambari-metrics/*/target/**</exclude>
-            <!-- ignore .settings and .project  -->
-            <exclude>ambari-metrics/**/.*/**</exclude>
+
           </excludes>
         </configuration>
         <executions>


Mime
View raw message