ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From srima...@apache.org
Subject ambari git commit: AMBARI-11919. After wire encryption, KMS client config (hdfs-site.xml and core-site.xml) should be updated to include https in URI
Date Mon, 15 Jun 2015 20:59:38 GMT
Repository: ambari
Updated Branches:
  refs/heads/trunk 780dea082 -> 76499d9cd


AMBARI-11919. After wire encryption, KMS client config (hdfs-site.xml and core-site.xml) should
be updated to include https in URI


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/76499d9c
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/76499d9c
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/76499d9c

Branch: refs/heads/trunk
Commit: 76499d9cdc808cfdf4f6d87cf7867bf510a00563
Parents: 780dea0
Author: Srimanth Gunturi <sgunturi@hortonworks.com>
Authored: Mon Jun 15 10:43:33 2015 -0700
Committer: Srimanth Gunturi <sgunturi@hortonworks.com>
Committed: Mon Jun 15 13:59:26 2015 -0700

----------------------------------------------------------------------
 .../RANGER_KMS/0.5.0.2.3/configuration/ranger-kms-site.xml  | 9 ++++++++-
 .../HDP/2.2/services/HDFS/configuration/core-site.xml       | 4 ++++
 .../HDP/2.2/services/HDFS/configuration/hdfs-site.xml       | 4 ++++
 .../main/resources/stacks/HDP/2.2/services/stack_advisor.py | 8 +++++++-
 .../src/test/python/stacks/2.2/common/test_stack_advisor.py | 5 +++++
 .../app/mappers/configs/stack_config_properties_mapper.js   | 3 +++
 6 files changed, 31 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/76499d9c/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/configuration/ranger-kms-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/configuration/ranger-kms-site.xml
b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/configuration/ranger-kms-site.xml
index 647e2a4..be387ff 100644
--- a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/configuration/ranger-kms-site.xml
+++ b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/configuration/ranger-kms-site.xml
@@ -49,4 +49,11 @@
     <name>xa.webapp.dir</name>
     <value>./webapp</value>
   </property> 
-</configuration>
\ No newline at end of file
+  
+  <property>
+    <name>ranger.service.https.attrib.ssl.enabled</name>
+    <value>false</value>
+    <description></description>
+  </property>
+
+</configuration>

http://git-wip-us.apache.org/repos/asf/ambari/blob/76499d9c/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/core-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/core-site.xml
b/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/core-site.xml
index 12d2789..80a1944 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/core-site.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/core-site.xml
@@ -40,6 +40,10 @@
         <type>hadoop-env</type>
         <name>keyserver_port</name>
       </property>
+      <property>
+        <type>ranger-kms-site</type>
+        <name>ranger.service.https.attrib.ssl.enabled</name>
+      </property>
     </depends-on>
   </property>
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/76499d9c/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/hdfs-site.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/hdfs-site.xml
b/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/hdfs-site.xml
index 35cab99..e42b3f8 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/hdfs-site.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/configuration/hdfs-site.xml
@@ -52,6 +52,10 @@
         <type>hadoop-env</type>
         <name>keyserver_port</name>
       </property>
+      <property>
+        <type>ranger-kms-site</type>
+        <name>ranger.service.https.attrib.ssl.enabled</name>
+      </property>
     </depends-on>
   </property>
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/76499d9c/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py b/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py
index 2380f2e..5b15d76 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py
@@ -217,12 +217,18 @@ class HDP22StackAdvisor(HDP21StackAdvisor):
           keyserverPortString = services["configurations"]["kms-env"]["properties"]["kms_port"]
 
     if keyserverHostsString is not None and len(keyserverHostsString.strip()) > 0:
+      urlScheme = "http"
+      if "ranger-kms-site" in services["configurations"] and \
+          "ranger.service.https.attrib.ssl.enabled" in services["configurations"]["ranger-kms-site"]["properties"]
and \
+          services["configurations"]["ranger-kms-site"]["properties"]["ranger.service.https.attrib.ssl.enabled"].lower()
== "true":
+        urlScheme = "https"
+
       if keyserverPortString is None or len(keyserverPortString.strip()) < 1:
         keyserverPortString = ":9292"
       else:
         keyserverPortString = ":" + keyserverPortString.strip()
       putCoreSiteProperty = self.putProperty(configurations, "core-site", services)
-      kmsPath = "kms://http@" + keyserverHostsString.strip() + keyserverPortString + "/kms"
+      kmsPath = "kms://" + urlScheme + "@" + keyserverHostsString.strip() + keyserverPortString
+ "/kms"
       putCoreSiteProperty("hadoop.security.key.provider.path", kmsPath)
       putHdfsSiteProperty("dfs.encryption.key.provider.uri", kmsPath)
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/76499d9c/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py b/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py
index 9e5a3c0..ab0aa17 100644
--- a/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py
+++ b/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py
@@ -2216,6 +2216,11 @@ class TestHDP22StackAdvisor(TestCase):
     self.stackAdvisor.recommendHDFSConfigurations(configurations, clusterData, services,
hosts)
     self.assertEqual("kms://http@myhost1:2222/kms", configurations["hdfs-site"]["properties"]["dfs.encryption.key.provider.uri"])
 
+    # Test - 'https' in KMS URL
+    configurations["ranger-kms-site"] = {"properties": {"ranger.service.https.attrib.ssl.enabled":
"true"}}
+    self.stackAdvisor.recommendHDFSConfigurations(configurations, clusterData, services,
hosts)
+    self.assertEqual("kms://https@myhost1:2222/kms", configurations["hdfs-site"]["properties"]["dfs.encryption.key.provider.uri"])
+
     # Test 8 - Dynamic maximum for 'dfs.namenode.handler.count'
     hosts['items'][1]['Hosts']['cpu_count'] = 9
     self.stackAdvisor.recommendHDFSConfigurations(configurations, clusterData, services,
hosts)

http://git-wip-us.apache.org/repos/asf/ambari/blob/76499d9c/ambari-web/app/mappers/configs/stack_config_properties_mapper.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/mappers/configs/stack_config_properties_mapper.js b/ambari-web/app/mappers/configs/stack_config_properties_mapper.js
index 1f09343..5913943 100644
--- a/ambari-web/app/mappers/configs/stack_config_properties_mapper.js
+++ b/ambari-web/app/mappers/configs/stack_config_properties_mapper.js
@@ -123,6 +123,9 @@ App.stackConfigPropertiesMapper = App.QuickDataMapper.create({
       if (stackProperty.get('propertyDependedBy.length')) {
         this._setDependentServices(stackProperty, 'propertyDependedBy', service);
       }
+      if (stackProperty.get('propertyDependsOn.length')) {
+        this._setDependentServices(stackProperty, 'propertyDependsOn', service);
+      }
     }, this);
   },
   /**


Mime
View raw message