ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smoha...@apache.org
Subject ambari git commit: AMBARI-12330. Changes in upgrades json and upgradehelper.py for Ranger plugins (Gautam Borad via smohanty)
Date Wed, 08 Jul 2015 18:41:44 GMT
Repository: ambari
Updated Branches:
  refs/heads/branch-2.1 e92499d78 -> 57d853f5c


AMBARI-12330. Changes in upgrades json and upgradehelper.py for Ranger plugins (Gautam Borad via smohanty)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/57d853f5
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/57d853f5
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/57d853f5

Branch: refs/heads/branch-2.1
Commit: 57d853f5cc0e182739b5623a0f6a19c7d0c25a49
Parents: e92499d
Author: Sumit Mohanty <smohanty@hortonworks.com>
Authored: Wed Jul 8 11:39:52 2015 -0700
Committer: Sumit Mohanty <smohanty@hortonworks.com>
Committed: Wed Jul 8 11:41:31 2015 -0700

----------------------------------------------------------------------
 ambari-server/src/main/python/upgradeHelper.py  | 139 +++--
 .../catalog/UpgradeCatalog_2.2_to_2.3.json      | 507 +++++++++++--------
 2 files changed, 402 insertions(+), 244 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/57d853f5/ambari-server/src/main/python/upgradeHelper.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/python/upgradeHelper.py b/ambari-server/src/main/python/upgradeHelper.py
index 2d5a589..dd72bdc 100644
--- a/ambari-server/src/main/python/upgradeHelper.py
+++ b/ambari-server/src/main/python/upgradeHelper.py
@@ -189,7 +189,7 @@ class Options(Const):
   KAFKA_BROKER_CONF = "kafka-broker"
   RANGER_ADMIN = "admin-properties"
   KAFKA_PORT = "port"
-  RANGER_EXTERNAL_URL = "ranger.externalurl"
+  RANGER_EXTERNAL_URL = "policymgr_external_url"
   ZK_CLIENTPORT = "clientPort"
   DELETE_OLD_TAG = "DELETE_OLD"
 
@@ -1057,43 +1057,79 @@ def get_ranger_xaaudit_hdfs_destination_directory():
   return "hdfs://{0}:8020/ranger/audit".format(namenode_hostname)
 
 def get_ranger_policymgr_external_url():
-  url = "{{ranger_external_url}}"
+  url = "{{policymgr_mgr_url}}"
   if Options.server_config_factory is not None and Options.RANGER_ADMIN in Options.server_config_factory.items():
     props = Options.server_config_factory.get_config(Options.RANGER_ADMIN)
     if Options.RANGER_EXTERNAL_URL in props.properties:
       url = props.properties[Options.RANGER_EXTERNAL_URL]
   return url
 
-def get_jdbc_driver(config_name):
+def get_jdbc_driver():
   driver = "{{jdbc_driver}}"
-  if Options.server_config_factory is not None and config_name in Options.server_config_factory.items():
-    props = Options.server_config_factory.get_config(config_name)
-    if "XAAUDIT.DB.FLAVOUR" in props.properties:
-      db = props.properties["XAAUDIT.DB.FLAVOUR"]
+  if Options.server_config_factory is not None and Options.RANGER_ADMIN in Options.server_config_factory.items():
+    props = Options.server_config_factory.get_config(Options.RANGER_ADMIN)
+    if "DB_FLAVOR" in props.properties:
+      db = props.properties["DB_FLAVOR"]
 
-  if db == "mysql":
+  if db.lower() == "mysql":
     driver = "com.mysql.jdbc.Driver"
-  elif db == "oracle":
+  elif db.lower() == "oracle":
     driver = "oracle.jdbc.OracleDriver"
   return driver
 
-def get_audit_jdbc_url(config_name):
+def get_audit_jdbc_url():
   audit_jdbc_url = "{{audit_jdbc_url}}"
-  if Options.server_config_factory is not None and config_name in Options.server_config_factory.items():
-    props = Options.server_config_factory.get_config(config_name)
-    if "XAAUDIT.DB.FLAVOUR" in props.properties:
-      xa_audit_db_flavor = props.properties["XAAUDIT.DB.FLAVOUR"]
-    if "XAAUDIT.DB.HOSTNAME" in props.properties:
-      xa_db_host =  props.properties["XAAUDIT.DB.HOSTNAME"]
-    if "XAAUDIT.DB.DATABASE_NAME" in props.properties:
-      xa_audit_db_name = props.properties["XAAUDIT.DB.DATABASE_NAME"]
-
-  if xa_audit_db_flavor == 'mysql':
+  if Options.server_config_factory is not None and Options.RANGER_ADMIN in Options.server_config_factory.items():
+    props = Options.server_config_factory.get_config(Options.RANGER_ADMIN)
+    if "DB_FLAVOR" in props.properties:
+      xa_audit_db_flavor = props.properties["DB_FLAVOR"]
+    if "db_host" in props.properties:
+      xa_db_host =  props.properties["db_host"]
+    if "audit_db_name" in props.properties:
+      xa_audit_db_name = props.properties["audit_db_name"]
+
+  if xa_audit_db_flavor.lower() == 'mysql':
     audit_jdbc_url = "jdbc:mysql://{0}/{1}".format(xa_db_host, xa_audit_db_name)
-  elif xa_audit_db_flavor == 'oracle':
+  elif xa_audit_db_flavor.lower() == 'oracle':
     audit_jdbc_url = "jdbc:oracle:thin:\@//{0}".format(xa_db_host)
   return audit_jdbc_url
 
+def get_audit_db_passwd():
+  audit_db_passwd = "crypted"
+  if Options.server_config_factory is not None and Options.RANGER_ADMIN in Options.server_config_factory.items():
+    props = Options.server_config_factory.get_config(Options.RANGER_ADMIN)
+    if "audit_db_password" in props.properties:
+      audit_db_passwd = props.properties['audit_db_password']
+  return audit_db_passwd
+
+def get_audit_to_db_enabled(config_name):
+  audit_to_db = "true"
+  if Options.server_config_factory is not None and config_name in Options.server_config_factory.items():
+    props = Options.server_config_factory.get_config(config_name)
+    if "XAAUDIT.DB.IS_ENABLED" in props.properties:
+      audit_to_db = props.properties["XAAUDIT.DB.IS_ENABLED"]
+  return audit_to_db
+
+def get_audit_to_hdfs_enabled(config_name):
+  audit_to_hdfs = "false"
+  if Options.server_config_factory is not None and config_name in Options.server_config_factory.items():
+    props = Options.server_config_factory.get_config(config_name)
+    if "XAAUDIT.HDFS.IS_ENABLED" in props.properties:
+      audit_to_hdfs = props.properties["XAAUDIT.HDFS.IS_ENABLED"]
+  return audit_to_hdfs
+
+def get_hdfs_batch_filespool_dir(config_name, component):
+  if component == 'hdfs':
+    path = '/var/log/hadoop/hdfs/audit/hdfs/spool'
+  else:
+    path = '/var/log/{0}/audit/hdfs/spool'.format(component)
+  if Options.server_config_factory is not None and config_name in Options.server_config_factory.items():
+    props = Options.server_config_factory.get_config(config_name)
+    if "XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY" in props.properties:
+      path = props.properties["XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY"]
+  return path
+
+
 def get_jt_host(catalog):
   """
   :type catalog: UpgradeCatalog
@@ -1174,7 +1210,7 @@ def _substitute_handler(upgrade_catalog, tokens, value):
     elif token == "{RANGER_PLUGIN_HBASE_POLICY_CACHE_DIR}":
       value = value.replace(token, "/etc/ranger/{0}{1}/policycache".format(Options.CLUSTER_NAME, "_hbase"))
     elif token == "{RANGER_PLUGIN_HDFS_POLICY_CACHE_DIR}":
-      value = value.replace(token, "/etc/ranger/{0}{1}/policycache".format(Options.CLUSTER_NAME, "_hdfs"))
+      value = value.replace(token, "/etc/ranger/{0}{1}/policycache".format(Options.CLUSTER_NAME, "_hadoop"))
     elif token == "{RANGER_PLUGIN_HIVE_POLICY_CACHE_DIR}":
       value = value.replace(token, "/etc/ranger/{0}{1}/policycache".format(Options.CLUSTER_NAME, "_hive"))
     elif token == "{RANGER_PLUGIN_KNOX_POLICY_CACHE_DIR}":
@@ -1184,48 +1220,79 @@ def _substitute_handler(upgrade_catalog, tokens, value):
     elif token == "{RANGER_HBASE_KEYSTORE_CREDENTIAL_FILE}":
       value = value.replace(token, "jceks://file/etc/ranger/{0}{1}/cred.jceks".format(Options.CLUSTER_NAME, "_hbase"))
     elif token == "{RANGER_HDFS_KEYSTORE_CREDENTIAL_FILE}":
-      value = value.replace(token, "jceks://file/etc/ranger/{0}{1}/cred.jceks".format(Options.CLUSTER_NAME, "_hdfs"))
+      value = value.replace(token, "jceks://file/etc/ranger/{0}{1}/cred.jceks".format(Options.CLUSTER_NAME, "_hadoop"))
     elif token == "{RANGER_HIVE_KEYSTORE_CREDENTIAL_FILE}":
       value = value.replace(token, "jceks://file/etc/ranger/{0}{1}/cred.jceks".format(Options.CLUSTER_NAME, "_hive"))
     elif token == "{RANGER_KNOX_KEYSTORE_CREDENTIAL_FILE}":
       value = value.replace(token, "jceks://file/etc/ranger/{0}{1}/cred.jceks".format(Options.CLUSTER_NAME, "_knox"))
     elif token == "{RANGER_STORM_KEYSTORE_CREDENTIAL_FILE}":
       value = value.replace(token, "jceks://file/etc/ranger/{0}{1}/cred.jceks".format(Options.CLUSTER_NAME, "_storm"))
-
     elif token == "{XAAUDIT_HDFS_DESTINATION_DIRECTORY}":
       value = value.replace(token, get_ranger_xaaudit_hdfs_destination_directory())
     elif token == "{HBASE_RANGER_REPO_NAME}":
       value = value.replace(token, Options.CLUSTER_NAME+"_hbase")
     elif token == "{HDFS_RANGER_REPO_NAME}":
-      value = value.replace(token, Options.CLUSTER_NAME+"_hdfs")
+      value = value.replace(token, Options.CLUSTER_NAME+"_hadoop")
     elif token == "{HIVE_RANGER_REPO_NAME}":
       value = value.replace(token, Options.CLUSTER_NAME+"_hive")
-    elif token == "{HNOX_RANGER_REPO_NAME}":
+    elif token == "{KNOX_RANGER_REPO_NAME}":
       value = value.replace(token, Options.CLUSTER_NAME+"_knox")
     elif token == "{STORM_RANGER_REPO_NAME}":
       value = value.replace(token, Options.CLUSTER_NAME+"_storm")
     elif token == "{POLICYMGR_MGR_URL}":
       value = value.replace(token, get_ranger_policymgr_external_url())
     elif token == "{HDFS_JDBC_DRIVER}":
-      value = value.replace(token, get_jdbc_driver("ranger-hdfs-plugin-properties"))
+      value = value.replace(token, get_jdbc_driver())
     elif token == "{HBASE_JDBC_DRIVER}":
-      value = value.replace(token, get_jdbc_driver("ranger-hbase-plugin-properties"))
+      value = value.replace(token, get_jdbc_driver())
     elif token == "{HIVE_JDBC_DRIVER}":
-      value = value.replace(token, get_jdbc_driver("ranger-hive-plugin-properties"))
+      value = value.replace(token, get_jdbc_driver())
     elif token == "{KNOX_JDBC_DRIVER}":
-      value = value.replace(token, get_jdbc_driver("ranger-knox-plugin-properties"))
+      value = value.replace(token, get_jdbc_driver())
     elif token == "{STORM_JDBC_DRIVER}":
-      value = value.replace(token, get_jdbc_driver("ranger-storm-plugin-properties"))
+      value = value.replace(token, get_jdbc_driver())
     elif token == "{HDFS_AUDIT_JDBC_URL}":
-      value = value.replace(token, get_audit_jdbc_url("ranger-hdfs-plugin-properties"))
+      value = value.replace(token, get_audit_jdbc_url())
     elif token == "{HBASE_AUDIT_JDBC_URL}":
-      value = value.replace(token, get_audit_jdbc_url("ranger-hbase-plugin-properties"))
+      value = value.replace(token, get_audit_jdbc_url())
     elif token == "{HIVE_AUDIT_JDBC_URL}":
-      value = value.replace(token, get_audit_jdbc_url("ranger-hive-plugin-properties"))
+      value = value.replace(token, get_audit_jdbc_url())
     elif token == "{KNOX_AUDIT_JDBC_URL}":
-      value = value.replace(token, get_audit_jdbc_url("ranger-knox-plugin-properties"))
+      value = value.replace(token, get_audit_jdbc_url())
     elif token == "{STORM_AUDIT_JDBC_URL}":
-      value = value.replace(token, get_audit_jdbc_url("ranger-storm-plugin-properties"))
+      value = value.replace(token, get_audit_jdbc_url())
+    elif token == "{AUDIT_DB_PASSWD}":
+      value = value.replace(token, get_audit_db_passwd())
+    elif token == "{AUDIT_TO_DB_HDFS}":
+      value = value.replace(token, get_audit_to_db_enabled("ranger-hdfs-plugin-properties"))
+    elif token == "{AUDIT_TO_DB_HBASE}":
+      value = value.replace(token, get_audit_to_db_enabled("ranger-hbase-plugin-properties"))
+    elif token == "{AUDIT_TO_DB_HIVE}":
+      value = value.replace(token, get_audit_to_db_enabled("ranger-hive-plugin-properties"))
+    elif token == "{AUDIT_TO_DB_KNOX}":
+      value = value.replace(token, get_audit_to_db_enabled("ranger-knox-plugin-properties"))
+    elif token == "{AUDIT_TO_DB_STORM}":
+      value = value.replace(token, get_audit_to_db_enabled("ranger-storm-plugin-properties"))
+    elif token == "{AUDIT_TO_HDFS_HDFS}":
+      value = value.replace(token, get_audit_to_hdfs_enabled("ranger-hdfs-plugin-properties"))
+    elif token == "{AUDIT_TO_HDFS_HIVE}":
+      value = value.replace(token, get_audit_to_hdfs_enabled("ranger-hive-plugin-properties"))
+    elif token == "{AUDIT_TO_HDFS_HBASE}":
+      value = value.replace(token, get_audit_to_hdfs_enabled("ranger-hbase-plugin-properties"))
+    elif token == "{AUDIT_TO_HDFS_KNOX}":
+      value = value.replace(token, get_audit_to_hdfs_enabled("ranger-knox-plugin-properties"))
+    elif token == "{AUDIT_TO_HDFS_STORM}":
+      value = value.replace(token, get_audit_to_hdfs_enabled("ranger-storm-plugin-properties"))
+    elif token == "{AUDIT_HDFS_FILESPOOL_DIR_HDFS}":
+      value = value.replace(token, get_hdfs_batch_filespool_dir("ranger-hdfs-plugin-properties", "hdfs"))
+    elif token == "{AUDIT_HDFS_FILESPOOL_DIR_HIVE}":
+      value = value.replace(token, get_hdfs_batch_filespool_dir("ranger-hive-plugin-properties", "hive"))
+    elif token == "{AUDIT_HDFS_FILESPOOL_DIR_HBASE}":
+      value = value.replace(token, get_hdfs_batch_filespool_dir("ranger-hbase-plugin-properties", "hbase"))
+    elif token == "{AUDIT_HDFS_FILESPOOL_DIR_KNOX}":
+      value = value.replace(token, get_hdfs_batch_filespool_dir("ranger-knox-plugin-properties", "knox"))
+    elif token == "{AUDIT_HDFS_FILESPOOL_DIR_STORM}":
+      value = value.replace(token, get_hdfs_batch_filespool_dir("ranger-storm-plugin-properties", "storm"))
 
   return value
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/57d853f5/ambari-server/src/main/resources/upgrade/catalog/UpgradeCatalog_2.2_to_2.3.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/upgrade/catalog/UpgradeCatalog_2.2_to_2.3.json b/ambari-server/src/main/resources/upgrade/catalog/UpgradeCatalog_2.2_to_2.3.json
index 139d1ce..5b10230 100644
--- a/ambari-server/src/main/resources/upgrade/catalog/UpgradeCatalog_2.2_to_2.3.json
+++ b/ambari-server/src/main/resources/upgrade/catalog/UpgradeCatalog_2.2_to_2.3.json
@@ -115,10 +115,50 @@
                     "merged-copy": "yes",
                     "required-services": ["RANGER","STORM"]
                   },
-                  "ranger-storm-plugin-properties": {
+                  "ranger-storm-plugin-properties" : {
                     "merged-copy": "yes",
                     "required-services": ["RANGER","STORM"]
                   },
+                  "ranger-kafka-policymgr-ssl" : {
+                    "merged-copy": "yes",
+                    "required-services": ["RANGER","KAFKA"]
+                  },
+                  "ranger-kafka-security" : {
+                    "merged-copy": "yes",
+                    "required-services": ["RANGER","KAFKA"]
+                  },
+                  "ranger-kafka-audit" : {
+                    "merged-copy": "yes",
+                    "required-services": ["RANGER","KAFKA"]
+                  },
+                  "ranger-kafka-plugin-properties" : {
+                    "merged-copy": "yes",
+                    "required-services": ["RANGER","KAFKA"]
+                  },
+                  "ranger-yarn-policymgr-ssl" : {
+                    "merged-copy": "yes",
+                    "required-services": ["RANGER","YARN"]
+                  },
+                  "ranger-yarn-security" : {
+                    "merged-copy": "yes",
+                    "required-services": ["RANGER","YARN"]
+                  },
+                  "ranger-yarn-audit" : {
+                    "merged-copy": "yes",
+                    "required-services": ["RANGER","YARN"]
+                  },
+                  "ranger-yarn-plugin-properties" : {
+                    "merged-copy": "yes",
+                    "required-services": ["RANGER","YARN"]
+                  },
+                  "kafka-env" : {
+                    "merged-copy": "yes",
+                    "required-services": ["KAFKA"]
+                  },
+                  "yarn-env" : {
+                    "merged-copy": "yes",
+                    "required-services": ["YARN"]
+                  },
                     "admin-properties": {
                         "merged-copy": "yes",
                         "required-services": [
@@ -225,35 +265,35 @@
                   "xasecure.policymgr.clientssl.keystore.credential.file": {
                     "value": "{RANGER_HDFS_KEYSTORE_CREDENTIAL_FILE}",
                     "template": "yes",
-                    "required-services": ["RANGER"]
+                    "required-services": ["RANGER", "HDFS"]
                   },
                   "xasecure.policymgr.clientssl.truststore.credential.file": {
                     "value": "{RANGER_HDFS_KEYSTORE_CREDENTIAL_FILE}",
                     "template": "yes",
-                    "required-services": ["RANGER"]
+                    "required-services": ["RANGER", "HDFS"]
                   }
                 },
                 "ranger-hdfs-security": {
                   "ranger.plugin.hdfs.policy.source.impl": {
                     "value": "org.apache.ranger.admin.client.RangerAdminRESTClient",
-                    "required-services": ["RANGER"]
+                    "required-services": ["RANGER", "HDFS"]
                   },
                   "ranger.plugin.hdfs.policy.rest.ssl.config.file": {
                     "value": "/usr/hdp/current/hadoop-client/conf/ranger-policymgr-ssl.xml",
-                    "required-services": ["RANGER"]
+                    "required-services": ["RANGER", "HDFS"]
                   },
                   "ranger.plugin.hdfs.policy.pollIntervalMs": {
                     "value": "30000",
-                    "required-services": ["RANGER"]
+                    "required-services": ["RANGER", "HDFS"]
                   },
                   "ranger.plugin.hdfs.policy.cache.dir": {
                     "value": "{RANGER_PLUGIN_HDFS_POLICY_CACHE_DIR}",
                     "template": "yes",
-                    "required-services": ["RANGER"]
+                    "required-services": ["RANGER", "HDFS"]
                   },
                   "xasecure.add-hadoop-authorization": {
-                    "value": "TRUE",
-                    "required-services": ["RANGER"]
+                    "value": "true",
+                    "required-services": ["RANGER", "HDFS"]
                   }
                 },
                 "ranger-hdfs-audit": {
@@ -263,7 +303,7 @@
                     "required-services": ["RANGER"]
                   },
                   "xasecure.audit.destination.solr": {
-                    "value": "FALSE",
+                    "value": "false",
                     "required-services": ["RANGER"]
                   },
                   "xasecure.audit.destination.solr.urls": {
@@ -280,10 +320,12 @@
                   },
                   "xasecure.audit.destination.db.jdbc.driver": {
                     "value": "{HDFS_JDBC_DRIVER}",
+                    "template": "yes",
                     "required-services": ["RANGER"]
                   },
                   "xasecure.audit.destination.db.jdbc.url": {
                     "value": "{HDFS_AUDIT_JDBC_URL}",
+                    "template": "yes",
                     "required-services": ["RANGER"]
                   },
                   "xasecure.audit.provider.summary.enabled": {
@@ -291,7 +333,26 @@
                     "required-services": ["RANGER"]
                   },
                   "xasecure.audit.destination.db.batch.filespool.dir": "/var/log/hadoop/hdfs/audit/db/spool",
-                  "xasecure.audit.is.enabled": "true"
+                  "xasecure.audit.is.enabled": "true",
+                  "xasecure.audit.destination.db.password" : {
+                    "value": "{AUDIT_DB_PASSWD}",
+                    "template": "yes",
+                    "required-services": ["RANGER"]
+                  },
+                  "xasecure.audit.destination.db" : {
+                    "value" : "{AUDIT_TO_DB_HDFS}",
+                    "template" : "yes",
+                    "required-services": ["RANGER"]
+                  },
+                  "xasecure.audit.destination.hdfs" : {
+                    "value" : "{AUDIT_TO_HDFS_HDFS}",
+                    "template" : "yes",
+                    "required-services" : ["RANGER"]
+                  },
+                  "xasecure.audit.destination.hdfs.batch.filespool.dir" : {
+                    "value" : "{AUDIT_HDFS_FILESPOOL_DIR_HDFS}",
+                    "template" : "yes"
+                  }
                 },
               "ranger-hdfs-plugin-properties": {
                 "XAAUDIT.HDFS.DESTINTATION_FILE": {
@@ -333,12 +394,22 @@
                 }
               },
               "ranger-hbase-security": {
-                "ranger.plugin.hbase.policy.source.impl": "org.apache.ranger.admin.client.RangerAdminRESTClient",
-                "ranger.plugin.hbase.policy.rest.ssl.config.file": "/usr/hdp/current/hbase-client/conf/ranger-policymgr-ssl.xml",
-                "ranger.plugin.hbase.policy.pollIntervalMs": "30000",
+                "ranger.plugin.hbase.policy.source.impl": {
+                  "value":"org.apache.ranger.admin.client.RangerAdminRESTClient",
+                  "required-services": ["RANGER", "HBASE"]
+                },
+                "ranger.plugin.hbase.policy.rest.ssl.config.file": {
+                  "value":"/usr/hdp/current/hbase-client/conf/ranger-policymgr-ssl.xml",
+                  "required-services": ["RANGER", "HBASE"]
+                },
+                "ranger.plugin.hbase.policy.pollIntervalMs": {
+                  "value":"30000",
+                  "required-services": ["RANGER", "HBASE"]
+                },
                 "ranger.plugin.hbase.policy.cache.dir": {
                   "value": "{RANGER_PLUGIN_HBASE_POLICY_CACHE_DIR}",
-                  "template": "yes"
+                  "template": "yes",
+                  "required-services": ["RANGER", "HBASE"]
                 }
               },
               "ranger-hbase-audit": {
@@ -347,7 +418,7 @@
                   "template": "yes"
                 },
                 "xasecure.audit.destination.solr": {
-                  "value": "TRUE"
+                  "value": "false"
                 },
                 "xasecure.audit.destination.solr.urls": {
                   "value": "{{ranger_audit_solr_urls}}"
@@ -359,16 +430,34 @@
                   "value": "/var/log/hbase/audit/solr/spool"
                 },
                 "xasecure.audit.destination.db.jdbc.driver": {
-                  "value": "{HBASE_JDBC_DRIVER}"
+                  "value": "{HBASE_JDBC_DRIVER}",
+                  "template": "yes"
                 },
                 "xasecure.audit.destination.db.jdbc.url": {
-                  "value": "{HBASE_AUDIT_JDBC_URL}"
+                  "value": "{HBASE_AUDIT_JDBC_URL}",
+                  "template": "yes"
                 },
                 "xasecure.audit.provider.summary.enabled": {
-                  "value": ""
+                  "value": "true"
                 },
                 "xasecure.audit.destination.db.batch.filespool.dir": "/var/log/hbase/audit/db/spool",
-                "xasecure.audit.is.enabled": "true"
+                "xasecure.audit.is.enabled": "true",
+                "xasecure.audit.destination.db.password" : {
+                  "value": "{AUDIT_DB_PASSWD}",
+                  "template": "yes"
+                },
+                "xasecure.audit.destination.db" : {
+                  "value" : "{AUDIT_TO_DB_HBASE}",
+                  "template" : "yes"
+                },
+                "xasecure.audit.destination.hdfs" : {
+                  "value" : "{AUDIT_TO_HDFS_HBASE}",
+                  "template" : "yes"
+                },
+                "xasecure.audit.destination.hdfs.batch.filespool.dir" : {
+                  "value" : "{AUDIT_HDFS_FILESPOOL_DIR_HBASE}",
+                  "template" : "yes"
+                }
               },
               "ranger-hbase-plugin-properties": {
                 "XAAUDIT.HDFS.DESTINTATION_FILE": {
@@ -413,11 +502,8 @@
                 }
               },
               "ranger-hive-security": {
-                "ranger.plugin.hive.policy.rest.url": {
-                  "value": "{POLICYMGR_MGR_URL}",
-                  "template": "yes"
-                },
-                "ranger.plugin.hive.policy.rest.ssl.config.file": "/etc/hive/conf/conf.server/ranger-policymgr-ssl.xml",
+                "ranger.plugin.hive.policy.source.impl": "org.apache.ranger.admin.client.RangerAdminRESTClient",
+                "ranger.plugin.hive.policy.rest.ssl.config.file": "usr/hdp/current/hive-server2/conf/conf.server/ranger-policymgr-ssl.xml",
                 "ranger.plugin.hive.policy.pollIntervalMs": "30000",
                 "ranger.plugin.hive.policy.cache.dir": {
                   "value": "{RANGER_PLUGIN_HIVE_POLICY_CACHE_DIR}",
@@ -442,16 +528,34 @@
                   "value": "/var/log/hive/audit/solr/spool"
                 },
                 "xasecure.audit.destination.db.jdbc.driver": {
-                  "value": "{HIVE_JDBC_DRIVER}"
+                  "value": "{HIVE_JDBC_DRIVER}",
+                  "template": "yes"
                 },
                 "xasecure.audit.destination.db.jdbc.url": {
-                  "value": "{HIVE_AUDIT_JDBC_URL}"
+                  "value": "{HIVE_AUDIT_JDBC_URL}",
+                  "template": "yes"
                 },
                 "xasecure.audit.provider.summary.enabled": {
-                  "value": ""
+                  "value": "false"
                 },
                 "xasecure.audit.destination.db.batch.filespool.dir": "/var/log/hive/audit/db/spool",
-                "xasecure.audit.is.enabled": "true"
+                "xasecure.audit.is.enabled": "true",
+                "xasecure.audit.destination.db.password" : {
+                    "value": "{AUDIT_DB_PASSWD}",
+                    "template": "yes"
+                },
+                "xasecure.audit.destination.db" : {
+                  "value" : "{AUDIT_TO_DB_HIVE}",
+                  "template" : "yes"
+                },
+                "xasecure.audit.destination.hdfs" : {
+                  "value" : "{AUDIT_TO_HDFS_HIVE}",
+                  "template" : "yes"
+                },
+                "xasecure.audit.destination.hdfs.batch.filespool.dir" : {
+                  "value" : "{AUDIT_HDFS_FILESPOOL_DIR_HIVE}",
+                  "template" : "yes"
+                }
               },
               "ranger-hive-plugin-properties": {
                 "XAAUDIT.HDFS.DESTINTATION_FILE": {
@@ -521,16 +625,34 @@
                   "value": "/var/log/knox/audit/solr/spool"
                 },
                 "xasecure.audit.destination.db.jdbc.driver": {
-                  "value": "{KNOX_JDBC_DRIVER}"
+                  "value": "{KNOX_JDBC_DRIVER}",
+                  "template": "yes"
                 },
                 "xasecure.audit.destination.db.jdbc.url": {
-                  "value": "{KNOX_AUDIT_JDBC_URL}"
+                  "value": "{KNOX_AUDIT_JDBC_URL}",
+                  "template": "yes"
                 },
                 "xasecure.audit.provider.summary.enabled": {
-                  "value": ""
+                  "value": "false"
                 },
                 "xasecure.audit.destination.db.batch.filespool.dir": "/var/log/knox/audit/db/spool",
-                "xasecure.audit.is.enabled": "true"
+                "xasecure.audit.is.enabled": "true",
+                "xasecure.audit.destination.db.password" : {
+                  "value": "{AUDIT_DB_PASSWD}",
+                  "template": "yes"
+                },
+                "xasecure.audit.destination.db" : {
+                  "value" : "{AUDIT_TO_DB_KNOX}",
+                  "template" : "yes"
+                },
+                "xasecure.audit.destination.hdfs" : {
+                  "value" : "{AUDIT_TO_HDFS_KNOX}",
+                  "template" : "yes"
+                },
+                "xasecure.audit.destination.hdfs.batch.filespool.dir" : {
+                  "value" : "{AUDIT_HDFS_FILESPOOL_DIR_KNOX}",
+                  "template" : "yes"
+                }
               },
               "ranger-knox-plugin-properties": {
                 "XAAUDIT.HDFS.DESTINTATION_FILE": {
@@ -561,9 +683,6 @@
                   "remove": "yes"
                 }
               },
-
-
-
               "ranger-storm-policymgr-ssl": {
                 "xasecure.policymgr.clientssl.keystore.credential.file": {
                   "value": "{RANGER_STORM_KEYSTORE_CREDENTIAL_FILE}",
@@ -603,16 +722,34 @@
                   "value": "/var/log/storm/audit/solr/spool"
                 },
                 "xasecure.audit.destination.db.jdbc.driver": {
-                  "value": "{STORM_JDBC_DRIVER}"
+                  "value": "{STORM_JDBC_DRIVER}",
+                  "template": "yes"
                 },
                 "xasecure.audit.destination.db.jdbc.url": {
-                  "value": "{STORM_AUDIT_JDBC_URL}"
+                  "value": "{STORM_AUDIT_JDBC_URL}",
+                  "template": "yes"
                 },
                 "xasecure.audit.provider.summary.enabled": {
-                  "value": ""
+                  "value": "false"
                 },
                 "xasecure.audit.destination.db.batch.filespool.dir": "/var/log/storm/audit/db/spool",
-                "xasecure.audit.is.enabled": "true"
+                "xasecure.audit.is.enabled": "true",
+                "xasecure.audit.destination.db.password" : {
+                  "value": "{AUDIT_DB_PASSWD}",
+                  "template": "yes"
+                },
+                "xasecure.audit.destination.db" : {
+                  "value" : "{AUDIT_TO_DB_STORM}",
+                  "template" : "yes"
+                },
+                "xasecure.audit.destination.hdfs" : {
+                  "value" : "AUDIT_TO_HDFS_STORM",
+                  "template" : "yes"
+                },
+                "xasecure.audit.destination.hdfs.batch.filespool.dir" : {
+                  "value" : "{AUDIT_HDFS_FILESPOOL_DIR_STORM}",
+                  "template" : "yes"
+                }
               },
               "ranger-storm-plugin-properties": {
                 "XAAUDIT.HDFS.DESTINTATION_FILE": {
@@ -643,6 +780,105 @@
                   "remove": "yes"
                 }
               },
+              "ranger-kafka-plugin-properties" : {
+                "policy_user" : "ambari-qa",
+                "hadoop.rpc.protection":"",
+                "common.name.for.certificate":"",
+                "zookeeper.connect":"localhost:2181",
+                "ranger-kafka-plugin-enabled":"No",
+                "REPOSITORY_CONFIG_USERNAME":"kafka",
+                "REPOSITORY_CONFIG_PASSWORD":"kafka"
+              },
+              "ranger-kafka-policymgr-ssl" : {
+                "xasecure.policymgr.clientssl.keystore" : "/usr/hdp/current/kafka-broker/config/ranger-plugin-keystore.jks",
+                "xasecure.policymgr.clientssl.keystore.password" : "myKeyFilePassword",
+                "xasecure.policymgr.clientssl.truststore" : "/usr/hdp/current/kafka-broker/config/ranger-plugin-truststore.jks",
+                "xasecure.policymgr.clientssl.truststore.password" : "changeit",
+                "xasecure.policymgr.clientssl.keystore.credential.file" : "jceks://file/{{credential_file}}",
+                "xasecure.policymgr.clientssl.truststore.credential.file" : "jceks://file/{{credential_file}}"
+              },
+              "ranger-kafka-audit" : {
+                "xasecure.audit.is.enabled" : "true",
+                "xasecure.audit.destination.db" : "false",
+                "xasecure.audit.destination.db.jdbc.url" : "{{audit_jdbc_url}}",
+                "xasecure.audit.destination.db.user" : "{{xa_audit_db_user}}",
+                "xasecure.audit.destination.db.password" : "crypted",
+                "xasecure.audit.destination.db.jdbc.driver" : "{{jdbc_driver}}",
+                "xasecure.audit.credential.provider.file" : "jceks://file{{credential_file}}",
+                "xasecure.audit.destination.db.batch.filespool.dir" : "/var/log/kafka/audit/db/spool",
+                "xasecure.audit.destination.hdfs" : "true",
+                "xasecure.audit.destination.hdfs.dir" : "hdfs://NAMENODE_HOSTNAME:8020/ranger/audit",
+                "xasecure.audit.destination.hdfs.batch.filespool.dir" : "/var/log/kafka/audit/hdfs/spool",
+                "xasecure.audit.destination.solr" : "true",
+                "xasecure.audit.destination.solr.urls" : "{{ranger_audit_solr_urls}}",
+                "xasecure.audit.destination.solr.zookeepers" : "none",
+                "xasecure.audit.destination.solr.batch.filespool.dir" : "/var/log/kafka/audit/solr/spool",
+                "xasecure.audit.provider.summary.enabled" : "true"
+              },
+              "ranger-kafka-security" : {
+                "ranger.plugin.kafka.service.name" : "{{repo_name}}",
+                "ranger.plugin.kafka.policy.source.impl" : "org.apache.ranger.admin.client.RangerAdminRESTClient",
+                "ranger.plugin.kafka.policy.rest.url" : "{{policymgr_mgr_url}}",
+                "ranger.plugin.kafka.policy.rest.ssl.config.file" : "/etc/kafka/conf/ranger-policymgr-ssl.xml",
+                "ranger.plugin.kafka.policy.pollIntervalMs" : "30000",
+                "ranger.plugin.kafka.policy.cache.dir" : "/etc/ranger/{{repo_name}}/policycache"
+              },
+              "kafka-env" : {
+                "is_supported_kafka_ranger" : "true"
+              },
+              "ranger-yarn-plugin-properties" : {
+                "policy_user" : "ambari-qa",
+                "hadoop.rpc.protection":"",
+                "common.name.for.certificate":"",
+                "ranger-yarn-plugin-enabled":"No",
+                "REPOSITORY_CONFIG_USERNAME":"yarn",
+                "REPOSITORY_CONFIG_PASSWORD":"yarn"
+              },
+              "ranger-yarn-policymgr-ssl" : {
+                "xasecure.policymgr.clientssl.keystore" : "/usr/hdp/current/hadoop-client/conf/ranger-yarn-plugin-keystore.jks",
+                "xasecure.policymgr.clientssl.keystore.password" : "myKeyFilePassword",
+                "xasecure.policymgr.clientssl.truststore" : "/usr/hdp/current/hadoop-client/conf/ranger-yarn-plugin-truststore.jks",
+                "xasecure.policymgr.clientssl.truststore.password" : "changeit",
+                "xasecure.policymgr.clientssl.keystore.credential.file" : "jceks://file/{{credential_file}}",
+                "xasecure.policymgr.clientssl.truststore.credential.file" : "jceks://file/{{credential_file}}"
+              },
+              "ranger-yarn-audit" : {
+                "xasecure.audit.is.enabled" : "true",
+                "xasecure.audit.destination.db" : "false",
+                "xasecure.audit.destination.db.jdbc.url" : "{{audit_jdbc_url}}",
+                "xasecure.audit.destination.db.user" : "{{xa_audit_db_user}}",
+                "xasecure.audit.destination.db.password" : "crypted",
+                "xasecure.audit.destination.db.jdbc.driver" : "{{jdbc_driver}}",
+                "xasecure.audit.credential.provider.file" : "jceks://file{{credential_file}}",
+                "xasecure.audit.destination.db.batch.filespool.dir" : "/var/log/hadoop/yarn/audit/db/spool",
+                "xasecure.audit.destination.hdfs" : "true",
+                "xasecure.audit.destination.hdfs.dir" : "hdfs://NAMENODE_HOSTNAME:8020/ranger/audit",
+                "xasecure.audit.destination.hdfs.batch.filespool.dir" : "/var/log/hadoop/yarn/audit/hdfs/spool",
+                "xasecure.audit.destination.solr" : "false",
+                "xasecure.audit.destination.solr.urls" : "{{ranger_audit_solr_urls}}",
+                "xasecure.audit.destination.solr.zookeepers" : "none",
+                "xasecure.audit.destination.solr.batch.filespool.dir" : "/var/log/hadoop/yarn/audit/solr/spool",
+                "xasecure.audit.provider.summary.enabled" : "false"
+              },
+              "ranger-yarn-security" : {
+                "ranger.plugin.yarn.service.name" : "{{repo_name}}",
+                "ranger.plugin.yarn.policy.source.impl" : "org.apache.ranger.admin.client.RangerAdminRESTClient",
+                "ranger.plugin.yarn.policy.rest.url" : "{{policymgr_mgr_url}}",
+                "ranger.plugin.yarn.policy.rest.ssl.config.file" : "/usr/hdp/current/hadoop-client/conf/ranger-policymgr-ssl-yarn.xml",
+                "ranger.plugin.yarn.policy.pollIntervalMs" : "30000",
+                "ranger.plugin.yarn.policy.cache.dir" : "/etc/ranger/{{repo_name}}/policycache"
+              },
+              "yarn-env" : {
+                "is_supported_yarn_ranger" : "true"
+              },
+              "admin-properties" : {
+                "policymgr_http_enabled" : {
+                  "remove": "yes"
+                },
+                "SQL_COMMAND_INVOKER" : {
+                  "remove": "yes"
+                }
+              },
                 "ranger-env": {
                     "oracle_home": {
                         "remove": "yes"
@@ -1119,21 +1355,28 @@
                 "from-catalog": "ranger-hdfs-plugin-properties",
                 "to-catalog": "ranger-hdfs-policymgr-ssl",
                 "default": "/usr/hdp/current/hadoop-client/conf/ranger-plugin-keystore.jks",
-                "required-services": ["RANGER"]
+                "required-services": ["RANGER", "HDFS"]
               },
               "SSL_KEYSTORE_PASSWORD": {
                 "map-to": "xasecure.policymgr.clientssl.keystore.password",
                 "from-catalog": "ranger-hdfs-plugin-properties",
                 "to-catalog": "ranger-hdfs-policymgr-ssl",
                 "default": "myKeyFilePassword",
-                "required-services": ["RANGER"]
+                "required-services": ["RANGER", "HDFS"]
               },
               "SSL_TRUSTSTORE_FILE_PATH": {
                 "map-to": "xasecure.policymgr.clientssl.truststore",
                 "from-catalog": "ranger-hdfs-plugin-properties",
                 "to-catalog": "ranger-hdfs-policymgr-ssl",
-                "default": "/usr/hdp/current/hadoop-client/conf/ranger-plugin-keystore.jks",
-                "required-services": ["RANGER"]
+                "default": "/usr/hdp/current/hadoop-client/conf/ranger-plugin-truststore.jks",
+                "required-services": ["RANGER", "HDFS"]
+              },
+              "SSL_TRUSTSTORE_PASSWORD": {
+                "map-to": "xasecure.policymgr.clientssl.truststore.password",
+                "from-catalog": "ranger-hdfs-plugin-properties",
+                "to-catalog": "ranger-hdfs-policymgr-ssl",
+                "default": "changeit",
+                "required-services": ["RANGER", "HDFS"]
               },
               "POLICY_MGR_URL": {
                 "map-to": "ranger.plugin.hdfs.policy.rest.url",
@@ -1141,7 +1384,7 @@
                 "to-catalog": "ranger-hdfs-security",
                 "default": "{POLICYMGR_MGR_URL}",
                 "template": "yes",
-                "required-services": ["RANGER"]
+                "required-services": ["RANGER", "HDFS"]
               },
               "REPOSITORY_NAME": {
                 "map-to": "ranger.plugin.hdfs.service.name",
@@ -1149,14 +1392,7 @@
                 "to-catalog": "ranger-hdfs-security",
                 "default": "{HDFS_RANGER_REPO_NAME}",
                 "template": "yes",
-                "required-services": ["RANGER"]
-              },
-              "XAAUDIT.DB.IS_ENABLED": {
-                "map-to": "xasecure.audit.destination.db",
-                "from-catalog": "ranger-hdfs-plugin-properties",
-                "to-catalog": "ranger-hdfs-audit",
-                "default": "FALSE",
-                "required-services": ["RANGER"]
+                "required-services": ["RANGER", "HDFS"]
               },
               "XAAUDIT.HDFS.DESTINATION_DIRECTORY": {
                 "map-to": "xasecure.audit.destination.hdfs.dir",
@@ -1164,33 +1400,13 @@
                 "to-catalog": "ranger-hdfs-audit",
                 "default": "{XAAUDIT_HDFS_DESTINATION_DIRECTORY}",
                 "template": "yes",
-                "required-services": ["RANGER"]
-              },
-              "XAAUDIT.HDFS.IS_ENABLED": {
-                "map-to": "xasecure.audit.destination.hdfs",
-                "from-catalog": "ranger-hdfs-plugin-properties",
-                "to-catalog": "ranger-hdfs-audit",
-                "default": "TRUE",
-                "required-services": ["RANGER"]
-              },
-              "XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY": {
-                "map-to": "xasecure.audit.destination.hdfs.batch.filespool.dir",
-                "from-catalog": "ranger-hdfs-plugin-properties",
-                "to-catalog": "ranger-hdfs-audit",
-                "default": "/var/log/hadoop/hdfs/audit/hdfs/spool",
-                "required-services": ["RANGER"]
+                "required-services": ["RANGER", "HDFS"]
               },
               "XAAUDIT.DB.USER_NAME": {
                 "map-to": "xasecure.audit.destination.db.user",
                 "from-catalog": "ranger-hdfs-plugin-properties",
                 "to-catalog": "ranger-hdfs-audit",
-                "required-services": ["RANGER"]
-              },
-              "XAAUDIT.DB.PASSWORD": {
-                "map-to": "xasecure.audit.destination.db.password",
-                "from-catalog": "ranger-hdfs-plugin-properties",
-                "to-catalog": "ranger-hdfs-audit",
-                "required-services": ["RANGER"]
+                "required-services": ["RANGER", "HDFS"]
               },
               "hbase_SSL_KEYSTORE_FILE_PATH": {
                 "map-to": "xasecure.policymgr.clientssl.keystore",
@@ -1249,14 +1465,6 @@
                 "template": "yes",
                 "required-services": ["RANGER", "HBASE"]
               },
-              "hbase_XAAUDIT.DB.IS_ENABLED": {
-                "map-from": "XAAUDIT.DB.IS_ENABLED",
-                "map-to": "xasecure.audit.destination.db",
-                "from-catalog": "ranger-hbase-plugin-properties",
-                "to-catalog": "ranger-hbase-audit",
-                "default": "false",
-                "required-services": ["RANGER", "HBASE"]
-              },
               "hbase_XAAUDIT.HDFS.DESTINATION_DIRECTORY": {
                 "map-from": "XAAUDIT.HDFS.DESTINATION_DIRECTORY",
                 "map-to": "xasecure.audit.destination.hdfs.dir",
@@ -1266,22 +1474,6 @@
                 "template": "yes",
                 "required-services": ["RANGER", "HBASE"]
               },
-              "hbase_XAAUDIT.HDFS.IS_ENABLED": {
-                "map-from": "XAAUDIT.HDFS.IS_ENABLED",
-                "map-to": "xasecure.audit.destination.hdfs",
-                "from-catalog": "ranger-hbase-plugin-properties",
-                "to-catalog": "ranger-hbase-audit",
-                "default": "true",
-                "required-services": ["RANGER", "HBASE"]
-              },
-              "hbase_XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY": {
-                "map-from": "XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY",
-                "map-to": "xasecure.audit.destination.hdfs.batch.filespool.dir",
-                "from-catalog": "ranger-hbase-plugin-properties",
-                "to-catalog": "ranger-hbase-audit",
-                "default": "/var/log/hbase/audit/hdfs/spool",
-                "required-services": ["RANGER", "HBASE"]
-              },
               "hbase_XAAUDIT.DB.USER_NAME": {
                 "map-from": "XAAUDIT.DB.USER_NAME",
                 "map-to": "xasecure.audit.destination.db.user",
@@ -1289,13 +1481,6 @@
                 "to-catalog": "ranger-hbase-audit",
                 "required-services": ["RANGER", "HBASE"]
               },
-              "hbase_XAAUDIT.DB.PASSWORD": {
-                "map-from": "XAAUDIT.DB.PASSWORD",
-                "map-to": "xasecure.audit.destination.db.password",
-                "from-catalog": "ranger-hbase-plugin-properties",
-                "to-catalog": "ranger-hbase-audit",
-                "required-services": ["RANGER", "HBASE"]
-              },
               "hive_SSL_KEYSTORE_FILE_PATH": {
                 "map-to": "xasecure.policymgr.clientssl.keystore",
                 "map-from": "SSL_KEYSTORE_FILE_PATH",
@@ -1317,7 +1502,7 @@
                 "map-from": "SSL_TRUSTSTORE_FILE_PATH",
                 "from-catalog": "ranger-hive-plugin-properties",
                 "to-catalog": "ranger-hive-policymgr-ssl",
-                "default": "/etc/hive/conf/conf.server/ranger-plugin-keystore.jks",
+                "default": "/etc/hive/conf/conf.server/ranger-plugin-truststore.jks",
                 "required-services": ["RANGER", "HIVE"]
               },
               "hive_SSL_TRUSTSTORE_PASSWORD": {
@@ -1338,27 +1523,20 @@
               },
               "hive_POLICY_MGR_URL": {
                 "map-from": "POLICY_MGR_URL",
-                "map-to": "ranger.plugin.hive.service.name",
+                "map-to": "ranger.plugin.hive.policy.rest.url",
                 "from-catalog": "ranger-hive-plugin-properties",
                 "to-catalog": "ranger-hive-security",
-                "default": "{HIVE_RANGER_REPO_NAME}",
+                "default": "{POLICYMGR_MGR_URL}",
                 "template": "yes",
                 "required-services": ["RANGER", "HIVE"]
               },
               "hive_REPOSITORY_NAME": {
                 "map-from": "REPOSITORY_NAME",
-                "map-to": "ranger.plugin.hive.policy.source.impl",
+                "map-to": "ranger.plugin.hive.service.name",
                 "from-catalog": "ranger-hive-plugin-properties",
                 "to-catalog": "ranger-hive-security",
-                "default": "org.apache.ranger.admin.client.RangerAdminRESTClient",
-                "required-services": ["RANGER", "HIVE"]
-              },
-              "hive_XAAUDIT.DB.IS_ENABLED": {
-                "map-from": "XAAUDIT.DB.IS_ENABLED",
-                "map-to": "xasecure.audit.destination.db",
-                "from-catalog": "ranger-hive-plugin-properties",
-                "to-catalog": "ranger-hive-audit",
-                "default": "false",
+                "default": "{HIVE_RANGER_REPO_NAME}",
+                "template" : "yes",
                 "required-services": ["RANGER", "HIVE"]
               },
               "hive_XAAUDIT.HDFS.DESTINATION_DIRECTORY": {
@@ -1370,22 +1548,6 @@
                 "template": "yes",
                 "required-services": ["RANGER", "HIVE"]
               },
-              "hive_XAAUDIT.HDFS.IS_ENABLED": {
-                "map-from": "XAAUDIT.HDFS.IS_ENABLED",
-                "map-to": "xasecure.audit.destination.hdfs",
-                "from-catalog": "ranger-hive-plugin-properties",
-                "to-catalog": "ranger-hive-audit",
-                "default": "true",
-                "required-services": ["RANGER", "HIVE"]
-              },
-              "hive_XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY": {
-                "map-from": "XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY",
-                "map-to": "xasecure.audit.destination.hdfs.batch.filespool.dir",
-                "from-catalog": "ranger-hive-plugin-properties",
-                "to-catalog": "ranger-hive-audit",
-                "default": "/var/log/hive/audit/hdfs/spool",
-                "required-services": ["RANGER", "HIVE"]
-              },
               "hive_XAAUDIT.DB.USER_NAME": {
                 "map-from": "XAAUDIT.DB.USER_NAME",
                 "map-to": "xasecure.audit.destination.db.user",
@@ -1393,13 +1555,6 @@
                 "to-catalog": "ranger-hive-audit",
                 "required-services": ["RANGER", "HIVE"]
               },
-              "hive_XAAUDIT.DB.PASSWORD": {
-                "map-from": "XAAUDIT.DB.PASSWORD",
-                "map-to": "xasecure.audit.destination.db.password",
-                "from-catalog": "ranger-hive-plugin-properties",
-                "to-catalog": "ranger-hive-audit",
-                "required-services": ["RANGER", "HIVE"]
-              },
               "knox_SSL_KEYSTORE_FILE_PATH": {
                 "map-to": "xasecure.policymgr.clientssl.keystore",
                 "map-from": "SSL_KEYSTORE_FILE_PATH",
@@ -1421,7 +1576,7 @@
                 "map-from": "SSL_TRUSTSTORE_FILE_PATH",
                 "from-catalog": "ranger-knox-plugin-properties",
                 "to-catalog": "ranger-knox-policymgr-ssl",
-                "default": "/usr/hdp/current/knox-server/conf/ranger-plugin-keystore.jks",
+                "default": "/usr/hdp/current/knox-server/conf/ranger-plugin-truststore.jks",
                 "required-services": ["RANGER", "KNOX"]
               },
               "knox_SSL_TRUSTSTORE_PASSWORD": {
@@ -1450,14 +1605,6 @@
                 "template": "yes",
                 "required-services": ["RANGER", "KNOX"]
               },
-              "knox_XAAUDIT.DB.IS_ENABLED": {
-                "map-from": "XAAUDIT.DB.IS_ENABLED",
-                "map-to": "xasecure.audit.destination.db",
-                "from-catalog": "ranger-knox-plugin-properties",
-                "to-catalog": "ranger-knox-audit",
-                "default": "false",
-                "required-services": ["RANGER", "KNOX"]
-              },
               "knox_XAAUDIT.HDFS.DESTINATION_DIRECTORY": {
                 "map-from": "XAAUDIT.HDFS.DESTINATION_DIRECTORY",
                 "map-to": "xasecure.audit.destination.hdfs.dir",
@@ -1467,22 +1614,6 @@
                 "template": "yes",
                 "required-services": ["RANGER", "KNOX"]
               },
-              "knox_XAAUDIT.HDFS.IS_ENABLED": {
-                "map-from": "XAAUDIT.HDFS.IS_ENABLED",
-                "map-to": "xasecure.audit.destination.hdfs",
-                "from-catalog": "ranger-knox-plugin-properties",
-                "to-catalog": "ranger-knox-audit",
-                "default": "true",
-                "required-services": ["RANGER", "KNOX"]
-              },
-              "knox_XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY": {
-                "map-from": "XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY",
-                "map-to": "xasecure.audit.destination.hdfs.batch.filespool.dir",
-                "from-catalog": "ranger-knox-plugin-properties",
-                "to-catalog": "ranger-knox-audit",
-                "default": "/var/log/knox/audit/hdfs/spool",
-                "required-services": ["RANGER", "KNOX"]
-              },
               "knox_XAAUDIT.DB.USER_NAME": {
                 "map-from": "XAAUDIT.DB.USER_NAME",
                 "map-to": "xasecure.audit.destination.db.user",
@@ -1490,15 +1621,6 @@
                 "to-catalog": "ranger-knox-audit",
                 "required-services": ["RANGER", "KNOX"]
               },
-              "knox_XAAUDIT.DB.PASSWORD": {
-                "map-from": "XAAUDIT.DB.PASSWORD",
-                "map-to": "xasecure.audit.destination.db.password",
-                "from-catalog": "ranger-knox-plugin-properties",
-                "to-catalog": "ranger-knox-audit",
-                "required-services": ["RANGER", "KNOX"]
-              },
-
-
               "storm_SSL_KEYSTORE_FILE_PATH": {
                 "map-to": "xasecure.policymgr.clientssl.keystore",
                 "map-from": "SSL_KEYSTORE_FILE_PATH",
@@ -1520,7 +1642,7 @@
                 "map-from": "SSL_TRUSTSTORE_FILE_PATH",
                 "from-catalog": "ranger-storm-plugin-properties",
                 "to-catalog": "ranger-storm-policymgr-ssl",
-                "default": "/usr/hdp/current/storm-client/conf/ranger-plugin-keystore.jks",
+                "default": "/usr/hdp/current/storm-client/conf/ranger-plugin-truststore.jks",
                 "required-services": ["RANGER", "STORM"]
               },
               "storm_SSL_TRUSTSTORE_PASSWORD": {
@@ -1549,14 +1671,6 @@
                 "template": "yes",
                 "required-services": ["RANGER", "STORM"]
               },
-              "storm_XAAUDIT.DB.IS_ENABLED": {
-                "map-from": "XAAUDIT.DB.IS_ENABLED",
-                "map-to": "xasecure.audit.destination.db",
-                "from-catalog": "ranger-storm-plugin-properties",
-                "to-catalog": "ranger-storm-audit",
-                "default": "false",
-                "required-services": ["RANGER", "STORM"]
-              },
               "storm_XAAUDIT.HDFS.DESTINATION_DIRECTORY": {
                 "map-from": "XAAUDIT.HDFS.DESTINATION_DIRECTORY",
                 "map-to": "xasecure.audit.destination.hdfs.dir",
@@ -1566,35 +1680,12 @@
                 "template": "yes",
                 "required-services": ["RANGER", "STORM"]
               },
-              "storm_XAAUDIT.HDFS.IS_ENABLED": {
-                "map-from": "XAAUDIT.HDFS.IS_ENABLED",
-                "map-to": "xasecure.audit.destination.hdfs",
-                "from-catalog": "ranger-storm-plugin-properties",
-                "to-catalog": "ranger-storm-audit",
-                "default": "true",
-                "required-services": ["RANGER", "STORM"]
-              },
-              "storm_XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY": {
-                "map-from": "XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY",
-                "map-to": "xasecure.audit.destination.hdfs.batch.filespool.dir",
-                "from-catalog": "ranger-storm-plugin-properties",
-                "to-catalog": "ranger-storm-audit",
-                "default": "/var/log/storm/audit/hdfs/spool",
-                "required-services": ["RANGER", "STORM"]
-              },
               "storm_XAAUDIT.DB.USER_NAME": {
                 "map-from": "XAAUDIT.DB.USER_NAME",
                 "map-to": "xasecure.audit.destination.db.user",
                 "from-catalog": "ranger-storm-plugin-properties",
                 "to-catalog": "ranger-storm-audit",
                 "required-services": ["RANGER", "STORM"]
-              },
-              "storm_XAAUDIT.DB.PASSWORD": {
-                "map-from": "XAAUDIT.DB.PASSWORD",
-                "map-to": "xasecure.audit.destination.db.password",
-                "from-catalog": "ranger-storm-plugin-properties",
-                "to-catalog": "ranger-storm-audit",
-                "required-services": ["RANGER", "STORM"]
               }
      }
     }


Mime
View raw message