ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From oleew...@apache.org
Subject [3/3] ambari git commit: AMBARI-16891. SSL support for Log Search Solr (Miklos Gergely via oleewere)
Date Mon, 30 May 2016 10:20:48 GMT
AMBARI-16891. SSL support for Log Search Solr (Miklos Gergely via oleewere)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/74f930df
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/74f930df
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/74f930df

Branch: refs/heads/branch-2.4
Commit: 74f930dfa1049e4c4f9f0044ea8abe9f7708842c
Parents: f0411c9
Author: Miklos Gergely <mgergely@hortonworks.com>
Authored: Mon May 30 11:31:17 2016 +0200
Committer: oleewere <oleewere@gmail.com>
Committed: Mon May 30 12:20:36 2016 +0200

----------------------------------------------------------------------
 .../src/main/scripts/run.sh                     |   9 +-
 .../src/main/scripts/run.sh                     |   8 ++
 .../common-services/LOGSEARCH/0.5.0/alerts.json |   2 +
 .../0.5.0/configuration/logfeeder-env.xml       |  45 +++++++
 .../0.5.0/configuration/logsearch-env.xml       |  45 +++++++
 .../0.5.0/configuration/logsearch-solr-env.xml  |  60 +++++++++
 .../LOGSEARCH/0.5.0/metainfo.xml                |   2 +
 .../LOGSEARCH/0.5.0/package/scripts/params.py   |  20 +++
 .../0.5.0/package/scripts/setup_logfeeder.py    |   1 +
 .../package/scripts/setup_logsearch_solr.py     |  12 +-
 .../0.5.0/properties/logfeeder-env.sh.j2        |  12 +-
 .../0.5.0/properties/logsearch-env.sh.j2        |  12 +-
 .../0.5.0/properties/logsearch-solr-env.sh.j2   |  13 +-
 .../stacks/2.4/LOGSEARCH/test_logfeeder.py      |   1 +
 .../stacks/2.4/LOGSEARCH/test_logsearch.py      |   1 -
 .../python/stacks/2.4/LOGSEARCH/test_solr.py    |  10 +-
 .../test/python/stacks/2.4/configs/default.json |   6 +-
 ambari-web/app/data/HDP2/site_properties.js     | 129 +++++++++++++++++--
 18 files changed, 360 insertions(+), 28 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh b/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh
index 356a358..376dfee 100644
--- a/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh
+++ b/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh
@@ -27,6 +27,10 @@ if [ ! -z "$LOGFEEDER_INCLUDE" ]; then
    source $LOGFEEDER_INCLUDE
 fi
 
+if [ ! -z "$LOGSEARCH_SOLR_CLIENT_SSL_INCLUDE" ]; then
+   source $LOGSEARCH_SOLR_CLIENT_SSL_INCLUDE
+fi
+
 JAVA=java
 if [ -x $JAVA_HOME/bin/java ]; then
     JAVA=$JAVA_HOME/bin/java
@@ -58,9 +62,12 @@ fi
 LOGFEEDER_GC_LOGFILE=`dirname $LOGFILE`/logfeeder_gc.log
 LOGFEEDER_GC_OPTS="-XX:+PrintGCDetails -XX:+PrintGCDateStamps -Xloggc:$LOGFEEDER_GC_LOGFILE"
 
-#LOGFEEDER_JAVA_OPTS=
 #JMX="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.port=2098"
 
+if [ $LOGFEEDER_SOLR_SSL_ENABLED = "true" ]; then
+  LOGFEEDER_JAVA_OPTS="$LOGFEEDER_JAVA_OPTS -Djavax.net.ssl.keyStore=$LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_LOCATION
-Djavax.net.ssl.keyStoreType=$LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_TYPE -Djavax.net.ssl.keyStorePassword=$LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD
-Djavax.net.ssl.trustStore=$LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION -Djavax.net.ssl.trustStoreType=$LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE
-Djavax.net.ssl.trustStorePassword=$LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD"
+fi
+
 if [ $foreground -eq 0 ]; then
     if [ -f ${PID_FILE} ]; then
 	PID=`cat ${PID_FILE}`

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh
----------------------------------------------------------------------
diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh b/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh
index 460ea60..6c687b9 100755
--- a/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh
+++ b/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh
@@ -21,6 +21,10 @@ if [ ! -z "$LOGSEARCH_INCLUDE" ]; then
    source $LOGSEARCH_INCLUDE
 fi
 
+if [ ! -z "$LOGSEARCH_SOLR_CLIENT_SSL_INCLUDE" ]; then
+   source $LOGSEARCH_SOLR_CLIENT_SSL_INCLUDE
+fi
+
 JAVA=java
 if [ -x $JAVA_HOME/bin/java ]; then
     JAVA=$JAVA_HOME/bin/java
@@ -46,6 +50,10 @@ if [ "$LOGSEARCH_DEBUG" = "true" ] && [ ! -z "$LOGSEARCH_DEBUG_PORT"
]; then
   LOGSEARCH_JAVA_OPTS="$LOGSEARCH_JAVA_OPTS -Xdebug -Xrunjdwp:transport=dt_socket,address=$LOGSEARCH_DEBUG_PORT,server=y,suspend=n
"
 fi
 
+if [ $LOGSEARCH_SOLR_SSL_ENABLED = "true" ]; then
+  LOGSEARCH_JAVA_OPTS="$LOGSEARCH_JAVA_OPTS -Djavax.net.ssl.keyStore=$LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_LOCATION
-Djavax.net.ssl.keyStoreType=$LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_TYPE -Djavax.net.ssl.keyStorePassword=$LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD
-Djavax.net.ssl.trustStore=$LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION -Djavax.net.ssl.trustStoreType=$LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE
-Djavax.net.ssl.trustStorePassword=$LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD"
+fi
+
 if [ "$PID_FILE" = "" ]; then
     LOGSEARCH_PID_DIR=$HOME
     PID_FILE=$LOGSEARCH_PID_DIR/logsearch-search-$USER.pid

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/alerts.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/alerts.json
b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/alerts.json
index eeee341..85762e0 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/alerts.json
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/alerts.json
@@ -41,6 +41,8 @@
           "uri": {
             "http": "{{logsearch-solr-env/logsearch_solr_port}}",
             "https": "{{logsearch-solr-env/logsearch_solr_port}}",
+            "https_property": "{{logsearch-solr-env/logsearch_solr_ssl_enabled}}",
+            "https_property_value": "true",
             "connection_timeout": 5.0,
             "default_port": 8886
           },

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml
b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml
index 19f6a80..b52a88f 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml
@@ -92,6 +92,51 @@
   </property>
 
   <property>
+    <name>logfeeder_solr_ssl_client_truststore_location</name>
+    <value>/etc/security/serverKeys/logsearch-solr-ssl.trustStore.jks</value>
+    <display-name>Logfeeder Solr client trust store location</display-name>
+    <description>Location of the trust store file.</description>
+  </property>
+  <property>
+    <name>logfeeder_solr_ssl_client_truststore_type</name>
+    <value>jks</value>
+    <display-name>Logfeeder Solr client trust store type</display-name>
+    <description>Type of the trust store file.</description>
+  </property>
+  <property>
+    <name>logfeeder_solr_ssl_client_truststore_password</name>
+    <value>bigdata</value>
+    <display-name>Logfeeder Solr client trust store password</display-name>
+    <property-type>PASSWORD</property-type>
+    <description>Password to open the trust store file.</description>
+    <value-attributes>
+      <type>password</type>
+    </value-attributes>
+  </property>
+  <property>
+    <name>logfeeder_solr_ssl_client_keystore_location</name>
+    <value>/etc/security/serverKeys/logsearch-solr-ssl.keyStore.jks</value>
+    <display-name>Logfeeder Solr client key store location</display-name>
+    <description>Location of the key store file.</description>
+  </property>
+  <property>
+    <name>logfeeder_solr_ssl_client_keystore_type</name>
+    <value>jks</value>
+    <display-name>Logfeeder Solr client key store type</display-name>
+    <description>Type of the key store file.</description>
+  </property>
+  <property>
+    <name>logfeeder_solr_ssl_client_keystore_password</name>
+    <value>bigdata</value>
+    <display-name>Logfeeder Solr client key store password</display-name>
+    <property-type>PASSWORD</property-type>
+    <description>Password to open the key store file.</description>
+    <value-attributes>
+      <type>password</type>
+    </value-attributes>
+  </property>
+
+  <property>
     <name>content</name>
     <display-name>logfeeder-env template</display-name>
     <description>This is the jinja template for logsearch-env.sh file</description>

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml
b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml
index 52c2899..655520f 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml
@@ -125,6 +125,51 @@
     <description>Only needed if using custom solr cloud. E.g. zk1:2181,zk2:2182</description>
   </property>
 
+  <property>
+    <name>logsearch_solr_ssl_client_truststore_location</name>
+    <value>/etc/security/serverKeys/logsearch-solr-ssl.trustStore.jks</value>
+    <display-name>Log Search Solr client trust store location</display-name>
+    <description>Location of the trust store file.</description>
+  </property>
+  <property>
+    <name>logsearch_solr_ssl_client_truststore_type</name>
+    <value>jks</value>
+    <display-name>Log Search Solr client trust store type</display-name>
+    <description>Type of the trust store file.</description>
+  </property>
+  <property>
+    <name>logsearch_solr_ssl_client_truststore_password</name>
+    <value>bigdata</value>
+    <display-name>Log Search Solr client trust store password</display-name>
+    <property-type>PASSWORD</property-type>
+    <description>Password to open the trust store file.</description>
+    <value-attributes>
+      <type>password</type>
+    </value-attributes>
+  </property>
+  <property>
+    <name>logsearch_solr_ssl_client_keystore_location</name>
+    <value>/etc/security/serverKeys/logsearch-solr-ssl.keyStore.jks</value>
+    <display-name>Log Search Solr client key store location</display-name>
+    <description>Location of the key store file.</description>
+  </property>
+  <property>
+    <name>logsearch_solr_ssl_client_keystore_type</name>
+    <value>jks</value>
+    <display-name>Log Search Solr client key store type</display-name>
+    <description>Type of the key store file.</description>
+  </property>
+  <property>
+    <name>logsearch_solr_ssl_client_keystore_password</name>
+    <value>bigdata</value>
+    <display-name>Log Search Solr client key store password</display-name>
+    <property-type>PASSWORD</property-type>
+    <description>Password to open the key store file.</description>
+    <value-attributes>
+      <type>password</type>
+    </value-attributes>
+  </property>
+
   <!-- logsearch-env.sh -->
   <property>
     <name>content</name>

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml
b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml
index 29a9171..2bf728c 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml
@@ -98,6 +98,66 @@
   </property>
 
   <property>
+    <name>logsearch_solr_ssl_enabled</name>
+    <value>false</value>
+    <display-name>Enable SSL to Log Search Solr</display-name>
+    <description>Enable ssl to Solr</description>
+    <value-attributes>
+      <type>boolean</type>
+    </value-attributes>
+  </property>
+
+  <property>
+    <name>logsearch_solr_ssl_server_truststore_location</name>
+    <value>/etc/security/serverKeys/logsearch-solr-ssl.trustStore.jks</value>
+    <display-name>Log Search Solr trust store location</display-name>
+    <description>Location of the trust store file.</description>
+  </property>
+
+  <property>
+    <name>logsearch_solr_ssl_server_truststore_type</name>
+    <value>jks</value>
+    <display-name>Log Search Solr trust store type</display-name>
+    <description>Type of the trust store file.</description>
+  </property>
+
+  <property>
+    <name>logsearch_solr_ssl_server_truststore_password</name>
+    <value>bigdata</value>
+    <property-type>PASSWORD</property-type>
+    <display-name>Log Search Solr trust store password</display-name>
+    <description>Password to open the trust store file.</description>
+    <value-attributes>
+      <type>password</type>
+    </value-attributes>
+  </property>
+
+  <property>
+    <name>logsearch_solr_ssl_server_keystore_location</name>
+    <value>/etc/security/serverKeys/logsearch-solr-ssl.keyStore.jks</value>
+    <display-name>Log Search Solr key store location</display-name>
+    <description>Location of the key store file.</description>
+  </property>
+
+  <property>
+    <name>logsearch_solr_ssl_server_keystore_type</name>
+    <value>jks</value>
+    <display-name>Log Search Solr key store type</display-name>
+    <description>Type of the key store file.</description>
+  </property>
+
+  <property>
+    <name>logsearch_solr_ssl_server_keystore_password</name>
+    <value>bigdata</value>
+    <display-name>Log Search Solr key store password</display-name>
+    <property-type>PASSWORD</property-type>
+    <description>Password to open the key store file.</description>
+    <value-attributes>
+      <type>password</type>
+    </value-attributes>
+  </property>
+
+  <property>
     <name>logsearch_solr_znode</name>
     <value>/ambari-solr</value>
     <description>Zookeeper znode, e.g: /logsearch</description>

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/metainfo.xml
b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/metainfo.xml
index 5f1ad99..48451a0 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/metainfo.xml
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/metainfo.xml
@@ -69,6 +69,7 @@
             <config-type>logsearch-env</config-type>
             <config-type>logsearch-log4j</config-type>
             <config-type>logsearch-admin-json</config-type>
+            <config-type>logsearch-solr-env</config-type>
           </configuration-dependencies>
         </component>
 
@@ -142,6 +143,7 @@
             <config-type>logfeeder-properties</config-type>
             <config-type>logfeeder-env</config-type>
             <config-type>logfeeder-log4j</config-type>
+            <config-type>logsearch-solr-env</config-type>
           </configuration-dependencies>
         </component>
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py
b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py
index b3c4b90..0adc5c5 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py
@@ -262,6 +262,26 @@ solr_audit_logs_enable = default('/configurations/logfeeder-env/logfeeder_solr_a
 logfeeder_env_content = config['configurations']['logfeeder-env']['content']
 logfeeder_log4j_content = config['configurations']['logfeeder-log4j']['content']
 
+logsearch_solr_ssl_enabled = default('configurations/logsearch-solr-env/logsearch_solr_ssl_enabled',
False)
+logsearch_solr_ssl_server_keystore_location = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_keystore_location']
+logsearch_solr_ssl_server_keystore_password = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_keystore_password']
+logsearch_solr_ssl_server_keystore_type = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_keystore_type']
+logsearch_solr_ssl_server_truststore_location = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_truststore_location']
+logsearch_solr_ssl_server_truststore_password = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_truststore_password']
+logsearch_solr_ssl_server_truststore_type = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_truststore_type']
+logsearch_solr_ssl_client_keystore_location = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_keystore_location']
+logsearch_solr_ssl_client_keystore_password = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_keystore_password']
+logsearch_solr_ssl_client_keystore_type = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_keystore_type']
+logsearch_solr_ssl_client_truststore_location = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_truststore_location']
+logsearch_solr_ssl_client_truststore_password = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_truststore_password']
+logsearch_solr_ssl_client_truststore_type = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_truststore_type']
+logfeeder_solr_ssl_client_keystore_location = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_keystore_location']
+logfeeder_solr_ssl_client_keystore_password = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_keystore_password']
+logfeeder_solr_ssl_client_keystore_type = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_keystore_type']
+logfeeder_solr_ssl_client_truststore_location = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_truststore_location']
+logfeeder_solr_ssl_client_truststore_password = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_truststore_password']
+logfeeder_solr_ssl_client_truststore_type = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_truststore_type']
+
 logfeeder_checkpoint_folder = default('/configurations/logfeeder-env/logfeeder.checkpoint.folder',
                                       '/etc/ambari-logsearch-logfeeder/conf/checkpoints')
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logfeeder.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logfeeder.py
b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logfeeder.py
index aec8fc0..5ca2bd5 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logfeeder.py
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logfeeder.py
@@ -48,6 +48,7 @@ def setup_logfeeder():
 
   File(format("{logsearch_logfeeder_conf}/logfeeder-env.sh"),
        content=InlineTemplate(params.logfeeder_env_content),
+       mode=0755,
        owner=params.logfeeder_user
        )
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logsearch_solr.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logsearch_solr.py
b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logsearch_solr.py
index e1e26cf..767e208 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logsearch_solr.py
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logsearch_solr.py
@@ -67,10 +67,20 @@ def setup_logsearch_solr(name = None):
 
     zk_cli_prefix = format('export JAVA_HOME={java64_home}; {cloud_scripts}/zkcli.sh -zkhost
{zookeeper_hosts}')
     Execute(format('{zk_cli_prefix} -cmd makepath {logsearch_solr_znode}'),
-            not_if=format("{zk_cli_prefix} -cmd get {logsearch_solr_znode}"),
+            not_if=format("{zk_cli_prefix}{logsearch_solr_znode} -cmd list"),
             ignore_failures=True,
             user=params.logsearch_solr_user
             )
+    if params.logsearch_solr_ssl_enabled:
+      Execute(format('{zk_cli_prefix}{logsearch_solr_znode} -cmd clusterprop -name urlScheme
-val https'),
+              ignore_failures=True,
+              user=params.logsearch_solr_user
+              )
+    else:
+      Execute(format('{zk_cli_prefix}{logsearch_solr_znode} -cmd clusterprop -name urlScheme
-val http'),
+              ignore_failures=True,
+              user=params.logsearch_solr_user
+              )
   elif name == 'client':
     Directory([params.solr_client_dir, params.logsearch_solr_client_log_dir],
               mode=0755,

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2
b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2
index 50b16ab..aba06c6 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2
@@ -30,4 +30,14 @@ export JAVA_HOME={{java64_home}}
 
 if [ "$LOGFEEDER_JAVA_MEM" = "" ]; then
   export LOGFEEDER_JAVA_MEM=-Xmx{{logfeeder_max_mem}}
-fi
\ No newline at end of file
+fi
+
+{% if logsearch_solr_ssl_enabled %}
+export LOGFEEDER_SOLR_SSL_ENABLED="true"
+export LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_LOCATION={{logfeeder_solr_ssl_client_keystore_location}}
+export LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD={{logfeeder_solr_ssl_client_keystore_password}}
+export LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_TYPE={{logfeeder_solr_ssl_client_keystore_type}}
+export LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION={{logfeeder_solr_ssl_client_truststore_location}}
+export LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD={{logfeeder_solr_ssl_client_truststore_password}}
+export LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE={{logfeeder_solr_ssl_client_truststore_type}}
+{% endif %}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2
b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2
index c2a4172..7b0aed3 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2
@@ -36,4 +36,14 @@ fi
 
 export LOGSEARCH_DEBUG={{logsearch_debug_enabled}}
 
-export LOGSEARCH_DEBUG_PORT={{logsearch_debug_port}}
\ No newline at end of file
+export LOGSEARCH_DEBUG_PORT={{logsearch_debug_port}}
+
+{% if logsearch_solr_ssl_enabled %}
+export LOGSEARCH_SOLR_SSL_ENABLED="true"
+export LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_LOCATION={{logsearch_solr_ssl_client_keystore_location}}
+export LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD={{logsearch_solr_ssl_client_keystore_password}}
+export LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_TYPE={{logsearch_solr_ssl_client_keystore_type}}
+export LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION={{logsearch_solr_ssl_client_truststore_location}}
+export LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD={{logsearch_solr_ssl_client_truststore_password}}
+export LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE={{logsearch_solr_ssl_client_truststore_type}}
+{% endif %}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2
b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2
index f59ba49..9f76d18 100644
--- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2
+++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2
@@ -92,12 +92,15 @@ SOLR_LOGS_DIR={{logsearch_solr_log_dir}}
 # Sets the port Solr binds to, default is 8983
 SOLR_PORT={{logsearch_solr_port}}
 
-# Uncomment to set SSL-related system properties
 # Be sure to update the paths to the correct keystore for your environment
-#SOLR_SSL_OPTS="-Djavax.net.ssl.keyStore=etc/solr-ssl.keystore.jks \
-#-Djavax.net.ssl.keyStorePassword=secret \
-#-Djavax.net.ssl.trustStore=etc/solr-ssl.keystore.jks \
-#-Djavax.net.ssl.trustStorePassword=secret"
+{% if logsearch_solr_ssl_enabled %}
+SOLR_SSL_KEY_STORE={{logsearch_solr_ssl_server_keystore_location}}
+SOLR_SSL_KEY_STORE_PASSWORD={{logsearch_solr_ssl_server_keystore_password}}
+SOLR_SSL_TRUST_STORE={{logsearch_solr_ssl_server_keystore_location}}
+SOLR_SSL_TRUST_STORE_PASSWORD={{logsearch_solr_ssl_server_keystore_password}}
+SOLR_SSL_NEED_CLIENT_AUTH=false
+SOLR_SSL_WANT_CLIENT_AUTH=false
+{% endif %}
 
 # Uncomment to set a specific SSL port (-Djetty.ssl.port=N); if not set
 # and you are using SSL, then the start script will use SOLR_PORT for the SSL port

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logfeeder.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logfeeder.py b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logfeeder.py
index f485d27..54e08e4 100644
--- a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logfeeder.py
+++ b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logfeeder.py
@@ -75,6 +75,7 @@ class TestLogFeeder(RMFTestCase):
                               )
     self.assertResourceCalled('File', '/etc/ambari-logsearch-logfeeder/conf/logfeeder-env.sh',
                               owner='logfeeder',
+                              mode=0755,
                               content=InlineTemplate(self.getConfig()['configurations']['logfeeder-env']['content'])
                               )
     self.assertResourceCalled('File', '/etc/ambari-logsearch-logfeeder/conf/log4j.xml',

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py
index ddf380c..bfe6921 100644
--- a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py
+++ b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py
@@ -83,7 +83,6 @@ class TestLogSearch(RMFTestCase):
                               mode = 0755,
                               owner = "logsearch"
     )
-
     self.assertResourceCalled('File', '/etc/ambari-logsearch-portal/conf/logsearch-admin.json',
                               owner = 'logsearch',
                               content = InlineTemplate(self.getConfig()['configurations']['logsearch-admin-json']['content'])

http://git-wip-us.apache.org/repos/asf/ambari/blob/74f930df/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_solr.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_solr.py b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_solr.py
index d3078f3..0590dca 100644
--- a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_solr.py
+++ b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_solr.py
@@ -25,7 +25,7 @@ from resource_management.libraries.script.config_dictionary import UnknownConfig
 class TestSolr(RMFTestCase):
   COMMON_SERVICES_PACKAGE_DIR = "LOGSEARCH/0.5.0/package"
   STACK_VERSION = "2.4"
-  
+
   def configureResourcesCalled(self):
       self.assertResourceCalled('Directory', '/usr/lib/ambari-logsearch-solr',
                                 owner = 'solr',
@@ -94,11 +94,15 @@ class TestSolr(RMFTestCase):
                                 content = Template('zoo.cfg.j2')
       )
       self.assertResourceCalled('Execute', 'export JAVA_HOME=/usr/jdk64/jdk1.7.0_45; /usr/lib/ambari-logsearch-solr/server/scripts/cloud-scripts/zkcli.sh
-zkhost c6401.ambari.apache.org -cmd makepath /logsearch',
-                                not_if = "export JAVA_HOME=/usr/jdk64/jdk1.7.0_45; /usr/lib/ambari-logsearch-solr/server/scripts/cloud-scripts/zkcli.sh
-zkhost c6401.ambari.apache.org -cmd get /logsearch",
+                                not_if = "export JAVA_HOME=/usr/jdk64/jdk1.7.0_45; /usr/lib/ambari-logsearch-solr/server/scripts/cloud-scripts/zkcli.sh
-zkhost c6401.ambari.apache.org/logsearch -cmd list",
                                 ignore_failures = True,
                                 user = "solr"
       )
-  
+      self.assertResourceCalled('Execute', 'export JAVA_HOME=/usr/jdk64/jdk1.7.0_45; /usr/lib/ambari-logsearch-solr/server/scripts/cloud-scripts/zkcli.sh
-zkhost c6401.ambari.apache.org/logsearch -cmd clusterprop -name urlScheme -val http',
+                                ignore_failures = True,
+                                user = "solr"
+      )
+
   def test_configure_default(self):
     self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/logsearch_solr.py",
                        classname = "LogsearchSolr",


Mime
View raw message