Return-Path: <commits-return-30052-archive-asf-public=cust-asf.ponee.io@ambari.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 145DF200B3C
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Tue, 28 Jun 2016 15:49:30 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 11EFA160A28; Tue, 28 Jun 2016 13:49:30 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 4163C160A56
	for <archive-asf-public@cust-asf.ponee.io>; Tue, 28 Jun 2016 15:49:29 +0200 (CEST)
Received: (qmail 31545 invoked by uid 500); 28 Jun 2016 13:49:28 -0000
Mailing-List: contact commits-help@ambari.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@ambari.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@ambari.apache.org>
List-Post: <mailto:commits@ambari.apache.org>
List-Id: <commits.ambari.apache.org>
Reply-To: ambari-dev@ambari.apache.org
Delivered-To: mailing list commits@ambari.apache.org
Received: (qmail 31438 invoked by uid 99); 28 Jun 2016 13:49:28 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 28 Jun 2016 13:49:28 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id 43EC1E094C; Tue, 28 Jun 2016 13:49:28 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: gautam@apache.org
To: commits@ambari.apache.org
Date: Tue, 28 Jun 2016 13:49:29 -0000
Message-Id: <90e5d8216e3449b4ae842a5b8139b88a@git.apache.org>
In-Reply-To: <51b2a3e3e386446c87efb2326d44c588@git.apache.org>
References: <51b2a3e3e386446c87efb2326d44c588@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [2/2] ambari git commit: AMBARI-17363: Enable Ranger support for Hive
 Interactive(gautam)
archived-at: Tue, 28 Jun 2016 13:49:30 -0000

AMBARI-17363: Enable Ranger support for Hive Interactive(gautam)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/016d6ec4
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/016d6ec4
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/016d6ec4

Branch: refs/heads/branch-2.4
Commit: 016d6ec48802ec62632c200c5c73958d5eb84314
Parents: bc8bd58
Author: Gautam Borad <gautam@apache.org>
Authored: Wed Jun 22 15:39:51 2016 +0530
Committer: Gautam Borad <gautam@apache.org>
Committed: Tue Jun 28 19:19:16 2016 +0530

----------------------------------------------------------------------
 .../package/scripts/hive_server_interactive.py  |  3 +-
 .../scripts/setup_ranger_hive_interactive.py    | 78 ++++++++++++++++++++
 2 files changed, 80 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/016d6ec4/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
index e892509..255396f 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive_server_interactive.py
@@ -54,6 +54,7 @@ from setup_ranger_hive import setup_ranger_hive
 from hive_service_interactive import hive_service_interactive
 from hive_interactive import hive_interactive
 from hive_server import HiveServerDefault
+from setup_ranger_hive_interactive import setup_ranger_hive_interactive
 
 import traceback
 
@@ -119,7 +120,7 @@ class HiveServerInteractiveDefault(HiveServerInteractive):
         raise Fail("Skipping START of Hive Server Interactive since LLAP app couldn't be STARTED.")
 
       # TODO : test the workability of Ranger and Hive2 during upgrade
-      # setup_ranger_hive(upgrade_type=upgrade_type)
+      setup_ranger_hive_interactive(upgrade_type=upgrade_type)
       hive_service_interactive('hiveserver2', action='start', upgrade_type=upgrade_type)
 
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/016d6ec4/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py
new file mode 100644
index 0000000..eeb3031
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/setup_ranger_hive_interactive.py
@@ -0,0 +1,78 @@
+#!/usr/bin/env python
+"""
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+"""
+from resource_management.core.logger import Logger
+
+def setup_ranger_hive_interactive(upgrade_type = None):
+  import params
+
+  if params.has_ranger_admin:
+
+    stack_version = None
+
+    if upgrade_type is not None:
+      stack_version = params.version
+
+    if params.retryAble:
+      Logger.info("Hive2: Setup ranger: command retry enabled thus retrying if ranger admin is down !")
+    else:
+      Logger.info("Hive2: Setup ranger: command retry not enabled thus skipping if ranger admin is down !")
+
+    if params.xml_configurations_supported and params.enable_ranger_hive and params.xa_audit_hdfs_is_enabled:
+      params.HdfsResource("/ranger/audit",
+                         type="directory",
+                         action="create_on_execute",
+                         owner=params.hdfs_user,
+                         group=params.hdfs_user,
+                         mode=0755,
+                         recursive_chmod=True
+      )
+      params.HdfsResource("/ranger/audit/hive2",
+                         type="directory",
+                         action="create_on_execute",
+                         owner=params.hive_user,
+                         group=params.hive_user,
+                         mode=0700,
+                         recursive_chmod=True
+      )
+      params.HdfsResource(None, action="execute")
+
+      from resource_management.libraries.functions.setup_ranger_plugin_xml import setup_ranger_plugin
+      setup_ranger_plugin('hive-server2-hive2', 'hive', params.ranger_previous_jdbc_jar,
+                          params.ranger_downloaded_custom_connector, params.ranger_driver_curl_source,
+                          params.ranger_driver_curl_target, params.java64_home,
+                          params.repo_name, params.hive_ranger_plugin_repo,
+                          params.ranger_env, params.ranger_plugin_properties,
+                          params.policy_user, params.policymgr_mgr_url,
+                          params.enable_ranger_hive, conf_dict=params.hive_server_conf_dir,
+                          component_user=params.hive_user, component_group=params.user_group, cache_service_list=['hive-server2-hive2'],
+                          plugin_audit_properties=params.config['configurations']['ranger-hive-audit'], plugin_audit_attributes=params.config['configuration_attributes']['ranger-hive-audit'],
+                          plugin_security_properties=params.config['configurations']['ranger-hive-security'], plugin_security_attributes=params.config['configuration_attributes']['ranger-hive-security'],
+                          plugin_policymgr_ssl_properties=params.config['configurations']['ranger-hive-policymgr-ssl'], plugin_policymgr_ssl_attributes=params.config['configuration_attributes']['ranger-hive-policymgr-ssl'],
+                          component_list=['hive-client', 'hive-metastore', 'hive-server2','hive-server2-hive2'], audit_db_is_enabled=False,
+                          credential_file=params.credential_file, xa_audit_db_password=None,
+                          ssl_truststore_password=params.ssl_truststore_password, ssl_keystore_password=params.ssl_keystore_password,
+                          stack_version_override = stack_version, skip_if_rangeradmin_down= not params.retryAble, api_version='v2',
+                          is_security_enabled = params.security_enabled,
+                          is_stack_supports_ranger_kerberos = params.stack_supports_ranger_kerberos,
+                          component_user_principal=params.hive_principal if params.security_enabled else None,
+                          component_user_keytab=params.hive_server2_keytab if params.security_enabled else None)
+
+  else:
+    Logger.info('Ranger admin not installed')