ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jonathanhur...@apache.org
Subject [05/50] [abbrv] ambari git commit: Revert "AMBARI-17898 Add Kerberos HTTP SPNEGO authentication support to Ambari Metrics Monitor (qinliu via dsen)"
Date Thu, 17 Nov 2016 17:13:21 GMT
Revert "AMBARI-17898 Add Kerberos HTTP SPNEGO authentication support to Ambari Metrics Monitor
(qinliu via dsen)"

This reverts commit 18a88ebb43260f01ff1b5370bc15fb7b6a64055c.


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/a201d092
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/a201d092
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/a201d092

Branch: refs/heads/branch-feature-AMBARI-18456
Commit: a201d092d1dc4ef32dcbf3ba37ee957f33418637
Parents: b5a2bb8
Author: Dmytro Sen <dsen@apache.org>
Authored: Tue Nov 15 18:15:42 2016 +0200
Committer: Dmytro Sen <dsen@apache.org>
Committed: Tue Nov 15 18:15:42 2016 +0200

----------------------------------------------------------------------
 ambari-metrics/ambari-metrics-assembly/pom.xml  |   1 -
 .../conf/unix/metric_monitor.ini                |   2 -
 .../src/main/python/core/config_reader.py       |  10 +-
 .../src/main/python/core/emitter.py             |  57 +------
 .../src/main/python/core/krberr.py              |  42 -----
 .../main/python/core/spnego_kerberos_auth.py    | 163 -------------------
 .../src/test/python/core/TestEmitter.py         |  26 ---
 .../AMBARI_METRICS/0.1.0/kerberos.json          |  26 ---
 .../AMBARI_METRICS/0.1.0/package/scripts/ams.py |  13 +-
 .../0.1.0/package/scripts/params.py             |   7 +-
 .../package/templates/metric_monitor.ini.j2     |   2 -
 11 files changed, 20 insertions(+), 329 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/a201d092/ambari-metrics/ambari-metrics-assembly/pom.xml
----------------------------------------------------------------------
diff --git a/ambari-metrics/ambari-metrics-assembly/pom.xml b/ambari-metrics/ambari-metrics-assembly/pom.xml
index cd45d35..d73a0af 100644
--- a/ambari-metrics/ambari-metrics-assembly/pom.xml
+++ b/ambari-metrics/ambari-metrics-assembly/pom.xml
@@ -535,7 +535,6 @@
                     <require>${python.ver}</require>
                     <require>gcc</require>
                     <require>${python.devel}</require>
-                    <require>python-kerberos</require>
                   </requires>
                   <preremoveScriptlet>
                     <scriptFile>src/main/package/rpm/preremove.sh</scriptFile>

http://git-wip-us.apache.org/repos/asf/ambari/blob/a201d092/ambari-metrics/ambari-metrics-host-monitoring/conf/unix/metric_monitor.ini
----------------------------------------------------------------------
diff --git a/ambari-metrics/ambari-metrics-host-monitoring/conf/unix/metric_monitor.ini b/ambari-metrics/ambari-metrics-host-monitoring/conf/unix/metric_monitor.ini
index 8f7bcc8..e98c65c 100644
--- a/ambari-metrics/ambari-metrics-host-monitoring/conf/unix/metric_monitor.ini
+++ b/ambari-metrics/ambari-metrics-host-monitoring/conf/unix/metric_monitor.ini
@@ -25,8 +25,6 @@ skip_disk_patterns =
 
 [emitter]
 send_interval = 60
-kinit_cmd = /usr/bin/kinit -kt /etc/security/keytabs/ams.monitor.keytab amsmon/localhost
-klist_cmd = /usr/bin/klist
 
 [collector]
 collector_sleep_interval = 5

http://git-wip-us.apache.org/repos/asf/ambari/blob/a201d092/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/config_reader.py
----------------------------------------------------------------------
diff --git a/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/config_reader.py
b/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/config_reader.py
index 3ad3aac..890d3ce 100644
--- a/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/config_reader.py
+++ b/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/config_reader.py
@@ -108,8 +108,6 @@ enable_value_threshold = false
 
 [emitter]
 send_interval = 60
-kinit_cmd = /usr/bin/kinit -kt /etc/security/keytabs/ams.monitor.keytab amsmon/localhost
-klist_cmd = /usr/bin/klist
 
 [collector]
 collector_sleep_interval = 5
@@ -211,12 +209,6 @@ class Configuration:
   def get_send_interval(self):
     return int(self.get("emitter", "send_interval", 60))
 
-  def get_kinit_cmd(self):
-    return self.get("emitter", "kinit_cmd")
-
-  def get_klist_cmd(self):
-    return self.get("emitter", "klist_cmd")
-
   def get_collector_sleep_interval(self):
     return int(self.get("collector", "collector_sleep_interval", 10))
 
@@ -264,4 +256,4 @@ class Configuration:
     return self._ca_cert_file_path
 
   def get_disk_metrics_skip_pattern(self):
-    return self.get("default", "skip_disk_patterns")
+    return self.get("default", "skip_disk_patterns")
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ambari/blob/a201d092/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/emitter.py
----------------------------------------------------------------------
diff --git a/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/emitter.py
b/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/emitter.py
index 27cfa0f..ba3f18e 100644
--- a/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/emitter.py
+++ b/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/emitter.py
@@ -20,7 +20,6 @@ limitations under the License.
 
 import logging
 import threading
-from spnego_kerberos_auth import SPNEGOKerberosAuth
 
 from security import CachedHTTPSConnection, CachedHTTPConnection
 from blacklisted_set import BlacklistedSet
@@ -32,10 +31,6 @@ class Emitter(threading.Thread):
   AMS_METRICS_POST_URL = "/ws/v1/timeline/metrics/"
   RETRY_SLEEP_INTERVAL = 5
   MAX_RETRY_COUNT = 3
-  cookie_cached = {}
-  kinit_cmd = None
-  klist_cmd = None
-  spnego_krb_auth = None
   """
   Wake up every send interval seconds and empty the application metric map.
   """
@@ -44,10 +39,6 @@ class Emitter(threading.Thread):
     logger.debug('Initializing Emitter thread.')
     self.lock = threading.Lock()
     self.send_interval = config.get_send_interval()
-    self.kinit_cmd = config.get_kinit_cmd()
-    if self.kinit_cmd:
-      logger.debug(self.kinit_cmd)
-    self.klist_cmd = config.get_klist_cmd()
     self.hostname = config.get_hostname_config()
     self.hostname_hash = self.compute_hash(self.hostname)
     self._stop_handler = stop_handler
@@ -72,7 +63,6 @@ class Emitter(threading.Thread):
         self.submit_metrics()
       except Exception, e:
         logger.warn('Unable to emit events. %s' % str(e))
-        self.cookie_cached = {}
       pass
       #Wait for the service stop event instead of sleeping blindly
       if 0 == self._stop_handler.wait(self.send_interval):
@@ -110,50 +100,17 @@ class Emitter(threading.Thread):
     headers = {"Content-Type" : "application/json", "Accept" : "*/*"}
     connection = self.get_connection(collector_host)
     logger.debug("message to send: %s" % data)
-
-    try:
-      if self.cookie_cached[connection.host]:
-        headers["Cookie"] = self.cookie_cached[connection.host]
-        logger.debug("Cookie: %s" % self.cookie_cached[connection.host])
-    except Exception, e:
-      self.cookie_cached = {}
-    pass
-
     retry_count = 0
     while retry_count < self.MAX_RETRY_COUNT:
       response = self.get_response_from_submission(connection, data, headers)
-      if response:
-        if response.status == 200:
-          return True
-        if response.status == 401 or response.status == 403:
-          self.cookie_cached = {}
-          auth_header = response.getheader('www-authenticate', None)
-          if auth_header == None:
-              logger.warn('www-authenticate header not found')
-          else:
-            self.spnego_krb_auth = SPNEGOKerberosAuth()
-            if self.spnego_krb_auth.get_negotiate_value(auth_header) == '':
-              response = self.spnego_krb_auth.authenticate_handshake(connection, "POST",
self.AMS_METRICS_POST_URL, data, headers, self.kinit_cmd, self.klist_cmd)
-              if response:
-                logger.debug("response from authenticate_client: retcode = {0}, reason =
{1}"
-                                                           .format(response.status, response.reason))
-                logger.debug(str(response.read()))
-                if response.status == 200:
-                  logger.debug("response headers: {0}".format(response.getheaders()))
-                  logger.debug("cookie_cached: %s" % self.cookie_cached)
-                  set_cookie_header = response.getheader('set-cookie', None)
-                  if set_cookie_header and self.spnego_krb_auth:
-                    set_cookie_val = self.spnego_krb_auth.get_hadoop_auth_cookie(set_cookie_header)
-                    logger.debug("set_cookie: %s" % set_cookie_val)
-                    if set_cookie_val:
-                      self.cookie_cached[connection.host] = set_cookie_val
-                  return True
-
-      logger.warn("Retrying after {0} ...".format(self.RETRY_SLEEP_INTERVAL))
-      retry_count += 1
-      #Wait for the service stop event instead of sleeping blindly
-      if 0 == self._stop_handler.wait(self.RETRY_SLEEP_INTERVAL):
+      if response and response.status == 200:
         return True
+      else:
+        logger.warn("Retrying after {0} ...".format(self.RETRY_SLEEP_INTERVAL))
+        retry_count += 1
+        #Wait for the service stop event instead of sleeping blindly
+        if 0 == self._stop_handler.wait(self.RETRY_SLEEP_INTERVAL):
+          return True
     pass
 
     if retry_count >= self.MAX_RETRY_COUNT:

http://git-wip-us.apache.org/repos/asf/ambari/blob/a201d092/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/krberr.py
----------------------------------------------------------------------
diff --git a/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/krberr.py
b/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/krberr.py
deleted file mode 100644
index 25d7890..0000000
--- a/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/krberr.py
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/usr/bin/env python
-
-'''
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-'''
-
-"""
-Python Kerberos GSS APIs used by spnego_kerberos_auth.py.
-It is used as a place holder for kerberos.py which is not available.
-"""
-
-class KrbError(Exception):
-      pass
-
-class GSSError(KrbError):
-      pass
-
-def authGSSClientInit(service):
-      pass
-
-def authGSSClientClean(context):
-      pass
-
-def authGSSClientStep(context, challenge):
-      pass
-
-def authGSSClientResponse(context):
-      pass
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ambari/blob/a201d092/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/spnego_kerberos_auth.py
----------------------------------------------------------------------
diff --git a/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/spnego_kerberos_auth.py
b/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/spnego_kerberos_auth.py
deleted file mode 100644
index a16ca86..0000000
--- a/ambari-metrics/ambari-metrics-host-monitoring/src/main/python/core/spnego_kerberos_auth.py
+++ /dev/null
@@ -1,163 +0,0 @@
-#!/usr/bin/env python
-
-'''
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-'''
-
-import logging
-import httplib
-import os
-
-logger = logging.getLogger()
-try:
-      import kerberos
-except ImportError:
-  import krberr as kerberos
-  logger.warn('import kerberos exception: %s' % str(ImportError))
-pass
-
-class SPNEGOKerberosAuth:
-  def __init__(self):
-        self.krb_context = None
-
-  def authenticate_handshake (self, connection, method, service_url, body, headers, kinit_cmd,
klist_cmd):
-        # kinit to ensure ticket valid
-    self.execute_kinit(kinit_cmd, klist_cmd)
-
-    try:
-          # Authenticate the client request
-      response = self.authenticate_client(connection, method, service_url, body, headers)
-
-      # Authenticate the response from the server
-      if response:
-            self.authenticate_server(response)
-      return response
-    finally:
-      # Clean the client context after the handshake
-      self.clean_client_context()
-    pass
-
-  def execute_kinit(self, kinit_cmd, klist_cmd):
-    exit_status = os.system(kinit_cmd)
-    logger.debug("kinit exit_status: {0}".format(exit_status))
-    logger.debug(os.system(klist_cmd))
-    return exit_status
-
-  def authenticate_client(self, connection, method, service_url, body, headers):
-    service = "HTTP@%s" % connection.host.lower()
-    logger.debug("connection: %s", connection)
-    logger.debug("service: %s", service)
-
-    auth_header = self.get_authorization_header(service)
-    logger.debug("Authorization: %s" % auth_header)
-
-    # Send 2nd HTTP request with authorization header
-    headers['Authorization'] = auth_header
-    try:
-      connection.request(method, service_url, body, headers)
-      response = connection.getresponse()
-    except Exception, e:
-      logger.warn('2nd HTTP request exception from server: %s' % str(e))
-      return None
-    pass
-    if response:
-      logger.debug("2nd HTTP response from server: retcode = {0}, reason = {1}"
-                                            .format(response.status, response.reason))
-      logger.debug(str(response.read()))
-      logger.debug("response headers: {0}".format(response.getheaders()))
-    return response
-
-  def get_authorization_header(self, service):
-        # Initialize the context object for client-side authentication with a service principal
-    try:
-      result, self.krb_context = kerberos.authGSSClientInit(service)
-      if result == -1:
-        logger.warn('authGSSClientInit result: {0}'.format(result))
-        return None
-    except kerberos.GSSError, e:
-      logger.warn('authGSSClientInit exception: %s' % str(e))
-      return None
-    pass
-
-    # Process the first client-side step with the context
-    try:
-      result = kerberos.authGSSClientStep(self.krb_context, "")
-      if result == -1:
-        logger.warn('authGSSClientStep result for authenticate client: {0}'.format(result))
-        return None
-    except kerberos.GSSError, e:
-      logger.warn('authGSSClientStep exception for authenticate client: %s' % str(e))
-      return None
-    pass
-
-    # Get the client response from the first client-side step
-    try:
-      negotiate_value = kerberos.authGSSClientResponse(self.krb_context)
-      logger.debug("authGSSClientResponse response:{0}".format(negotiate_value))
-    except kerberos.GSSError, e:
-      logger.warn('authGSSClientResponse exception: %s' % str(e))
-      return None
-    pass
-
-    # Build the authorization header
-    return "Negotiate %s" % negotiate_value
-
-  def authenticate_server(self, response):
-    auth_header = response.getheader('www-authenticate', None)
-    negotiate_value = self.get_negotiate_value(auth_header)
-    if negotiate_value == None:
-      logger.warn('www-authenticate header not found')
-
-    # Process the client-side step with the context and the negotiate value from 2nd HTTP
response
-    try:
-      result = kerberos.authGSSClientStep(self.krb_context, negotiate_value)
-      if result == -1:
-        logger.warn('authGSSClientStep result for authenticate server: {0}'.format(result))
-    except kerberos.GSSError, e:
-      logger.warn('authGSSClientStep exception for authenticate server: %s' % str(e))
-      result = -1
-    pass
-    return result
-
-  def clean_client_context(self):
-    # Destroy the context for client-side authentication
-    try:
-      result = kerberos.authGSSClientClean(self.krb_context)
-      logger.debug("authGSSClientClean result:{0}".format(result))
-    except kerberos.GSSError, e:
-      logger.warn('authGSSClientClean exception: %s' % str(e))
-      result = -1
-    pass
-    return result
-
-  def get_hadoop_auth_cookie(self, set_cookie_header):
-    if set_cookie_header:
-      for field in set_cookie_header.split(";"):
-        if field.startswith('hadoop.auth='):
-          return field
-    else:
-     return None
-    return None
-
-  def get_negotiate_value(self, auth_header):
-    if auth_header:
-      for field in auth_header.split(","):
-        key, __, value = field.strip().partition(" ")
-        if key.lower() == "negotiate":
-          return value.strip()
-    else:
-        return None

http://git-wip-us.apache.org/repos/asf/ambari/blob/a201d092/ambari-metrics/ambari-metrics-host-monitoring/src/test/python/core/TestEmitter.py
----------------------------------------------------------------------
diff --git a/ambari-metrics/ambari-metrics-host-monitoring/src/test/python/core/TestEmitter.py
b/ambari-metrics/ambari-metrics-host-monitoring/src/test/python/core/TestEmitter.py
index 722a176..de97292 100644
--- a/ambari-metrics/ambari-metrics-host-monitoring/src/test/python/core/TestEmitter.py
+++ b/ambari-metrics/ambari-metrics-host-monitoring/src/test/python/core/TestEmitter.py
@@ -27,7 +27,6 @@ from only_for_platform import get_platform, PLATFORM_WINDOWS
 from mock.mock import patch, MagicMock
 from security import CachedHTTPConnection
 from blacklisted_set import BlacklistedSet
-from spnego_kerberos_auth import SPNEGOKerberosAuth
 
 if get_platform() != PLATFORM_WINDOWS:
   os_distro_value = ('Suse','11','Final')
@@ -87,31 +86,6 @@ class TestEmitter(TestCase):
     self.assertEqual(request_mock.call_count, 9)
     self.assertUrlData(request_mock)
 
-  @patch.object(OSCheck, "os_distribution", new = MagicMock(return_value = os_distro_value))
-  @patch.object(CachedHTTPConnection, "create_connection", new = MagicMock())
-  @patch.object(SPNEGOKerberosAuth, "authenticate_handshake")
-  @patch.object(CachedHTTPConnection, "getresponse")
-  @patch.object(CachedHTTPConnection, "request")
-  def test_spnego_negotiation(self, request_mock, getresponse_mock, auth_mock):
-    request_mock.return_value = MagicMock()
-    getresponse_mock.return_value.status = 401
-    getresponse_mock.return_value.getheader.return_value = "Negotiate   "
-
-    auth_mock.return_value.status = 200
-
-    stop_handler = bind_signal_handlers()
-
-    config = Configuration()
-    application_metric_map = ApplicationMetricMap("host","10.10.10.10")
-    application_metric_map.clear()
-    application_metric_map.put_metric("APP1", {"metric1":1}, 1)
-    emitter = Emitter(config, application_metric_map, stop_handler)
-    emitter.submit_metrics()
-
-
-    self.assertEqual(request_mock.call_count, 1)
-    self.assertUrlData(request_mock)
-
   def assertUrlData(self, request_mock):
     self.assertEqual(len(request_mock.call_args), 2)
     data = request_mock.call_args[0][2]

http://git-wip-us.apache.org/repos/asf/ambari/blob/a201d092/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/kerberos.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/kerberos.json
b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/kerberos.json
index a6afda5..51f541f 100644
--- a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/kerberos.json
+++ b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/kerberos.json
@@ -9,32 +9,6 @@
       ],
       "components": [
         {
-          "name": "METRICS_MONITOR",
-          "identities": [
-            {
-              "name": "ams_monitor",
-              "principal": {
-                "value": "amsmon/_HOST@${realm}",
-                "type": "service",
-                "configuration": "ams-hbase-security-site/ams.monitor.principal",
-                "local_username": "${ams-env/ambari_metrics_user}"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/ams-monitor.keytab",
-                "owner": {
-                  "name": "${ams-env/ambari_metrics_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                },
-                "configuration": "ams-hbase-security-site/ams.monitor.keytab"
-              }
-            }
-          ]
-        },
-        {
           "name": "METRICS_COLLECTOR",
           "identities": [
             {

http://git-wip-us.apache.org/repos/asf/ambari/blob/a201d092/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/ams.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/ams.py
b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/ams.py
index 28aba35..6cf743e 100644
--- a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/ams.py
+++ b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/ams.py
@@ -320,9 +320,18 @@ def ams(name=None, action=None):
             mode=0644
       )
 
+      # Remove spnego configs from core-site, since AMS does not support spnego (AMBARI-14384)
+      truncated_core_site = {}
+      truncated_core_site.update(params.config['configurations']['core-site'])
+      if 'core-site' in params.config['configurations']:
+        if 'hadoop.http.authentication.type' in params.config['configurations']['core-site']:
+          truncated_core_site.pop('hadoop.http.authentication.type')
+        if 'hadoop.http.filter.initializers' in params.config['configurations']['core-site']:
+          truncated_core_site.pop('hadoop.http.filter.initializers')
+
       XmlConfig("core-site.xml",
                 conf_dir=params.ams_collector_conf_dir,
-                configurations=params.config['configurations']['core-site'],
+                configurations=truncated_core_site,
                 configuration_attributes=params.config['configuration_attributes']['core-site'],
                 owner=params.ams_user,
                 group=params.user_group,
@@ -331,7 +340,7 @@ def ams(name=None, action=None):
 
       XmlConfig("core-site.xml",
                 conf_dir=params.hbase_conf_dir,
-                configurations=params.config['configurations']['core-site'],
+                configurations=truncated_core_site,
                 configuration_attributes=params.config['configuration_attributes']['core-site'],
                 owner=params.ams_user,
                 group=params.user_group,

http://git-wip-us.apache.org/repos/asf/ambari/blob/a201d092/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/params.py
b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/params.py
index b052999..f04f5c2 100644
--- a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/params.py
+++ b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/params.py
@@ -270,10 +270,7 @@ service_check_data = functions.get_unique_id_and_date()
 user_group = config['configurations']['cluster-env']["user_group"]
 hadoop_user = "hadoop"
 
-kinit_path_local = functions.get_kinit_path(default('/configurations/kerberos-env/executable_search_paths',
None))
 kinit_cmd = ""
-klist_path_local = functions.get_klist_path(default('/configurations/kerberos-env/executable_search_paths',
None))
-klist_cmd = ""
 
 if security_enabled:
   _hostname_lowercase = config['hostname'].lower()
@@ -297,9 +294,6 @@ if security_enabled:
   regionserver_keytab_path = config['configurations']['ams-hbase-security-site']['hbase.regionserver.keytab.file']
   regionserver_jaas_princ = config['configurations']['ams-hbase-security-site']['hbase.regionserver.kerberos.principal'].replace('_HOST',_hostname_lowercase)
 
-  kinit_cmd = '%s -kt %s %s' % (kinit_path_local, config['configurations']['ams-hbase-security-site']['ams.monitor.keytab'],
config['configurations']['ams-hbase-security-site']['ams.monitor.principal'].replace('_HOST',_hostname_lowercase))
-  klist_cmd = '%s' % klist_path_local
-
 #log4j.properties
 if (('ams-hbase-log4j' in config['configurations']) and ('content' in config['configurations']['ams-hbase-log4j'])):
   hbase_log4j_props = config['configurations']['ams-hbase-log4j']['content']
@@ -322,6 +316,7 @@ hbase_staging_dir = default("/configurations/ams-hbase-site/hbase.bulkload.stagi
 hdfs_user_keytab = config['configurations']['hadoop-env']['hdfs_user_keytab']
 hdfs_user = config['configurations']['hadoop-env']['hdfs_user']
 hdfs_principal_name = config['configurations']['hadoop-env']['hdfs_principal_name']
+kinit_path_local = functions.get_kinit_path(default('/configurations/kerberos-env/executable_search_paths',
None))
 
 
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/a201d092/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/templates/metric_monitor.ini.j2
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/templates/metric_monitor.ini.j2
b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/templates/metric_monitor.ini.j2
index 1f1f117..3823912 100644
--- a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/templates/metric_monitor.ini.j2
+++ b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/templates/metric_monitor.ini.j2
@@ -26,8 +26,6 @@ skip_disk_patterns = {{skip_disk_metrics_patterns}}
 
 [emitter]
 send_interval = {{metrics_report_interval}}
-kinit_cmd = {{kinit_cmd}}
-klist_cmd = {{klist_cmd}}
 
 [collector]
 collector_sleep_interval = 10


Mime
View raw message