ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From avija...@apache.org
Subject ambari git commit: AMBARI-19390 : AMS Collector works in HTTP mode after setting ams-site/timeline.metrics.service.http.policy=HTTPS_ONLY to HTTPS_ONLY. (avijayan)
Date Fri, 13 Jan 2017 22:38:17 GMT
Repository: ambari
Updated Branches:
  refs/heads/trunk 23893cc99 -> 89452768c


AMBARI-19390 : AMS Collector works in HTTP mode after setting ams-site/timeline.metrics.service.http.policy=HTTPS_ONLY
to HTTPS_ONLY. (avijayan)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/89452768
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/89452768
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/89452768

Branch: refs/heads/trunk
Commit: 89452768c062b9d77b0f660845ebdb7d750694b5
Parents: 23893cc
Author: Aravindan Vijayan <avijayan@hortonworks.com>
Authored: Fri Jan 13 14:38:08 2017 -0800
Committer: Aravindan Vijayan <avijayan@hortonworks.com>
Committed: Fri Jan 13 14:38:08 2017 -0800

----------------------------------------------------------------------
 .../AMBARI_METRICS/0.1.0/configuration/ams-ssl-client.xml   | 9 +++++++++
 .../AMBARI_METRICS/0.1.0/package/scripts/ams.py             | 2 +-
 .../AMBARI_METRICS/0.1.0/package/scripts/params.py          | 1 +
 .../stacks/2.0.6/AMBARI_METRICS/test_metrics_collector.py   | 2 +-
 .../stacks/2.0.6/AMBARI_METRICS/test_metrics_grafana.py     | 2 +-
 5 files changed, 13 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/89452768/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/configuration/ams-ssl-client.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/configuration/ams-ssl-client.xml
b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/configuration/ams-ssl-client.xml
index 3f28f9f..9543bbe 100644
--- a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/configuration/ams-ssl-client.xml
+++ b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/configuration/ams-ssl-client.xml
@@ -36,4 +36,13 @@
     <description>Password to open the trust store file.</description>
     <on-ambari-upgrade add="true"/>
   </property>
+  <property>
+    <name>ssl.client.truststore.alias</name>
+    <value></value>
+    <description>Alias used to create certificate for AMS. (Default is hostname)</description>
+    <value-attributes>
+      <empty-value-valid>true</empty-value-valid>
+    </value-attributes>
+    <on-ambari-upgrade add="true"/>
+  </property>
 </configuration>

http://git-wip-us.apache.org/repos/asf/ambari/blob/89452768/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/ams.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/ams.py
b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/ams.py
index 8bb8a27..c3bc600 100644
--- a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/ams.py
+++ b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/ams.py
@@ -464,7 +464,7 @@ def export_ca_certs(dir_path):
 
   if (params.metric_truststore_type.lower() == 'jks'):
     # Convert truststore from JKS to PKCS12
-    cmd = format("{sudo} {java64_home}/bin/keytool -importkeystore -srckeystore {metric_truststore_path}
-destkeystore {truststore_p12} -deststoretype PKCS12 -srcstorepass {metric_truststore_password}
-deststorepass {metric_truststore_password}")
+    cmd = format("{sudo} {java64_home}/bin/keytool -importkeystore -srckeystore {metric_truststore_path}
-destkeystore {truststore_p12} -srcalias {metric_truststore_alias} -deststoretype PKCS12 -srcstorepass
{metric_truststore_password} -deststorepass {metric_truststore_password}")
     Execute(cmd,
     )
     truststore = truststore_p12

http://git-wip-us.apache.org/repos/asf/ambari/blob/89452768/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/params.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/params.py
b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/params.py
index f979abb..433870f 100644
--- a/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/params.py
+++ b/ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/params.py
@@ -76,6 +76,7 @@ else:
 metric_truststore_path= default("/configurations/ams-ssl-client/ssl.client.truststore.location",
"")
 metric_truststore_type= default("/configurations/ams-ssl-client/ssl.client.truststore.type",
"")
 metric_truststore_password= default("/configurations/ams-ssl-client/ssl.client.truststore.password",
"")
+metric_truststore_alias = default("/configurations/ams-ssl-client/ssl.client.truststore.alias",
config["hostname"])
 metric_truststore_ca_certs='ca.pem'
 
 agent_cache_dir = config['hostLevelParams']['agentCacheDir']

http://git-wip-us.apache.org/repos/asf/ambari/blob/89452768/ambari-server/src/test/python/stacks/2.0.6/AMBARI_METRICS/test_metrics_collector.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.0.6/AMBARI_METRICS/test_metrics_collector.py
b/ambari-server/src/test/python/stacks/2.0.6/AMBARI_METRICS/test_metrics_collector.py
index 6a754e3..6f48eec 100644
--- a/ambari-server/src/test/python/stacks/2.0.6/AMBARI_METRICS/test_metrics_collector.py
+++ b/ambari-server/src/test/python/stacks/2.0.6/AMBARI_METRICS/test_metrics_collector.py
@@ -41,7 +41,7 @@ class TestMetricsCollector(RMFTestCase):
     self.assert_hbase_configure('master', distributed=True)
     self.assert_hbase_configure('regionserver', distributed=True)
     self.assert_ams('collector', distributed=True)
-    self.assertResourceCalled('Execute', 'ambari-sudo.sh /usr/jdk64/jdk1.7.0_45/bin/keytool
-importkeystore -srckeystore /etc/security/clientKeys/all.jks -destkeystore /some_tmp_dir/truststore.p12
-deststoretype PKCS12 -srcstorepass bigdata -deststorepass bigdata',
+    self.assertResourceCalled('Execute', 'ambari-sudo.sh /usr/jdk64/jdk1.7.0_45/bin/keytool
-importkeystore -srckeystore /etc/security/clientKeys/all.jks -destkeystore /some_tmp_dir/truststore.p12
-srcalias c6401.ambari.apache.org -deststoretype PKCS12 -srcstorepass bigdata -deststorepass
bigdata',
                               )
     self.assertResourceCalled('Execute', 'ambari-sudo.sh openssl pkcs12 -in /some_tmp_dir/truststore.p12
-out /etc/ambari-metrics-collector/conf/ca.pem -cacerts -nokeys -passin pass:bigdata',
                               )

http://git-wip-us.apache.org/repos/asf/ambari/blob/89452768/ambari-server/src/test/python/stacks/2.0.6/AMBARI_METRICS/test_metrics_grafana.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.0.6/AMBARI_METRICS/test_metrics_grafana.py
b/ambari-server/src/test/python/stacks/2.0.6/AMBARI_METRICS/test_metrics_grafana.py
index 9ac14c4..07b27a6 100644
--- a/ambari-server/src/test/python/stacks/2.0.6/AMBARI_METRICS/test_metrics_grafana.py
+++ b/ambari-server/src/test/python/stacks/2.0.6/AMBARI_METRICS/test_metrics_grafana.py
@@ -60,7 +60,7 @@ class TestMetricsGrafana(RMFTestCase):
     self.assertResourceCalled('Execute', ('chown', u'-R', u'ams', '/var/run/ambari-metrics-grafana'),
                               sudo = True
                               )
-    self.assertResourceCalled('Execute', 'ambari-sudo.sh /usr/jdk64/jdk1.7.0_45/bin/keytool
-importkeystore -srckeystore /etc/security/clientKeys/all.jks -destkeystore /some_tmp_dir/truststore.p12
-deststoretype PKCS12 -srcstorepass bigdata -deststorepass bigdata',
+    self.assertResourceCalled('Execute', 'ambari-sudo.sh /usr/jdk64/jdk1.7.0_45/bin/keytool
-importkeystore -srckeystore /etc/security/clientKeys/all.jks -destkeystore /some_tmp_dir/truststore.p12
-srcalias c6401.ambari.apache.org -deststoretype PKCS12 -srcstorepass bigdata -deststorepass
bigdata',
                               )
     self.assertResourceCalled('Execute', 'ambari-sudo.sh openssl pkcs12 -in /some_tmp_dir/truststore.p12
-out /etc/ambari-metrics-grafana/conf/ca.pem -cacerts -nokeys -passin pass:bigdata',
     )


Mime
View raw message