ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Fernandez" <afernan...@hortonworks.com>
Subject Re: Review Request 25465: Enable security fails for Zookeeper using HDP 1.3
Date Thu, 11 Sep 2014 20:50:08 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25465/
-----------------------------------------------------------

(Updated Sept. 11, 2014, 8:50 p.m.)


Review request for Ambari, Florian Barca, Jaimin Jetly, Xi Wang, and Yusaku Sako.


Bugs: AMBARI-7212
    https://issues.apache.org/jira/browse/AMBARI-7212


Repository: ambari


Description
-------

Zookeeper fails to start in a kerberized cluster using HDP 1.3.

Repro Steps:
Create a cluster with HDP 1.3 and ensure that Zookeeper is running.
Attempt to kerberize the cluster.
When downloading the csv file, the Zookeeper keytab file path is missing.
Upon restarting the service, the agent returns the following error,


```
2014-09-08 15:48:50,838 - Error while executing command 'start':
Traceback (most recent call last):
  File "/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py",
line 122, in execute
    method(env)
  File "/var/lib/ambari-agent/cache/stacks/HDP/1.3.2/services/ZOOKEEPER/package/scripts/zookeeper_server.py",
line 40, in start
    self.configure(env)
  File "/var/lib/ambari-agent/cache/stacks/HDP/1.3.2/services/ZOOKEEPER/package/scripts/zookeeper_server.py",
line 35, in configure
    zookeeper(type='server')
  File "/var/lib/ambari-agent/cache/stacks/HDP/1.3.2/services/ZOOKEEPER/package/scripts/zookeeper.py",
line 88, in zookeeper
    configFile("zookeeper_jaas.conf", template_name="zookeeper_jaas.conf.j2")
  File "/var/lib/ambari-agent/cache/stacks/HDP/1.3.2/services/ZOOKEEPER/package/scripts/zookeeper.py",
line 105, in configFile
    group=params.user_group
  File "/usr/lib/python2.6/site-packages/resource_management/core/base.py", line 148, in __init__
    self.env.run()
  File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 149,
in run
    self.run_action(resource, action)
  File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 115,
in run_action
    provider_action()
  File "/usr/lib/python2.6/site-packages/resource_management/core/providers/system.py", line
96, in action_create
    content = self._get_content()
  File "/usr/lib/python2.6/site-packages/resource_management/core/providers/system.py", line
138, in _get_content
    return content()
  File "/usr/lib/python2.6/site-packages/resource_management/core/source.py", line 47, in
__call__
    return self.get_content()
  File "/usr/lib/python2.6/site-packages/resource_management/core/source.py", line 126, in
get_content
    rendered = self.template.render(self.context)
  File "/usr/lib/python2.6/site-packages/ambari_jinja2/environment.py", line 891, in render
    return self.environment.handle_exception(exc_info, True)
  File "/var/lib/ambari-agent/cache/stacks/HDP/1.3.2/services/ZOOKEEPER/package/templates/zookeeper_jaas.conf.j2",
line 26, in top-level template code
    principal="{{zk_principal}}";
  File "/usr/lib/python2.6/site-packages/resource_management/libraries/script/config_dictionary.py",
line 75, in __getattr__
    raise Fail("Configuration parameter '"+self.name+"' was not found in configurations dictionary!")
Fail: Configuration parameter 'zookeeper_keytab_path' was not found in configurations dictionary!
```

Also, upon navigating to [http://<server>/api/v1/clusters/<cluster_name>/configurations?type=zookeeper-env&tag=<version>]
the zookeeper_keytab_path property is missing.


Diffs
-----

  ambari-web/app/data/secure_properties.js ba1e26d 

Diff: https://reviews.apache.org/r/25465/diff/


Testing
-------

Ran unit tests, all of which passed.
Created a cluster with HDP 1.3 and Zookeeper service. After applying the patch, was able to
kerberize the cluster with Zookeeper running.


Thanks,

Alejandro Fernandez


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message