ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Levas (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (AMBARI-8976) Use cluster property rather than cluster-env/security_enabled to enable or disable Kerberos
Date Sun, 25 Jan 2015 18:15:34 GMT

     [ https://issues.apache.org/jira/browse/AMBARI-8976?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Robert Levas updated AMBARI-8976:
---------------------------------
    Description: 
Use a cluster property rather than {{cluster-env/security_enabled}} to enable or disable Kerberos.
 Since {{cluster-env/security_enabled}} is used by services to determine if Kerberos is enabled
or not, it should not be set before completing the process of enabling or disabling Kerberos.
 To declare whether the cluster enable or disable Kerberos, a property on the cluster should
be set.  The property should be called {{security_type}} and must have one of the following
values:
* NONE
* KERBEROS 

By using {{cluster-env/security_enabled}}, the configuration property gets set to "true" before
Kerberos is filly enabled.   This is causing issues with stopping services so that the updated
Kerberos-related configurations can be set.

Example API call to enable Kerberos
{code:title=PUT /api/v1/clusters/c1}
{
  "Clusters" : {
    "security_type" : "KERBEROS"
  }
}
{code}

Example API call to disable Kerberos
{code:title=PUT /api/v1/clusters/c1}
{
  "Clusters" : {
    "security_type" : "NONE"
  }
}
{code}

  was:
Use a cluster property rather than {{cluster-env/security_enabled}} to enable or disable Kerberos.
 Since {{cluster-env/security_enabled}} is used by services to determine if Kerberos is enabled
or not, it should not be set before completing the process of enabling or disabling Kerberos.
 To declare whether the cluster enable or disable Kerberos, a property on the cluster should
be set.  The property should be called {{security_type}} and must have one of the following
values:
* NONE
* KERBEROS 

By using {{cluster-env/security_enabled}}, the configuration property gets set to "true" before
Kerberos is filly enabled.   This is causing issues with stopping services so that the updated
Kerberos-related configurations can be set.


> Use cluster property rather than cluster-env/security_enabled to enable or disable Kerberos
> -------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-8976
>                 URL: https://issues.apache.org/jira/browse/AMBARI-8976
>             Project: Ambari
>          Issue Type: Task
>          Components: ambari-server
>    Affects Versions: 2.0.0
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>            Priority: Blocker
>              Labels: kerberos
>             Fix For: 2.0.0
>
>
> Use a cluster property rather than {{cluster-env/security_enabled}} to enable or disable
Kerberos.  Since {{cluster-env/security_enabled}} is used by services to determine if Kerberos
is enabled or not, it should not be set before completing the process of enabling or disabling
Kerberos.  To declare whether the cluster enable or disable Kerberos, a property on the cluster
should be set.  The property should be called {{security_type}} and must have one of the following
values:
> * NONE
> * KERBEROS 
> By using {{cluster-env/security_enabled}}, the configuration property gets set to "true"
before Kerberos is filly enabled.   This is causing issues with stopping services so that
the updated Kerberos-related configurations can be set.
> Example API call to enable Kerberos
> {code:title=PUT /api/v1/clusters/c1}
> {
>   "Clusters" : {
>     "security_type" : "KERBEROS"
>   }
> }
> {code}
> Example API call to disable Kerberos
> {code:title=PUT /api/v1/clusters/c1}
> {
>   "Clusters" : {
>     "security_type" : "NONE"
>   }
> }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message