ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nate Cole" <nc...@hortonworks.com>
Subject Re: Review Request 31177: WebHCat Server Status Alert Does Not Work After Enabling Kerberos
Date Thu, 19 Feb 2015 14:14:08 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/31177/#review73140
-----------------------------------------------------------

Ship it!


Ship It!

- Nate Cole


On Feb. 19, 2015, 9:10 a.m., Jonathan Hurley wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/31177/
> -----------------------------------------------------------
> 
> (Updated Feb. 19, 2015, 9:10 a.m.)
> 
> 
> Review request for Ambari, Nate Cole and Tom Beerbower.
> 
> 
> Bugs: AMBARI-9697
>     https://issues.apache.org/jira/browse/AMBARI-9697
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> After enabling Kerberos, the WebHCat Server Status alert is always CRITICAL. This is
caused by two problems:
> 
> 1) The lack of any kinit and curl combination when the cluster is kerberized
> 2) Assuming that cluster-env/security_enabled means SSL (which is does not!)
> 
> Consulted with the Kerberos folks that cluster-env/security_enabled is used to indicate
kerberization. 
> 
> It appears that WebHCat doesn't have an SSL mode; So going back to the 1.7.0 alert with
a hard-coded http:// scheme for now.
> 
> 
> Diffs
> -----
> 
>   ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/alerts/alert_webhcat_server.py
44840de 
>   ambari-server/src/main/resources/stacks/BIGTOP/0.8/services/WEBHCAT/package/files/alert_webhcat_server.py
44840de 
> 
> Diff: https://reviews.apache.org/r/31177/diff/
> 
> 
> Testing
> -------
> 
> Tested in a kerberized cluster to ensure that the changed code fixed the CRITICAL alert.
Took the service down to verify that the alert triggered correctly. 
> 
> Tested the alert in a regular cluster to ensure the non-kerberized path worked as it
has in the past.
> 
> 
> Thanks,
> 
> Jonathan Hurley
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message