Return-Path: X-Original-To: apmail-ambari-dev-archive@www.apache.org Delivered-To: apmail-ambari-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 8A3E618022 for ; Tue, 2 Jun 2015 13:10:33 +0000 (UTC) Received: (qmail 15890 invoked by uid 500); 2 Jun 2015 13:10:33 -0000 Delivered-To: apmail-ambari-dev-archive@ambari.apache.org Received: (qmail 15857 invoked by uid 500); 2 Jun 2015 13:10:33 -0000 Mailing-List: contact dev-help@ambari.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ambari.apache.org Delivered-To: mailing list dev@ambari.apache.org Received: (qmail 15783 invoked by uid 99); 2 Jun 2015 13:10:33 -0000 Received: from reviews-vm.apache.org (HELO reviews.apache.org) (140.211.11.40) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 02 Jun 2015 13:10:33 +0000 Received: from reviews.apache.org (localhost [127.0.0.1]) by reviews.apache.org (Postfix) with ESMTP id 09E5E1DDFD0; Tue, 2 Jun 2015 13:10:33 +0000 (UTC) Content-Type: multipart/alternative; boundary="===============8749086732864159866==" MIME-Version: 1.0 Subject: Re: Review Request 34919: Kerberos: provide option to set test account name From: "Robert Levas" To: "Emil Anca" , "Robert Nettleton" , "Tom Beerbower" Cc: "Robert Levas" , "Ambari" , "Jeff Sposetti" Date: Tue, 02 Jun 2015 13:10:33 -0000 Message-ID: <20150602131033.1498.14123@reviews.apache.org> X-ReviewBoard-URL: https://reviews.apache.org/ Auto-Submitted: auto-generated Sender: "Robert Levas" X-ReviewGroup: Ambari X-ReviewRequest-URL: https://reviews.apache.org/r/34919/ X-Sender: "Robert Levas" References: <20150602025600.3245.13493@reviews.apache.org> In-Reply-To: <20150602025600.3245.13493@reviews.apache.org> Reply-To: "Robert Levas" X-ReviewRequest-Repository: ambari --===============8749086732864159866== MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/34919/ ----------------------------------------------------------- (Updated June 2, 2015, 9:10 a.m.) Review request for Ambari, Emil Anca, Robert Nettleton, and Tom Beerbower. Changes ------- Fixed error in Gluster kerberos-env.xml file Bugs: AMBARI-11590 https://issues.apache.org/jira/browse/AMBARI-11590 Repository: ambari Description ------- In many situations with large-scale Active Directory deployments, the krb5.conf is managed outside of Ambari. This krb5.conf file is configured with all of the DC's in the AD domain, and the outbound requests to the KDC from clients are load balanced across those servers. In many scenarios the user replication latency causes issues with users not found during the test process. Due to the fact that we generate a new user every time we test, this can get users to a circular situation in which they can never leave this state because of multi-KDC's in their krb5.conf and delay associated with replication. 1) Expose the option to set the test kerberos client principal name (under Advanced kerberos-env) 2) Default the value to something unique, but less than 20 characters `${cluster_name}-${short_date}` Diffs (updated) ----- ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java ad76ffa ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java dc5fc75 ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml ec50f69 ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml 31833cb ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java 684cdd4 Diff: https://reviews.apache.org/r/34919/diff/ Testing ------- Manually tested. #Jenkins test results: PENDING Thanks, Robert Levas --===============8749086732864159866==--