ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hadoop QA (JIRA)" <>
Subject [jira] [Commented] (AMBARI-13897) Ambari does not configure hbase.coprocessor.regionserver.classes
Date Sat, 14 Nov 2015 19:22:11 GMT


Hadoop QA commented on AMBARI-13897:

{color:green}+1 overall{color}.  Here are the results of testing the latest attachment
  against trunk revision .

    {color:green}+1 @author{color}.  The patch does not contain any @author tags.

    {color:green}+1 tests included{color}.  The patch appears to include 2 new or modified
test files.

    {color:green}+1 javac{color}.  The applied patch does not increase the total number of
javac compiler warnings.

    {color:green}+1 release audit{color}.  The applied patch does not increase the total number
of release audit warnings.

    {color:green}+1 core tests{color}.  The patch passed unit tests in ambari-server.

Test results:
Console output:

This message is automatically generated.

> Ambari does not configure hbase.coprocessor.regionserver.classes 
> -----------------------------------------------------------------
>                 Key: AMBARI-13897
>                 URL:
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.1.0
>            Reporter: Jaimin D Jetly
>            Assignee: Jaimin D Jetly
>            Priority: Critical
>             Fix For: 2.1.3
>         Attachments: AMBARI-13897.patch
> In a newly installed cluster with security and ranger, I cannot find {{hbase.coprocessor.regionserver.classes}}
configured which is needed to protect some of the direct RPC's to the regionserver (stopping
regionserver is an example). 
> In a proper cluster all *three* properties should be configured:  
> {code}
> <property>
>   <name>hbase.coprocessor.region.classes</name>
>   <value>,,</value>
> </property>
> <property>
>   <name>hbase.coprocessor.master.classes</name>
>   <value></value>
> </property>
> <property>
>   <name>hbase.coprocessor.regionserver.classes</name>
>   <value>org.apache.hadoop/</value>
> </property>
> {code}
> In stackadvisor, I can see that we are configuring {{hbase.coprocessor.regionserver.classes}},
but somehow in a newly installed cluster, I don't find the setting in hbase-site.xml. 
> There are a couple of action items from this jira: 
>  # Make sure that {{hbase.coprocessor.regionserver.classes}} is configured properly for
secure clusters. 
> # reading the stackadvisor code, it can be improved so that if the customer has configured
other coprocessors, they are not lost.  The logic for {{hbase.coprocessor.regionserver.classes}}
and {{hbase.coprocessor.region.classes}} and {{hbase.coprocessor.master.classes}} should be
something like this: 
>  - get the list of co-processors and put them to a set. 
>  - If security is enabled, then add either ranger or hbase native AC coprocessors to
the set 
>  - Else remove the AC and ranger AC coprocessors from the list 
>  - write the configurations to hbase-site. 

This message was sent by Atlassian JIRA

View raw message