Return-Path: X-Original-To: apmail-incubator-bigtop-commits-archive@minotaur.apache.org Delivered-To: apmail-incubator-bigtop-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 50EF87F01 for ; Tue, 25 Oct 2011 01:28:10 +0000 (UTC) Received: (qmail 34631 invoked by uid 500); 25 Oct 2011 01:28:10 -0000 Delivered-To: apmail-incubator-bigtop-commits-archive@incubator.apache.org Received: (qmail 34595 invoked by uid 500); 25 Oct 2011 01:28:10 -0000 Mailing-List: contact bigtop-commits-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: bigtop-dev@incubator.apache.org Delivered-To: mailing list bigtop-commits@incubator.apache.org Received: (qmail 34587 invoked by uid 99); 25 Oct 2011 01:28:10 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Oct 2011 01:28:10 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Oct 2011 01:28:06 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 889602388A64; Tue, 25 Oct 2011 01:27:45 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1188486 - in /incubator/bigtop/trunk/bigtop-deploy/puppet/manifests: cluster.pp site.pp Date: Tue, 25 Oct 2011 01:27:45 -0000 To: bigtop-commits@incubator.apache.org From: rvs@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20111025012745.889602388A64@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: rvs Date: Tue Oct 25 01:27:45 2011 New Revision: 1188486 URL: http://svn.apache.org/viewvc?rev=1188486&view=rev Log: BIGTOP-145. make cluster.pp be able to handle secure and unsecure deployments Modified: incubator/bigtop/trunk/bigtop-deploy/puppet/manifests/cluster.pp incubator/bigtop/trunk/bigtop-deploy/puppet/manifests/site.pp Modified: incubator/bigtop/trunk/bigtop-deploy/puppet/manifests/cluster.pp URL: http://svn.apache.org/viewvc/incubator/bigtop/trunk/bigtop-deploy/puppet/manifests/cluster.pp?rev=1188486&r1=1188485&r2=1188486&view=diff ============================================================================== --- incubator/bigtop/trunk/bigtop-deploy/puppet/manifests/cluster.pp (original) +++ incubator/bigtop/trunk/bigtop-deploy/puppet/manifests/cluster.pp Tue Oct 25 01:27:45 2011 @@ -13,9 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -node hadoop_cluster_node { - $hadoop_head_node="ip-10-114-221-125.ec2.internal" - +class hadoop_cluster_node { $hadoop_namenode_host="$hadoop_head_node" $hadoop_namenode_port="17020" $hadoop_namenode_thrift_port="10090" @@ -35,26 +33,27 @@ node hadoop_cluster_node { $hadoop_zookeeper_ensemble = ["$hadoop_head_node:2888:3888"] - # $hadoop_security_authentication="kerberos" - - # $kerberos_domain = "example.com" - # $kerberos_realm = "EXAMPLE.COM" - # $kerberos_kdc_server = "c0405" - - # include kerberos::client - # kerberos::client::host_keytab { ["hdfs", "mapred", "hbase", "oozie"]: - # princs_map => { hdfs => [ "host", "hdfs" ], - # mapred => [ "mapred" ], - # hbase => [ "hbase" ], - # oozie => [ "oozie" ], }, - # } + + if ($hadoop_security_authentication == "kerberos") { + $kerberos_domain = "compute-1.internal" + $kerberos_realm = "EXAMPLE.COM" + $kerberos_kdc_server = "$hadoop_head_node" + + include kerberos::client + kerberos::client::host_keytab { ["hdfs", "mapred", "hbase", "oozie"]: + princs_map => { hdfs => [ "host", "hdfs" ], + mapred => [ "mapred" ], + hbase => [ "hbase" ], + oozie => [ "oozie" ], }, + } + } } -node hadoop_worker_node inherits hadoop_cluster_node { +class hadoop_worker_node inherits hadoop_cluster_node { hadoop::datanode { "datanode": namenode_host => $hadoop_namenode_host, namenode_port => $hadoop_namenode_port, - # auth => $hadoop_security_authentication, + auth => $hadoop_security_authentication, } hadoop::tasktracker { "tasktracker": @@ -62,16 +61,16 @@ node hadoop_worker_node inherits hadoop_ namenode_port => $hadoop_namenode_port, jobtracker_host => $hadoop_jobtracker_host, jobtracker_port => $hadoop_jobtracker_port, - # auth => $hadoop_security_authentication, + auth => $hadoop_security_authentication, } hadoop-hbase::server { "hbase region server": rootdir => $hadoop_hbase_rootdir, zookeeper_quorum => $hadoop_hbase_zookeeper_quorum, - # kerberos_realm => $kerberos_realm, + kerberos_realm => $kerberos_realm, } - $hdfs_data_dir = ["/mnt/data"] + $hdfs_data_dir = ["/mnt/hdfs"] $mapred_data_dir = [ "/mnt/scratch" ] file { @@ -87,27 +86,28 @@ node hadoop_worker_node inherits hadoop_ ensure => directory, owner => hdfs, group => hdfs, - mode => 700, + mode => 755, } } +class hadoop_head_node inherits hadoop_cluster_node { -node hadoop_head_node inherits hadoop_cluster_node { - - # include kerberos::kdc, kerberos::kdc::admin_server + if ($hadoop_security_authentication == "kerberos") { + include kerberos::kdc, kerberos::kdc::admin_server + } hadoop::namenode { "namenode": port => $hadoop_namenode_port, jobtracker_host => $hadoop_jobtracker_host, jobtracker_port => $hadoop_jobtracker_port, # thrift_port => $hadoop_namenode_thrift_port, - # auth => $hadoop_security_authentication, + auth => $hadoop_security_authentication, } hadoop::secondarynamenode { "secondary namenode": namenode_host => $hadoop_namenode_host, namenode_port => $hadoop_namenode_port, - # auth => $hadoop_security_authentication, + auth => $hadoop_security_authentication, } hadoop::jobtracker { "jobtracker": @@ -116,17 +116,17 @@ node hadoop_head_node inherits hadoop_cl host => $hadoop_jobtracker_host, port => $hadoop_jobtracker_port, # thrift_port => $hadoop_jobtracker_thrift_port, - # auth => $hadoop_security_authentication, + auth => $hadoop_security_authentication, } hadoop-hbase::master { "hbase master": rootdir => $hadoop_hbase_rootdir, zookeeper_quorum => $hadoop_hbase_zookeeper_quorum, - # kerberos_realm => $kerberos_realm, + kerberos_realm => $kerberos_realm, } hadoop-oozie::server { "oozie server": - # kerberos_realm => $kerberos_realm, + kerberos_realm => $kerberos_realm, } hadoop-zookeeper::server { "zookeeper": @@ -153,7 +153,7 @@ node hadoop_head_node inherits hadoop_cl } } -node hadoop_gateway_node inherits hadoop_head_node { +class hadoop_gateway_node inherits hadoop_head_node { # hadoop::client { "gateway": # namenode_host => $hadoop_namenode_host, # namenode_port => $hadoop_namenode_port, Modified: incubator/bigtop/trunk/bigtop-deploy/puppet/manifests/site.pp URL: http://svn.apache.org/viewvc/incubator/bigtop/trunk/bigtop-deploy/puppet/manifests/site.pp?rev=1188486&r1=1188485&r2=1188486&view=diff ============================================================================== --- incubator/bigtop/trunk/bigtop-deploy/puppet/manifests/site.pp (original) +++ incubator/bigtop/trunk/bigtop-deploy/puppet/manifests/site.pp Tue Oct 25 01:27:45 2011 @@ -19,17 +19,22 @@ yumrepo { "Bigtop": baseurl => "http://bigtop01.cloudera.org:8080/job/Bigtop-trunk-centos5/lastSuccessfulBuild/artifact/output/", descr => "Bigtop packages", enabled => 1, - gpgcheck => 0 + gpgcheck => 0, } package { "jdk": ensure => "installed", } -import "cluster.pp" +# $hadoop_head_node="beefy.my.org" +# $hadoop_security_authentication="kerberos" -node default inherits hadoop_worker_node { -} +import "cluster.pp" -node 'ip-10-114-221-125.ec2.internal' inherits hadoop_head_node { +node default { + if ($hadoop_head_node == $fqdn) { + include hadoop_head_node + } else { + include hadoop_worker_node + } }