Updated Branches: refs/heads/trunk 49a3cbe9f -> ec7f70673
AMBARI-3592. Reassign Master(secure cluster): Display principal and keytab path creation as a required manual step. (akovalenko) Project: http://git-wip-us.apache.org/repos/asf/incubator-ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ambari/commit/ec7f7067 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ambari/tree/ec7f7067 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ambari/diff/ec7f7067 Branch: refs/heads/trunk Commit: ec7f70673b05ab1cdea7297a4135f304c3388110 Parents: 49a3cbe Author: Aleksandr Kovalenko <[email protected]> Authored: Fri Oct 25 19:25:50 2013 +0300 Committer: Aleksandr Kovalenko <[email protected]> Committed: Fri Oct 25 19:25:50 2013 +0300 ---------------------------------------------------------------------- ambari-web/app/controllers/main/service/item.js | 1 + .../main/service/reassign/step4_controller.js | 21 ++++- .../main/service/reassign_controller.js | 80 ++++++++++++++++++-- ambari-web/app/messages.js | 11 +-- ambari-web/app/routes/reassign_master_routes.js | 3 +- .../templates/main/service/reassign/step5.hbs | 7 +- .../views/main/service/reassign/step5_view.js | 23 +++++- 7 files changed, 123 insertions(+), 23 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/controllers/main/service/item.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/controllers/main/service/item.js b/ambari-web/app/controllers/main/service/item.js index 6069236..64fb843 100644 --- a/ambari-web/app/controllers/main/service/item.js +++ b/ambari-web/app/controllers/main/service/item.js @@ -202,6 +202,7 @@ App.MainServiceItemController = Em.Controller.extend({ console.log('In Reassign Master', hostComponent); var reassignMasterController = App.router.get('reassignMasterController'); reassignMasterController.saveComponentToReassign(component); + reassignMasterController.getSecurityStatus(); reassignMasterController.setCurrentStep('1'); App.router.transitionTo('reassign'); }, http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/controllers/main/service/reassign/step4_controller.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/controllers/main/service/reassign/step4_controller.js b/ambari-web/app/controllers/main/service/reassign/step4_controller.js index 4d8df1d..bcd2461 100644 --- a/ambari-web/app/controllers/main/service/reassign/step4_controller.js +++ b/ambari-web/app/controllers/main/service/reassign/step4_controller.js @@ -194,11 +194,13 @@ App.ReassignMasterWizardStep4Controller = App.HighAvailabilityProgressPageContro onLoadConfigs: function (data) { var isHadoop2Stack = App.get('isHadoop2Stack'); + var securityEnabled = this.get('content.securityEnabled'); var componentName = this.get('content.reassign.component_name'); var targetHostName = this.get('content.reassignHosts.target'); var sourceHostName = this.get('content.reassignHosts.source'); var configs = {}; var componentDir = ''; + var secureConfigs = []; this.set('configsSitesNumber', data.items.length); this.set('configsSitesCount', 0); data.items.forEach(function (item) { @@ -231,6 +233,10 @@ App.ReassignMasterWizardStep4Controller = App.HighAvailabilityProgressPageContro if (App.Service.find().someProperty('serviceName', 'HBASE')) { configs['hbase-site']['hbase.rootdir'] = configs['hbase-site']['hbase.rootdir'].replace(/\/\/[^\/]*/, '//' + targetHostName); } + if (securityEnabled) { + secureConfigs.push({keytab: configs['hdfs-site']['dfs.namenode.keytab.file'], principal: configs['hdfs-site']['dfs.namenode.kerberos.principal']}); + secureConfigs.push({keytab: configs['hdfs-site']['dfs.web.authentication.kerberos.keytab'], principal: configs['hdfs-site']['dfs.web.authentication.kerberos.principal']}); + } break; case 'SECONDARY_NAMENODE': if (isHadoop2Stack) { @@ -240,11 +246,18 @@ App.ReassignMasterWizardStep4Controller = App.HighAvailabilityProgressPageContro componentDir = configs['core-site']['fs.checkpoint.dir']; configs['hdfs-site']['dfs.secondary.http.address'] = targetHostName + ':50090'; } + if (securityEnabled) { + secureConfigs.push({keytab: configs['hdfs-site']['dfs.secondary.namenode.keytab.file'], principal: configs['hdfs-site']['dfs.secondary.namenode.kerberos.principal']}); + secureConfigs.push({keytab: configs['hdfs-site']['dfs.web.authentication.kerberos.keytab'], principal: configs['hdfs-site']['dfs.web.authentication.kerberos.principal']}); + } break; case 'JOBTRACKER': configs['mapred-site']['mapreduce.history.server.http.address'] = targetHostName + ':51111'; configs['mapred-site']['mapred.job.tracker.http.address'] = targetHostName + ':50030'; configs['mapred-site']['mapred.job.tracker'] = targetHostName + ':50300'; + if (securityEnabled) { + secureConfigs.push({keytab: configs['mapred-site']['mapreduce.jobtracker.keytab.file'], principal: configs['mapred-site']['mapreduce.jobtracker.kerberos.principal']}); + } break; case 'RESOURCEMANAGER': configs['yarn-site']['yarn.resourcemanager.address'] = targetHostName + ':8050'; @@ -253,10 +266,16 @@ App.ReassignMasterWizardStep4Controller = App.HighAvailabilityProgressPageContro configs['yarn-site']['yarn.resourcemanager.scheduler.address'] = targetHostName + ':8030'; configs['yarn-site']['yarn.resourcemanager.webapp.address'] = targetHostName + ':8088'; configs['yarn-site']['yarn.resourcemanager.hostname'] = targetHostName; + if (securityEnabled) { + secureConfigs.push({keytab: configs['yarn-site']['yarn.resourcemanager.keytab'], principal: configs['yarn-site']['yarn.resourcemanager.principal']}); + secureConfigs.push({keytab: configs['yarn-site']['yarn.resourcemanager.webapp.spnego-keytab-file'], principal: configs['yarn-site']['yarn.resourcemanager.webapp.spnego-principal']}); + } + break; } - if (componentDir) { + if (componentDir || secureConfigs.length) { App.router.get(this.get('content.controllerName')).saveComponentDir(componentDir); + App.router.get(this.get('content.controllerName')).saveSecureConfigs(secureConfigs); App.clusterStatus.setClusterStatus({ clusterName: this.get('content.cluster.name'), clusterState: this.get('clusterDeployState'), http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/controllers/main/service/reassign_controller.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/controllers/main/service/reassign_controller.js b/ambari-web/app/controllers/main/service/reassign_controller.js index a0efb8b..4da24b6 100644 --- a/ambari-web/app/controllers/main/service/reassign_controller.js +++ b/ambari-web/app/controllers/main/service/reassign_controller.js @@ -54,18 +54,60 @@ App.ReassignMasterController = App.WizardController.extend({ serviceName: 'MISC', hdfsUser:"hdfs", reassign: null, - hasManualSteps: false + componentsWithManualCommands: ['NAMENODE', 'SECONDARY_NAMENODE'], + hasManualSteps: false, + securityEnabled: false }), - componentsWithManualSteps: ['NAMENODE', 'SECONDARY_NAMENODE'], - addManualSteps: function () { - this.set('content.hasManualSteps', this.get('componentsWithManualSteps').contains(this.get('content.reassign.component_name'))); - }.observes('content.reassign.component_name'), + this.set('content.hasManualSteps', this.get('content.componentsWithManualCommands').contains(this.get('content.reassign.component_name')) || this.get('content.securityEnabled')); + }.observes('content.reassign.component_name', 'content.securityEnabled'), + + getSecurityStatus: function () { + if (App.testMode) { + this.set('securityEnabled', !App.testEnableSecurity); + } else { + //get Security Status From Server + App.ajax.send({ + name: 'config.tags.sync', + sender: this, + success: 'getSecurityStatusSuccessCallback', + error: 'errorCallback' + }); + } + }, - skipStep3: function () { - return this.get('content.reassign.service_id') == 'GANGLIA'; - }.property('content.reassign.service_id'), + errorCallback: function () { + console.error('Cannot get security status from server'); + }, + + getSecurityStatusSuccessCallback: function (data) { + var configs = data.Clusters.desired_configs; + if ('global' in configs) { + this.getServiceConfigsFromServer(configs['global'].tag); + } + else { + console.error('Cannot get security status from server'); + } + }, + + getServiceConfigsFromServer: function (tag) { + var tags = [ + { + siteName: "global", + tagName: tag + } + ]; + var data = App.router.get('configurationController').getConfigsByTags(tags); + var configs = data.findProperty('tag', tag).properties; + var result = configs && (configs['security_enabled'] === 'true' || configs['security_enabled'] === true); + this.saveSecurityEnabled(result); + App.clusterStatus.setClusterStatus({ + clusterName: this.get('content.cluster.name'), + wizardControllerName: 'reassignMasterController', + localdb: App.db.data + }); + }, /** * return new object extended from clusterStatusTemplate @@ -248,6 +290,27 @@ App.ReassignMasterController = App.WizardController.extend({ this.set('content.reassignHosts', reassignHosts); }, + + saveSecurityEnabled: function(securityEnabled){ + this.setDBProperty('securityEnabled', securityEnabled); + this.set('content.securityEnabled', securityEnabled); + }, + + loadSecurityEnabled: function(){ + var securityEnabled = this.getDBProperty('securityEnabled'); + this.set('content.securityEnabled', securityEnabled); + }, + + saveSecureConfigs: function(secureConfigs){ + this.setDBProperty('secureConfigs', secureConfigs); + this.set('content.secureConfigs', secureConfigs); + }, + + loadSecureConfigs: function(){ + var secureConfigs = this.getDBProperty('secureConfigs'); + this.set('content.secureConfigs', secureConfigs); + }, + /** * Load data for all steps until <code>current step</code> */ @@ -256,6 +319,7 @@ App.ReassignMasterController = App.WizardController.extend({ switch (step) { case '6': case '5': + this.loadSecureConfigs(); this.loadComponentDir(); case '4': this.loadTasksStatuses(); http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/messages.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/messages.js b/ambari-web/app/messages.js index dbf9cb3..b68626b 100644 --- a/ambari-web/app/messages.js +++ b/ambari-web/app/messages.js @@ -1151,15 +1151,8 @@ Em.I18n.translations = { '<li>Proceed next' + '</ol>' + '</div>', - 'services.reassign.step5.body.jobtracker': - '<div class="alert alert-info">' + - '<ol>' + - '<li>Copy contents of <b>{0}</b> from source host <b>{1}</b> to the target host <b>{2}</b> same locations</li>' + - '<li>Login to the target host <b>{2}</b> and change permissions for the JobTracker dirs by running:' + - '<div class="code-snippet">chown -R mapred:hadoop /hadoop/mapred/</div></li>' + - '<li>Proceed next' + - '</ol>'+ - '</div>', + 'services.reassign.step5.body.securityNotice': 'Note: {0}', + 'services.reassign.step5.body.securityConfigsList': 'Keytab file <b>{0}</b> containing principal <b>{1}</b> should exist on <b>{2}</b>', 'services.reassign.step6.header': 'Start and Test services', 'services.reassign.step6.task0.title': 'Delete disabled {0}', 'services.reassign.step6.task1.title': 'Start All Services', http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/routes/reassign_master_routes.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/routes/reassign_master_routes.js b/ambari-web/app/routes/reassign_master_routes.js index bf862a8..acc99bf 100644 --- a/ambari-web/app/routes/reassign_master_routes.js +++ b/ambari-web/app/routes/reassign_master_routes.js @@ -55,10 +55,11 @@ module.exports = Em.Route.extend({ reassignMasterController.set('popup', popup); App.clusterStatus.updateFromServer(); var currentClusterStatus = App.clusterStatus.get('value'); + App.db.data = currentClusterStatus.localdb; + reassignMasterController.loadSecurityEnabled(); if (currentClusterStatus) { switch (currentClusterStatus.clusterState) { case 'REASSIGN_MASTER_INSTALLING' : - App.db.data = currentClusterStatus.localdb; reassignMasterController.setCurrentStep(currentClusterStatus.localdb.ReassignMaster.currentStep); break; } http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/templates/main/service/reassign/step5.hbs ---------------------------------------------------------------------- diff --git a/ambari-web/app/templates/main/service/reassign/step5.hbs b/ambari-web/app/templates/main/service/reassign/step5.hbs index 71d0e9e..460e648 100644 --- a/ambari-web/app/templates/main/service/reassign/step5.hbs +++ b/ambari-web/app/templates/main/service/reassign/step5.hbs @@ -16,7 +16,12 @@ * limitations under the License. }} <h2>{{t services.reassign.step5.header}}</h2> -{{{view.bodyText}}} +{{{view.manualCommands}}} +{{#if view.securityNotice}} + <div class="alert alert-info"> + {{{view.securityNotice}}} + </div> +{{/if}} <div class="btn-area"> <a class="btn btn-success pull-right" {{bindAttr disabled="isSubmitDisabled"}} {{action next}}>{{t common.next}} →</a> </div> http://git-wip-us.apache.org/repos/asf/incubator-ambari/blob/ec7f7067/ambari-web/app/views/main/service/reassign/step5_view.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/views/main/service/reassign/step5_view.js b/ambari-web/app/views/main/service/reassign/step5_view.js index 0a78a63..40bccef 100644 --- a/ambari-web/app/views/main/service/reassign/step5_view.js +++ b/ambari-web/app/views/main/service/reassign/step5_view.js @@ -23,7 +23,10 @@ App.ReassignMasterWizardStep5View = Em.View.extend({ templateName: require('templates/main/service/reassign/step5'), - bodyText: function () { + manualCommands: function () { + if (!this.get('controller.content.componentsWithManualCommands').contains(this.get('controller.content.reassign.component_name'))) { + return ''; + } var componentDir = this.get('controller.content.componentDir'); var sourceHost = this.get('controller.content.reassignHosts.source'); var targetHost = this.get('controller.content.reassignHosts.target'); @@ -32,6 +35,20 @@ App.ReassignMasterWizardStep5View = Em.View.extend({ ha = '_ha'; var nnStartedHost = this.get('controller.content.masterComponentHosts').filterProperty('component', 'NAMENODE').mapProperty('hostName').without(this.get('controller.content.reassignHosts.target')); } - return Em.I18n.t('services.reassign.step5.body.' + this.get('controller.content.reassign.component_name').toLowerCase() + ha).format(componentDir, sourceHost, targetHost, this.get('controller.content.hdfsUser'),nnStartedHost); - }.property('controller.content.reassign.component_name', 'controller.content.componentDir', 'controller.content.masterComponentHosts', 'controller.content.reassign.host_id', 'controller.content.hdfsUser') + return Em.I18n.t('services.reassign.step5.body.' + this.get('controller.content.reassign.component_name').toLowerCase() + ha).format(componentDir, sourceHost, targetHost, this.get('controller.content.hdfsUser'), nnStartedHost); + }.property('controller.content.reassign.component_name', 'controller.content.componentDir', 'controller.content.masterComponentHosts', 'controller.content.reassign.host_id', 'controller.content.hdfsUser'), + + securityNotice: function () { + var secureConfigs = this.get('controller.content.secureConfigs'); + if (!this.get('controller.content.securityEnabled') || !secureConfigs.length) { + return ''; + } + var formattedText = '<ul>'; + secureConfigs.forEach(function (config) { + formattedText += '<li>' + Em.I18n.t('services.reassign.step5.body.securityConfigsList').format(config.keytab, + config.principal.replace('_HOST', this.get('controller.content.reassignHosts.target')), this.get('controller.content.reassignHosts.target')) + '</li>'; + }, this); + formattedText += '</ul>'; + return Em.I18n.t('services.reassign.step5.body.securityNotice').format(formattedText); + }.property('controller.content.securityEnabled', 'controller.content.secureConfigs', 'controller.content.reassignHosts.target') });
