[
https://issues.apache.org/jira/browse/AMBARI-2115?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13670133#comment-13670133
]
Ximo Guanter commented on AMBARI-2115:
--------------------------------------
Hi Mahadev,
The provided patch is orthogonal to the delete hosts api you are mention (I'm
guessing you are referring to AMBARI-1777). In that issue, deleting a host
means removing it from the cluster, but Ambari Server will still know that
hosts exists with a certain cert and so on. The natural way of implementing
that feature would be to send a DELETE request to
/api/v1/clusters/<id>/hosts/<host_id>.
This patch is something different. What it does is force Ambari Server to
forget that a specific agent exists. Maybe the correct title would be "Support
Agent unregistration" rather than "Support host unregistration". What I mean by
forgetting that an agent exists is that it will not have the agent in the lists
of registered agents and it will forget the cert that was used to register the
agent. This is being implemented in a two-step fashion, similar to how
registration works.
The first step the agent takes is to call /agent/v1/unregister/ so that the
server removes the agent from the list of registered agents (this will only
succeed if the host is not part of any cluster). After this step is done, the
host disappears from the /api/v1/hosts list, and the host cannot participate in
any clusters since Ambari Server won't recognize the fqdn as one that contains
a registered Ambari Agent.
In the second step, the agent will make a DELETE call to "/certs/<fqdn>"
through the two-way authentication port. This call will remove the certs that
were created during the Agent registration, which maintains the integrity and
security of agent-server communication. After this step is done, the machine
that contains the Agent can be formatted, swapped with another hardware, or
reverted to a state where Ambari Agent's certs were not present without any
problems. If this step is not done and you revert to a state where Ambari
Agent's certs are not present, you won't be able to successfully start Ambari
Agent in that machine anymore, since the Server won't recognize the Agent's
certs and will refuse to register the Agent.
These two steps are accomplished with a new command on the ambari-agent script:
{{ambari-agent unregister}}
> Support host unregistration
> ---------------------------
>
> Key: AMBARI-2115
> URL: https://issues.apache.org/jira/browse/AMBARI-2115
> Project: Ambari
> Issue Type: New Feature
> Components: agent, build
> Reporter: Ximo Guanter
> Assignee: Ximo Guanter
> Fix For: 1.3.0
>
> Attachments: 0001-Add-support-for-host-unregistration.patch,
> 002-Add-support-for-host-unregistration.patch
>
>
> Right now Ambari is unable to forget a host once it has been registered. This
> makes is tough to use Ambari in a dynamic cluster environment, where clusters
> are torn down and machines are reset to a clean state so they can be reused
> for the next customer.
> If the machine is reset to a clean state without unregistering the host in
> Ambari, the new Ambari client won't be able to register since its cert won't
> match the one Ambari server already has for that host.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
