Repository: ambari Updated Branches: refs/heads/trunk 9320e9d2a -> ba276b489
AMBARI-5060. Security Wizard: enable Kerberos setup for Storm. (jaimin) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/ba276b48 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/ba276b48 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/ba276b48 Branch: refs/heads/trunk Commit: ba276b489250a1df0db186ba71e9d30e8df1a47b Parents: 9320e9d Author: Jaimin Jetly <[email protected]> Authored: Wed Mar 12 18:18:13 2014 -0700 Committer: Jaimin Jetly <[email protected]> Committed: Wed Mar 12 18:18:24 2014 -0700 ---------------------------------------------------------------------- .../services/STORM/package/scripts/params.py | 4 +- .../main/admin/security/add/step2.js | 21 ++- .../main/admin/security/add/step3.js | 13 -- .../main/admin/security/add/step4.js | 5 +- ambari-web/app/data/HDP2/secure_configs.js | 4 +- ambari-web/app/data/HDP2/secure_properties.js | 138 ++----------------- .../storm_defaults_provider.js | 3 +- 7 files changed, 30 insertions(+), 158 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py index 138abe0..c0f3e18 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py +++ b/ambari-server/src/main/resources/stacks/HDP/2.1/services/STORM/package/scripts/params.py @@ -54,7 +54,5 @@ if security_enabled: _hostname_lowercase = config['hostname'].lower() _kerberos_domain = config['configurations']['global']['kerberos_domain'] _storm_principal_name = config['configurations']['global']['storm_principal_name'] - - storm_jaas_principal = format("{_storm_principal_name}/{_hostname_lowercase}@{_kerberos_domain}") + storm_jaas_principal = _storm_principal_name.replace('_HOST',_hostname_lowercase) storm_keytab_path = config['configurations']['global']['storm_keytab'] - http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/controllers/main/admin/security/add/step2.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/controllers/main/admin/security/add/step2.js b/ambari-web/app/controllers/main/admin/security/add/step2.js index f951aa6..aa3370c 100644 --- a/ambari-web/app/controllers/main/admin/security/add/step2.js +++ b/ambari-web/app/controllers/main/admin/security/add/step2.js @@ -253,19 +253,16 @@ App.MainAdminSecurityAddStep2Controller = Em.Controller.extend({ this.setHostsToConfig(zooKeeperService, 'zookeeperserver_hosts', 'ZOOKEEPER_SERVER'); this.setHostsToConfig(falconService, 'falcon_server_host', 'FALCON_SERVER'); if (stormService) { - var stormMasterComponents = [ - { - configName: 'storm_ui_server_host', - componentName: 'STORM_UI_SERVER' - }, - { - configName: 'nimbus_host', - componentName: 'NIMBUS' - } - ]; - stormMasterComponents.forEach(function(masterComponent) { - this.setHostsToConfig(stormService, masterComponent.configName, masterComponent.componentName); + var stormComponents = ['STORM_UI_SERVER','NIMBUS','SUPERVISOR']; + var stormHosts = []; + stormComponents.forEach(function(componentName) { + stormHosts.pushObjects(App.Service.find(stormService.serviceName) + .get('hostComponents') + .filterProperty('componentName', componentName) + .mapProperty('host.hostName')); }, this); + var hosts = stormService.configs.findProperty('name', 'storm_host'); + hosts.defaultValue = stormHosts.uniq(); } // Oozie, Falcon, WebHcat and Nagios does not support _HOST in the principal name. Actual hostname should be set instead of _HOST http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/controllers/main/admin/security/add/step3.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/controllers/main/admin/security/add/step3.js b/ambari-web/app/controllers/main/admin/security/add/step3.js index 035467b..7c8c7fb 100644 --- a/ambari-web/app/controllers/main/admin/security/add/step3.js +++ b/ambari-web/app/controllers/main/admin/security/add/step3.js @@ -77,7 +77,6 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({ var smokeUserKeytabPath = generalConfigs.findProperty('name', 'smokeuser_keytab').value; var hdfsUserKeytabPath = generalConfigs.findProperty('name', 'hdfs_user_keytab').value; var hbaseUserKeytabPath = generalConfigs.findProperty('name', 'hbase_user_keytab').value; - var stormUserKeytabPath = generalConfigs.findProperty('name', 'storm_keytab').value; var hadoopHttpPrincipal = hdfsConfigs.findProperty('name', 'hadoop_http_principal_name'); var hadoopHttpKeytabPath = hdfsConfigs.findProperty('name', 'hadoop_http_keytab').value; @@ -138,18 +137,6 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({ acl: '440' }); } - if (isStormInstalled) { - result.push({ - host: host.get('hostName'), - component: Em.I18n.t('admin.addSecurity.user.stormUser'), - principal: stormUser, - keytabFile: stringUtils.getFileFromPath(stormUserKeytabPath), - keytab: stringUtils.getPath(stormUserKeytabPath), - owner: stormUserId, - group: hadoopGroupId, - acl: '440' - }); - } this.setComponentConfig(result,host,'NAMENODE','HDFS','hadoop_http_principal_name','hadoop_http_keytab',Em.I18n.t('admin.addSecurity.hdfs.user.httpUser'),hadoopGroupId); this.setComponentConfig(result,host,'SECONDARY_NAMENODE','HDFS','hadoop_http_principal_name','hadoop_http_keytab',Em.I18n.t('admin.addSecurity.hdfs.user.httpUser'),hadoopGroupId); http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/controllers/main/admin/security/add/step4.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/controllers/main/admin/security/add/step4.js b/ambari-web/app/controllers/main/admin/security/add/step4.js index c9ec96e..cc9284a 100644 --- a/ambari-web/app/controllers/main/admin/security/add/step4.js +++ b/ambari-web/app/controllers/main/admin/security/add/step4.js @@ -353,6 +353,10 @@ App.MainAdminSecurityAddStep4Controller = App.MainAdminSecurityProgressControlle var zkPrincipalName = this.get('globalProperties').findProperty('name', 'zookeeper_principal_name'); zkPrincipalName.value = zkPrincipalName.value + '@' + realmName.value; } + if (this.get('secureServices').someProperty('serviceName', 'STORM')) { + var stormPrincipalName = this.get('globalProperties').findProperty('name', 'storm_principal_name'); + stormPrincipalName.value = stormPrincipalName.value + '@' + realmName.value; + } this.get('globalProperties').forEach(function (_globalProperty) { if (!/_hosts?$/.test(_globalProperty.name)) { _serviceConfigTags.configs[_globalProperty.name] = _globalProperty.value; @@ -402,7 +406,6 @@ App.MainAdminSecurityAddStep4Controller = App.MainAdminSecurityProgressControlle console.warn('Error: Can\'t delete APP_TIMELINE_SERVER'); }, - onJsError: function () { App.ModalPopup.show({ header: Em.I18n.t('common.error'), http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/data/HDP2/secure_configs.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/data/HDP2/secure_configs.js b/ambari-web/app/data/HDP2/secure_configs.js index d69c77f..7b3444e 100644 --- a/ambari-web/app/data/HDP2/secure_configs.js +++ b/ambari-web/app/data/HDP2/secure_configs.js @@ -132,9 +132,7 @@ module.exports = [ displayName: 'Storm', filename: 'storm-site', configCategories: [ - App.ServiceConfigCategory.create({ name: 'NIMBUS', displayName: 'Nimbus'}), - App.ServiceConfigCategory.create({ name: 'STORM_UI_SERVER', displayName: 'Storm UI Server'}), - App.ServiceConfigCategory.create({ name: 'SUPERVISOR', displayName: 'Supervisor'}) + App.ServiceConfigCategory.create({ name: 'Storm Topology', displayName: 'Storm Topology'}) ], sites: ['storm-site'], configs: configProperties.filterProperty('serviceName', 'STORM') http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/data/HDP2/secure_properties.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/data/HDP2/secure_properties.js b/ambari-web/app/data/HDP2/secure_properties.js index 7667dd4..fae3623 100644 --- a/ambari-web/app/data/HDP2/secure_properties.js +++ b/ambari-web/app/data/HDP2/secure_properties.js @@ -924,143 +924,30 @@ module.exports = /**********************************************STORM***************************************/ { "id": "puppet var", - "name": "supervisor_hosts", - "displayName": "Supervisor hosts", + "name": "storm_host", + "displayName": "Storm component hosts", "value": "", "defaultValue": "", - "description": "The host that the master server is running on.", + "description": "Storm component hosts", "displayType": "slaveHosts", "isVisible": true, "isOverridable": false, "serviceName": "STORM", - "category": "SUPERVISOR" + "category": "Storm Topology" }, { "id": "puppet var", - "name": "storm_ui_server_host", - "displayName": "Storm UI Server host", - "value": "", - "defaultValue": "", - "description": "Storm UI Server host", - "displayType": "masterHost", - "isVisible": true, - "isOverridable": false, - "serviceName": "STORM", - "category": "STORM_UI_SERVER" - }, - { - "id": "puppet var", - "name": "nimbus_host", - "displayName": "Nimbus host", - "value": "", - "defaultValue": "", - "description": "Nimbus host", - "displayType": "masterHost", - "isVisible": true, - "isOverridable": false, - "serviceName": "STORM", - "category": "NIMBUS" - }, - { - "id": "puppet var", - "name": "supervisor_keytab", - "displayName": "Path to Supervisor keytab file", - "value": "", - "defaultValue": "/etc/security/keytabs/storm.service.keytab", - "description": "Path to the Storm Service keytab file", - "displayType": "directory", - "isVisible": true, - "isOverridable": false, - "serviceName": "STORM", - "category": "SUPERVISOR", - "component": "SUPERVISOR" - }, - { - "id": "puppet var", - "name": "supervisor_principal_name", - "displayName": "Supervisor principal name", - "value": "", - "defaultValue": "storm/_HOST", - "description": "Principal name for Supervisor. _HOST will get automatically replaced with actual hostname at an instance of Supervisor.", - "displayType": "principal", - "isVisible": true, - "isOverridable": false, - "isConfigurable": false, - "serviceName": "STORM", - "category": "SUPERVISOR", - "component": "SUPERVISOR" - }, - { - "id": "puppet var", - "name": "nimbus_keytab", - "displayName": "Path to Nimbus keytab file", - "value": "", - "defaultValue": "/etc/security/keytabs/storm.service.keytab", - "description": "Path to the Nimbus keytab file", - "displayType": "directory", - "isVisible": true, - "isOverridable": false, - "serviceName": "STORM", - "category": "NIMBUS", - "component": "NIMBUS" - }, - { - "id": "puppet var", - "name": "nimbus_principal_name", - "displayName": "Nimbus principal name", - "value": "", - "defaultValue": "storm/_HOST", - "description": "Principal name for Nimbus. _HOST will get automatically replaced with actual hostname at an instance of Nimbus.", - "displayType": "principal", - "isVisible": true, - "isOverridable": false, - "isConfigurable": false, - "serviceName": "STORM", - "category": "NIMBUS", - "component": "NIMBUS" - }, - { - "id": "puppet var", - "name": "storm_ui_server_keytab", - "displayName": "Path to Storm UI Server keytab file", - "value": "", - "defaultValue": "/etc/security/keytabs/storm.service.keytab", - "description": "Path to the Storm UI Server keytab file", - "displayType": "directory", - "isVisible": true, - "isOverridable": false, - "serviceName": "STORM", - "category": "STORM_UI_SERVER", - "component": "STORM_UI_SERVER" - }, - { - "id": "puppet var", - "name": "storm_ui_server_principal_name", - "displayName": "Storm UI Server principal name", + "name": "storm_principal_name", + "displayName": " Storm principal name", "value": "", "defaultValue": "storm/_HOST", - "description": "Principal name for Storm UI Server. _HOST will get automatically replaced with actual hostname at an instance of Storm UI Server.", + "description": "Principal name for Supervisor. _HOST will get automatically replaced with actual hostname at an instance of every storm component.", "displayType": "principal", "isVisible": true, "isOverridable": false, - "isConfigurable": false, "serviceName": "STORM", - "category": "STORM_UI_SERVER", - "component": "STORM_UI_SERVER" - }, - { - "id": "puppet var", - "name": "storm_principal_name", - "displayName": "Storm principal name", - "value": "", - "defaultValue": "storm", - "description": "This is the principal name for Storm user", - "displayType": "principal", - "isVisible": true, - "isOverridable": false, - "isConfigurable": false, - "serviceName": "GENERAL", - "category": "AMBARI" + "category": "Storm Topology", + "components": ["SUPERVISOR", "NIMBUS", "STORM_UI_SERVER"] }, { "id": "puppet var", @@ -1068,12 +955,13 @@ module.exports = "displayName": "Path to Storm keytab file", "value": "", "defaultValue": "/etc/security/keytabs/storm.service.keytab", - "description": "Path to the Storm Service keytab file", + "description": "Path to the storm keytab file", "displayType": "directory", "isVisible": true, "isOverridable": false, - "serviceName": "GENERAL", - "category": "AMBARI" + "serviceName": "STORM", + "category": "Storm Topology", + "components": ["SUPERVISOR", "NIMBUS"] }, /**********************************************Falcon***************************************/ http://git-wip-us.apache.org/repos/asf/ambari/blob/ba276b48/ambari-web/app/utils/configs/defaults_providers/storm_defaults_provider.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/utils/configs/defaults_providers/storm_defaults_provider.js b/ambari-web/app/utils/configs/defaults_providers/storm_defaults_provider.js index ce8704d..e49e282 100644 --- a/ambari-web/app/utils/configs/defaults_providers/storm_defaults_provider.js +++ b/ambari-web/app/utils/configs/defaults_providers/storm_defaults_provider.js @@ -41,7 +41,8 @@ App.STORMDefaultsProvider = App.DefaultsProvider.extend({ return configs; } configs['drpc.childopts'] = '-Xmx768m'; - configs['ui.childopts'] = '-Xmx768m'; + //ui childopts value should be taken from stack + //configs['ui.childopts'] = '-Xmx768m'; configs['logviewer.childopts'] = '-Xmx128m'; return configs; },
