Repository: ambari Updated Branches: refs/heads/branch-1.7.0 7061e8163 -> b89a14f7c
AMBARI-7685. Add Knox as a managed service in Ambari. (sumit gupta and jaimin jetly) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/b89a14f7 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/b89a14f7 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/b89a14f7 Branch: refs/heads/branch-1.7.0 Commit: b89a14f7c4276cfe2f26fe38a3858ca1a615f308 Parents: 7061e81 Author: Jaimin Jetly <[email protected]> Authored: Sun Oct 12 22:59:31 2014 -0700 Committer: Jaimin Jetly <[email protected]> Committed: Sun Oct 12 22:59:31 2014 -0700 ---------------------------------------------------------------------- .../NAGIOS/package/files/nagios_alerts.php | 1 + .../services/NAGIOS/package/scripts/params.py | 5 +- .../templates/hadoop-servicegroups.cfg.j2 | 8 ++ .../package/templates/hadoop-services.cfg.j2 | 15 +++ .../KNOX/configuration/ambari-topology.xml | 116 ++++++++++++++++ .../KNOX/configuration/gateway-log4j.xml | 83 ++++++++++++ .../KNOX/configuration/gateway-site.xml | 72 ++++++++++ .../services/KNOX/configuration/knox-env.xml | 53 ++++++++ .../services/KNOX/configuration/ldap-log4j.xml | 66 +++++++++ .../services/KNOX/configuration/users-ldif.xml | 135 +++++++++++++++++++ .../stacks/HDP/2.2/services/KNOX/metainfo.xml | 78 +++++++++++ .../2.2/services/KNOX/package/scripts/knox.py | 52 +++++++ .../KNOX/package/scripts/knox_gateway.py | 101 ++++++++++++++ .../2.2/services/KNOX/package/scripts/ldap.py | 39 ++++++ .../2.2/services/KNOX/package/scripts/params.py | 120 +++++++++++++++++ .../KNOX/package/scripts/service_check.py | 45 +++++++ .../KNOX/package/scripts/status_params.py | 27 ++++ .../python/stacks/2.2/KNOX/test_knox_gateway.py | 71 ++++++++++ .../test/python/stacks/2.2/configs/default.json | 55 +++++++- ambari-web/app/controllers/main/service/item.js | 50 +++++++ ambari-web/app/data/HDP2/site_properties.js | 102 ++++++++++++++ ambari-web/app/messages.js | 3 + ambari-web/app/models/service_config.js | 3 + ambari-web/app/models/stack_service.js | 7 +- ambari-web/app/utils/ajax/ajax.js | 17 +++ ambari-web/app/utils/config.js | 10 +- ambari-web/app/views/main/service/item.js | 22 +++ .../test/controllers/main/service/item_test.js | 34 +++++ 28 files changed, 1381 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/files/nagios_alerts.php ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/files/nagios_alerts.php b/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/files/nagios_alerts.php index 0e1e501..878f0dc 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/files/nagios_alerts.php +++ b/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/files/nagios_alerts.php @@ -417,6 +417,7 @@ function hdp_mon_generate_response( $response_data ) case "GANGLIA": case "STORM": case "FALCON": + case "KNOX": case "PUPPET": break; default: http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/scripts/params.py b/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/scripts/params.py index ec6c885..aadc0e6 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/scripts/params.py +++ b/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/scripts/params.py @@ -131,6 +131,7 @@ supervisor_port = "56431" storm_rest_api_port = "8745" falcon_port = config['configurations']['falcon-env']['falcon_port'] ahs_port = get_port_from_url(config['configurations']['yarn-site']['yarn.timeline-service.webapp.address']) +knox_gateway_port = config['configurations']['gateway-site']['gateway.port'] # use sensible defaults for checkpoint as they are required by Nagios and # may not be part of hdfs-site.xml on an upgrade @@ -249,6 +250,7 @@ _falcon_host = default("/clusterHostInfo/falcon_server_hosts", None) #if hbase_rs_hosts not given it is assumed that region servers on same nodes as slaves _hbase_rs_hosts = default("/clusterHostInfo/hbase_rs_hosts", _slave_hosts) _hue_server_host = default("/clusterHostInfo/hue_server_host", None) +_knox_gateway_host = default("/clusterHostInfo/knox_gateway_hosts", None) all_hosts = config['clusterHostInfo']['all_hosts'] if 'namenode_host' in config['clusterHostInfo']: @@ -283,5 +285,6 @@ hostgroup_defs = { 'supervisors' : _supervisor_hosts, 'storm_rest_api' : _storm_rest_api_hosts, 'falcon-server' : _falcon_host, - 'ats-servers' : _app_timeline_server_hosts + 'ats-servers' : _app_timeline_server_hosts, + 'knox-gateway' : _knox_gateway_host } http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/templates/hadoop-servicegroups.cfg.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/templates/hadoop-servicegroups.cfg.j2 b/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/templates/hadoop-servicegroups.cfg.j2 index aee9b15..0aa4b68 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/templates/hadoop-servicegroups.cfg.j2 +++ b/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/templates/hadoop-servicegroups.cfg.j2 @@ -111,3 +111,11 @@ define servicegroup { alias FLUME Checks } {% endif %} + +{%if hostgroup_defs['knox-gateway'] %} +define servicegroup { + servicegroup_name KNOX + alias KNOX Checks +} +{% endif %} + http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/templates/hadoop-services.cfg.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/templates/hadoop-services.cfg.j2 b/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/templates/hadoop-services.cfg.j2 index f69238e..ec375be 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/templates/hadoop-services.cfg.j2 +++ b/ambari-server/src/main/resources/stacks/HDP/2.0.6/services/NAGIOS/package/templates/hadoop-services.cfg.j2 @@ -802,3 +802,18 @@ define service { } {% endif %} +{% if hostgroup_defs['knox-gateway'] %} +# KNOX Checks +define service { + hostgroup_name knox-gateway + use hadoop-service + service_description KNOX::Knox Gateway process + servicegroups KNOX + check_command check_tcp_wrapper!{{ knox_gateway_port }}!-w 1 -c 1 + normal_check_interval 1 + retry_check_interval 0.5 + max_check_attempts 3 +} +{% endif %} + + http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/ambari-topology.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/ambari-topology.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/ambari-topology.xml new file mode 100644 index 0000000..46a9e42 --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/ambari-topology.xml @@ -0,0 +1,116 @@ +<?xml version="1.0"?> +<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> +<!-- +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +--> + +<configuration supports_final="false" supports_adding_forbidden="true"> + <!-- topology file --> + + <property> + <name>content</name> + <value> + <topology> + + <gateway> + + <provider> + <role>authentication</role> + <name>ShiroProvider</name> + <enabled>true</enabled> + <param> + <name>sessionTimeout</name> + <value>30</value> + </param> + <param> + <name>main.ldapRealm</name> + <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value> + </param> + <param> + <name>main.ldapRealm.userDnTemplate</name> + <value>uid={0},ou=people,dc=hadoop,dc=apache,dc=org</value> + </param> + <param> + <name>main.ldapRealm.contextFactory.url</name> + <value>ldap://{{knox_host_name}}:33389</value> + </param> + <param> + <name>main.ldapRealm.contextFactory.authenticationMechanism</name> + <value>simple</value> + </param> + <param> + <name>urls./**</name> + <value>authcBasic</value> + </param> + </provider> + + <provider> + <role>identity-assertion</role> + <name>Default</name> + <enabled>true</enabled> + </provider> + + </gateway> + + <service> + <role>NAMENODE</role> + <url>hdfs://{{namenode_host}}:{{namenode_rpc_port}}</url> + </service> + + <service> + <role>JOBTRACKER</role> + <url>rpc://{{rm_host}}:{{jt_rpc_port}}</url> + </service> + + <service> + <role>WEBHDFS</role> + <url>http://{{namenode_host}}:{{namenode_http_port}}/webhdfs</url> + </service> + + <service> + <role>WEBHCAT</role> + <url>http://{{webhcat_server_host}}:{{templeton_port}}/templeton</url> + </service> + + <service> + <role>OOZIE</role> + <url>http://{{oozie_server_host}}:{{oozie_server_port}}/oozie</url> + </service> + + <service> + <role>WEBHBASE</role> + <url>http://{{hbase_master_host}}:{{hbase_master_port}}</url> + </service> + + <service> + <role>HIVE</role> + <url>http://{{hive_server_host}}:{{hive_http_port}}/{{hive_http_path}}</url> + </service> + + <service> + <role>RESOURCEMANAGER</role> + <url>http://{{rm_host}}:{{rm_port}}/ws</url> + </service> + </topology> + </value> + <description> + content for topology file for Knox. + </description> + </property> +</configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/gateway-log4j.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/gateway-log4j.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/gateway-log4j.xml new file mode 100644 index 0000000..370f786 --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/gateway-log4j.xml @@ -0,0 +1,83 @@ +<?xml version="1.0"?> +<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> +<!-- +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +--> + +<configuration supports_final="false"> + + <property> + <name>content</name> + <value> + + # Licensed to the Apache Software Foundation (ASF) under one + # or more contributor license agreements. See the NOTICE file + # distributed with this work for additional information + # regarding copyright ownership. The ASF licenses this file + # to you under the Apache License, Version 2.0 (the + # "License"); you may not use this file except in compliance + # with the License. You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + + app.log.dir=${launcher.dir}/../logs + app.log.file=${launcher.name}.log + app.audit.file=${launcher.name}-audit.log + + log4j.rootLogger=ERROR, drfa + + log4j.logger.org.apache.hadoop.gateway=INFO + #log4j.logger.org.apache.hadoop.gateway=DEBUG + + #log4j.logger.org.eclipse.jetty=DEBUG + #log4j.logger.org.apache.shiro=DEBUG + #log4j.logger.org.apache.http=DEBUG + #log4j.logger.org.apache.http.client=DEBUG + #log4j.logger.org.apache.http.headers=DEBUG + #log4j.logger.org.apache.http.wire=DEBUG + + log4j.appender.stdout=org.apache.log4j.ConsoleAppender + log4j.appender.stdout.layout=org.apache.log4j.PatternLayout + log4j.appender.stdout.layout.ConversionPattern=%d{yy/MM/dd HH:mm:ss} %p %c{2}: %m%n + + log4j.appender.drfa=org.apache.log4j.DailyRollingFileAppender + log4j.appender.drfa.File=${app.log.dir}/${app.log.file} + log4j.appender.drfa.DatePattern=.yyyy-MM-dd + log4j.appender.drfa.layout=org.apache.log4j.PatternLayout + log4j.appender.drfa.layout.ConversionPattern=%d{ISO8601} %-5p %c{2} (%F:%M(%L)) - %m%n + + log4j.logger.audit=INFO, auditfile + log4j.appender.auditfile=org.apache.log4j.DailyRollingFileAppender + log4j.appender.auditfile.File=${app.log.dir}/${app.audit.file} + log4j.appender.auditfile.Append = true + log4j.appender.auditfile.DatePattern = '.'yyyy-MM-dd + log4j.appender.auditfile.layout = org.apache.hadoop.gateway.audit.log4j.layout.AuditLayout + + </value> + <description> + content for log4j.properties file for Knox. + </description> + </property> +</configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/gateway-site.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/gateway-site.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/gateway-site.xml new file mode 100644 index 0000000..4d4c4ed --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/gateway-site.xml @@ -0,0 +1,72 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +--> + +<!-- The default settings for Knox. --> +<!-- Edit gateway-site.xml to change settings for your local --> +<!-- install. --> + +<configuration supports_final="false"> + + <property> + <name>gateway.port</name> + <value>8443</value> + <description>The HTTP port for the Gateway.</description> + </property> + + <property> + <name>gateway.path</name> + <value>gateway</value> + <description>The default context path for the gateway.</description> + </property> + + <property> + <name>gateway.gateway.conf.dir</name> + <value>deployments</value> + <description>The directory within GATEWAY_HOME that contains gateway topology files and deployments.</description> + </property> + + <property> + <name>gateway.hadoop.kerberos.secured</name> + <value>false</value> + <description>Boolean flag indicating whether the Hadoop cluster protected by Gateway is secured with Kerberos</description> + </property> + + <property> + <name>java.security.krb5.conf</name> + <value>/etc/knox/conf/krb5.conf</value> + <description>Absolute path to krb5.conf file</description> + </property> + + <property> + <name>java.security.auth.login.config</name> + <value>/etc/knox/conf/krb5JAASLogin.conf</value> + <description>Absolute path to JASS login config file</description> + </property> + + <property> + <name>sun.security.krb5.debug</name> + <value>true</value> + <description>Boolean flag indicating whether to enable debug messages for krb5 authentication</description> + </property> + +</configuration> + + + + http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/knox-env.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/knox-env.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/knox-env.xml new file mode 100644 index 0000000..871d0c0 --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/knox-env.xml @@ -0,0 +1,53 @@ +<?xml version="1.0"?> +<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> +<!-- +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +--> + +<configuration supports_final="true"> + <!-- knox-env.sh --> + + <property require-input="true"> + <name>knox_master_secret</name> + <value></value> + <property-type>PASSWORD</property-type> + <description>password to use as the master secret</description> + </property> + + <property> + <name>knox_user</name> + <value>knox</value> + <property-type>USER</property-type> + <description>Knox Username.</description> + </property> + + <property> + <name>knox_group</name> + <value>knox</value> + <property-type>GROUP</property-type> + <description>Knox Group.</description> + </property> + + <property> + <name>knox_pid_dir</name> + <value>/var/run/knox</value> + <description>Knox PID dir.</description> + </property> + +</configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/ldap-log4j.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/ldap-log4j.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/ldap-log4j.xml new file mode 100644 index 0000000..a0cf658 --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/ldap-log4j.xml @@ -0,0 +1,66 @@ +<?xml version="1.0"?> +<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> +<!-- +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +--> + +<configuration supports_final="false"> + + <property> + <name>content</name> + <value> + # Licensed to the Apache Software Foundation (ASF) under one + # or more contributor license agreements. See the NOTICE file + # distributed with this work for additional information + # regarding copyright ownership. The ASF licenses this file + # to you under the Apache License, Version 2.0 (the + # "License"); you may not use this file except in compliance + # with the License. You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + + app.log.dir=${launcher.dir}/../logs + app.log.file=${launcher.name}.log + + log4j.rootLogger=ERROR, drfa + log4j.logger.org.apache.directory.server.ldap.LdapServer=INFO + log4j.logger.org.apache.directory=WARN + + log4j.appender.stdout=org.apache.log4j.ConsoleAppender + log4j.appender.stdout.layout=org.apache.log4j.PatternLayout + log4j.appender.stdout.layout.ConversionPattern=%d{yy/MM/dd HH:mm:ss} %p %c{2}: %m%n + + log4j.appender.drfa=org.apache.log4j.DailyRollingFileAppender + log4j.appender.drfa.File=${app.log.dir}/${app.log.file} + log4j.appender.drfa.DatePattern=.yyyy-MM-dd + log4j.appender.drfa.layout=org.apache.log4j.PatternLayout + log4j.appender.drfa.layout.ConversionPattern=%d{ISO8601} %-5p %c{2} (%F:%M(%L)) - %m%n + + </value> + <description> + content for log4j.properties file for the demo LDAP that comes with Knox. + </description> + </property> +</configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/users-ldif.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/users-ldif.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/users-ldif.xml new file mode 100644 index 0000000..19a734d --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/configuration/users-ldif.xml @@ -0,0 +1,135 @@ +<?xml version="1.0"?> +<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> +<!-- +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +--> + +<configuration supports_final="false" supports_adding_forbidden="true"> + + <property> + <name>content</name> + <value> + # Licensed to the Apache Software Foundation (ASF) under one + # or more contributor license agreements. See the NOTICE file + # distributed with this work for additional information + # regarding copyright ownership. The ASF licenses this file + # to you under the Apache License, Version 2.0 (the + # "License"); you may not use this file except in compliance + # with the License. You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + + version: 1 + + # Please replace with site specific values + dn: dc=hadoop,dc=apache,dc=org + objectclass: organization + objectclass: dcObject + o: Hadoop + dc: hadoop + + # Entry for a sample people container + # Please replace with site specific values + dn: ou=people,dc=hadoop,dc=apache,dc=org + objectclass:top + objectclass:organizationalUnit + ou: people + + # Entry for a sample end user + # Please replace with site specific values + dn: uid=guest,ou=people,dc=hadoop,dc=apache,dc=org + objectclass:top + objectclass:person + objectclass:organizationalPerson + objectclass:inetOrgPerson + cn: Guest + sn: User + uid: guest + userPassword:guest-password + + # entry for sample user admin + dn: uid=admin,ou=people,dc=hadoop,dc=apache,dc=org + objectclass:top + objectclass:person + objectclass:organizationalPerson + objectclass:inetOrgPerson + cn: Admin + sn: Admin + uid: admin + userPassword:admin-password + + # entry for sample user sam + dn: uid=sam,ou=people,dc=hadoop,dc=apache,dc=org + objectclass:top + objectclass:person + objectclass:organizationalPerson + objectclass:inetOrgPerson + cn: sam + sn: sam + uid: sam + userPassword:sam-password + + # entry for sample user tom + dn: uid=tom,ou=people,dc=hadoop,dc=apache,dc=org + objectclass:top + objectclass:person + objectclass:organizationalPerson + objectclass:inetOrgPerson + cn: tom + sn: tom + uid: tom + userPassword:tom-password + + # create FIRST Level groups branch + dn: ou=groups,dc=hadoop,dc=apache,dc=org + objectclass:top + objectclass:organizationalUnit + ou: groups + description: generic groups branch + + # create the analyst group under groups + dn: cn=analyst,ou=groups,dc=hadoop,dc=apache,dc=org + objectclass:top + objectclass: groupofnames + cn: analyst + description:analyst group + member: uid=sam,ou=people,dc=hadoop,dc=apache,dc=org + member: uid=tom,ou=people,dc=hadoop,dc=apache,dc=org + + + # create the scientist group under groups + dn: cn=scientist,ou=groups,dc=hadoop,dc=apache,dc=org + objectclass:top + objectclass: groupofnames + cn: scientist + description: scientist group + member: uid=sam,ou=people,dc=hadoop,dc=apache,dc=org + + </value> + <description> + content for users-ldif file for the demo LDAP that comes with Knox. + </description> + </property> +</configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/metainfo.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/metainfo.xml b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/metainfo.xml new file mode 100644 index 0000000..571b73b --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/metainfo.xml @@ -0,0 +1,78 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<metainfo> + <schemaVersion>2.0</schemaVersion> + <services> + <service> + <name>KNOX</name> + <displayName>Knox</displayName> + <comment>Provides a single point of authentication and access for Apache Hadoop services in a cluster</comment> + <version>0.5.0</version> + <components> + <component> + <name>KNOX_GATEWAY</name> + <category>MASTER</category> + <cardinality>1+</cardinality> + <commandScript> + <script>scripts/knox_gateway.py</script> + <scriptType>PYTHON</scriptType> + <timeout>600</timeout> + </commandScript> + <customCommands> + <customCommand> + <name>STARTDEMOLDAP</name> + <commandScript> + <script>scripts/demo_ldap.py</script> + <scriptType>PYTHON</scriptType> + <timeout>600</timeout> + </commandScript> + </customCommand> + <customCommand> + <name>STOPDEMOLDAP</name> + <commandScript> + <script>scripts/demo_ldap.py</script> + <scriptType>PYTHON</scriptType> + <timeout>600</timeout> + </commandScript> + </customCommand> + </customCommands> + </component> + </components> + <osSpecifics> + <osSpecific> + <osFamily>any</osFamily> + <packages> + <package> + <name>knox_2_2_0_0_*</name> + </package> + </packages> + </osSpecific> + </osSpecifics> + <commandScript> + <script>scripts/service_check.py</script> + <scriptType>PYTHON</scriptType> + <timeout>300</timeout> + </commandScript> + <configuration-dependencies> + <config-type>gateway-site</config-type> + <config-type>gateway-log4j</config-type> + <config-type>ambari-topology</config-type> + </configuration-dependencies> + </service> + </services> +</metainfo> http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/knox.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/knox.py b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/knox.py new file mode 100644 index 0000000..abd38bd --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/knox.py @@ -0,0 +1,52 @@ +""" +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +""" + +from resource_management import * + + +def knox(): + import params + + Directory(params.knox_conf_dir, + owner = params.knox_user, + group = params.knox_group, + recursive = True + ) + + + XmlConfig("gateway-site.xml", + conf_dir=params.knox_conf_dir, + configurations=params.config['configurations']['gateway-site'], + configuration_attributes=params.config['configuration_attributes']['gateway-site'], + owner=params.knox_user, + group=params.knox_group, + ) + + File(format("{params.knox_conf_dir}/gateway-log4j.properties"), + mode=0644, + group=params.knox_group, + owner=params.knox_user, + content=params.gateway_log4j + ) + + File(format("{params.knox_conf_dir}/topologies/default.xml"), + group=params.knox_group, + owner=params.knox_user, + content=InlineTemplate(params.topology_template) + ) \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/knox_gateway.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/knox_gateway.py b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/knox_gateway.py new file mode 100644 index 0000000..ccb5450 --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/knox_gateway.py @@ -0,0 +1,101 @@ +""" +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +""" + +from resource_management import * +import sys + +from knox import knox +from ldap import ldap + +class KnoxGateway(Script): + def install(self, env): + self.install_packages(env) + import params + env.set_params(params) + cmd = format('{knox_client_bin} create-master --master {knox_master_secret}') + Execute(cmd, + user=params.knox_user + ) + cmd = format('rm -f {knox_conf_dir}/topologies/sandbox.xml') + Execute(cmd) + + def configure(self, env): + import params + env.set_params(params) + knox() + ldap() + + def start(self, env): + import params + env.set_params(params) + self.configure(env) + daemon_cmd = format('{knox_bin} start') + no_op_test = format('ls {knox_pid_file} >/dev/null 2>&1 && ps `cat {knox_pid_file}` >/dev/null 2>&1') + Execute(daemon_cmd, + user=params.knox_user, + not_if=no_op_test + ) + + def stop(self, env): + import params + env.set_params(params) + self.configure(env) + daemon_cmd = format('{knox_bin} stop') + Execute(daemon_cmd, + user=params.knox_user, + ) + Execute (format("rm -f {knox_pid_file}")) + + + def status(self, env): + import status_params + env.set_params(status_params) + check_process_status(status_params.knox_pid_file) + + + def configureldap(self, env): + import params + env.set_params(params) + ldap() + + def startdemoldap(self, env): + import params + env.set_params(params) + self.configureldap(env) + daemon_cmd = format('{ldap_bin} start') + no_op_test = format('ls {ldap_pid_file} >/dev/null 2>&1 && ps `cat {ldap_pid_file}` >/dev/null 2>&1') + Execute(daemon_cmd, + user=params.knox_user, + not_if=no_op_test + ) + + def stopdemoldap(self, env): + import params + env.set_params(params) + self.configureldap(env) + daemon_cmd = format('{ldap_bin} stop') + Execute(daemon_cmd, + user=params.knox_user, + ) + Execute (format("rm -f {ldap_pid_file}")) + + + +if __name__ == "__main__": + KnoxGateway().execute() http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/ldap.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/ldap.py b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/ldap.py new file mode 100644 index 0000000..5061b27 --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/ldap.py @@ -0,0 +1,39 @@ +""" +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +""" + +from resource_management import * + + +def ldap(): + import params + + File(format("{params.knox_conf_dir}/ldap-log4j.properties"), + mode=0644, + group=params.knox_group, + owner=params.knox_user, + content=params.ldap_log4j + ) + + File(format("{params.knox_conf_dir}/users-ldif"), + mode=0644, + group=params.knox_group, + owner=params.knox_user, + content=params.users_ldif + ) + http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/params.py b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/params.py new file mode 100644 index 0000000..5c5abe4 --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/params.py @@ -0,0 +1,120 @@ +""" +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +Ambari Agent + +""" + +from resource_management import * +import status_params + +config = Script.get_config() + +rpm_version = default("/configurations/cluster-env/rpm_version", None) + +if rpm_version: + knox_bin = '/usr/hdp/current/knox-server/bin/gateway.sh' + ldap_bin = '/usr/hdp/current/knox-server/bin/ldap.sh' + knox_client_bin = '/usr/hdp/current/knox-server/bin/knoxcli.sh' +else: + knox_bin = '/usr/bin/gateway' + ldap_bin = '/usr/lib/knox/bin/ldap.sh' + knox_client_bin = '/usr/lib/knox/bin/knoxcli.sh' + +namenode_hosts = default("/clusterHostInfo/namenode_host", None) +if type(namenode_hosts) is list: + namenode_host = namenode_hosts[0] +else: + namenode_host = namenode_hosts + +has_namenode = not namenode_host == None +namenode_http_port = "50070" +namenode_rpc_port = "8020" + +if has_namenode: + if 'dfs.namenode.http-address' in config['configurations']['hdfs-site']: + namenode_http_port = get_port_from_url(config['configurations']['hdfs-site']['dfs.namenode.http-address']) + if 'dfs.namenode.rpc-address' in config['configurations']['hdfs-site']: + namenode_rpc_port = get_port_from_url(config['configurations']['hdfs-site']['dfs.namenode.rpc-address']) + +rm_hosts = default("/clusterHostInfo/rm_host", None) +if type(rm_hosts) is list: + rm_host = rm_hosts[0] +else: + rm_host = rm_hosts +has_rm = not rm_host == None + +jt_rpc_port = "8050" +rm_port = "8080" + +if has_rm: + if 'yarn.resourcemanager.address' in config['configurations']['yarn-site']: + jt_rpc_port = get_port_from_url(config['configurations']['yarn-site']['yarn.resourcemanager.address']) + + if 'yarn.resourcemanager.webapp.address' in config['configurations']['yarn-site']: + rm_port = get_port_from_url(config['configurations']['yarn-site']['yarn.resourcemanager.webapp.address']) + +hive_http_port = default('/configurations/hive-site/hive.server2.thrift.http.port', "10001") +hive_http_path = default('/configurations/hive-site/hive.server2.thrift.http.path', "cliservice") +hive_server_hosts = default("/clusterHostInfo/hive_server_host", None) +if type(hive_server_hosts) is list: + hive_server_host = hive_server_hosts[0] +else: + hive_server_host = hive_server_hosts + +templeton_port = default('/configurations/webhcat-site/templeton.port', "50111") +webhcat_server_hosts = default("/clusterHostInfo/webhcat_server_host", None) +if type(webhcat_server_hosts) is list: + webhcat_server_host = webhcat_server_hosts[0] +else: + webhcat_server_host = webhcat_server_hosts + +hbase_master_port = default('/configurations/hbase-site/hbase.rest.port', "8080") +hbase_master_hosts = default("/clusterHostInfo/hbase_master_hosts", None) +if type(hbase_master_hosts) is list: + hbase_master_host = hbase_master_hosts[0] +else: + hbase_master_host = hbase_master_hosts + +oozie_server_hosts = default("/clusterHostInfo/oozie_server", None) +if type(oozie_server_hosts) is list: + oozie_server_host = oozie_server_hosts[0] +else: + oozie_server_host = oozie_server_hosts + +has_oozie = not oozie_server_host == None +oozie_server_port = "11000" + +if has_oozie: + if 'oozie.base.url' in config['configurations']['oozie-site']: + oozie_server_port = get_port_from_url(config['configurations']['oozie-site']['oozie.base.url']) + + +# server configurations +knox_conf_dir = '/etc/knox/conf' +knox_user = default("/configurations/knox-env/knox_user", "knox") +knox_group = default("/configurations/knox-env/knox_group", "knox") +knox_pid_file = status_params.knox_pid_file +ldap_pid_file = status_params.ldap_pid_file +knox_master_secret = config['configurations']['knox-env']['knox_master_secret'] +knox_host_name = config['clusterHostInfo']['knox_gateway_hosts'][0] +knox_host_port = config['configurations']['gateway-site']['gateway.port'] +topology_template = config['configurations']['ambari-topology']['content'] +gateway_log4j = config['configurations']['gateway-log4j']['content'] +ldap_log4j = config['configurations']['ldap-log4j']['content'] +users_ldif = config['configurations']['users-ldif']['content'] + http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/service_check.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/service_check.py b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/service_check.py new file mode 100644 index 0000000..1505ff3 --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/service_check.py @@ -0,0 +1,45 @@ +#!/usr/bin/env python +""" +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +""" + +from resource_management import * +import socket +import sys + +class KnoxServiceCheck(Script): + + def service_check(self, env): + import params + env.set_params(params) + + address = format("{knox_host_name}") + port = int(format("{knox_host_port}")) + s = socket.socket() + print "Test connectivity to knox server" + try: + s.connect((address, port)) + print "Successfully connected to %s on port %s" % (address, port) + s.close() + except socket.error, e: + print "Connection to %s on port %s failed: %s" % (address, port, e) + sys.exit(1) + + +if __name__ == "__main__": + KnoxServiceCheck().execute() \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/status_params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/status_params.py b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/status_params.py new file mode 100644 index 0000000..880c617 --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/package/scripts/status_params.py @@ -0,0 +1,27 @@ +#!/usr/bin/env python +""" +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +""" + +from resource_management import * + +config = Script.get_config() + +knox_pid_dir = config['configurations']['knox-env']['knox_pid_dir'] +knox_pid_file = format("{knox_pid_dir}/gateway.pid") +ldap_pid_file = format("{knox_pid_dir}/ldap.pid") http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py b/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py new file mode 100644 index 0000000..e61e787 --- /dev/null +++ b/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py @@ -0,0 +1,71 @@ +#!/usr/bin/env python + +''' +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +''' +from stacks.utils.RMFTestCase import * + +class TestKnoxGateway(RMFTestCase): + + def test_configure_default(self): + self.executeScript("2.2/services/KNOX/package/scripts/knox_gateway.py", + classname = "KnoxGateway", + command = "configure", + config_file="default.json" + ) + + self.assertResourceCalled('Directory', '/etc/knox/conf', + owner = 'knox', + group = 'knox', + recursive = True + ) + + self.assertResourceCalled('XmlConfig', 'gateway-site.xml', + owner = 'knox', + group = 'knox', + conf_dir = '/etc/knox/conf', + configurations = self.getConfig()['configurations']['gateway-site'], + configuration_attributes = self.getConfig()['configuration_attributes']['gateway-site'] + ) + + self.assertResourceCalled('File', '/etc/knox/conf/gateway-log4j.properties', + mode=0644, + group='knox', + owner = 'knox', + content = self.getConfig()['configurations']['gateway-log4j']['content'] + ) + self.assertResourceCalled('File', '/etc/knox/conf/topologies/default.xml', + group='knox', + owner = 'knox', + content = InlineTemplate(self.getConfig()['configurations']['ambari-topology']['content']) + ) + self.assertResourceCalled('File', '/etc/knox/conf/ldap-log4j.properties', + mode=0644, + group='knox', + owner = 'knox', + content = self.getConfig()['configurations']['ldap-log4j']['content'] + ) + self.assertResourceCalled('File', '/etc/knox/conf/users-ldif', + mode=0644, + group='knox', + owner = 'knox', + content = self.getConfig()['configurations']['users-ldif']['content'] + ) + + self.assertNoMoreResources() + + http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-server/src/test/python/stacks/2.2/configs/default.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.2/configs/default.json b/ambari-server/src/test/python/stacks/2.2/configs/default.json index ce7a379..5e984fe 100644 --- a/ambari-server/src/test/python/stacks/2.2/configs/default.json +++ b/ambari-server/src/test/python/stacks/2.2/configs/default.json @@ -56,7 +56,39 @@ }, "slider-env": { "content": "envproperties\nline2" - } + }, + "gateway-site": { + "java.security.auth.login.config": "/etc/knox/conf/krb5JAASLogin.conf", + "gateway.hadoop.kerberos.secured": "false", + "gateway.gateway.conf.dir": "deployments", + "gateway.path": "gateway", + "sun.security.krb5.debug": "true", + "java.security.krb5.conf": "/etc/knox/conf/krb5.conf", + "gateway.port": "8443" + }, + + "users-ldif": { + "content": "\n # Licensed to the Apache Software Foundation (ASF) under one\n # or more contributor license agreements. See the NOTICE file\n # distributed with this work for additional information\n # regarding copyright ownership. The ASF licenses this file\n # to you under the Apache License, Version 2.0 (the\n # \"License\"); you may not use this file except in compliance\n # with the License. You may obtain a copy of the License at\n #\n # http://www.apache.org/licenses/LICENSE-2.0\n #\n # Unless required by applicable law or agreed to in writing, software\n # distributed under the License is distributed on an \"AS IS\" BASIS,\n # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n # See the License for the specific language governing permissions and\n # limitations under the Li cense.\n\n version: 1\n\n # Please replace with site specific values\n dn: dc=hadoop,dc=apache,dc=org\n objectclass: organization\n objectclass: dcObject\n o: Hadoop\n dc: hadoop\n\n # Entry for a sample people container\n # Please replace with site specific values\n dn: ou=people,dc=hadoop,dc=apache,dc=org\n objectclass:top\n objectclass:organizationalUnit\n ou: people\n\n # Entry for a sample end user\n # Please replace with site specific values\n dn: uid=guest,ou=people,dc=hadoop,dc=apache,dc=org\n objectclass:top\n objectclass:person\n objectclass:organizationalPerson\n objectclass:inetOrgPerson\n cn: Guest\n sn: User\n uid: guest\n userPassword:guest-password\n\n # entry for sample user admin\n dn : uid=admin,ou=people,dc=hadoop,dc=apache,dc=org\n objectclass:top\n objectclass:person\n objectclass:organizationalPerson\n objectclass:inetOrgPerson\n cn: Admin\n sn: Admin\n uid: admin\n userPassword:admin-password\n\n # entry for sample user sam\n dn: uid=sam,ou=people,dc=hadoop,dc=apache,dc=org\n objectclass:top\n objectclass:person\n objectclass:organizationalPerson\n objectclass:inetOrgPerson\n cn: sam\n sn: sam\n uid: sam\n userPassword:sam-password\n\n # entry for sample user tom\n dn: uid=tom,ou=people,dc=hadoop,dc=apache,dc=org\n objectclass:top\n objectclass:person\n objectclass:organizationalPerson\n objectclass:inetOrgPerson\n cn: tom\n sn: tom\n uid: tom\n userPassw ord:tom-password\n\n # create FIRST Level groups branch\n dn: ou=groups,dc=hadoop,dc=apache,dc=org\n objectclass:top\n objectclass:organizationalUnit\n ou: groups\n description: generic groups branch\n\n # create the analyst group under groups\n dn: cn=analyst,ou=groups,dc=hadoop,dc=apache,dc=org\n objectclass:top\n objectclass: groupofnames\n cn: analyst\n description:analyst group\n member: uid=sam,ou=people,dc=hadoop,dc=apache,dc=org\n member: uid=tom,ou=people,dc=hadoop,dc=apache,dc=org\n\n\n # create the scientist group under groups\n dn: cn=scientist,ou=groups,dc=hadoop,dc=apache,dc=org\n objectclass:top\n objectclass: groupofnames\n cn: scientist\n description: scientist group\n member: uid=sam,ou=people,dc=hadoop,dc=apache,dc=org" + }, + + "ambari-topology": { + "content": "\n <topology>\n\n <gateway>\n\n <provider>\n <role>authentication</role>\n <name>ShiroProvider</name>\n <enabled>true</enabled>\n <param>\n <name>sessionTimeout</name>\n <value>30</value>\n </param>\n <param>\n <name>main.ldapRealm</name>\n <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value>\n </param>\n <param>\n <name>main.ldapRealm.userDnTemplate</name>\n <value>uid={0},ou=people,dc=hadoop,dc=apache,dc=org</value>\n </param>\n <param>\n <name>main.ldapRealm.contextFactory.url</name>\n <value>ldap://{{knox_host_name}}:33389</value>\n </param>\n <param>\n <name>main.ldapRealm.contextFactory.authenticationMechanism</name>\n <value>simple</value>\n </param>\n <param>\n <name>urls./**</name>\n <value>authcBasic</value>\n </param>\n </provider>\n\n <provider>\n <role>identity-assertion</role>\n <name>Default</name>\n <enabled>true</enabled>\n </provider>\n\n </gateway>\n\n <service>\n <role>NAMENODE</role>\n <url>hdfs://{{namenode_host}}:{{namenode_rpc_port}}</url>\n </service>\n\n <service>\n <role>JOBTRACKER</role>\n <url>rpc://{{rm_host}}:{{jt_rpc_port}}</url>\n </service>\n\n <service>\n <role>WEBHDFS</ro le>\n <url>http://{{namenode_host}}:{{namenode_http_port}}/webhdfs</url>\n </service>\n\n <service>\n <role>WEBHCAT</role>\n <url>http://{{webhcat_server_host}}:{{templeton_port}}/templeton</url>\n </service>\n\n <service>\n <role>OOZIE</role>\n <url>http://{{oozie_server_host}}:{{oozie_server_port}}/oozie</url>\n </service>\n\n <service>\n <role>WEBHBASE</role>\n <url>http://{{hbase_master_host}}:{{hbase_master_port}}</url>\n </service>\n\n <service>\n <role>HIVE</role>\n <url>http://{{hive_server_host}}:{{hive_http_port}}/{{hive_http_path}}</url>\n </service>\n\n <service>\n <role>RESOURCEMANAGER</role>\n <url>http://{{rm_host}}:{{rm_port}}/ws</url>\n </service>\n </topology>" + }, + + "ldap-log4j": { + "content": "\n # Licensed to the Apache Software Foundation (ASF) under one\n # or more contributor license agreements. See the NOTICE file\n # distributed with this work for additional information\n # regarding copyright ownership. The ASF licenses this file\n # to you under the Apache License, Version 2.0 (the\n # \"License\"); you may not use this file except in compliance\n # with the License. You may obtain a copy of the License at\n #\n # http://www.apache.org/licenses/LICENSE-2.0\n #\n # Unless required by applicable law or agreed to in writing, software\n # distributed under the License is distributed on an \"AS IS\" BASIS,\n # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n # See the License for the specific language governing permissions and\n # limitations under the License.\n #testing\n\n app.log.dir=${launcher.d ir}/../logs\n app.log.file=${launcher.name}.log\n\n log4j.rootLogger=ERROR, drfa\n log4j.logger.org.apache.directory.server.ldap.LdapServer=INFO\n log4j.logger.org.apache.directory=WARN\n\n log4j.appender.stdout=org.apache.log4j.ConsoleAppender\n log4j.appender.stdout.layout=org.apache.log4j.PatternLayout\n log4j.appender.stdout.layout.ConversionPattern=%d{yy/MM/dd HH:mm:ss} %p %c{2}: %m%n\n\n log4j.appender.drfa=org.apache.log4j.DailyRollingFileAppender\n log4j.appender.drfa.File=${app.log.dir}/${app.log.file}\n log4j.appender.drfa.DatePattern=.yyyy-MM-dd\n log4j.appender.drfa.layout=org.apache.log4j.PatternLayout\n log4j.appender.drfa.layout.ConversionPattern=%d{ISO8601} %-5p %c{2} (%F:%M(%L)) - %m%n" + }, + + "gateway-log4j": { + "content": "\n\n # Licensed to the Apache Software Foundation (ASF) under one\n # or more contributor license agreements. See the NOTICE file\n # distributed with this work for additional information\n # regarding copyright ownership. The ASF licenses this file\n # to you under the Apache License, Version 2.0 (the\n # \"License\"); you may not use this file except in compliance\n # with the License. You may obtain a copy of the License at\n #\n # http://www.apache.org/licenses/LICENSE-2.0\n #\n # Unless required by applicable law or agreed to in writing, software\n # distributed under the License is distributed on an \"AS IS\" BASIS,\n # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n # See the License for the specific language governing permissions and\n # limitations under the License.\n\n app.log.dir=${launcher.dir}/../logs\n app.log.file=${launcher.name}.log\n app.audit.file=${launcher.name}-audit.log\n\n log4j.rootLogger=ERROR, drfa\n\n log4j.logger.org.apache.hadoop.gateway=INFO\n #log4j.logger.org.apache.hadoop.gateway=DEBUG\n\n #log4j.logger.org.eclipse.jetty=DEBUG\n #log4j.logger.org.apache.shiro=DEBUG\n #log4j.logger.org.apache.http=DEBUG\n #log4j.logger.org.apache.http.client=DEBUG\n #log4j.logger.org.apache.http.headers=DEBUG\n #log4j.logger.org.apache.http.wire=DEBUG\n\n log4j.appender.stdout=org.apache.log4j.ConsoleAppender\n log4j.appender.stdout.layout=org.apache.log4j.PatternLayout\n log4j.appender.stdout.layout.ConversionPattern=%d{yy/MM/dd HH:mm:ss} %p %c{2}: %m%n\n\n log4j.appender.drfa=org.apache.log4j.DailyRollingFileAppender\n log4j.appender.drfa.File=${app.log.dir}/${app.log.file}\n log4j.appender.drfa.DatePattern=.yyyy-MM-dd\n log4j.appender.drfa.layout=org.apache.log4j.PatternLayout\n log4j.appender.drfa.layout.ConversionPattern =%d{ISO8601} %-5p %c{2} (%F:%M(%L)) - %m%n\n\n log4j.logger.audit=INFO, auditfile\n log4j.appender.auditfile=org.apache.log4j.DailyRollingFileAppender\n log4j.appender.auditfile.File=${app.log.dir}/${app.audit.file}\n log4j.appender.auditfile.Append = true\n log4j.appender.auditfile.DatePattern = '.'yyyy-MM-dd\n log4j.appender.auditfile.layout = org.apache.hadoop.gateway.audit.log4j.layout.AuditLayout" + }, + "knox-env": { + "knox_master_secret": "sa", + "knox_group": "knox", + "knox_pid_dir": "/var/run/knox", + "knox_user": "knox" + } + }, "configuration_attributes": { "yarn-site": { @@ -79,7 +111,10 @@ "webinterface.private.actions": "true", "hadoop.proxyuser.oozie.hosts": "true" } - } + }, + "knox-env": {}, + "gateway-site": {}, + "users-ldif": {} }, "configurationTags": { "slider-client": { @@ -99,7 +134,16 @@ }, "yarn-site": { "tag": "version1" - } + }, + "gateway-site": { + "tag": "version1" + }, + "ambari-topology": { + "tag": "version1" + }, + "users-ldif": { + "tag": "version1" + } }, "commandId": "7-1", "clusterHostInfo": { @@ -116,6 +160,9 @@ "all_hosts": [ "c6401.ambari.apache.org", "c6402.ambari.apache.org" - ] + ], + "knox_gateway_hosts": [ + "jaimin-knox-1.c.pramod-thangali.internal" + ] } } http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-web/app/controllers/main/service/item.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/controllers/main/service/item.js b/ambari-web/app/controllers/main/service/item.js index 8990a39..5987977 100644 --- a/ambari-web/app/controllers/main/service/item.js +++ b/ambari-web/app/controllers/main/service/item.js @@ -292,6 +292,56 @@ App.MainServiceItemController = Em.Controller.extend({ App.showAlertPopup(Em.I18n.t('services.service.actions.run.yarnRefreshQueues.error'), error); console.warn('Error during refreshYarnQueues:'+error); }, + + startLdapKnox: function(event) { + var context = Em.I18n.t('services.service.actions.run.startLdapKnox.context'); + this.startStopLdapKnox('STARTDEMOLDAP',context); + }, + + stopLdapKnox: function(event) { + var context = Em.I18n.t('services.service.actions.run.stopLdapKnox.context'); + this.startStopLdapKnox('STOPDEMOLDAP',context); + }, + + startStopLdapKnox: function(command,context) { + var controller = this; + var host = App.HostComponent.find().findProperty('componentName', 'KNOX_GATEWAY').get('hostName'); + return App.showConfirmationPopup(function() { + App.ajax.send({ + name: 'service.item.startStopLdapKnox', + sender: controller, + data: { + command: command, + context: context, + host: host, + serviceName: "KNOX", + componentName: "KNOX_GATEWAY" + }, + success: 'startStopLdapKnoxSuccessCallback', + error: 'startStopLdapKnoxErrorCallback' + }); + }); + }, + + startStopLdapKnoxSuccessCallback : function(data, ajaxOptions, params) { + if (data.Requests.id) { + App.router.get('backgroundOperationsController').showPopup(); + } else { + console.warn('Error during startStopLdapKnox'); + } + }, + startStopLdapKnoxErrorCallback : function(data) { + var error = Em.I18n.t('services.service.actions.run.startStopLdapKnox.error'); + if(data && data.responseText){ + try { + var json = $.parseJSON(data.responseText); + error += json.message; + } catch (err) {} + } + App.showAlertPopup(Em.I18n.t('services.service.actions.run.yarnRefreshQueues.error'), error); + console.warn('Error during refreshYarnQueues:'+ error); + }, + /** * On click handler for rebalance Hdfs command from items menu */ http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-web/app/data/HDP2/site_properties.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/data/HDP2/site_properties.js b/ambari-web/app/data/HDP2/site_properties.js index 19299bc..149ed7c 100644 --- a/ambari-web/app/data/HDP2/site_properties.js +++ b/ambari-web/app/data/HDP2/site_properties.js @@ -1631,6 +1631,78 @@ module.exports = "filename": "pig-properties.xml", "category": "Advanced pig-properties" }, + + /**********************************************KNOX*****************************************/ + { + "id": "site property", + "name": "content", + "displayName": "content", + "value": "", + "defaultValue": "", + "displayType": "content", + "isRequired": false, + "showLabel": false, + "serviceName": "KNOX", + "filename": "ambari-topology.xml", + "category": "Advanced ambari-topology" + }, + + { + "id": "site property", + "name": "content", + "displayName": "content", + "value": "", + "defaultValue": "", + "displayType": "content", + "isRequired": false, + "showLabel": false, + "serviceName": "KNOX", + "filename": "users-ldif.xml", + "category": "Advanced users-ldif" + }, + { + "id": "puppet var", + "name": "knox_gateway_host", + "displayName": "Knox Gateway host", + "value": "", + "defaultValue": "", + "description": "The host that has been assigned to run Knox Gateway", + "displayType": "masterHost", + "isOverridable": false, + "isVisible": true, + "isRequiredByAgent": false, + "serviceName": "KNOX", + "filename": "knox-env.xml", + "category": "KNOX_GATEWAY", + "index": 0 + }, + { + "id": "site property", + "name": "knox_master_secret", + "displayName": "Knox Master Secret", + "value": "", + "defaultValue": "", + "displayType": "password", + "isReconfigurable": false, + "isOverridable": false, + "isRequired": true, + "serviceName": "KNOX", + "filename": "knox-env.xml", + "category": "KNOX_GATEWAY" + }, + { + "id": "puppet var", + "name": "knox_pid_dir", + "displayName": "Knox PID dir", + "value": "", + "displayType": "directory", + "isReconfigurable": false, + "isOverridable": false, + "serviceName": "KNOX", + "filename": "knox-env.xml", + "category": "Advanced knox-env.xml" + }, + /********************************************* flume-agent *****************************/ { "id": "site property", @@ -3719,6 +3791,36 @@ module.exports = }, { "id": "puppet var", + "name": "knox_user", + "displayName": "Knox User", + "isReconfigurable": false, + "displayType": "user", + "isOverridable": false, + "isVisible": true, + "serviceName": "MISC", + "filename": "knox-env.xml", + "category": "Users and Groups", + "belongsToService": ["KNOX"], + "index": 18 + }, + { + "id": "puppet var", + "name": "knox_group", + "displayName": "Knox Group", + "description": "Knox Group", + "defaultValue": "knox", + "isReconfigurable": false, + "displayType": "user", + "isOverridable": false, + "isVisible": true, + "serviceName": "MISC", + "filename": "knox-env.xml", + "category": "Users and Groups", + "belongsToService": ["KNOX"], + "index": 19 + }, + { + "id": "puppet var", "name": "rrdcached_base_dir", "displayName": "Ganglia rrdcached base directory", "description": "Default directory for saving the rrd files on ganglia server", http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-web/app/messages.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/messages.js b/ambari-web/app/messages.js index 5441203..89559fa 100644 --- a/ambari-web/app/messages.js +++ b/ambari-web/app/messages.js @@ -1225,6 +1225,9 @@ Em.I18n.translations = { 'services.service.actions.reassign.master':'Move {0}', 'services.service.actions.reassign.master.hive':'Move HiveServer2, WebHCat Server, MySQL Server', 'services.service.actions.manage_configuration_groups':'Manage Configuration Groups...', + 'services.service.actions.run.startLdapKnox.context':'Start Demo LDAP', + 'services.service.actions.run.stopLdapKnox.context':'Stop Demo LDAP', + 'services.service.actions.run.startStopLdapKnox.error': 'Error during remote command: ', 'services.service.actions.manage_configuration_groups.short':'Manage Config Groups', 'services.service.actions.serviceActions':'Service Actions', 'services.service.summary.unknown':'unknown', http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-web/app/models/service_config.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/models/service_config.js b/ambari-web/app/models/service_config.js index 595f604..664ca62 100644 --- a/ambari-web/app/models/service_config.js +++ b/ambari-web/app/models/service_config.js @@ -478,6 +478,9 @@ App.ServiceConfigProperty = Ember.Object.extend({ case 'supervisor_hosts': this.set('value', slaveComponentHostsInDB.findProperty('componentName', 'SUPERVISOR').hosts.mapProperty('hostName')); break; + case 'knox_gateway_host': + this.set('value', masterComponentHostsInDB.findProperty('component', 'KNOX_GATEWAY').hostName); + break; case 'hbase.zookeeper.quorum': var zkHosts = masterComponentHostsInDB.filterProperty('component', 'ZOOKEEPER_SERVER').mapProperty('hostName'); this.setDefaultValue("(\\w*)", zkHosts); http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-web/app/models/stack_service.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/models/stack_service.js b/ambari-web/app/models/stack_service.js index 0d4d30e..7f64212 100644 --- a/ambari-web/app/models/stack_service.js +++ b/ambari-web/app/models/stack_service.js @@ -313,6 +313,11 @@ App.StackService.configCategories = function () { App.ServiceConfigCategory.create({ name: 'FLUME_HANDLER', displayName: 'flume.conf', siteFileName: 'flume-conf', canAddProperty: false}) ]); break; + case 'KNOX': + serviceConfigCategories.pushObjects([ + App.ServiceConfigCategory.create({ name: 'KNOX_GATEWAY', displayName: 'Knox Gateway'}) + ]); + break; case 'PIG': break; case 'SQOOP': @@ -342,7 +347,7 @@ App.StackService.configCategories = function () { // Add custom section for every configType to all the services configTypes.forEach(function (type) { - var configTypesWithNoCustomSection = ['capacity-scheduler','mapred-queue-acls','flume-conf', 'pig-properties']; + var configTypesWithNoCustomSection = ['capacity-scheduler','mapred-queue-acls','flume-conf', 'pig-properties','ambari-topology','users-ldif']; if (type.endsWith('-env') || type.endsWith('-log4j') || configTypesWithNoCustomSection.contains(type)) { return; } http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-web/app/utils/ajax/ajax.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/utils/ajax/ajax.js b/ambari-web/app/utils/ajax/ajax.js index 4de1efc..2b836e4 100644 --- a/ambari-web/app/utils/ajax/ajax.js +++ b/ambari-web/app/utils/ajax/ajax.js @@ -405,6 +405,23 @@ var urls = { } }, + 'service.item.startStopLdapKnox':{ + 'real': '/clusters/{clusterName}/requests', + 'mock': '', + 'format' : function(data) { + return { + type : 'POST', + data : JSON.stringify({ + RequestInfo: { + 'context': data.context, + 'command': data.command + }, + "Requests/resource_filters": [{"service_name" : data.serviceName, "component_name" : data.componentName, 'hosts': data.host}] + }) + } + } + }, + 'service.item.executeCustomCommand':{ 'real': '/clusters/{clusterName}/requests', 'mock': '', http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-web/app/utils/config.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/utils/config.js b/ambari-web/app/utils/config.js index b3d363a..b31c5ad 100644 --- a/ambari-web/app/utils/config.js +++ b/ambari-web/app/utils/config.js @@ -599,7 +599,7 @@ App.config = Em.Object.create({ * (/^\s+$/.test(_config.value)) { _config.isRequired = false; } */ _config.isRequired = true; - _config.displayType = stringUtils.isSingleLine(_config.value) ? 'advanced' : 'multiLine'; + _config.displayType = _config.displayType ? _config.displayType : stringUtils.isSingleLine(_config.value) ? 'advanced' : 'multiLine'; serviceConfigs.push(_config); } } @@ -914,7 +914,7 @@ App.config = Em.Object.create({ */ if ((fileName !== 'mapred-queue-acls.xml' || App.supports.capacitySchedulerUi) && (fileName !== 'capacity-scheduler.xml' || isHDP2 || App.supports.capacitySchedulerUi)) { - properties.push({ + var property = { serviceName: serviceName, name: item.property_name, value: item.property_value, @@ -923,7 +923,11 @@ App.config = Em.Object.create({ isFinal: item.final === "true", defaultIsFinal: item.final === "true", filename: item.filename || fileName - }); + }; + if (item.property_type.contains('PASSWORD')) { + property.displayType = "password"; + } + properties.push(property); } }, this); } http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-web/app/views/main/service/item.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/views/main/service/item.js b/ambari-web/app/views/main/service/item.js index 929c212..123b5a4 100644 --- a/ambari-web/app/views/main/service/item.js +++ b/ambari-web/app/views/main/service/item.js @@ -93,6 +93,18 @@ App.MainServiceItemView = Em.View.extend({ cssClass: 'icon-share-alt', disabled: false }, + STARTDEMOLDAP: { + action: 'startLdapKnox', + label: Em.I18n.t('services.service.actions.run.startLdapKnox.context'), + cssClass: 'icon-play-sign', + disabled: false + }, + STOPDEMOLDAP: { + action: 'stopLdapKnox', + label: Em.I18n.t('services.service.actions.run.stopLdapKnox.context'), + cssClass: 'icon-stop', + disabled: false + }, REBALANCE_HDFS: { action: 'rebalanceHdfsNodes', context: Em.I18n.t('services.service.actions.run.rebalanceHdfsNodes.context'), @@ -202,11 +214,21 @@ App.MainServiceItemView = Em.View.extend({ options.push(actionMap.TOGGLE_PASSIVE); var serviceName = service.get('serviceName'); var nnComponent = App.StackServiceComponent.find().findProperty('componentName','NAMENODE'); + var knoxGatewayComponent = App.StackServiceComponent.find().findProperty('componentName','KNOX_GATEWAY'); if (serviceName === 'HDFS' && nnComponent) { var namenodeCustomCommands = nnComponent.get('customCommands'); if (namenodeCustomCommands && namenodeCustomCommands.contains('REBALANCEHDFS')) options.push(actionMap.REBALANCE_HDFS); } + + if (serviceName === 'KNOX' && knoxGatewayComponent) { + var knoxGatewayCustomCommands = knoxGatewayComponent.get('customCommands'); + knoxGatewayCustomCommands.forEach(function(command) { + if (actionMap[command]) { + options.push(actionMap[command]); + } + }); + } self.addActionMap().filterProperty('service', serviceName).forEach(function(item) { item.action = 'add' + item.component; item.disabled = self.get('controller.isAddDisabled-' + item.component); http://git-wip-us.apache.org/repos/asf/ambari/blob/b89a14f7/ambari-web/test/controllers/main/service/item_test.js ---------------------------------------------------------------------- diff --git a/ambari-web/test/controllers/main/service/item_test.js b/ambari-web/test/controllers/main/service/item_test.js index 4f94eda..f869d36 100644 --- a/ambari-web/test/controllers/main/service/item_test.js +++ b/ambari-web/test/controllers/main/service/item_test.js @@ -625,4 +625,38 @@ describe('App.MainServiceItemController', function () { }); }); + describe('#startLdapKnox() and #stopLdapKnox() should call startStopLdapKnox once: ', function () { + + + var mainServiceItemController = App.MainServiceItemController.create({content: {serviceName: 'KNOX', + displayName: 'Knox'}}); + + beforeEach(function () { + sinon.stub(mainServiceItemController, 'startStopLdapKnox', function(){ + return true; + }); + }); + afterEach(function () { + mainServiceItemController.startStopLdapKnox.restore(); + }); + + var tests = [ + { + methodName: 'startLdapKnox', + callback: mainServiceItemController.startLdapKnox + }, + { + methodName: 'stopLdapKnox', + callback: mainServiceItemController.stopLdapKnox + } + ]; + + tests.forEach(function(test){ + it(test.methodName + ' should call startStopLdapKnox method', function () { + test.callback.call(mainServiceItemController); + expect(mainServiceItemController.startStopLdapKnox.calledOnce).to.be.true; + }); + },this); + + }); });
