Repository: ambari Updated Branches: refs/heads/trunk c3e76b0e7 -> aaadb0a4f
AMBARI-8701. Create stages in KerberosHelper to push keytabs and update service configs. (Dilli via Jaimin) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/aaadb0a4 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/aaadb0a4 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/aaadb0a4 Branch: refs/heads/trunk Commit: aaadb0a4f9a7c57bd9146909f863a29e99f32efc Parents: c3e76b0 Author: Jaimin Jetly <[email protected]> Authored: Thu Dec 18 21:49:32 2014 -0800 Committer: Jaimin Jetly <[email protected]> Committed: Thu Dec 18 21:49:32 2014 -0800 ---------------------------------------------------------------------- .../server/controller/KerberosHelper.java | 111 ++++++++++--------- .../server/controller/KerberosHelperTest.java | 10 +- 2 files changed, 69 insertions(+), 52 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/aaadb0a4/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java index ea59f34..fb19bd5 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java @@ -29,19 +29,11 @@ import org.apache.ambari.server.actionmanager.Stage; import org.apache.ambari.server.actionmanager.StageFactory; import org.apache.ambari.server.api.services.AmbariMetaInfo; import org.apache.ambari.server.configuration.Configuration; +import org.apache.ambari.server.controller.internal.RequestResourceFilter; import org.apache.ambari.server.controller.internal.RequestStageContainer; import org.apache.ambari.server.metadata.RoleCommandOrder; import org.apache.ambari.server.serveraction.ServerAction; -import org.apache.ambari.server.serveraction.kerberos.CreateKeytabFilesServerAction; -import org.apache.ambari.server.serveraction.kerberos.CreatePrincipalsServerAction; -import org.apache.ambari.server.serveraction.kerberos.FinalizeKerberosServerAction; -import org.apache.ambari.server.serveraction.kerberos.KDCType; -import org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile; -import org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFileBuilder; -import org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFile; -import org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFileBuilder; -import org.apache.ambari.server.serveraction.kerberos.KerberosCredential; -import org.apache.ambari.server.serveraction.kerberos.KerberosServerAction; +import org.apache.ambari.server.serveraction.kerberos.*; import org.apache.ambari.server.stageplanner.RoleGraph; import org.apache.ambari.server.state.Cluster; import org.apache.ambari.server.state.Clusters; @@ -277,6 +269,9 @@ public class KerberosHelper { // Create the file used to store details about principals and keytabs to create indexFile = new File(dataDirectory, KerberosActionDataFile.DATA_FILE_NAME); + // host names that would be passed in request resource filters while creating stage for pushing keytabs + List<String> updateHosts = new ArrayList<String>(); + try { // Iterate over the hosts in the cluster to find the components installed in each. For each // component (aka service component host - sch) determine the configuration updates and @@ -352,6 +347,9 @@ public class KerberosHelper { identitiesAdded += addIdentities(kerberosActionDataFileBuilder, componentDescriptor.getIdentities(true), sch, configurations); + // add host to updateHosts that would be passed in request resource filters + updateHosts.add(sch.getHostName()); + if (identitiesAdded > 0) { serviceComponentHostsToProcess.add(sch); } @@ -417,7 +415,7 @@ public class KerberosHelper { // Use the handler implementation to setup the relevant stages. int lastStageId = handler.createStages(cluster, hosts, kerberosConfigurations, clusterHostInfoJson, hostParamsJson, event, roleCommandOrder, realm, kdcType.toString(), - dataDirectory, requestStageContainer); + dataDirectory, requestStageContainer, updateHosts); // Add the cleanup stage... @@ -859,6 +857,7 @@ public class KerberosHelper { * @param dataDirectory a File pointing to the (temporary) data directory * @param requestStageContainer a RequestStageContainer to store the new stages in, if null a * new RequestStageContainer will be created + * @param updateHosts host names that would be passed in request resource filters while creating stage for pushing keytabs * @return the last stage id generated, or -1 if no stages were created * @throws AmbariException if an error occurs while creating the relevant stages */ @@ -868,7 +867,8 @@ public class KerberosHelper { ServiceComponentHostServerActionEvent event, RoleCommandOrder roleCommandOrder, String realm, String kdcType, File dataDirectory, - RequestStageContainer requestStageContainer) + RequestStageContainer requestStageContainer, + List<String> updateHosts) throws AmbariException; } @@ -923,7 +923,8 @@ public class KerberosHelper { String clusterHostInfoJson, String hostParamsJson, ServiceComponentHostServerActionEvent event, RoleCommandOrder roleCommandOrder, String realm, String kdcType, - File dataDirectory, RequestStageContainer requestStageContainer) throws AmbariException { + File dataDirectory, RequestStageContainer requestStageContainer, + List<String> updateHosts) throws AmbariException { // If there are principals, keytabs, and configurations to process, setup the following sages: // 1) generate principals // 2) generate keytab files @@ -1021,52 +1022,59 @@ public class KerberosHelper { roleGraph.build(stage); requestStageContainer.addStages(roleGraph.getStages()); - // ***************************************************************** // Create stage to distribute keytabs - // TODO (dilli): Implement this - /* - stage = createServerActionStage(++stageId, - cluster, - requestStageContainer.getId(), - "Distribute Kerberos keytabs to services", - clusterHostInfoJson, - "{}", - hostParamsJson, - DISTRIBUTE_KEYTABS.class, - event, - commandParameters, - 1200); - roleGraph = new RoleGraph(roleCommandOrder); - roleGraph.build(stage); - requestStageContainer.addStages(roleGraph.getStages()); - */ + List<RequestResourceFilter> requestResourceFilters = new ArrayList<RequestResourceFilter>(); + RequestResourceFilter reqResFilter = new RequestResourceFilter("KERBEROS", "KERBEROS_CLIENT", updateHosts); + requestResourceFilters.add(reqResFilter); - // ***************************************************************** - // Create stage to update configurations - // TODO: (dilli): implement this - /* - stage = createServerActionStage(++stageId, - cluster, - requestStageContainer.getId(), - "Distribute Kerberos keytabs to services", - clusterHostInfoJson, - "{}", - hostParamsJson, - UPDATE_SERVICE_CONFIGURATIONS.class - event, - commandParameters, - 1200); + stage = createNewStage(++stageId, + cluster, + requestStageContainer.getId(), + "Distribute Keytabs", + clusterHostInfoJson, + StageUtils.getGson().toJson(commandParameters), + hostParamsJson); - roleGraph = new RoleGraph(roleCommandOrder); - roleGraph.build(stage); - requestStageContainer.addStages(roleGraph.getStages()); - */ + Map<String, String> requestParams = new HashMap<String, String>(); + + ActionExecutionContext actionExecContext = new ActionExecutionContext( + cluster.getClusterName(), + "SET_KEYTAB", + requestResourceFilters, + requestParams); + if (!updateHosts.isEmpty()) { + customCommandExecutionHelper.addExecutionCommandsToStage(actionExecContext, stage, requestParams); + } + + roleGraph = new RoleGraph(roleCommandOrder); + roleGraph.build(stage); + requestStageContainer.addStages(roleGraph.getStages()); + + // Create stage to update configurations of services + + stage = createServerActionStage(++stageId, + cluster, + requestStageContainer.getId(), + "Update Service Configurations", + clusterHostInfoJson, + "{}", + hostParamsJson, + UpdateKerberosConfigsServerAction.class, + event, + commandParameters, + 1200); + + roleGraph = new RoleGraph(roleCommandOrder); + roleGraph.build(stage); + requestStageContainer.addStages(roleGraph.getStages()); return stageId; } + } + /** * DisableKerberosHandler is an implementation of the Handler interface used to disable Kerberos * on the relevant cluster @@ -1116,7 +1124,8 @@ public class KerberosHelper { String clusterHostInfoJson, String hostParamsJson, ServiceComponentHostServerActionEvent event, RoleCommandOrder roleCommandOrder, String realm, String kdcType, - File dataDirectory, RequestStageContainer requestStageContainer) { + File dataDirectory, RequestStageContainer requestStageContainer, + List<String> updateHosts) { // TODO (rlevas): If there are principals, keytabs, and configurations to process, setup the following sages: // 1) remove principals // 2) remove keytab files http://git-wip-us.apache.org/repos/asf/ambari/blob/aaadb0a4/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java index df335d5..8f39f21 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java @@ -332,6 +332,14 @@ public class KerberosHelperTest extends EasyMockSupport { expect(requestStageContainer.getId()).andReturn(1L).once(); requestStageContainer.addStages(anyObject(List.class)); expectLastCall().once(); + // Distribute Keytabs Stage + expect(requestStageContainer.getId()).andReturn(1L).once(); + requestStageContainer.addStages(anyObject(List.class)); + expectLastCall().once(); + // Update Configs Stage + expect(requestStageContainer.getId()).andReturn(1L).once(); + requestStageContainer.addStages(anyObject(List.class)); + expectLastCall().once(); // TODO: Add more of these when more stages are added. // Clean-up/Finalize Stage expect(requestStageContainer.getId()).andReturn(1L).once(); @@ -347,4 +355,4 @@ public class KerberosHelperTest extends EasyMockSupport { verifyAll(); } -} \ No newline at end of file +}
