Repository: ambari Updated Branches: refs/heads/trunk 0cd4aaa15 -> 46d142795
AMBARI-11279. Ranger installation fails on HDP 2.2 (Gautam Borad via ncole) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/46d14279 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/46d14279 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/46d14279 Branch: refs/heads/trunk Commit: 46d142795bc4d1fabd61b9148ef822e35a8461dd Parents: 0cd4aaa Author: Nate Cole <[email protected]> Authored: Thu May 21 06:32:28 2015 -0400 Committer: Nate Cole <[email protected]> Committed: Thu May 21 08:39:15 2015 -0400 ---------------------------------------------------------------------- .../HBASE/0.96.0.2.0/package/scripts/params_linux.py | 11 ++++------- .../HDFS/2.1.0.2.0/package/scripts/params_linux.py | 11 ++++------- .../HIVE/0.12.0.2.0/package/scripts/params_linux.py | 12 +++++------- .../KNOX/0.5.0.2.2/package/scripts/params_linux.py | 13 +++++-------- .../RANGER/0.4.0/package/scripts/params.py | 7 +++++-- .../STORM/0.9.1.2.1/package/scripts/params_linux.py | 13 +++++-------- .../YARN/2.1.0.2.0/package/scripts/params_linux.py | 14 ++++++-------- .../python/stacks/2.2/RANGER/test_ranger_admin.py | 8 ++++---- 8 files changed, 38 insertions(+), 51 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/46d14279/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py index 7d83550..1f62ee7 100644 --- a/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py +++ b/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py @@ -267,13 +267,10 @@ if has_ranger_admin: 'assetType': '2' } - if xml_configurations_supported: - xa_audit_db_is_enabled = config['configurations']['ranger-hbase-audit']['xasecure.audit.db.is.enabled'] - ssl_keystore_file_path = config['configurations']['ranger-hbase-policymgr-ssl']['xasecure.policymgr.clientssl.keystore'] - ssl_truststore_file_path = config['configurations']['ranger-hbase-policymgr-ssl']['xasecure.policymgr.clientssl.truststore'] - ssl_keystore_password = unicode(config['configurations']['ranger-hbase-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) - ssl_truststore_password = unicode(config['configurations']['ranger-hbase-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) - credential_file = format('/etc/ranger/{repo_name}/cred.jceks') + xa_audit_db_is_enabled = config['configurations']['ranger-hbase-audit']['xasecure.audit.db.is.enabled'] if xml_configurations_supported else None + ssl_keystore_password = unicode(config['configurations']['ranger-hbase-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) if xml_configurations_supported else None + ssl_truststore_password = unicode(config['configurations']['ranger-hbase-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) if xml_configurations_supported else None + credential_file = format('/etc/ranger/{repo_name}/cred.jceks') if xml_configurations_supported else None # Used to dynamically set the hbase-site props that are referenced during Kerbenization if security_enabled: http://git-wip-us.apache.org/repos/asf/ambari/blob/46d14279/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/params_linux.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/params_linux.py index 6a8a47a..839d980 100644 --- a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/params_linux.py +++ b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/params_linux.py @@ -430,10 +430,7 @@ if has_ranger_admin: 'assetType': '1' } - if xml_configurations_supported: - xa_audit_db_is_enabled = config['configurations']['ranger-hdfs-audit']['xasecure.audit.db.is.enabled'] - ssl_keystore_file_path = config['configurations']['ranger-hdfs-policymgr-ssl']['xasecure.policymgr.clientssl.keystore'] - ssl_truststore_file_path = config['configurations']['ranger-hdfs-policymgr-ssl']['xasecure.policymgr.clientssl.truststore'] - ssl_keystore_password = unicode(config['configurations']['ranger-hdfs-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) - ssl_truststore_password = unicode(config['configurations']['ranger-hdfs-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) - credential_file = format('/etc/ranger/{repo_name}/cred.jceks') + xa_audit_db_is_enabled = config['configurations']['ranger-hdfs-audit']['xasecure.audit.db.is.enabled'] if xml_configurations_supported else None + ssl_keystore_password = unicode(config['configurations']['ranger-hdfs-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) if xml_configurations_supported else None + ssl_truststore_password = unicode(config['configurations']['ranger-hdfs-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) if xml_configurations_supported else None + credential_file = format('/etc/ranger/{repo_name}/cred.jceks') if xml_configurations_supported else None http://git-wip-us.apache.org/repos/asf/ambari/blob/46d14279/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py index 11b439b..934aadf 100644 --- a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py +++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py @@ -457,11 +457,9 @@ if has_ranger_admin: } xa_audit_db_password = unicode(config['configurations']['admin-properties']['audit_db_password']) + + xa_audit_db_is_enabled = config['configurations']['ranger-hive-audit']['xasecure.audit.db.is.enabled'] if xml_configurations_supported else None + ssl_keystore_password = unicode(config['configurations']['ranger-hive-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) if xml_configurations_supported else None + ssl_truststore_password = unicode(config['configurations']['ranger-hive-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) if xml_configurations_supported else None + credential_file = format('/etc/ranger/{repo_name}/cred.jceks') if xml_configurations_supported else None - if xml_configurations_supported: - xa_audit_db_is_enabled = config['configurations']['ranger-hive-audit']['xasecure.audit.db.is.enabled'] - ssl_keystore_file_path = config['configurations']['ranger-hive-policymgr-ssl']['xasecure.policymgr.clientssl.keystore'] - ssl_truststore_file_path = config['configurations']['ranger-hive-policymgr-ssl']['xasecure.policymgr.clientssl.truststore'] - ssl_keystore_password = unicode(config['configurations']['ranger-hive-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) - ssl_truststore_password = unicode(config['configurations']['ranger-hive-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) - credential_file = format('/etc/ranger/{repo_name}/cred.jceks') http://git-wip-us.apache.org/repos/asf/ambari/blob/46d14279/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py index af312b1..37f7b40 100644 --- a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py +++ b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py @@ -226,11 +226,8 @@ if has_ranger_admin: 'repositoryType': 'knox', 'assetType': '5', } - - if xml_configurations_supported: - xa_audit_db_is_enabled = config['configurations']['ranger-knox-audit']['xasecure.audit.db.is.enabled'] - ssl_keystore_file_path = config['configurations']['ranger-knox-policymgr-ssl']['xasecure.policymgr.clientssl.keystore'] - ssl_truststore_file_path = config['configurations']['ranger-knox-policymgr-ssl']['xasecure.policymgr.clientssl.truststore'] - ssl_keystore_password = unicode(config['configurations']['ranger-knox-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) - ssl_truststore_password = unicode(config['configurations']['ranger-knox-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) - credential_file = format('/etc/ranger/{repo_name}/cred.jceks') + + xa_audit_db_is_enabled = config['configurations']['ranger-knox-audit']['xasecure.audit.db.is.enabled'] if xml_configurations_supported else None + ssl_keystore_password = unicode(config['configurations']['ranger-knox-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) if xml_configurations_supported else None + ssl_truststore_password = unicode(config['configurations']['ranger-knox-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) if xml_configurations_supported else None + credential_file = format('/etc/ranger/{repo_name}/cred.jceks') if xml_configurations_supported else None http://git-wip-us.apache.org/repos/asf/ambari/blob/46d14279/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py index 9581385..be01370 100644 --- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py +++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py @@ -51,14 +51,17 @@ stack_is_hdp23_or_further = Script.is_hdp_stack_greater_or_equal("2.3") if stack_is_hdp22_or_further: ranger_home = '/usr/hdp/current/ranger-admin' - ranger_conf = '/usr/hdp/current/ranger-admin/conf' + ranger_conf = '/etc/ranger/admin/conf' ranger_stop = '/usr/bin/ranger-admin-stop' ranger_start = '/usr/bin/ranger-admin-start' usersync_home = '/usr/hdp/current/ranger-usersync' usersync_start = '/usr/bin/ranger-usersync-start' usersync_stop = '/usr/bin/ranger-usersync-stop' ranger_ugsync_conf = '/etc/ranger/usersync/conf' - + +if stack_is_hdp23_or_further: + ranger_conf = '/usr/hdp/current/ranger-admin/conf' + usersync_services_file = "/usr/hdp/current/ranger-usersync/ranger-usersync-services.sh" java_home = config['hostLevelParams']['java_home'] http://git-wip-us.apache.org/repos/asf/ambari/blob/46d14279/ambari-server/src/main/resources/common-services/STORM/0.9.1.2.1/package/scripts/params_linux.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/STORM/0.9.1.2.1/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/STORM/0.9.1.2.1/package/scripts/params_linux.py index 508262f..59ec77c 100644 --- a/ambari-server/src/main/resources/common-services/STORM/0.9.1.2.1/package/scripts/params_linux.py +++ b/ambari-server/src/main/resources/common-services/STORM/0.9.1.2.1/package/scripts/params_linux.py @@ -211,11 +211,8 @@ if has_ranger_admin: 'repositoryType': 'storm', 'assetType': '6' } - - if xml_configurations_supported: - xa_audit_db_is_enabled = config['configurations']['ranger-storm-audit']['xasecure.audit.db.is.enabled'] - ssl_keystore_file_path = config['configurations']['ranger-storm-policymgr-ssl']['xasecure.policymgr.clientssl.keystore'] - ssl_truststore_file_path = config['configurations']['ranger-storm-policymgr-ssl']['xasecure.policymgr.clientssl.truststore'] - ssl_keystore_password = unicode(config['configurations']['ranger-storm-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) - ssl_truststore_password = unicode(config['configurations']['ranger-storm-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) - credential_file = format('/etc/ranger/{repo_name}/cred.jceks') + + xa_audit_db_is_enabled = config['configurations']['ranger-storm-audit']['xasecure.audit.db.is.enabled'] if xml_configurations_supported else None + ssl_keystore_password = unicode(config['configurations']['ranger-storm-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) if xml_configurations_supported else None + ssl_truststore_password = unicode(config['configurations']['ranger-storm-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) if xml_configurations_supported else None + credential_file = format('/etc/ranger/{repo_name}/cred.jceks') if xml_configurations_supported else None http://git-wip-us.apache.org/repos/asf/ambari/blob/46d14279/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/params_linux.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/params_linux.py index da7b9b4..8cc6e2d 100644 --- a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/params_linux.py +++ b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/params_linux.py @@ -271,7 +271,7 @@ ranger_admin_log_dir = default("/configurations/ranger-env/ranger_admin_log_dir" is_supported_yarn_ranger = config['configurations']['yarn-env']['is_supported_yarn_ranger'] #ranger yarn properties -if has_ranger_admin: +if has_ranger_admin and is_supported_yarn_ranger: enable_ranger_yarn = (config['configurations']['ranger-yarn-plugin-properties']['ranger-yarn-plugin-enabled'].lower() == 'yes') policymgr_mgr_url = config['configurations']['admin-properties']['policymgr_external_url'] @@ -332,10 +332,8 @@ if has_ranger_admin: driver_curl_source = format("{jdk_location}/{jdbc_symlink_name}") driver_curl_target = format("{java_share_dir}/{jdbc_jar_name}") - if xml_configurations_supported: - xa_audit_db_is_enabled = config['configurations']['ranger-yarn-audit']['xasecure.audit.db.is.enabled'] - ssl_keystore_file_path = config['configurations']['ranger-yarn-policymgr-ssl']['xasecure.policymgr.clientssl.keystore'] - ssl_truststore_file_path = config['configurations']['ranger-yarn-policymgr-ssl']['xasecure.policymgr.clientssl.truststore'] - ssl_keystore_password = unicode(config['configurations']['ranger-yarn-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) - ssl_truststore_password = unicode(config['configurations']['ranger-yarn-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) - credential_file = format('/etc/ranger/{repo_name}/cred.jceks') + + xa_audit_db_is_enabled = config['configurations']['ranger-yarn-audit']['xasecure.audit.db.is.enabled'] if xml_configurations_supported else None + ssl_keystore_password = unicode(config['configurations']['ranger-yarn-policymgr-ssl']['xasecure.policymgr.clientssl.keystore.password']) if xml_configurations_supported else None + ssl_truststore_password = unicode(config['configurations']['ranger-yarn-policymgr-ssl']['xasecure.policymgr.clientssl.truststore.password']) if xml_configurations_supported else None + credential_file = format('/etc/ranger/{repo_name}/cred.jceks') if xml_configurations_supported else None http://git-wip-us.apache.org/repos/asf/ambari/blob/46d14279/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py b/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py index f7334fb..57674cd 100644 --- a/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py +++ b/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py @@ -124,10 +124,10 @@ class TestRangerAdmin(RMFTestCase): logoutput = True, environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, ) - self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/conf/xa_system.properties', + self.assertResourceCalled('ModifyPropertiesFile', '/etc/ranger/admin/conf/xa_system.properties', properties = self.getConfig()['configurations']['ranger-site'], ) - self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/conf/ranger_webserver.properties', + self.assertResourceCalled('ModifyPropertiesFile', '/etc/ranger/admin/conf/ranger_webserver.properties', mode = 0744, properties = self.getConfig()['configurations']['ranger-site'] ) @@ -153,10 +153,10 @@ class TestRangerAdmin(RMFTestCase): logoutput = True, environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, ) - self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/conf/xa_system.properties', + self.assertResourceCalled('ModifyPropertiesFile', '/etc/ranger/admin/conf/xa_system.properties', properties = self.getConfig()['configurations']['ranger-site'], ) - self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/conf/ranger_webserver.properties', + self.assertResourceCalled('ModifyPropertiesFile', '/etc/ranger/admin/conf/ranger_webserver.properties', mode = 0744, properties = self.getConfig()['configurations']['ranger-site'] )
