http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/metrics.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/metrics.json b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/metrics.json deleted file mode 100644 index 58e4ecb..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/metrics.json +++ /dev/null @@ -1,264 +0,0 @@ -{ - "KAFKA_BROKER": { - "Component": [ - { - "type": "ganglia", - "metrics": { - "default": { - "metrics/jvm/uptime": { - "metric": "jvm.uptime", - "pointInTime": true, - "temporal": true - }, - "metrics/jvm/heap_usage": { - "metric": "jvm.heap_usage", - "pointInTime": true, - "temporal": true - }, - "metrics/jvm/non_heap_usage": { - "metric": "jvm.non_heap_usage", - "pointInTime": true, - "temporal": true - }, - "metrics/jvm/thread-states/runnable": { - "metric": "jvm.thread-states.runnable", - "pointInTime": true, - "temporal": true - }, - "metrics/jvm/thread-states/blocked": { - "metric": "jvm.thread-states.blocked", - "pointInTime": true, - "temporal": true - }, - "metrics/jvm/thread-states/timed_waiting": { - "metric": "jvm.thread-states.timed_waiting", - "pointInTime": true, - "temporal": true - }, - "metrics/jvm/thread-states/terminated": { - "metric": "jvm.thread-states.terminated", - "pointInTime": true, - "temporal": true - }, - "metrics/jvm/thread_count": { - "metric": "jvm.thread_count", - "pointInTime": true, - "temporal": true - }, - "metrics/jvm/daemon_thread_count": { - "metric": "jvm.daemon_thread_count", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsMessagesInPerSec/1MinuteRate": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsMessagesInPerSec.1MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsMessagesInPerSec/5MinuteRate": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsMessagesInPerSec.5MinuteRate", - "pointInTime": false, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsMessagesInPerSec/15MinuteRate": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsMessagesInPerSec.15MinuteRate", - "pointInTime": false, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsMessagesInPerSec/meanRate": { - "metric": "kafka.server.BrokerTopicMetrics/AllTopicsMessagesInPerSec/meanRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsMessagesInPerSec/count": { - "metric": "kafka.server.BrokerTopicMetrics/AllTopicsMessagesInPerSec.counte", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsBytesInPerSec/1MinuteRate": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsBytesInPerSec.1MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsBytesInPerSec/5MinuteRate": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsBytesInPerSec.5MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsBytesInPerSec/15MinuteRate": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsBytesInPerSec.15MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsBytesInPerSec/meanRate": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsBytesInPerSec.meanRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsBytesInPerSec/count": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsBytesInPerSec.count", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsBytesOutPerSec/1MinuteRate": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsBytesOutPerSec.1MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsBytesOutPerSec/5MinuteRate": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsBytesOutPerSec.5MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsBytesOutPerSec/15MinuteRate": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsBytesOutPerSec.15MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsBytesOutPerSec/meanRate": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsBytesOutPerSec.meanRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/BrokerTopicMetrics/AllTopicsBytesOutPerSec/count": { - "metric": "kafka.server.BrokerTopicMetrics.AllTopicsBytesOutPerSec.count", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/controller/KafkaController/ActiveControllerCount": { - "metric": "kafka.controller.KafkaController.ActiveControllerCount", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/log/LogFlushStats/LogFlushRateAndTimeMs/meanRate": { - "metric": "kafka.log.LogFlushStats.LogFlushRateAndTimeMs.meanRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/log/LogFlushStats/LogFlushRateAndTimeMs/1MinuteRate": { - "metric": "kafka.log.LogFlushStats.LogFlushRateAndTimeMs.1MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/log/LogFlushStats/LogFlushRateAndTimeMs/5MinuteRate": { - "metric": "kafka.log.LogFlushStats.LogFlushRateAndTimeMs.1MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/log/LogFlushStats/LogFlushRateAndTimeMs/15MinuteRate": { - "metric": "kafka.log.LogFlushStats.LogFlushRateAndTimeMs.15MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/log/LogFlushStats/LogFlushRateAndTimeMs/count": { - "metric": "kafka.log.LogFlushStats.LogFlushRateAndTimeMs.count", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/controller/ControllerStats/LeaderElectionRateAndTimeMs/meanRate": { - "metric": "kafka.controller.ControllerStats.LeaderElectionRateAndTimeMs.meanRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/controller/ControllerStats/LeaderElectionRateAndTimeMs/1MinuteRate": { - "metric": "kafka.controller.ControllerStats.LeaderElectionRateAndTimeMs.1MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/controller/ControllerStats/LeaderElectionRateAndTimeMs/5MinuteRate": { - "metric": "kafka.controller.ControllerStats.LeaderElectionRateAndTimeMs.5MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/controller/ControllerStats/LeaderElectionRateAndTimeMs/15MinuteRate": { - "metric": "kafka.controller.ControllerStats.LeaderElectionRateAndTimeMs.15MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/controller/ControllerStats/LeaderElectionRateAndTimeMs/count": { - "metric": "kafka.controller.ControllerStats.LeaderElectionRateAndTimeMs.count", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/controller/ControllerStats/UncleanLeaderElectionsPerSec/1MinuteRate": { - "metric": "kafka.controller.ControllerStats.UncleanLeaderElectionsPerSec.1MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/controller/ControllerStats/UncleanLeaderElectionsPerSec/5MinuteRate": { - "metric": "kafka.controller.ControllerStats.UncleanLeaderElectionsPerSec.5MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/controller/ControllerStats/UncleanLeaderElectionsPerSec/15MinuteRate": { - "metric": "kafka.controller.ControllerStats.UncleanLeaderElectionsPerSec.15MinuteRate", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/controller/ControllerStats/OfflinePartitionsCount": { - "metric": "kafka.controller.ControllerStats.OfflinePartitionsCount", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/ReplicaManager/PartitionCount": { - "metric": "kafka.server.ReplicaManager.PartitionCount", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/ReplicaManager/LeaderCount": { - "metric": "kafka.server.ReplicaManager.LeaderCount", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/ReplicaManager/UnderReplicatedPartitions": { - "metric": "kafka.server.ReplicaManager.UnderReplicatedPartitions", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/ReplicaManager/ISRShrinksPerSec": { - "metric": "kafka.server.ReplicaManager.ISRShrinksPerSec", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/ReplicaManager/ISRExpandsPerSec": { - "metric": "kafka.server.ReplicaManager.ISRExpandsPerSec", - "pointInTime": true, - "temporal": true - }, - - "metrics/kafka/server/ReplicaFetcherManager/Replica-MaxLag": { - "metric": "kafka.server.ReplicaFetcherManager.Replica-MaxLag", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/ProducerRequestPurgatory/PurgatorySize": { - "metric": "kafka.server.ProducerRequestPurgatory.PurgatorySize", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/server/FetchRequestPurgatory/PurgatorySize": { - "metric": "kafka.server.FetchRequestPurgatory.PurgatorySize", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/cluster/Partition/$1-UnderReplicated": { - "metric": "kafka.cluster.Partition.(\\w+)-UnderReplicated", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/consumer/ConsumerFetcherManager/$1-MaxLag": { - "metric": "kafka.consumer.ConsumerFetcherManager.(\\w+)-MaxLag", - "pointInTime": true, - "temporal": true - }, - "metrics/kafka/consumer/ConsumerFetcherManager/$1-MinFetch": { - "metric": "kafka.consumer.ConsumerFetcherManager.(\\w+)-MinFetch", - "pointInTime": true, - "temporal": true - } - } - } - } - ] - } -}
http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/kafka.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/kafka.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/kafka.py deleted file mode 100644 index c0231a8..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/kafka.py +++ /dev/null @@ -1,70 +0,0 @@ -#!/usr/bin/env python -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -""" - -from resource_management import * -from properties_config import properties_config -import sys -from copy import deepcopy - -def kafka(): - import params - - Directory([params.log_dir, params.pid_dir, params.conf_dir], - owner=params.kafka_user, - group=params.user_group, - recursive=True - ) - brokerid = str(sorted(params.kafka_hosts).index(params.hostname)) - kafka_server_config = mutable_config_dict(params.config['configurations']['kafka-broker']) - kafka_server_config['broker.id'] = brokerid - kafka_server_config['host.name'] = params.hostname - kafka_data_dir = kafka_server_config['log.dirs'] - Directory(filter(None,kafka_data_dir.split(",")), - owner=params.kafka_user, - group=params.user_group, - recursive=True) - - conf_dir = params.conf_dir - properties_config("server.properties", - conf_dir=params.conf_dir, - configurations=kafka_server_config, - owner=params.kafka_user, - group=params.user_group, - brokerid=brokerid) - - File(format("{conf_dir}/kafka-env.sh"), - owner=params.kafka_user, - content=InlineTemplate(params.kafka_env_sh_template) - ) - - if (params.log4j_props != None): - File(format("{conf_dir}/log4j.properties"), - mode=0644, - group=params.user_group, - owner=params.kafka_user, - content=params.log4j_props - ) - - -def mutable_config_dict(kafka_broker_config): - kafka_server_config = {} - for key, value in kafka_broker_config.iteritems(): - kafka_server_config[key] = value - return kafka_server_config http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/kafka_broker.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/kafka_broker.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/kafka_broker.py deleted file mode 100644 index c79ebb9..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/kafka_broker.py +++ /dev/null @@ -1,63 +0,0 @@ -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -""" - -from resource_management import * -import sys - -from kafka import kafka - -class KafkaBroker(Script): - def install(self, env): - self.install_packages(env) - self.configure(env) - - def configure(self, env): - import params - env.set_params(params) - kafka() - - def start(self, env): - import params - env.set_params(params) - self.configure(env) - daemon_cmd = format('source {params.conf_dir}/kafka-env.sh ; {params.kafka_bin} start') - no_op_test = format('ls {params.pid_file} >/dev/null 2>&1 && ps -p `cat {params.pid_file}` >/dev/null 2>&1') - Execute(daemon_cmd, - user=params.kafka_user, - not_if=no_op_test - ) - - def stop(self, env): - import params - env.set_params(params) - self.configure(env) - daemon_cmd = format('source {params.conf_dir}/kafka-env.sh; {params.kafka_bin} stop') - Execute(daemon_cmd, - user=params.kafka_user, - ) - Execute (format("rm -f {params.pid_file}")) - - - def status(self, env): - import status_params - env.set_params(status_params) - check_process_status(status_params.kafka_pid_file) - -if __name__ == "__main__": - KafkaBroker().execute() http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/params.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/params.py deleted file mode 100644 index 0dd306a..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/params.py +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/env python -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -""" - -from resource_management.libraries.functions.version import format_hdp_stack_version, compare_versions -from resource_management import * -import status_params - -# server configurations -config = Script.get_config() - -stack_version_unformatted = str(config['hostLevelParams']['stack_version']) -hdp_stack_version = format_hdp_stack_version(stack_version_unformatted) -stack_is_hdp22_or_further = hdp_stack_version != "" and compare_versions(hdp_stack_version, '2.2') >= 0 - -if stack_is_hdp22_or_further: - kafka_home = '/usr/hdp/current/kafka-broker/' - kafka_bin = kafka_home+'bin/kafka' -else: - kafka_home = '/usr/lib/kafka/' - kafka_bin = kafka_home+'/bin/kafka' - - -conf_dir = "/etc/kafka/conf" -kafka_user = config['configurations']['kafka-env']['kafka_user'] -log_dir = config['configurations']['kafka-env']['kafka_log_dir'] -pid_dir = status_params.kafka_pid_dir -pid_file = pid_dir+"/kafka.pid" -hostname = config['hostname'] -user_group = config['configurations']['cluster-env']['user_group'] -java64_home = config['hostLevelParams']['java_home'] -kafka_env_sh_template = config['configurations']['kafka-env']['content'] -kafka_hosts = config['clusterHostInfo']['kafka_broker_hosts'] -kafka_hosts.sort() - -zookeeper_hosts = config['clusterHostInfo']['zookeeper_hosts'] -zookeeper_hosts.sort() - -if (('kafka-log4j' in config['configurations']) and ('content' in config['configurations']['kafka-log4j'])): - log4j_props = config['configurations']['kafka-log4j']['content'] -else: - log4j_props = None http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/properties_config.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/properties_config.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/properties_config.py deleted file mode 100644 index 56bab2c..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/properties_config.py +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/env python -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -""" - -import re -from resource_management import * - -def properties_inline_template(configurations): - return source.InlineTemplate('''{% for key, value in configurations_dict.items() %}{{ key }}={{ value }} -{% endfor %}''', configurations_dict=configurations) - -def properties_config(filename, configurations = None, conf_dir = None, - mode = None, owner = None, group = None, brokerid = None): - config_content = properties_inline_template(configurations) - File (format("{conf_dir}/{filename}"), content = config_content, owner = owner, - group = group, mode = mode) http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/service_check.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/service_check.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/service_check.py deleted file mode 100644 index c2b4bc1..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/service_check.py +++ /dev/null @@ -1,65 +0,0 @@ -#!/usr/bin/env python -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -""" -from __future__ import print_function -from resource_management import * -import sys,subprocess,os - -class ServiceCheck(Script): - def service_check(self, env): - import params - env.set_params(params) - kafka_config=self.read_kafka_config(params.conf_dir) - self.set_env(params.conf_dir) - create_topic_cmd_created_output = "Created topic \"ambari_kafka_service_check\"." - create_topic_cmd_exists_output = "Topic \"ambari_kafka_service_check\" already exists." - print("Running kafka create topic command", file=sys.stdout) - create_topic_cmd = [params.kafka_home+'/bin/kafka-topics.sh', '--zookeeper '+kafka_config['zookeeper.connect'], - '--create --topic ambari_kafka_service_check', '--partitions 1 --replication-factor 1'] - print(" ".join(create_topic_cmd), file=sys.stdout) - create_topic_process = subprocess.Popen(create_topic_cmd,stdout=subprocess.PIPE,stderr=subprocess.PIPE) - out, err = create_topic_process.communicate() - if out.find(create_topic_cmd_created_output) != -1: - print(out, file=sys.stdout) - sys.exit(0) - elif out.find(create_topic_cmd_exists_output) != -1: - print("Topic ambari_kafka_service_check exists", file=sys.stdout) - sys.exit(0) - else: - print(out, file=sys.stderr) - sys.exit(1) - - def read_kafka_config(self,kafka_conf_dir): - conf_file = open(kafka_conf_dir+"/server.properties","r") - kafka_config = {} - for line in conf_file: - key,value = line.split("=") - kafka_config[key] = value.replace("\n","") - return kafka_config - - def set_env(self, kafka_conf_dir): - command = ['bash', '-c', 'source '+kafka_conf_dir+'/kafka-env.sh && env'] - proc = subprocess.Popen(command, stdout = subprocess.PIPE) - for line in proc.stdout: - (key, _, value) = line.partition("=") - os.environ[key] = value.replace("\n","") - proc.communicate() - -if __name__ == "__main__": - ServiceCheck().execute() http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/status_params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/status_params.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/status_params.py deleted file mode 100644 index fcb0816..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KAFKA/package/scripts/status_params.py +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/env python -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -""" - -from resource_management import * - -config = Script.get_config() - -kafka_pid_dir = config['configurations']['kafka-env']['kafka_pid_dir'] -kafka_pid_file = format("{kafka_pid_dir}/kafka.pid") http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kadm5-acl.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kadm5-acl.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kadm5-acl.xml deleted file mode 100644 index 31aa72c..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kadm5-acl.xml +++ /dev/null @@ -1,36 +0,0 @@ -<?xml version="1.0"?> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<!-- - ~ Licensed to the Apache Software Foundation (ASF) under one - ~ or more contributor license agreements. See the NOTICE file - ~ distributed with this work for additional information - ~ regarding copyright ownership. The ASF licenses this file - ~ to you under the Apache License, Version 2.0 (the - ~ "License"); you may not use this file except in compliance - ~ with the License. You may obtain a copy of the License at - ~ - ~ http://www.apache.org/licenses/LICENSE-2.0 - ~ - ~ Unless required by applicable law or agreed to in writing, software - ~ distributed under the License is distributed on an "AS IS" BASIS, - ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - ~ See the License for the specific language governing permissions and - ~ limitations under the License. - --> - -<configuration> - <property> - <name>conf_dir</name> - <description>The kadm.acl configuration directory</description> - <value>/var/kerberos/krb5kdc</value> - </property> - <property> - <name>content</name> - <description>The jinja template for the kadm5.acl file</description> - <value> - */admin@{{realm}} * - - {# Append additional realm declarations below #} - </value> - </property> -</configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kdc-conf.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kdc-conf.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kdc-conf.xml deleted file mode 100644 index 9b0199e..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kdc-conf.xml +++ /dev/null @@ -1,57 +0,0 @@ -<?xml version="1.0"?> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<!-- -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ ---> - -<configuration> - <property> - <name>kdcdefaults_kdc_ports</name> - <value>88</value> - </property> - <property> - <name>kdcdefaults_kdc_tcp_ports</name> - <value>88</value> - </property> - - <property> - <name>conf_dir</name> - <description>The kdc.conf configuration directory</description> - <value>/var/kerberos/krb5kdc</value> - </property> - <property> - <name>content</name> - <description>The jinja template for the kdc.conf file</description> - <value> - [kdcdefaults] - kdc_ports = {{kdcdefaults_kdc_ports}} - kdc_tcp_ports = {{kdcdefaults_kdc_tcp_ports}} - - [realms] - {{realm}} = { - acl_file = {{kadm5_acl_path}} - dict_file = /usr/share/dict/words - admin_keytab = {{kadm5_acl_dir}}/kadm5.keytab - supported_enctypes = {{encryption_types}} - } - - {# Append additional realm declarations below #} - </value> - </property> -</configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml deleted file mode 100644 index 6e698cf..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml +++ /dev/null @@ -1,111 +0,0 @@ -<?xml version="1.0"?> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<!-- -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ ---> - -<configuration supports_final="false"> - <property require-input="true"> - <name>kdc_type</name> - <description> - The type of KDC being used. Either mit-kdc or active-directory - </description> - <value>mit-kdc</value> - </property> - - <property require-input="true"> - <name>ldap_url</name> - <description> - The URL to the Active Directory LDAP Interface - </description> - <value/> - </property> - - <property require-input="true"> - <name>container_dn</name> - <description> - The distinguished name (DN) of the container used store service principals - </description> - <value/> - </property> - - <property require-input="true"> - <name>encryption_types</name> - <description> - The supported list of session key encryption types that should be returned by the KDC. - </description> - <value>aes des3-cbc-sha1 rc4 des-cbc-md5</value> - </property> - - <property require-input="true"> - <name>realm</name> - <description> - The default realm to use when creating service principals - </description> - <value/> - </property> - - <property require-input="true"> - <name>kdc_host</name> - <description> - The IP address or FQDN for the KDC host. Optionally a port number may be included. - </description> - <value/> - </property> - - <property> - <name>admin_server_host</name> - <description> - The IP address or FQDN for the KDC Kerberos administrative host. Optionally a port number may be included. - </description> - <value/> - </property> - - <property> - <name>service_check_principal_name</name> - <description> - The principal name to use when executing the Kerberos service check - </description> - <value>${cluster_name}-${short_date}</value> - </property> - - <property require-input="true"> - <name>create_attributes_template</name> - <description> - A Velocity template to use to generate a JSON-formatted document containing the set of - attribute names and values needed to create a new Kerberos identity in the relevant KDC. - Variables include: - principal_name, principal_primary, principal_instance, realm, realm_lowercase, - normalized_principal, principal digest, password, is_service, container_dn - </description> - <value> -{ - "objectClass": ["top", "person", "organizationalPerson", "user"], - "cn": "$principal_name", - #if( $is_service ) - "servicePrincipalName": "$principal_name", - #end - "userPrincipalName": "$normalized_principal", - "unicodePwd": "$password", - "accountExpires": "0", - "userAccountControl": "66048" -} - </value> - </property> -</configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/krb5-conf.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/krb5-conf.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/krb5-conf.xml deleted file mode 100644 index 8622e13..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/krb5-conf.xml +++ /dev/null @@ -1,106 +0,0 @@ -<?xml version="1.0"?> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<!-- -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ ---> - -<configuration> - <property require-input="false"> - <name>domains</name> - <description> - A comma-delimited list of domain names that the realm serves (optional) - </description> - <value/> - </property> - <property> - <name>test_principal</name> - <description> - The principal that may be used to test the Kerberos configuration (this will not be retained) - </description> - <value/> - </property> - <property> - <name>test_password</name> - <description> - The password for the administrative principal (either this value or the keytab value is - required to be set, neither is expected to be retained) - </description> - <value/> - <property-type>PASSWORD</property-type> - </property> - <property> - <name>test_keytab</name> - <description> - The base64-encoded keytab for the test principal (either this value or the password - value is required to be set, neither is expected to be retained) - </description> - <value> - - </value> - </property> - - <property> - <name>manage_krb5_conf</name> - <description> - Indicates weather the Kerberos client krb5.conf file should be managed by Ambari or you will manage manually - </description> - <value>true</value> - </property> - - <property> - <name>conf_dir</name> - <description>The krb5.conf configuration directory</description> - <value>/etc</value> - </property> - <property> - <name>content</name> - <description>The jinja template for the krb5.conf file</description> - <value> -[libdefaults] - renew_lifetime = 7d - forwardable = true - default_realm = {{realm|upper()}} - ticket_lifetime = 24h - dns_lookup_realm = false - dns_lookup_kdc = false - #default_tgs_enctypes = {{encryption_types}} - #default_tkt_enctypes = {{encryption_types}} - -{% if domains %} -[domain_realm] -{% for domain in domains.split(',') %} - {{domain}} = {{realm|upper()}} -{% endfor %} -{% endif %} - -[logging] - default = FILE:/var/log/krb5kdc.log - admin_server = FILE:/var/log/kadmind.log - kdc = FILE:/var/log/krb5kdc.log - -[realms] - {{realm}} = { - admin_server = {{admin_server_host|default(kdc_host, True)}} - kdc = {{kdc_host}} - } - -{# Append additional realm declarations below #} - </value> - </property> -</configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/metainfo.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/metainfo.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/metainfo.xml deleted file mode 100644 index 894033b..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/metainfo.xml +++ /dev/null @@ -1,175 +0,0 @@ -<?xml version="1.0"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one or more - contributor license agreements. See the NOTICE file distributed with - this work for additional information regarding copyright ownership. - The ASF licenses this file to You under the Apache License, Version 2.0 - (the "License"); you may not use this file except in compliance with - the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> -<metainfo> - <schemaVersion>2.0</schemaVersion> - <services> - <service> - <name>KERBEROS</name> - <displayName>Kerberos</displayName> - <comment>A computer network authentication protocol which works on - the basis of 'tickets' to allow nodes communicating over a - non-secure network to prove their identity to one another in a - secure manner. - </comment> - <version>1.10.3-10</version> - - <components> - <component> - <name>KDC_SERVER</name> - <displayName>Kerberos KDC</displayName> - <category>MASTER</category> - <cardinality>0-1</cardinality> - <dependencies> - <dependency> - <name>KERBEROS/KERBEROS_CLIENT</name> - <scope>cluster</scope> - <auto-deploy> - <enabled>true</enabled> - </auto-deploy> - </dependency> - </dependencies> - <commandScript> - <script>scripts/kerberos_server.py</script> - <scriptType>PYTHON</scriptType> - <timeout>900</timeout> - </commandScript> - <configFiles> - <configFile> - <type>env</type> - <fileName>krb5.conf</fileName> - <dictionaryName>krb5-conf</dictionaryName> - </configFile> - <configFile> - <type>env</type> - <fileName>kdc.conf</fileName> - <dictionaryName>kdc-conf</dictionaryName> - </configFile> - <configFile> - <type>env</type> - <fileName>kadm5.acl</fileName> - <dictionaryName>kadm5-acl</dictionaryName> - </configFile> - </configFiles> - </component> - - <component> - <name>KERBEROS_CLIENT</name> - <displayName>Kerberos Client</displayName> - <category>CLIENT</category> - <cardinality>ALL</cardinality> - <auto-deploy> - <enabled>true</enabled> - </auto-deploy> - <commandScript> - <script>scripts/kerberos_client.py</script> - <scriptType>PYTHON</scriptType> - <timeout>600</timeout> - </commandScript> - <customCommands> - <customCommand> - <name>SET_KEYTAB</name> - <commandScript> - <script>scripts/kerberos_client.py</script> - <scriptType>PYTHON</scriptType> - <timeout>1000</timeout> - </commandScript> - </customCommand> - <customCommand> - <name>REMOVE_KEYTAB</name> - <commandScript> - <script>scripts/kerberos_client.py</script> - <scriptType>PYTHON</scriptType> - <timeout>1000</timeout> - </commandScript> - </customCommand> - </customCommands> - <configFiles> - <configFile> - <type>env</type> - <fileName>krb5.conf</fileName> - <dictionaryName>krb5-conf</dictionaryName> - </configFile> - </configFiles> - </component> - </components> - - <osSpecifics> - <osSpecific> - <osFamily>redhat5,redhat6</osFamily> - <packages> - <package> - <name>krb5-server</name> - </package> - <package> - <name>krb5-libs</name> - </package> - <package> - <name>krb5-workstation</name> - </package> - </packages> - </osSpecific> - - <osSpecific> - <osFamily>ubuntu12</osFamily> - <packages> - <package> - <name>krb5-kdc</name> - </package> - <package> - <name>krb5-admin-server</name> - </package> - <package> - <name>krb5-user</name> - </package> - <package> - <name>krb5-config</name> - </package> - </packages> - </osSpecific> - - <osSpecific> - <osFamily>suse11</osFamily> - <packages> - <package> - <name>krb5</name> - </package> - <package> - <name>krb5-client</name> - </package> - <package> - <name>krb5-server</name> - </package> - </packages> - </osSpecific> - </osSpecifics> - - <commandScript> - <script>scripts/service_check.py</script> - <scriptType>PYTHON</scriptType> - <timeout>300</timeout> - </commandScript> - - <configuration-dependencies> - <config-type>krb5-conf</config-type> - <config-type>kdc-conf</config-type> - <config-type>kadm5-acl</config-type> - </configuration-dependencies> - <restartRequiredAfterChange>true</restartRequiredAfterChange> - </service> - </services> -</metainfo> http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_client.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_client.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_client.py deleted file mode 100644 index 380c094..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_client.py +++ /dev/null @@ -1,44 +0,0 @@ -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -""" - -from kerberos_common import * - -class KerberosClient(KerberosScript): - def install(self, env): - self.install_packages(env, ['krb5-server', 'krb5-libs', 'krb5-auth-dialog', 'krb5', 'krb5-kdc', 'krb5-admin-server']) - self.configure(env) - - - def configure(self, env): - import params - env.set_params(params) - if params.manage_krb5_conf: - self.write_krb5_conf() - - def status(self, env): - raise ClientComponentHasNoStatus() - - def set_keytab(self, env): - KerberosScript.write_keytab_file() - - def remove_keytab(self, env): - self.delete_keytab_file() - -if __name__ == "__main__": - KerberosClient().execute() http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_common.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_common.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_common.py deleted file mode 100644 index cb414c7..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_common.py +++ /dev/null @@ -1,419 +0,0 @@ -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -""" - -import base64 -import os -import string -import subprocess -import sys -import tempfile - -from resource_management import * -from utils import get_property_value -from ambari_commons.os_utils import remove_file - -class KerberosScript(Script): - KRB5_REALM_PROPERTIES = [ - 'kdc', - 'admin_server', - 'default_domain', - 'master_kdc' - ] - - KRB5_SECTION_NAMES = [ - 'libdefaults', - 'logging', - 'realms', - 'domain_realm', - 'capaths', - 'ca_paths', - 'appdefaults', - 'plugins' - ] - - @staticmethod - def create_random_password(): - import random - - chars = string.digits + string.ascii_letters - return ''.join(random.choice(chars) for x in range(13)) - - @staticmethod - def write_conf_section(output_file, section_name, section_data): - if section_name is not None: - output_file.write('[%s]\n' % section_name) - - if section_data is not None: - for key, value in section_data.iteritems(): - output_file.write(" %s = %s\n" % (key, value)) - - - @staticmethod - def _write_conf_realm(output_file, realm_name, realm_data): - """ Writes out realm details - - Example: - - EXAMPLE.COM = { - kdc = kerberos.example.com - admin_server = kerberos.example.com - } - - """ - if realm_name is not None: - output_file.write(" %s = {\n" % realm_name) - - if realm_data is not None: - for key, value in realm_data.iteritems(): - if key in KerberosScript.KRB5_REALM_PROPERTIES: - output_file.write(" %s = %s\n" % (key, value)) - - output_file.write(" }\n") - - @staticmethod - def write_conf_realms_section(output_file, section_name, realms_data): - if section_name is not None: - output_file.write('[%s]\n' % section_name) - - if realms_data is not None: - for realm, realm_data in realms_data.iteritems(): - KerberosScript._write_conf_realm(output_file, realm, realm_data) - output_file.write('\n') - - @staticmethod - def write_krb5_conf(): - import params - - Directory(params.krb5_conf_dir, - owner='root', - recursive=True, - group='root', - mode=0755 - ) - - if (params.krb5_conf_template is None) or not params.krb5_conf_template.strip(): - content = Template('krb5_conf.j2') - else: - content = InlineTemplate(params.krb5_conf_template) - - File(params.krb5_conf_path, - content=content, - owner='root', - group='root', - mode=0644 - ) - - @staticmethod - def invoke_kadmin(query, admin_identity=None, default_realm=None): - """ - Executes the kadmin or kadmin.local command (depending on whether auth_identity is set or not - and returns command result code and standard out data. - - :param query: the kadmin query to execute - :param admin_identity: the identity for the administrative user (optional) - :param default_realm: the default realm to assume - :return: return_code, out - """ - if (query is not None) and (len(query) > 0): - auth_principal = None - auth_keytab_file = None - - if admin_identity is not None: - auth_principal = get_property_value(admin_identity, 'principal') - - if auth_principal is None: - kadmin = 'kadmin.local' - credential = '' - else: - kadmin = 'kadmin -p "%s"' % auth_principal - - auth_password = get_property_value(admin_identity, 'password') - - if auth_password is None: - auth_keytab = get_property_value(admin_identity, 'keytab') - - if auth_keytab is not None: - (fd, auth_keytab_file) = tempfile.mkstemp() - os.write(fd, base64.b64decode(auth_keytab)) - os.close(fd) - - credential = '-k -t %s' % auth_keytab_file - else: - credential = '-w "%s"' % auth_password - - if (default_realm is not None) and (len(default_realm) > 0): - realm = '-r %s' % default_realm - else: - realm = '' - - try: - command = '%s %s %s -q "%s"' % (kadmin, credential, realm, query.replace('"', '\\"')) - return shell.checked_call(command) - except: - raise - finally: - if auth_keytab_file is not None: - os.remove(auth_keytab_file) - - @staticmethod - def create_keytab_file(principal, path, auth_identity=None): - success = False - - if (principal is not None) and (len(principal) > 0): - if (auth_identity is None) or (len(auth_identity) == 0): - norandkey = '-norandkey' - else: - norandkey = '' - - if (path is not None) and (len(path) > 0): - keytab_file = '-k %s' % path - else: - keytab_file = '' - - try: - result_code, output = KerberosScript.invoke_kadmin( - 'ktadd %s %s %s' % (keytab_file, norandkey, principal), - auth_identity) - - success = (result_code == 0) - except: - raise Fail("Failed to create keytab for principal: %s (in %s)" % (principal, path)) - - return success - - @staticmethod - def create_keytab(principal, auth_identity=None): - keytab = None - - (fd, temp_path) = tempfile.mkstemp() - os.remove(temp_path) - - try: - if KerberosScript.create_keytab_file(principal, temp_path, auth_identity): - with open(temp_path, 'r') as f: - keytab = base64.b64encode(f.read()) - finally: - if os.path.isfile(temp_path): - os.remove(temp_path) - - return keytab - - @staticmethod - def principal_exists(identity, auth_identity=None): - exists = False - - if identity is not None: - principal = get_property_value(identity, 'principal') - - if (principal is not None) and (len(principal) > 0): - try: - result_code, output = KerberosScript.invoke_kadmin('getprinc %s' % principal, - auth_identity) - exists = (output is not None) and (("Principal: %s" % principal) in output) - except: - raise Fail("Failed to determine if principal exists: %s" % principal) - - return exists - - @staticmethod - def change_principal_password(identity, auth_identity=None): - success = False - - if identity is not None: - principal = get_property_value(identity, 'principal') - - if (principal is not None) and (len(principal) > 0): - password = get_property_value(identity, 'password') - - if password is None: - credentials = '-randkey' - else: - credentials = '-pw "%s"' % password - - try: - result_code, output = KerberosScript.invoke_kadmin( - 'change_password %s %s' % (credentials, principal), - auth_identity) - - success = (result_code == 0) - except: - raise Fail("Failed to create principal: %s" % principal) - - return success - - @staticmethod - def create_principal(identity, auth_identity=None): - success = False - - if identity is not None: - principal = get_property_value(identity, 'principal') - - if (principal is not None) and (len(principal) > 0): - password = get_property_value(identity, 'password') - - if password is None: - credentials = '-randkey' - else: - credentials = '-pw "%s"' % password - - try: - result_code, out = KerberosScript.invoke_kadmin( - 'addprinc %s %s' % (credentials, principal), - auth_identity) - - success = (result_code == 0) - except: - raise Fail("Failed to create principal: %s" % principal) - - return success - - @staticmethod - def create_principals(identities, auth_identity=None): - if identities is not None: - for identity in identities: - KerberosScript.create_principal(identity, auth_identity) - - @staticmethod - def create_or_update_administrator_identity(): - import params - - if params.realm is not None: - admin_identity = params.get_property_value(params.realm, 'admin_identity') - - if KerberosScript.principal_exists(admin_identity): - KerberosScript.change_principal_password(admin_identity) - else: - KerberosScript.create_principal(admin_identity) - - @staticmethod - def test_kinit(identity): - principal = get_property_value(identity, 'principal') - - if principal is not None: - keytab_file = get_property_value(identity, 'keytab_file') - keytab = get_property_value(identity, 'keytab') - password = get_property_value(identity, 'password') - - # If a test keytab file is available, simply use it - if (keytab_file is not None) and (os.path.isfile(keytab_file)): - command = 'kinit -k -t %s %s' % (keytab_file, principal) - shell.checked_call(command) - return shell.checked_call('kdestroy') - - # If base64-encoded test keytab data is available; then decode it, write it to a temporary file - # use it, and then remove the temporary file - elif keytab is not None: - (fd, test_keytab_file) = tempfile.mkstemp() - os.write(fd, base64.b64decode(keytab)) - os.close(fd) - - try: - command = 'kinit -k -t %s %s' % (test_keytab_file, principal) - shell.checked_call(command) - return shell.checked_call('kdestroy') - except: - raise - finally: - if test_keytab_file is not None: - os.remove(test_keytab_file) - - # If no keytab data is available and a password was supplied, simply use it. - elif password is not None: - process = subprocess.Popen(['kinit', principal], stdin=subprocess.PIPE) - stdout, stderr = process.communicate(password) - if process.returncode: - err_msg = Logger.get_protected_text("Execution of kinit returned %d. %s" % (process.returncode, stderr)) - raise Fail(err_msg) - else: - return shell.checked_call('kdestroy') - else: - return 0, '' - else: - return 0, '' - - - @staticmethod - def write_keytab_file(): - import params - - if params.keytab_details is not None: - data = get_property_value(params.keytab_details, 'data') - - if (data is not None) and (len(data) > 0): - file_path = get_property_value(params.keytab_details, 'file-path') - - if (file_path is not None) and (len(file_path) > 0): - with open(file_path, 'w') as f: - f.write(base64.b64decode(data)) - - KerberosScript._set_file_access(file_path, params.keytab_details, params.default_group) - - def delete_keytab_file(self): - import params - - if params.kerberos_command_params is not None: - for item in params.kerberos_command_params: - keytab_file_path = get_property_value(item, 'keytab_file_path') - if (keytab_file_path is not None) and (len(keytab_file_path) > 0): - print 'Removing keytab file, ', keytab_file_path, "\n" - remove_file(keytab_file_path) - - principal = get_property_value(item, 'principal') - if principal is not None: - curr_content = Script.structuredOut - - if "keytabs" not in curr_content: - curr_content['keytabs'] = {} - - curr_content['keytabs'][principal.replace("_HOST", params.hostname)] = '_REMOVED_' - - self.put_structured_out(curr_content) - - @staticmethod - def _set_file_access(file_path, access_details, default_group=None): - if (file_path is not None) and os.path.isfile(file_path) and (access_details is not None): - import stat - import pwd - import grp - - owner = get_property_value(access_details, 'owner/name') - owner_access = get_property_value(access_details, 'owner/access', 'rw') - group = get_property_value(access_details, 'group/name', default_group) - group_access = get_property_value(access_details, 'group/access', '') - - pwnam = pwd.getpwnam(owner) if (owner is not None) and (len(owner) > 0) else None - uid = pwnam.pw_uid if pwnam is not None else os.geteuid() - - grnam = grp.getgrnam(group) if (group is not None) and (len(group) > 0) else None - gid = grnam.gr_gid if grnam is not None else os.getegid() - - chmod = 0 - - if owner_access == 'r': - chmod |= stat.S_IREAD - else: - chmod |= stat.S_IREAD | stat.S_IWRITE - - if group_access == 'rw': - chmod |= stat.S_IRGRP | stat.S_IWGRP - elif group_access == 'r': - chmod |= stat.S_IRGRP - - os.chmod(file_path, chmod) - os.chown(file_path, uid, gid) http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_server.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_server.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_server.py deleted file mode 100644 index 3e15f50..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/kerberos_server.py +++ /dev/null @@ -1,144 +0,0 @@ -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -""" - -from kerberos_common import * - -class KerberosServer(KerberosScript): - @staticmethod - def write_kadm5_acl(): - import params - - Directory(params.kadm5_acl_dir, - owner='root', - recursive=True, - group='root', - mode=0700 - ) - - if (params.kadm5_acl_template is None) or not params.kadm5_acl_template.strip(): - content = Template('kadm5_acl.j2') - else: - content = InlineTemplate(params.kadm5_acl_template) - - File(params.kadm5_acl_path, - content=content, - owner='root', - group='root', - mode=0600 - ) - - @staticmethod - def write_kdc_conf(): - import params - - Directory(params.kdc_conf_dir, - owner='root', - recursive=True, - group='root', - mode=0700 - ) - - if (params.kdc_conf_template is None) or not params.kdc_conf_template.strip(): - content = Template('kdc_conf.j2') - else: - content = InlineTemplate(params.kdc_conf_template) - - File(params.kdc_conf_path, - content=content, - owner='root', - group='root', - mode=0600 - ) - - def install(self, env): - import params - - self.install_packages(env) - self.configure(env) - - # Create the Kerberos database (only on install, for now) - Execute( - "%s create -s -P '%s'" % (params.kdb5_util_path, KerberosScript.create_random_password())) - - # Create or update the administrator account - KerberosScript.create_or_update_administrator_identity() - - - def start(self, env): - os_family = System.get_instance().os_family - - # Attempt to reconfigure the service before starting - self.configure(env) - - # Create or update the administrator account - KerberosScript.create_or_update_administrator_identity() - - if os_family == "suse": - Execute('rckadmind start') - Execute('rckrb5kdc start') - elif os_family == 'ubuntu': - Execute('service krb5-kdc start') - Execute('service krb5-admin-server start') - else: - Execute('service krb5kdc start') - Execute('service kadmin start') - - def stop(self, env): - os_family = System.get_instance().os_family - - if os_family == "suse": - Execute('rckadmind stop') - Execute('rckrb5kdc stop') - elif os_family == 'ubuntu': - Execute('service krb5-kdc stop') - Execute('service krb5-admin-server stop') - else: - Execute('service krb5kdc stop') - Execute('service kadmin stop') - - - def configure(self, env): - import params - env.set_params(params) - - KerberosServer.write_krb5_conf() - KerberosServer.write_kdc_conf() - KerberosServer.write_kadm5_acl() - - def status(self, env): - import params - - if params.os_family == "suse": - try: - Execute('checkproc `which krb5kdc`') - Execute('checkproc `which kadmind`') - except Fail as ex: - raise ComponentIsNotRunning() - - elif params.os_family == 'ubuntu': - check_process_status(params.kdamin_pid_path) - check_process_status(params.krb5kdc_pid_path) - - else: - check_process_status(params.kdamin_pid_path) - check_process_status(params.krb5kdc_pid_path) - - -if __name__ == "__main__": - KerberosServer().execute() http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/params.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/params.py deleted file mode 100644 index 1c2061a..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/params.py +++ /dev/null @@ -1,189 +0,0 @@ -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -""" - -from resource_management import * -from utils import get_property_value, get_unstructured_data - -os_family = System.get_instance().os_family - -krb5_conf_dir = '/etc' -krb5_conf_file = 'krb5.conf' -krb5_conf_path = krb5_conf_dir + '/' + krb5_conf_file - -if os_family == 'suse': - kdc_conf_dir = '/var/lib/kerberos/krb5kdc' -elif os_family == 'ubuntu': - kdc_conf_dir = '/etc/krb5kdc' -else: - kdc_conf_dir = '/var/kerberos/krb5kdc' -kdc_conf_file = 'kdc.conf' -kdc_conf_path = kdc_conf_dir + '/' + kdc_conf_file - -kadm5_acl_dir = kdc_conf_dir # Typically kadm5.acl and kdc.conf exist in the same directory -kadm5_acl_file = 'kadm5.acl' -kadm5_acl_path = kadm5_acl_dir + '/' + kadm5_acl_file - -config = Script.get_config() - -command_params = None -configurations = None -keytab_details = None -default_group = None -cluster_env = None -kdc_server_host = None -cluster_host_info = None - -kdb5_util_path = 'kdb5_util' - -kdamin_pid_path = '/var/run/kadmind.pid' -krb5kdc_pid_path = '/var/run/krb5kdc.pid' - -smoke_test_principal = None -smoke_test_keytab_file = None - -# If a test keytab file is available, simply use it - - -if config is not None: - command_params = get_property_value(config, 'commandParams') - if command_params is not None: - keytab_details = get_unstructured_data(command_params, 'keytab') - - configurations = get_property_value(config, 'configurations') - if configurations is not None: - cluster_env = get_property_value(configurations, 'cluster-env') - - if cluster_env is not None: - smoke_test_principal = get_property_value(cluster_env, 'smokeuser') - smoke_test_keytab_file = get_property_value(cluster_env, 'smokeuser_keytab') - - default_group = get_property_value(cluster_env, 'user_group') - - if default_group is None: - default_group = get_property_value(cluster_env, 'user-group') - - cluster_host_info = get_property_value(config, 'clusterHostInfo') - if cluster_host_info is not None: - kdc_server_hosts = get_property_value(cluster_host_info, 'kdc_server_hosts') - - if (kdc_server_hosts is not None) and (len(kdc_server_hosts) > 0): - kdc_server_host = kdc_server_hosts[0] - - # ################################################################################################ - # Get krb5.conf template data - # ################################################################################################ - realm = 'EXAMPLE.COM' - domains = '' - kdc_host = 'localhost' - admin_server_host = None - admin_principal = None - admin_password = None - admin_keytab = None - test_principal = None - test_password = None - test_keytab = None - test_keytab_file = None - - krb5_conf_template = None - - encryption_types = None - manage_krb5_conf = "true" - krb5_conf_template = None - - krb5_conf_data = get_property_value(configurations, 'krb5-conf') - - kerberos_env = get_property_value(configurations, "kerberos-env") - - if kerberos_env is not None: - encryption_types = get_property_value(kerberos_env, "encryption_types", None) - realm = get_property_value(kerberos_env, "realm", None) - kdc_host = get_property_value(kerberos_env, 'kdc_host', kdc_host) - admin_server_host = get_property_value(kerberos_env, 'admin_server_host', admin_server_host) - - if krb5_conf_data is not None: - realm = get_property_value(krb5_conf_data, 'realm', realm) - domains = get_property_value(krb5_conf_data, 'domains', domains) - - admin_principal = get_property_value(krb5_conf_data, 'admin_principal', admin_principal) - admin_password = get_property_value(krb5_conf_data, 'admin_password', admin_password) - admin_keytab = get_property_value(krb5_conf_data, 'admin_keytab', admin_keytab) - - # If the admin keytab is just white space, set it to None - if admin_keytab is not None: - admin_keytab = admin_keytab.strip() - - if len(admin_keytab) == 0: - admin_keytab = None - - test_principal = get_property_value(krb5_conf_data, 'test_principal', test_principal) - test_password = get_property_value(krb5_conf_data, 'test_password', test_password) - test_keytab = get_property_value(krb5_conf_data, 'test_keytab', test_keytab) - test_keytab_file = get_property_value(krb5_conf_data, 'test_keytab_file', test_keytab_file) - - # If the test keytab is just white space, set it to None - if test_keytab is not None: - test_keytab = test_keytab.strip() - - if len(test_keytab) == 0: - test_keytab = None - - krb5_conf_template = get_property_value(krb5_conf_data, 'content', krb5_conf_template) - krb5_conf_dir = get_property_value(krb5_conf_data, 'conf_dir', krb5_conf_dir) - krb5_conf_file = get_property_value(krb5_conf_data, 'conf_file', krb5_conf_file) - krb5_conf_path = krb5_conf_dir + '/' + krb5_conf_file - - manage_krb5_conf = get_property_value(krb5_conf_data, 'manage_krb5_conf', - "true") - - # ################################################################################################ - # Get kdc.conf template data - # ################################################################################################ - kdcdefaults_kdc_ports = "88" - kdcdefaults_kdc_tcp_ports = "88" - - kdc_conf_template = None - - kdc_conf_data = get_property_value(configurations, 'kdc-conf') - - if kdc_conf_data is not None: - kdcdefaults_kdc_ports = get_property_value(kdc_conf_data, 'kdcdefaults_kdc_ports', - kdcdefaults_kdc_ports) - kdcdefaults_kdc_tcp_ports = get_property_value(kdc_conf_data, 'kdcdefaults_kdc_tcp_ports', - kdcdefaults_kdc_tcp_ports) - - kdc_conf_template = get_property_value(kdc_conf_data, 'content', kdc_conf_template) - kdc_conf_dir = get_property_value(kdc_conf_data, 'conf_dir', kdc_conf_dir) - kdc_conf_file = get_property_value(kdc_conf_data, 'conf_file', kdc_conf_file) - kdc_conf_path = kdc_conf_dir + '/' + kdc_conf_file - - # ################################################################################################ - # Get kadm5.acl template data - # ################################################################################################ - kdcdefaults_kdc_ports = '88' - kdcdefaults_kdc_tcp_ports = '88' - - kadm5_acl_template = None - - kadm5_acl_data = get_property_value(configurations, 'kadm5-acl') - - if kadm5_acl_data is not None: - kadm5_acl_template = get_property_value(kadm5_acl_data, 'content', kadm5_acl_template) - kadm5_acl_dir = get_property_value(kadm5_acl_data, 'conf_dir', kadm5_acl_dir) - kadm5_acl_file = get_property_value(kadm5_acl_data, 'conf_file', kadm5_acl_file) - kadm5_acl_path = kadm5_acl_dir + '/' + kadm5_acl_file http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/service_check.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/service_check.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/service_check.py deleted file mode 100644 index 73b9c7a..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/service_check.py +++ /dev/null @@ -1,63 +0,0 @@ -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -Ambari Agent - -""" - -from kerberos_common import * -from resource_management import * - -class KerberosServiceCheck(KerberosScript): - def service_check(self, env): - import params - - # First attempt to test using the smoke test user, if data is available - if ((params.smoke_test_principal is not None) and - (params.smoke_test_keytab_file is not None) and - os.path.isfile(params.smoke_test_keytab_file)): - print "Performing kinit using smoke test user: %s" % params.smoke_test_principal - code, out = self.test_kinit({ - 'principal': params.smoke_test_principal, - 'keytab_file': params.smoke_test_keytab_file - }) - test_performed = True - - # Else if a test credentials is specified, try to test using that - elif params.test_principal is not None: - print "Performing kinit using test user: %s" % params.test_principal - code, out = self.test_kinit({ - 'principal': params.test_principal, - 'keytab_file': params.test_keytab_file, - 'keytab': params.test_keytab, - 'password': params.test_password - }) - test_performed = True - - else: - code = 0 - out = '' - test_performed = False - - if test_performed: - if code == 0: - print "Test executed successfully." - else: - print "Test failed with error code %d: %s." % (code, out) - -if __name__ == "__main__": - KerberosServiceCheck().execute() http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/utils.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/utils.py b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/utils.py deleted file mode 100644 index 79e89e6..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/scripts/utils.py +++ /dev/null @@ -1,69 +0,0 @@ -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -""" - -def get_property_value(dictionary, property_name, null_value=None): - return dictionary[property_name] if property_name in dictionary else null_value - -def get_unstructured_data(dictionary, property_name): - prefix = property_name + '/' - prefix_len = len(prefix) - return dict((k[prefix_len:], v) for k, v in dictionary.iteritems() if k.startswith(prefix)) - -def split_host_and_port(host): - """ - Splits a string into its host and port components - - :param host: a string matching the following patern: <host name | ip address>[:port] - :return: a Dictionary containing 'host' and 'port' entries for the input value - """ - - if host is None: - host_and_port = None - else: - host_and_port = {} - parts = host.split(":") - - if parts is not None: - length = len(parts) - - if length > 0: - host_and_port['host'] = parts[0] - - if length > 1: - host_and_port['port'] = int(parts[1]) - - return host_and_port - -def set_port(host, port): - """ - Sets the port for a host specification, potentially replacing an existing port declaration - - :param host: a string matching the following pattern: <host name | ip address>[:port] - :param port: a string or integer declaring the (new) port - :return: a string declaring the new host/port specification - """ - if port is None: - return host - else: - host_and_port = split_host_and_port(host) - - if (host_and_port is not None) and ('host' in host_and_port): - return "%s:%s" % (host_and_port['host'], port) - else: - return host http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/kadm5_acl.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/kadm5_acl.j2 b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/kadm5_acl.j2 deleted file mode 100644 index d82ae23..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/kadm5_acl.j2 +++ /dev/null @@ -1,20 +0,0 @@ -{# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#} -*/admin@{{realm}} * - -{# Append additional realm declarations should be placed below #} http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/kdc_conf.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/kdc_conf.j2 b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/kdc_conf.j2 deleted file mode 100644 index f78adc7..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/kdc_conf.j2 +++ /dev/null @@ -1,30 +0,0 @@ -{# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#} -[kdcdefaults] - kdc_ports = {{kdcdefaults_kdc_ports}} - kdc_tcp_ports = {{kdcdefaults_kdc_tcp_ports}} - -[realms] - {{realm}} = { - acl_file = {{kadm5_acl_path}} - dict_file = /usr/share/dict/words - admin_keytab = {{kadm5_acl_dir}}/kadm5.keytab - supported_enctypes = {{encryption_types}} - } - -{# Append additional realm declarations should be placed below #} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/627401f6/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/krb5_conf.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/krb5_conf.j2 b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/krb5_conf.j2 deleted file mode 100644 index cc6f63a..0000000 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/package/templates/krb5_conf.j2 +++ /dev/null @@ -1,46 +0,0 @@ -{# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#} -[libdefaults] - renew_lifetime = 7d - forwardable = true - default_realm = {{realm|upper()}} - ticket_lifetime = 24h - dns_lookup_realm = false - dns_lookup_kdc = false - #default_tgs_enctypes = {{encryption_types}} - #default_tkt_enctypes = {{encryption_types}} - -{% if domains %} -[domain_realm] -{% for domain in domains.split(',') %} - {{domain}} = {{realm|upper()}} -{% endfor %} -{% endif %} - -[logging] - default = FILE:/var/log/krb5kdc.log - admin_server = FILE:/var/log/kadmind.log - kdc = FILE:/var/log/krb5kdc.log - -[realms] - {{realm}} = { - admin_server = {{admin_server_host|default(kdc_host, True)}} - kdc = {{kdc_host}} - } - -{# Append additional realm declarations below #} \ No newline at end of file
