AMBARI-16891. SSL support for Log Search Solr (Miklos Gergely via oleewere)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/9b8ca7e9 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/9b8ca7e9 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/9b8ca7e9 Branch: refs/heads/trunk Commit: 9b8ca7e9fe3f8afbadf0cf61b071218e39eb2e3f Parents: 38ad356 Author: Miklos Gergely <[email protected]> Authored: Mon May 30 11:31:17 2016 +0200 Committer: oleewere <[email protected]> Committed: Mon May 30 12:15:48 2016 +0200 ---------------------------------------------------------------------- .../src/main/scripts/run.sh | 9 +- .../src/main/scripts/run.sh | 8 ++ .../common-services/LOGSEARCH/0.5.0/alerts.json | 2 + .../0.5.0/configuration/logfeeder-env.xml | 45 +++++++ .../0.5.0/configuration/logsearch-env.xml | 45 +++++++ .../0.5.0/configuration/logsearch-solr-env.xml | 60 +++++++++ .../LOGSEARCH/0.5.0/metainfo.xml | 2 + .../LOGSEARCH/0.5.0/package/scripts/params.py | 20 +++ .../0.5.0/package/scripts/setup_logfeeder.py | 1 + .../package/scripts/setup_logsearch_solr.py | 12 +- .../0.5.0/properties/logfeeder-env.sh.j2 | 12 +- .../0.5.0/properties/logsearch-env.sh.j2 | 12 +- .../0.5.0/properties/logsearch-solr-env.sh.j2 | 13 +- .../stacks/2.4/LOGSEARCH/test_logfeeder.py | 1 + .../stacks/2.4/LOGSEARCH/test_logsearch.py | 1 - .../python/stacks/2.4/LOGSEARCH/test_solr.py | 10 +- .../test/python/stacks/2.4/configs/default.json | 6 +- ambari-web/app/data/HDP2/site_properties.js | 129 +++++++++++++++++-- 18 files changed, 360 insertions(+), 28 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh b/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh index 356a358..376dfee 100644 --- a/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh +++ b/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh @@ -27,6 +27,10 @@ if [ ! -z "$LOGFEEDER_INCLUDE" ]; then source $LOGFEEDER_INCLUDE fi +if [ ! -z "$LOGSEARCH_SOLR_CLIENT_SSL_INCLUDE" ]; then + source $LOGSEARCH_SOLR_CLIENT_SSL_INCLUDE +fi + JAVA=java if [ -x $JAVA_HOME/bin/java ]; then JAVA=$JAVA_HOME/bin/java @@ -58,9 +62,12 @@ fi LOGFEEDER_GC_LOGFILE=`dirname $LOGFILE`/logfeeder_gc.log LOGFEEDER_GC_OPTS="-XX:+PrintGCDetails -XX:+PrintGCDateStamps -Xloggc:$LOGFEEDER_GC_LOGFILE" -#LOGFEEDER_JAVA_OPTS= #JMX="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=2098" +if [ $LOGFEEDER_SOLR_SSL_ENABLED = "true" ]; then + LOGFEEDER_JAVA_OPTS="$LOGFEEDER_JAVA_OPTS -Djavax.net.ssl.keyStore=$LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_LOCATION -Djavax.net.ssl.keyStoreType=$LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_TYPE -Djavax.net.ssl.keyStorePassword=$LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD -Djavax.net.ssl.trustStore=$LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION -Djavax.net.ssl.trustStoreType=$LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE -Djavax.net.ssl.trustStorePassword=$LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD" +fi + if [ $foreground -eq 0 ]; then if [ -f ${PID_FILE} ]; then PID=`cat ${PID_FILE}` http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh b/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh index 460ea60..6c687b9 100755 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh +++ b/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh @@ -21,6 +21,10 @@ if [ ! -z "$LOGSEARCH_INCLUDE" ]; then source $LOGSEARCH_INCLUDE fi +if [ ! -z "$LOGSEARCH_SOLR_CLIENT_SSL_INCLUDE" ]; then + source $LOGSEARCH_SOLR_CLIENT_SSL_INCLUDE +fi + JAVA=java if [ -x $JAVA_HOME/bin/java ]; then JAVA=$JAVA_HOME/bin/java @@ -46,6 +50,10 @@ if [ "$LOGSEARCH_DEBUG" = "true" ] && [ ! -z "$LOGSEARCH_DEBUG_PORT" ]; then LOGSEARCH_JAVA_OPTS="$LOGSEARCH_JAVA_OPTS -Xdebug -Xrunjdwp:transport=dt_socket,address=$LOGSEARCH_DEBUG_PORT,server=y,suspend=n " fi +if [ $LOGSEARCH_SOLR_SSL_ENABLED = "true" ]; then + LOGSEARCH_JAVA_OPTS="$LOGSEARCH_JAVA_OPTS -Djavax.net.ssl.keyStore=$LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_LOCATION -Djavax.net.ssl.keyStoreType=$LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_TYPE -Djavax.net.ssl.keyStorePassword=$LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD -Djavax.net.ssl.trustStore=$LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION -Djavax.net.ssl.trustStoreType=$LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE -Djavax.net.ssl.trustStorePassword=$LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD" +fi + if [ "$PID_FILE" = "" ]; then LOGSEARCH_PID_DIR=$HOME PID_FILE=$LOGSEARCH_PID_DIR/logsearch-search-$USER.pid http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/alerts.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/alerts.json b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/alerts.json index eeee341..85762e0 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/alerts.json +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/alerts.json @@ -41,6 +41,8 @@ "uri": { "http": "{{logsearch-solr-env/logsearch_solr_port}}", "https": "{{logsearch-solr-env/logsearch_solr_port}}", + "https_property": "{{logsearch-solr-env/logsearch_solr_ssl_enabled}}", + "https_property_value": "true", "connection_timeout": 5.0, "default_port": 8886 }, http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml index 19f6a80..b52a88f 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml @@ -92,6 +92,51 @@ </property> <property> + <name>logfeeder_solr_ssl_client_truststore_location</name> + <value>/etc/security/serverKeys/logsearch-solr-ssl.trustStore.jks</value> + <display-name>Logfeeder Solr client trust store location</display-name> + <description>Location of the trust store file.</description> + </property> + <property> + <name>logfeeder_solr_ssl_client_truststore_type</name> + <value>jks</value> + <display-name>Logfeeder Solr client trust store type</display-name> + <description>Type of the trust store file.</description> + </property> + <property> + <name>logfeeder_solr_ssl_client_truststore_password</name> + <value>bigdata</value> + <display-name>Logfeeder Solr client trust store password</display-name> + <property-type>PASSWORD</property-type> + <description>Password to open the trust store file.</description> + <value-attributes> + <type>password</type> + </value-attributes> + </property> + <property> + <name>logfeeder_solr_ssl_client_keystore_location</name> + <value>/etc/security/serverKeys/logsearch-solr-ssl.keyStore.jks</value> + <display-name>Logfeeder Solr client key store location</display-name> + <description>Location of the key store file.</description> + </property> + <property> + <name>logfeeder_solr_ssl_client_keystore_type</name> + <value>jks</value> + <display-name>Logfeeder Solr client key store type</display-name> + <description>Type of the key store file.</description> + </property> + <property> + <name>logfeeder_solr_ssl_client_keystore_password</name> + <value>bigdata</value> + <display-name>Logfeeder Solr client key store password</display-name> + <property-type>PASSWORD</property-type> + <description>Password to open the key store file.</description> + <value-attributes> + <type>password</type> + </value-attributes> + </property> + + <property> <name>content</name> <display-name>logfeeder-env template</display-name> <description>This is the jinja template for logsearch-env.sh file</description> http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml index 52c2899..655520f 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml @@ -125,6 +125,51 @@ <description>Only needed if using custom solr cloud. E.g. zk1:2181,zk2:2182</description> </property> + <property> + <name>logsearch_solr_ssl_client_truststore_location</name> + <value>/etc/security/serverKeys/logsearch-solr-ssl.trustStore.jks</value> + <display-name>Log Search Solr client trust store location</display-name> + <description>Location of the trust store file.</description> + </property> + <property> + <name>logsearch_solr_ssl_client_truststore_type</name> + <value>jks</value> + <display-name>Log Search Solr client trust store type</display-name> + <description>Type of the trust store file.</description> + </property> + <property> + <name>logsearch_solr_ssl_client_truststore_password</name> + <value>bigdata</value> + <display-name>Log Search Solr client trust store password</display-name> + <property-type>PASSWORD</property-type> + <description>Password to open the trust store file.</description> + <value-attributes> + <type>password</type> + </value-attributes> + </property> + <property> + <name>logsearch_solr_ssl_client_keystore_location</name> + <value>/etc/security/serverKeys/logsearch-solr-ssl.keyStore.jks</value> + <display-name>Log Search Solr client key store location</display-name> + <description>Location of the key store file.</description> + </property> + <property> + <name>logsearch_solr_ssl_client_keystore_type</name> + <value>jks</value> + <display-name>Log Search Solr client key store type</display-name> + <description>Type of the key store file.</description> + </property> + <property> + <name>logsearch_solr_ssl_client_keystore_password</name> + <value>bigdata</value> + <display-name>Log Search Solr client key store password</display-name> + <property-type>PASSWORD</property-type> + <description>Password to open the key store file.</description> + <value-attributes> + <type>password</type> + </value-attributes> + </property> + <!-- logsearch-env.sh --> <property> <name>content</name> http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml index 29a9171..2bf728c 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml @@ -98,6 +98,66 @@ </property> <property> + <name>logsearch_solr_ssl_enabled</name> + <value>false</value> + <display-name>Enable SSL to Log Search Solr</display-name> + <description>Enable ssl to Solr</description> + <value-attributes> + <type>boolean</type> + </value-attributes> + </property> + + <property> + <name>logsearch_solr_ssl_server_truststore_location</name> + <value>/etc/security/serverKeys/logsearch-solr-ssl.trustStore.jks</value> + <display-name>Log Search Solr trust store location</display-name> + <description>Location of the trust store file.</description> + </property> + + <property> + <name>logsearch_solr_ssl_server_truststore_type</name> + <value>jks</value> + <display-name>Log Search Solr trust store type</display-name> + <description>Type of the trust store file.</description> + </property> + + <property> + <name>logsearch_solr_ssl_server_truststore_password</name> + <value>bigdata</value> + <property-type>PASSWORD</property-type> + <display-name>Log Search Solr trust store password</display-name> + <description>Password to open the trust store file.</description> + <value-attributes> + <type>password</type> + </value-attributes> + </property> + + <property> + <name>logsearch_solr_ssl_server_keystore_location</name> + <value>/etc/security/serverKeys/logsearch-solr-ssl.keyStore.jks</value> + <display-name>Log Search Solr key store location</display-name> + <description>Location of the key store file.</description> + </property> + + <property> + <name>logsearch_solr_ssl_server_keystore_type</name> + <value>jks</value> + <display-name>Log Search Solr key store type</display-name> + <description>Type of the key store file.</description> + </property> + + <property> + <name>logsearch_solr_ssl_server_keystore_password</name> + <value>bigdata</value> + <display-name>Log Search Solr key store password</display-name> + <property-type>PASSWORD</property-type> + <description>Password to open the key store file.</description> + <value-attributes> + <type>password</type> + </value-attributes> + </property> + + <property> <name>logsearch_solr_znode</name> <value>/ambari-solr</value> <description>Zookeeper znode, e.g: /logsearch</description> http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/metainfo.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/metainfo.xml b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/metainfo.xml index 5f1ad99..48451a0 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/metainfo.xml +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/metainfo.xml @@ -69,6 +69,7 @@ <config-type>logsearch-env</config-type> <config-type>logsearch-log4j</config-type> <config-type>logsearch-admin-json</config-type> + <config-type>logsearch-solr-env</config-type> </configuration-dependencies> </component> @@ -142,6 +143,7 @@ <config-type>logfeeder-properties</config-type> <config-type>logfeeder-env</config-type> <config-type>logfeeder-log4j</config-type> + <config-type>logsearch-solr-env</config-type> </configuration-dependencies> </component> http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py index b3c4b90..0adc5c5 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py @@ -262,6 +262,26 @@ solr_audit_logs_enable = default('/configurations/logfeeder-env/logfeeder_solr_a logfeeder_env_content = config['configurations']['logfeeder-env']['content'] logfeeder_log4j_content = config['configurations']['logfeeder-log4j']['content'] +logsearch_solr_ssl_enabled = default('configurations/logsearch-solr-env/logsearch_solr_ssl_enabled', False) +logsearch_solr_ssl_server_keystore_location = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_keystore_location'] +logsearch_solr_ssl_server_keystore_password = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_keystore_password'] +logsearch_solr_ssl_server_keystore_type = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_keystore_type'] +logsearch_solr_ssl_server_truststore_location = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_truststore_location'] +logsearch_solr_ssl_server_truststore_password = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_truststore_password'] +logsearch_solr_ssl_server_truststore_type = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_truststore_type'] +logsearch_solr_ssl_client_keystore_location = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_keystore_location'] +logsearch_solr_ssl_client_keystore_password = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_keystore_password'] +logsearch_solr_ssl_client_keystore_type = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_keystore_type'] +logsearch_solr_ssl_client_truststore_location = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_truststore_location'] +logsearch_solr_ssl_client_truststore_password = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_truststore_password'] +logsearch_solr_ssl_client_truststore_type = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_truststore_type'] +logfeeder_solr_ssl_client_keystore_location = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_keystore_location'] +logfeeder_solr_ssl_client_keystore_password = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_keystore_password'] +logfeeder_solr_ssl_client_keystore_type = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_keystore_type'] +logfeeder_solr_ssl_client_truststore_location = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_truststore_location'] +logfeeder_solr_ssl_client_truststore_password = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_truststore_password'] +logfeeder_solr_ssl_client_truststore_type = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_truststore_type'] + logfeeder_checkpoint_folder = default('/configurations/logfeeder-env/logfeeder.checkpoint.folder', '/etc/ambari-logsearch-logfeeder/conf/checkpoints') http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logfeeder.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logfeeder.py b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logfeeder.py index aec8fc0..5ca2bd5 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logfeeder.py +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logfeeder.py @@ -48,6 +48,7 @@ def setup_logfeeder(): File(format("{logsearch_logfeeder_conf}/logfeeder-env.sh"), content=InlineTemplate(params.logfeeder_env_content), + mode=0755, owner=params.logfeeder_user ) http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logsearch_solr.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logsearch_solr.py b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logsearch_solr.py index e1e26cf..767e208 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logsearch_solr.py +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/setup_logsearch_solr.py @@ -67,10 +67,20 @@ def setup_logsearch_solr(name = None): zk_cli_prefix = format('export JAVA_HOME={java64_home}; {cloud_scripts}/zkcli.sh -zkhost {zookeeper_hosts}') Execute(format('{zk_cli_prefix} -cmd makepath {logsearch_solr_znode}'), - not_if=format("{zk_cli_prefix} -cmd get {logsearch_solr_znode}"), + not_if=format("{zk_cli_prefix}{logsearch_solr_znode} -cmd list"), ignore_failures=True, user=params.logsearch_solr_user ) + if params.logsearch_solr_ssl_enabled: + Execute(format('{zk_cli_prefix}{logsearch_solr_znode} -cmd clusterprop -name urlScheme -val https'), + ignore_failures=True, + user=params.logsearch_solr_user + ) + else: + Execute(format('{zk_cli_prefix}{logsearch_solr_znode} -cmd clusterprop -name urlScheme -val http'), + ignore_failures=True, + user=params.logsearch_solr_user + ) elif name == 'client': Directory([params.solr_client_dir, params.logsearch_solr_client_log_dir], mode=0755, http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2 b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2 index 50b16ab..aba06c6 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2 +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2 @@ -30,4 +30,14 @@ export JAVA_HOME={{java64_home}} if [ "$LOGFEEDER_JAVA_MEM" = "" ]; then export LOGFEEDER_JAVA_MEM=-Xmx{{logfeeder_max_mem}} -fi \ No newline at end of file +fi + +{% if logsearch_solr_ssl_enabled %} +export LOGFEEDER_SOLR_SSL_ENABLED="true" +export LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_LOCATION={{logfeeder_solr_ssl_client_keystore_location}} +export LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD={{logfeeder_solr_ssl_client_keystore_password}} +export LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_TYPE={{logfeeder_solr_ssl_client_keystore_type}} +export LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION={{logfeeder_solr_ssl_client_truststore_location}} +export LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD={{logfeeder_solr_ssl_client_truststore_password}} +export LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE={{logfeeder_solr_ssl_client_truststore_type}} +{% endif %} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2 b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2 index c2a4172..7b0aed3 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2 +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2 @@ -36,4 +36,14 @@ fi export LOGSEARCH_DEBUG={{logsearch_debug_enabled}} -export LOGSEARCH_DEBUG_PORT={{logsearch_debug_port}} \ No newline at end of file +export LOGSEARCH_DEBUG_PORT={{logsearch_debug_port}} + +{% if logsearch_solr_ssl_enabled %} +export LOGSEARCH_SOLR_SSL_ENABLED="true" +export LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_LOCATION={{logsearch_solr_ssl_client_keystore_location}} +export LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD={{logsearch_solr_ssl_client_keystore_password}} +export LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_TYPE={{logsearch_solr_ssl_client_keystore_type}} +export LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION={{logsearch_solr_ssl_client_truststore_location}} +export LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD={{logsearch_solr_ssl_client_truststore_password}} +export LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE={{logsearch_solr_ssl_client_truststore_type}} +{% endif %} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2 b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2 index f59ba49..9f76d18 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2 +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2 @@ -92,12 +92,15 @@ SOLR_LOGS_DIR={{logsearch_solr_log_dir}} # Sets the port Solr binds to, default is 8983 SOLR_PORT={{logsearch_solr_port}} -# Uncomment to set SSL-related system properties # Be sure to update the paths to the correct keystore for your environment -#SOLR_SSL_OPTS="-Djavax.net.ssl.keyStore=etc/solr-ssl.keystore.jks \ -#-Djavax.net.ssl.keyStorePassword=secret \ -#-Djavax.net.ssl.trustStore=etc/solr-ssl.keystore.jks \ -#-Djavax.net.ssl.trustStorePassword=secret" +{% if logsearch_solr_ssl_enabled %} +SOLR_SSL_KEY_STORE={{logsearch_solr_ssl_server_keystore_location}} +SOLR_SSL_KEY_STORE_PASSWORD={{logsearch_solr_ssl_server_keystore_password}} +SOLR_SSL_TRUST_STORE={{logsearch_solr_ssl_server_keystore_location}} +SOLR_SSL_TRUST_STORE_PASSWORD={{logsearch_solr_ssl_server_keystore_password}} +SOLR_SSL_NEED_CLIENT_AUTH=false +SOLR_SSL_WANT_CLIENT_AUTH=false +{% endif %} # Uncomment to set a specific SSL port (-Djetty.ssl.port=N); if not set # and you are using SSL, then the start script will use SOLR_PORT for the SSL port http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logfeeder.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logfeeder.py b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logfeeder.py index f485d27..54e08e4 100644 --- a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logfeeder.py +++ b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logfeeder.py @@ -75,6 +75,7 @@ class TestLogFeeder(RMFTestCase): ) self.assertResourceCalled('File', '/etc/ambari-logsearch-logfeeder/conf/logfeeder-env.sh', owner='logfeeder', + mode=0755, content=InlineTemplate(self.getConfig()['configurations']['logfeeder-env']['content']) ) self.assertResourceCalled('File', '/etc/ambari-logsearch-logfeeder/conf/log4j.xml', http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py index ddf380c..bfe6921 100644 --- a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py +++ b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py @@ -83,7 +83,6 @@ class TestLogSearch(RMFTestCase): mode = 0755, owner = "logsearch" ) - self.assertResourceCalled('File', '/etc/ambari-logsearch-portal/conf/logsearch-admin.json', owner = 'logsearch', content = InlineTemplate(self.getConfig()['configurations']['logsearch-admin-json']['content']) http://git-wip-us.apache.org/repos/asf/ambari/blob/9b8ca7e9/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_solr.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_solr.py b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_solr.py index d3078f3..0590dca 100644 --- a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_solr.py +++ b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_solr.py @@ -25,7 +25,7 @@ from resource_management.libraries.script.config_dictionary import UnknownConfig class TestSolr(RMFTestCase): COMMON_SERVICES_PACKAGE_DIR = "LOGSEARCH/0.5.0/package" STACK_VERSION = "2.4" - + def configureResourcesCalled(self): self.assertResourceCalled('Directory', '/usr/lib/ambari-logsearch-solr', owner = 'solr', @@ -94,11 +94,15 @@ class TestSolr(RMFTestCase): content = Template('zoo.cfg.j2') ) self.assertResourceCalled('Execute', 'export JAVA_HOME=/usr/jdk64/jdk1.7.0_45; /usr/lib/ambari-logsearch-solr/server/scripts/cloud-scripts/zkcli.sh -zkhost c6401.ambari.apache.org -cmd makepath /logsearch', - not_if = "export JAVA_HOME=/usr/jdk64/jdk1.7.0_45; /usr/lib/ambari-logsearch-solr/server/scripts/cloud-scripts/zkcli.sh -zkhost c6401.ambari.apache.org -cmd get /logsearch", + not_if = "export JAVA_HOME=/usr/jdk64/jdk1.7.0_45; /usr/lib/ambari-logsearch-solr/server/scripts/cloud-scripts/zkcli.sh -zkhost c6401.ambari.apache.org/logsearch -cmd list", ignore_failures = True, user = "solr" ) - + self.assertResourceCalled('Execute', 'export JAVA_HOME=/usr/jdk64/jdk1.7.0_45; /usr/lib/ambari-logsearch-solr/server/scripts/cloud-scripts/zkcli.sh -zkhost c6401.ambari.apache.org/logsearch -cmd clusterprop -name urlScheme -val http', + ignore_failures = True, + user = "solr" + ) + def test_configure_default(self): self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/logsearch_solr.py", classname = "LogsearchSolr",
