AMBARI-17348. Allow https prtotocol for Log Search on Ambari side (Miklos Gergely via oleewere)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/e497f558 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/e497f558 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/e497f558 Branch: refs/heads/trunk Commit: e497f5581dd157f91cb5e5685d78f82dd7aff4e0 Parents: a286924 Author: Miklos Gergely <[email protected]> Authored: Sun Jun 26 14:15:35 2016 +0200 Committer: oleewere <[email protected]> Committed: Sun Jun 26 14:17:51 2016 +0200 ---------------------------------------------------------------------- .../libraries/functions/solr_cloud_util.py | 31 ++++-- .../src/main/scripts/run.sh | 4 +- .../org/apache/ambari/logsearch/LogSearch.java | 104 ++++++++++--------- .../src/main/scripts/run.sh | 4 +- .../logsearch/solr/AmbariSolrCloudCLI.java | 64 +++++++++++- .../solr/AmbariSolrCloudClientBuilder.java | 49 +++++++++ .../0.5.0/configuration/logfeeder-env.xml | 28 ++--- .../0.5.0/configuration/logsearch-env.xml | 35 ++++--- .../0.5.0/configuration/logsearch-solr-env.xml | 16 +-- .../LOGSEARCH/0.5.0/package/scripts/params.py | 39 +++---- .../0.5.0/package/scripts/service_check.py | 5 +- .../package/templates/logsearch.properties.j2 | 2 + .../0.5.0/properties/logfeeder-env.sh.j2 | 14 +-- .../0.5.0/properties/logsearch-env.sh.j2 | 16 +-- .../0.5.0/properties/logsearch-solr-env.sh.j2 | 8 +- .../LOGSEARCH/0.5.0/quicklinks/quicklinks.json | 9 +- .../stacks/2.3/ATLAS/test_metadata_server.py | 10 +- .../stacks/2.4/LOGSEARCH/test_logsearch.py | 12 +-- .../test/python/stacks/2.4/configs/default.json | 7 +- .../stacks/2.5/ATLAS/test_atlas_server.py | 10 +- ambari-web/app/data/HDP2/site_properties.js | 67 ++++++------ 21 files changed, 341 insertions(+), 193 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-common/src/main/python/resource_management/libraries/functions/solr_cloud_util.py ---------------------------------------------------------------------- diff --git a/ambari-common/src/main/python/resource_management/libraries/functions/solr_cloud_util.py b/ambari-common/src/main/python/resource_management/libraries/functions/solr_cloud_util.py index 171ea8c..36b4863 100644 --- a/ambari-common/src/main/python/resource_management/libraries/functions/solr_cloud_util.py +++ b/ambari-common/src/main/python/resource_management/libraries/functions/solr_cloud_util.py @@ -26,7 +26,7 @@ __all__ = ["upload_configuration_to_zk", "create_collection"] def __create_solr_cloud_cli_prefix(zookeeper_quorum, solr_znode, java64_home): solr_cli_prefix = format('export JAVA_HOME={java64_home} ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh ' \ - '-z {zookeeper_quorum}{solr_znode}') + '--zookeeper-connect-string {zookeeper_quorum}{solr_znode}') return solr_cli_prefix def __append_flags_if_exists(command, flagsDict): @@ -45,20 +45,22 @@ def upload_configuration_to_zk(zookeeper_quorum, solr_znode, config_set, config_ If the configuration set does not exits in zookeeper then upload it based on the config_set_dir parameter. """ solr_cli_prefix = __create_solr_cloud_cli_prefix(zookeeper_quorum, solr_znode, java64_home) - Execute(format('{solr_cli_prefix} --download-config -d {tmp_config_set_dir} -cs {config_set} -rt {retry} -i {interval}'), - only_if=as_user(format("{solr_cli_prefix} --check-config -cs {config_set} -rt {retry} -i {interval}"), user), + Execute(format('{solr_cli_prefix} --download-config --config-dir {tmp_config_set_dir} --config-set {config_set} --retry {retry} --interval {interval}'), + only_if=as_user(format("{solr_cli_prefix} --check-config --config-set{config_set} --retry {retry} --interval {interval}"), user), user=user ) Execute(format( - '{solr_cli_prefix} --upload-config -d {config_set_dir} -cs {config_set} -rt {retry} -i {interval}'), + '{solr_cli_prefix} --upload-config --config-dir {config_set_dir} --config-set {config_set} --retry {retry} --interval {interval}'), not_if=format("test -d {tmp_config_set_dir}"), user=user ) def create_collection(zookeeper_quorum, solr_znode, collection, config_set, java64_home, user, shards = 1, replication_factor = 1, max_shards = 1, retry = 5, interval = 10, - router_name = None, router_field = None, jaas_file = None): + router_name = None, router_field = None, jaas_file = None, key_store_location = None, + key_store_password = None, key_store_type = None, trust_store_location = None, + trust_store_password = None, trust_store_type = None): """ Create Solr collection based on a configuration set in zookeeper. If this method called again the with higher shard number (or max_shard number), then it will indicate @@ -73,14 +75,23 @@ def create_collection(zookeeper_quorum, solr_znode, collection, config_set, java if max_shards == 1: # if max shards is not specified use this strategy max_shards = replication_factor * shards - create_collection_cmd = format('{solr_cli_prefix} --create-collection -c {collection} -cs {config_set} -s {shards} -r {replication_factor} '\ - '-m {max_shards} -rt {retry} -i {interval} -ns') + create_collection_cmd = format('{solr_cli_prefix} --create-collection --collection {collection} --config-set {config_set} '\ + '--shards {shards} --replication {replication_factor} --max-shards {max_shards} --retry {retry} '\ + '--interval {interval} --no-sharding') appendableDict = {} - appendableDict["-rn"] = router_name - appendableDict["-rf"] = router_field - appendableDict["-jf"] = jaas_file + appendableDict["--router-name"] = router_name + appendableDict["--router-field"] = router_field + appendableDict["--jaas-file"] = jaas_file + appendableDict["--key-store-location"] = key_store_location + appendableDict["--key-store-password"] = None if key_store_password is None else '{key_store_password_param!p}' + appendableDict["--key-store-type"] = key_store_type + appendableDict["--trust-store-location"] = trust_store_location + appendableDict["--trust-store-password"] = None if trust_store_password is None else '{trust_store_password_param!p}' + appendableDict["--trust-store-type"] = trust_store_type create_collection_cmd = __append_flags_if_exists(create_collection_cmd, appendableDict) + create_collection_cmd = format(create_collection_cmd, key_store_password_param=key_store_password, trust_store_password_param=trust_store_password) + Execute(create_collection_cmd, user=user) http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh b/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh index 376dfee..b84bfc2 100644 --- a/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh +++ b/ambari-logsearch/ambari-logsearch-logfeeder/src/main/scripts/run.sh @@ -64,8 +64,8 @@ LOGFEEDER_GC_OPTS="-XX:+PrintGCDetails -XX:+PrintGCDateStamps -Xloggc:$LOGFEEDER #JMX="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=2098" -if [ $LOGFEEDER_SOLR_SSL_ENABLED = "true" ]; then - LOGFEEDER_JAVA_OPTS="$LOGFEEDER_JAVA_OPTS -Djavax.net.ssl.keyStore=$LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_LOCATION -Djavax.net.ssl.keyStoreType=$LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_TYPE -Djavax.net.ssl.keyStorePassword=$LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD -Djavax.net.ssl.trustStore=$LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION -Djavax.net.ssl.trustStoreType=$LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE -Djavax.net.ssl.trustStorePassword=$LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD" +if [ $LOGFEEDER_SSL = "true" ]; then + LOGFEEDER_JAVA_OPTS="$LOGFEEDER_JAVA_OPTS -Djavax.net.ssl.keyStore=$LOGFEEDER_KEYSTORE_LOCATION -Djavax.net.ssl.keyStoreType=$LOGFEEDER_KEYSTORE_TYPE -Djavax.net.ssl.keyStorePassword=$LOGFEEDER_KEYSTORE_PASSWORD -Djavax.net.ssl.trustStore=$LOGFEEDER_TRUSTSTORE_LOCATION -Djavax.net.ssl.trustStoreType=$LOGFEEDER_TRUSTSTORE_TYPE -Djavax.net.ssl.trustStorePassword=$LOGFEEDER_TRUSTSTORE_PASSWORD" fi if [ $foreground -eq 0 ]; then http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/LogSearch.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/LogSearch.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/LogSearch.java index 993c532..77f4185 100644 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/LogSearch.java +++ b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/LogSearch.java @@ -18,8 +18,6 @@ */ package org.apache.ambari.logsearch; -import java.io.File; -import java.io.IOException; import java.net.URI; import java.util.ArrayList; import java.util.List; @@ -29,65 +27,33 @@ import org.apache.ambari.logsearch.common.ManageStartEndTime; import org.apache.ambari.logsearch.solr.metrics.SolrMetricsLoader; import org.apache.ambari.logsearch.util.ConfigUtil; import org.apache.ambari.logsearch.util.PropertiesUtil; +import org.apache.commons.lang.StringUtils; import org.apache.hadoop.http.HttpServer2; import org.apache.log4j.Logger; public class LogSearch { - static Logger logger = Logger.getLogger(LogSearch.class); - - private static final String LOGSEARCH_PROTOCOL_PROP = "logsearch.protocol"; - private static final String KEYSTORE_LOCATION_PROP = "logsearch.https.keystore"; - private static final String TRUSTORE_LOCATION_PROP = "logsearch.https.trustore"; - private static final String KEYSTORE_PASSWORD_PROP = "logsearch.https.keystore.password"; - private static final String TRUSTORE_PASSWORD_PROP = "logsearch.https.trustore.password"; + private static final Logger logger = Logger.getLogger(LogSearch.class); + + private static final String KEYSTORE_LOCATION_ARG = "javax.net.ssl.keyStore"; + private static final String KEYSTORE_PASSWORD_ARG = "javax.net.ssl.keyStorePassword"; + private static final String KEYSTORE_TYPE_ARG = "javax.net.ssl.keyStoreType"; private static final String DEFAULT_KEYSTORE_TYPE = "JKS"; - private static final String KEYSTORE_TYPE_PROP = "logsearch.https.keystore.type"; + private static final String TRUSTSTORE_LOCATION_ARG = "javax.net.ssl.trustStore"; + private static final String TRUSTSTORE_PASSWORD_ARG = "javax.net.ssl.trustStorePassword"; + private static final String TRUSTSTORE_TYPE_ARG = "javax.net.ssl.trustStoreType"; + private static final String DEFAULT_TRUSTSTORE_TYPE = "JKS"; + + private static final String LOGSEARCH_PROTOCOL_PROP = "logsearch.protocol"; private static final String HTTPS_PROTOCOL = "https"; + private static final String HTTP_PROTOCOL = "http"; private static final String HTTPS_PORT = "61889"; private static final String HTTP_PORT = "61888"; - public static void main(String argv[]) { - String port = (argv.length > 0) ? argv[0] : HTTP_PORT; + public static void main(String[] argv) { HttpServer2.Builder builder = new HttpServer2.Builder(); builder.setName("app"); - - String keystorePassword = PropertiesUtil.getProperty(KEYSTORE_PASSWORD_PROP); - String trustorePassword = PropertiesUtil.getProperty(TRUSTORE_PASSWORD_PROP); - String keystoreType = PropertiesUtil.getProperty(KEYSTORE_TYPE_PROP); - - String protcol = PropertiesUtil.getProperty(LOGSEARCH_PROTOCOL_PROP); - String keystoreLocation = PropertiesUtil.getProperty(KEYSTORE_LOCATION_PROP); - - String trustoreLocation = PropertiesUtil.getProperty(TRUSTORE_LOCATION_PROP); - URI logsearchURI = URI.create("http://0.0.0.0:"; + port); - - - if (HTTPS_PROTOCOL.equals(protcol)) { - if(keystoreType == null || keystoreType.isEmpty()){ - keystoreType = DEFAULT_KEYSTORE_TYPE; - } - if (keystoreLocation != null && !keystoreLocation.isEmpty() - && keystorePassword != null && !keystorePassword.isEmpty()) { - - builder.keyPassword(keystorePassword); - builder.keyStore(keystoreLocation, keystorePassword, keystoreType); - - if (trustoreLocation != null && !trustoreLocation.isEmpty() - && trustorePassword != null && !trustorePassword.isEmpty()) { - - builder.trustStore(trustoreLocation, trustorePassword, keystoreType); - } - - if(HTTP_PORT.equals(port)){ - port = HTTPS_PORT; - } - logsearchURI = URI.create("https://0.0.0.0:"; + port); - } else{ - logger.warn("starting logsearch in with http protocol as keystore location or password was not present"); - } - } - builder.addEndpoint(logsearchURI); + URI logsearchURI = addUri(argv, builder); builder.setFindPort(false); List<String> pathList = new ArrayList<String>(); pathList.add("/*"); @@ -96,7 +62,7 @@ public class LogSearch { Timer timer = new Timer(); timer.schedule(new ManageStartEndTime(), 0, 40000); try { - logger.info("Starting logsearch server URI="+logsearchURI); + logger.info("Starting logsearch server URI=" + logsearchURI); HttpServer2 server = builder.build(); server.start(); ConfigUtil.initializeApplicationConfig(); @@ -107,4 +73,42 @@ public class LogSearch { SolrMetricsLoader.startSolrMetricsLoaderTasks(); } + + private static URI addUri(String[] argv, HttpServer2.Builder builder) { + boolean portSpecified = argv.length > 0; + String port = portSpecified ? argv[0] : HTTP_PORT; + String protocol = HTTP_PROTOCOL; + + String protcolProperty = PropertiesUtil.getProperty(LOGSEARCH_PROTOCOL_PROP); + if (HTTPS_PROTOCOL.equals(protcolProperty)) { + String keystoreLocation = System.getProperty(KEYSTORE_LOCATION_ARG); + String keystorePassword = System.getProperty(KEYSTORE_PASSWORD_ARG); + String keystoreType = System.getProperty(KEYSTORE_TYPE_ARG, DEFAULT_KEYSTORE_TYPE); + + String trustoreLocation = System.getProperty(TRUSTSTORE_LOCATION_ARG); + String trustorePassword = System.getProperty(TRUSTSTORE_PASSWORD_ARG); + String truststoreType = System.getProperty(TRUSTSTORE_TYPE_ARG, DEFAULT_TRUSTSTORE_TYPE); + + if (!StringUtils.isEmpty(keystoreLocation) && !StringUtils.isEmpty(keystorePassword)) { + builder.keyPassword(keystorePassword); + builder.keyStore(keystoreLocation, keystorePassword, keystoreType); + + if (!StringUtils.isEmpty(trustoreLocation) && !StringUtils.isEmpty(trustorePassword)) { + builder.trustStore(trustoreLocation, trustorePassword, truststoreType); + } + + protocol = HTTPS_PROTOCOL; + if (!portSpecified) { + port = HTTPS_PORT; + } + } else{ + logger.warn("starting logsearch in with http protocol as keystore location or password was not present"); + } + } + + URI logsearchURI = URI.create(String.format("%s://0.0.0.0:%s", protocol, port)); + builder.addEndpoint(logsearchURI); + + return logsearchURI; + } } http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh b/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh index 6c687b9..ca587d5 100755 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh +++ b/ambari-logsearch/ambari-logsearch-portal/src/main/scripts/run.sh @@ -50,8 +50,8 @@ if [ "$LOGSEARCH_DEBUG" = "true" ] && [ ! -z "$LOGSEARCH_DEBUG_PORT" ]; then LOGSEARCH_JAVA_OPTS="$LOGSEARCH_JAVA_OPTS -Xdebug -Xrunjdwp:transport=dt_socket,address=$LOGSEARCH_DEBUG_PORT,server=y,suspend=n " fi -if [ $LOGSEARCH_SOLR_SSL_ENABLED = "true" ]; then - LOGSEARCH_JAVA_OPTS="$LOGSEARCH_JAVA_OPTS -Djavax.net.ssl.keyStore=$LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_LOCATION -Djavax.net.ssl.keyStoreType=$LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_TYPE -Djavax.net.ssl.keyStorePassword=$LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD -Djavax.net.ssl.trustStore=$LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION -Djavax.net.ssl.trustStoreType=$LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE -Djavax.net.ssl.trustStorePassword=$LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD" +if [ $LOGSEARCH_SSL = "true" ]; then + LOGSEARCH_JAVA_OPTS="$LOGSEARCH_JAVA_OPTS -Djavax.net.ssl.keyStore=$LOGSEARCH_KEYSTORE_LOCATION -Djavax.net.ssl.keyStoreType=$LOGSEARCH_KEYSTORE_TYPE -Djavax.net.ssl.keyStorePassword=$LOGSEARCH_KEYSTORE_PASSWORD -Djavax.net.ssl.trustStore=$LOGSEARCH_TRUSTSTORE_LOCATION -Djavax.net.ssl.trustStoreType=$LOGSEARCH_TRUSTSTORE_TYPE -Djavax.net.ssl.trustStorePassword=$LOGSEARCH_TRUSTSTORE_PASSWORD" fi if [ "$PID_FILE" = "" ]; then http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-logsearch/ambari-logsearch-solr-client/src/main/java/org/apache/ambari/logsearch/solr/AmbariSolrCloudCLI.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-solr-client/src/main/java/org/apache/ambari/logsearch/solr/AmbariSolrCloudCLI.java b/ambari-logsearch/ambari-logsearch-solr-client/src/main/java/org/apache/ambari/logsearch/solr/AmbariSolrCloudCLI.java index 38946f6..1e3cca5 100644 --- a/ambari-logsearch/ambari-logsearch-solr-client/src/main/java/org/apache/ambari/logsearch/solr/AmbariSolrCloudCLI.java +++ b/ambari-logsearch/ambari-logsearch-solr-client/src/main/java/org/apache/ambari/logsearch/solr/AmbariSolrCloudCLI.java @@ -46,7 +46,7 @@ public class AmbariSolrCloudCLI { private static final String CREATE_SHARD_COMMAND = "create-shard"; private static final String CMD_LINE_SYNTAX = "\n./solrCloudCli.sh --create-collection -z host1:2181,host2:2181/ambari-solr -c collection -cs conf_set" - + "\n./solrCloudCli.sh --upload-config -z host1:2181,host2:2181/ambari-solr -d /tmp/myonfig_dir -cs config_set" + + "\n./solrCloudCli.sh --upload-config -z host1:2181,host2:2181/ambari-solr -d /tmp/myconfig_dir -cs config_set" + "\n./solrCloudCli.sh --download-config -z host1:2181,host2:2181/ambari-solr -cs config_set -d /tmp/myonfig_dir" + "\n./solrCloudCli.sh --check-config -z host1:2181,host2:2181/ambari-solr -cs config_set" + "\n./solrCloudCli.sh --create-shard -z host1:2181,host2:2181/ambari-solr -c collection -sn myshard\n"; @@ -187,6 +187,48 @@ public class AmbariSolrCloudCLI { .argName("jaas_file") .build(); + final Option keyStoreLocationOption = Option.builder("ksl") + .longOpt("key-store-location") + .desc("Location of the key store used to communicate with Solr using SSL") + .numberOfArgs(1) + .argName("key store location") + .build(); + + final Option keyStorePasswordOption = Option.builder("ksp") + .longOpt("key-store-password") + .desc("Key store password used to communicate with Solr using SSL") + .numberOfArgs(1) + .argName("key store password") + .build(); + + final Option keyStoreTypeOption = Option.builder("kst") + .longOpt("key-store-type") + .desc("Type of the key store used to communicate with Solr using SSL") + .numberOfArgs(1) + .argName("key store type") + .build(); + + final Option trustStoreLocationOption = Option.builder("tsl") + .longOpt("trust-store-location") + .desc("Location of the trust store used to communicate with Solr using SSL") + .numberOfArgs(1) + .argName("trust store location") + .build(); + + final Option trustStorePasswordOption = Option.builder("tsp") + .longOpt("trust-store-password") + .desc("Trust store password used to communicate with Solr using SSL") + .numberOfArgs(1) + .argName("trust store password") + .build(); + + final Option trustStoreTypeOption = Option.builder("tst") + .longOpt("trust-store-type") + .desc("Type of the trust store used to communicate with Solr using SSL") + .numberOfArgs(1) + .argName("trust store type") + .build(); + options.addOption(helpOption); options.addOption(retryOption); options.addOption(intervalOption); @@ -207,6 +249,12 @@ public class AmbariSolrCloudCLI { options.addOption(checkConfigOption); options.addOption(createShardOption); options.addOption(jaasFileOption); + options.addOption(keyStoreLocationOption); + options.addOption(keyStorePasswordOption); + options.addOption(keyStoreTypeOption); + options.addOption(trustStoreLocationOption); + options.addOption(trustStorePasswordOption); + options.addOption(trustStoreTypeOption); try { @@ -254,6 +302,12 @@ public class AmbariSolrCloudCLI { String shardName = cli.hasOption("sn") ? cli.getOptionValue("sn") : null; boolean isSplitting = !cli.hasOption("ns"); String jaasFile = cli.hasOption("jf") ? cli.getOptionValue("jf") : null; + String keyStoreLocation = cli.hasOption("ksl") ? cli.getOptionValue("ksl") : null; + String keyStorePassword = cli.hasOption("ksp") ? cli.getOptionValue("ksp") : null; + String keyStoreType = cli.hasOption("kst") ? cli.getOptionValue("kst") : null; + String trustStoreLocation = cli.hasOption("tsl") ? cli.getOptionValue("tsl") : null; + String trustStorePassword = cli.hasOption("tsp") ? cli.getOptionValue("tsp") : null; + String trustStoreType = cli.hasOption("tst") ? cli.getOptionValue("tst") : null; AmbariSolrCloudClientBuilder clientBuilder = new AmbariSolrCloudClientBuilder() @@ -269,7 +323,13 @@ public class AmbariSolrCloudCLI { .withRouterField(routerField) .withJaasFile(jaasFile) // call before creating SolrClient .withSplitting(isSplitting) - .withSolrZkClient(ZK_CLIENT_TIMEOUT, ZK_CLIENT_CONNECT_TIMEOUT); + .withSolrZkClient(ZK_CLIENT_TIMEOUT, ZK_CLIENT_CONNECT_TIMEOUT) + .withKeyStoreLocation(keyStoreLocation) + .withKeyStorePassword(keyStorePassword) + .withKeyStoreType(keyStoreType) + .withTrustStoreLocation(trustStoreLocation) + .withTrustStorePassword(trustStorePassword) + .withTrustStoreType(trustStoreType); AmbariSolrCloudClient solrCloudClient = null; switch (command) { http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-logsearch/ambari-logsearch-solr-client/src/main/java/org/apache/ambari/logsearch/solr/AmbariSolrCloudClientBuilder.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-solr-client/src/main/java/org/apache/ambari/logsearch/solr/AmbariSolrCloudClientBuilder.java b/ambari-logsearch/ambari-logsearch-solr-client/src/main/java/org/apache/ambari/logsearch/solr/AmbariSolrCloudClientBuilder.java index a5eebc2..de90859 100644 --- a/ambari-logsearch/ambari-logsearch-solr-client/src/main/java/org/apache/ambari/logsearch/solr/AmbariSolrCloudClientBuilder.java +++ b/ambari-logsearch/ambari-logsearch-solr-client/src/main/java/org/apache/ambari/logsearch/solr/AmbariSolrCloudClientBuilder.java @@ -25,6 +25,13 @@ import org.apache.solr.client.solrj.impl.Krb5HttpClientConfigurer; import org.apache.solr.common.cloud.SolrZkClient; public class AmbariSolrCloudClientBuilder { + private static final String KEYSTORE_LOCATION_ARG = "javax.net.ssl.keyStore"; + private static final String KEYSTORE_PASSWORD_ARG = "javax.net.ssl.keyStorePassword"; + private static final String KEYSTORE_TYPE_ARG = "javax.net.ssl.keyStoreType"; + private static final String TRUSTSTORE_LOCATION_ARG = "javax.net.ssl.trustStore"; + private static final String TRUSTSTORE_PASSWORD_ARG = "javax.net.ssl.trustStorePassword"; + private static final String TRUSTSTORE_TYPE_ARG = "javax.net.ssl.trustStoreType"; + String zkConnectString; String collection; String configSet; @@ -121,6 +128,48 @@ public class AmbariSolrCloudClientBuilder { return this; } + public AmbariSolrCloudClientBuilder withKeyStoreLocation(String keyStoreLocation) { + if (keyStoreLocation != null) { + System.setProperty(KEYSTORE_LOCATION_ARG, keyStoreLocation); + } + return this; + } + + public AmbariSolrCloudClientBuilder withKeyStorePassword(String keyStorePassword) { + if (keyStorePassword != null) { + System.setProperty(KEYSTORE_PASSWORD_ARG, keyStorePassword); + } + return this; + } + + public AmbariSolrCloudClientBuilder withKeyStoreType(String keyStoreType) { + if (keyStoreType != null) { + System.setProperty(KEYSTORE_TYPE_ARG, keyStoreType); + } + return this; + } + + public AmbariSolrCloudClientBuilder withTrustStoreLocation(String trustStoreLocation) { + if (trustStoreLocation != null) { + System.setProperty(TRUSTSTORE_LOCATION_ARG, trustStoreLocation); + } + return this; + } + + public AmbariSolrCloudClientBuilder withTrustStorePassword(String trustStorePassword) { + if (trustStorePassword != null) { + System.setProperty(TRUSTSTORE_PASSWORD_ARG, trustStorePassword); + } + return this; + } + + public AmbariSolrCloudClientBuilder withTrustStoreType(String trustStoreType) { + if (trustStoreType != null) { + System.setProperty(TRUSTSTORE_TYPE_ARG, trustStoreType); + } + return this; + } + private void setupSecurity(String jaasFile) { if (jaasFile != null) { System.setProperty("java.security.auth.login.config", jaasFile); http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml index 26a303c..9a6f32c 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logfeeder-env.xml @@ -81,23 +81,23 @@ <on-ambari-upgrade add="true"/> </property> <property> - <name>logfeeder_solr_ssl_client_truststore_location</name> - <value>/etc/security/serverKeys/logsearch-solr-ssl.trustStore.jks</value> - <display-name>Logfeeder Solr client trust store location</display-name> + <name>logfeeder_truststore_location</name> + <value>/etc/security/serverKeys/logsearch.trustStore.jks</value> + <display-name>Logfeeder trust store location</display-name> <description>Location of the trust store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logfeeder_solr_ssl_client_truststore_type</name> + <name>logfeeder_truststore_type</name> <value>jks</value> - <display-name>Logfeeder Solr client trust store type</display-name> + <display-name>Logfeeder trust store type</display-name> <description>Type of the trust store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logfeeder_solr_ssl_client_truststore_password</name> + <name>logfeeder_truststore_password</name> <value>bigdata</value> - <display-name>Logfeeder Solr client trust store password</display-name> + <display-name>Logfeeder trust store password</display-name> <property-type>PASSWORD</property-type> <description>Password to open the trust store file.</description> <value-attributes> @@ -106,23 +106,23 @@ <on-ambari-upgrade add="true"/> </property> <property> - <name>logfeeder_solr_ssl_client_keystore_location</name> - <value>/etc/security/serverKeys/logsearch-solr-ssl.keyStore.jks</value> - <display-name>Logfeeder Solr client key store location</display-name> + <name>logfeeder_keystore_location</name> + <value>/etc/security/serverKeys/logsearch.keyStore.jks</value> + <display-name>Logfeeder key store location</display-name> <description>Location of the key store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logfeeder_solr_ssl_client_keystore_type</name> + <name>logfeeder_keystore_type</name> <value>jks</value> - <display-name>Logfeeder Solr client key store type</display-name> + <display-name>Logfeeder store type</display-name> <description>Type of the key store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logfeeder_solr_ssl_client_keystore_password</name> + <name>logfeeder_keystore_password</name> <value>bigdata</value> - <display-name>Logfeeder Solr client key store password</display-name> + <display-name>Logfeeder key store password</display-name> <property-type>PASSWORD</property-type> <description>Password to open the key store file.</description> <value-attributes> http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml index e0d42d3..ab0e3b9 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml @@ -22,6 +22,13 @@ <!-- This is a special config file for properties used to monitor status of the service --> <configuration supports_adding_forbidden="true"> <property> + <name>logsearch_ui_protocol</name> + <value>http</value> + <description>Protocol (http or https)</description> + <display-name>Log Search UI Protocol</display-name> + <on-ambari-upgrade add="true"/> + </property> + <property> <name>logsearch_ui_port</name> <value>61888</value> <description>Default port for Log Search UI</description> @@ -117,23 +124,23 @@ <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_client_truststore_location</name> - <value>/etc/security/serverKeys/logsearch-solr-ssl.trustStore.jks</value> - <display-name>Log Search Solr client trust store location</display-name> + <name>logsearch_truststore_location</name> + <value>/etc/security/serverKeys/logsearch.trustStore.jks</value> + <display-name>Log Search trust store location</display-name> <description>Location of the trust store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_client_truststore_type</name> + <name>logsearch_truststore_type</name> <value>jks</value> - <display-name>Log Search Solr client trust store type</display-name> + <display-name>Log Search trust store type</display-name> <description>Type of the trust store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_client_truststore_password</name> + <name>logsearch_truststore_password</name> <value>bigdata</value> - <display-name>Log Search Solr client trust store password</display-name> + <display-name>Log Search trust store password</display-name> <property-type>PASSWORD</property-type> <description>Password to open the trust store file.</description> <value-attributes> @@ -142,23 +149,23 @@ <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_client_keystore_location</name> - <value>/etc/security/serverKeys/logsearch-solr-ssl.keyStore.jks</value> - <display-name>Log Search Solr client key store location</display-name> + <name>logsearch_keystore_location</name> + <value>/etc/security/serverKeys/logsearch.keyStore.jks</value> + <display-name>Log Search key store location</display-name> <description>Location of the key store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_client_keystore_type</name> + <name>logsearch_keystore_type</name> <value>jks</value> - <display-name>Log Search Solr client key store type</display-name> + <display-name>Log Search key store type</display-name> <description>Type of the key store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_client_keystore_password</name> + <name>logsearch_keystore_password</name> <value>bigdata</value> - <display-name>Log Search Solr client key store password</display-name> + <display-name>Log Search key store password</display-name> <property-type>PASSWORD</property-type> <description>Password to open the key store file.</description> <value-attributes> http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml index 155ff04..8b272f5 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-solr-env.xml @@ -99,21 +99,21 @@ <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_server_truststore_location</name> - <value>/etc/security/serverKeys/logsearch-solr-ssl.trustStore.jks</value> + <name>logsearch_solr_truststore_location</name> + <value>/etc/security/serverKeys/logsearch.trustStore.jks</value> <display-name>Log Search Solr trust store location</display-name> <description>Location of the trust store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_server_truststore_type</name> + <name>logsearch_solr_truststore_type</name> <value>jks</value> <display-name>Log Search Solr trust store type</display-name> <description>Type of the trust store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_server_truststore_password</name> + <name>logsearch_solr_truststore_password</name> <value>bigdata</value> <property-type>PASSWORD</property-type> <display-name>Log Search Solr trust store password</display-name> @@ -124,21 +124,21 @@ <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_server_keystore_location</name> - <value>/etc/security/serverKeys/logsearch-solr-ssl.keyStore.jks</value> + <name>logsearch_solr_keystore_location</name> + <value>/etc/security/serverKeys/logsearch.keyStore.jks</value> <display-name>Log Search Solr key store location</display-name> <description>Location of the key store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_server_keystore_type</name> + <name>logsearch_solr_keystore_type</name> <value>jks</value> <display-name>Log Search Solr key store type</display-name> <description>Type of the key store file.</description> <on-ambari-upgrade add="true"/> </property> <property> - <name>logsearch_solr_ssl_server_keystore_password</name> + <name>logsearch_solr_keystore_password</name> <value>bigdata</value> <display-name>Log Search Solr key store password</display-name> <property-type>PASSWORD</property-type> http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py index 23a9c09..7ac57ad 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py @@ -225,6 +225,7 @@ logsearch_custom_properties.pop("logsearch.external.auth.login_url", None) logsearch_user = config['configurations']['logsearch-env']['logsearch_user'] logsearch_log_dir = config['configurations']['logsearch-env']['logsearch_log_dir'] logsearch_log = logsearch_log_dir + '/logsearch.out' +logsearch_ui_protocol = config['configurations']['logsearch-env']["logsearch_ui_protocol"] logsearch_ui_port = config['configurations']['logsearch-env']["logsearch_ui_port"] logsearch_debug_enabled = str(config['configurations']['logsearch-env']["logsearch_debug_enabled"]).lower() logsearch_debug_port = config['configurations']['logsearch-env']["logsearch_debug_port"] @@ -315,24 +316,24 @@ logfeeder_env_content = config['configurations']['logfeeder-env']['content'] logfeeder_log4j_content = config['configurations']['logfeeder-log4j']['content'] logsearch_solr_ssl_enabled = default('configurations/logsearch-solr-env/logsearch_solr_ssl_enabled', False) -logsearch_solr_ssl_server_keystore_location = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_keystore_location'] -logsearch_solr_ssl_server_keystore_password = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_keystore_password'] -logsearch_solr_ssl_server_keystore_type = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_keystore_type'] -logsearch_solr_ssl_server_truststore_location = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_truststore_location'] -logsearch_solr_ssl_server_truststore_password = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_truststore_password'] -logsearch_solr_ssl_server_truststore_type = config['configurations']['logsearch-solr-env']['logsearch_solr_ssl_server_truststore_type'] -logsearch_solr_ssl_client_keystore_location = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_keystore_location'] -logsearch_solr_ssl_client_keystore_password = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_keystore_password'] -logsearch_solr_ssl_client_keystore_type = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_keystore_type'] -logsearch_solr_ssl_client_truststore_location = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_truststore_location'] -logsearch_solr_ssl_client_truststore_password = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_truststore_password'] -logsearch_solr_ssl_client_truststore_type = config['configurations']['logsearch-env']['logsearch_solr_ssl_client_truststore_type'] -logfeeder_solr_ssl_client_keystore_location = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_keystore_location'] -logfeeder_solr_ssl_client_keystore_password = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_keystore_password'] -logfeeder_solr_ssl_client_keystore_type = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_keystore_type'] -logfeeder_solr_ssl_client_truststore_location = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_truststore_location'] -logfeeder_solr_ssl_client_truststore_password = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_truststore_password'] -logfeeder_solr_ssl_client_truststore_type = config['configurations']['logfeeder-env']['logfeeder_solr_ssl_client_truststore_type'] +logsearch_solr_keystore_location = config['configurations']['logsearch-solr-env']['logsearch_solr_keystore_location'] +logsearch_solr_keystore_password = config['configurations']['logsearch-solr-env']['logsearch_solr_keystore_password'] +logsearch_solr_keystore_type = config['configurations']['logsearch-solr-env']['logsearch_solr_keystore_type'] +logsearch_solr_truststore_location = config['configurations']['logsearch-solr-env']['logsearch_solr_truststore_location'] +logsearch_solr_truststore_password = config['configurations']['logsearch-solr-env']['logsearch_solr_truststore_password'] +logsearch_solr_truststore_type = config['configurations']['logsearch-solr-env']['logsearch_solr_truststore_type'] +logsearch_keystore_location = config['configurations']['logsearch-env']['logsearch_keystore_location'] +logsearch_keystore_password = config['configurations']['logsearch-env']['logsearch_keystore_password'] +logsearch_keystore_type = config['configurations']['logsearch-env']['logsearch_keystore_type'] +logsearch_truststore_location = config['configurations']['logsearch-env']['logsearch_truststore_location'] +logsearch_truststore_password = config['configurations']['logsearch-env']['logsearch_truststore_password'] +logsearch_truststore_type = config['configurations']['logsearch-env']['logsearch_truststore_type'] +logfeeder_keystore_location = config['configurations']['logfeeder-env']['logfeeder_keystore_location'] +logfeeder_keystore_password = config['configurations']['logfeeder-env']['logfeeder_keystore_password'] +logfeeder_keystore_type = config['configurations']['logfeeder-env']['logfeeder_keystore_type'] +logfeeder_truststore_location = config['configurations']['logfeeder-env']['logfeeder_truststore_location'] +logfeeder_truststore_password = config['configurations']['logfeeder-env']['logfeeder_truststore_password'] +logfeeder_truststore_type = config['configurations']['logfeeder-env']['logfeeder_truststore_type'] logfeeder_checkpoint_folder = default('/configurations/logfeeder-env/logfeeder.checkpoint.folder', '/etc/ambari-logsearch-logfeeder/conf/checkpoints') @@ -362,4 +363,4 @@ logsearch_server_hosts = config['clusterHostInfo']['logsearch_server_hosts'] logsearch_server_host = "" if logsearch_server_hosts is not None and len(logsearch_server_hosts) > 0: logsearch_server_host = logsearch_server_hosts[0] -smoke_logsearch_cmd = format('curl -s -o /dev/null -w "%{{http_code}}" http://{logsearch_server_host}:{logsearch_ui_port}/login.jsp | grep 200') +smoke_logsearch_cmd = format('curl -k -s -o /dev/null -w "%{{http_code}}" {logsearch_ui_protocol}://{logsearch_server_host}:{logsearch_ui_port}/login.jsp | grep 200') http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/service_check.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/service_check.py b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/service_check.py index 2993190..63344e4 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/service_check.py +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/service_check.py @@ -30,9 +30,8 @@ class LogSearchServiceCheck(Script): Execute(params.smoke_logsearch_cmd, user=params.logsearch_user, timeout = 10) Logger.info('Log Search Server up and running') except: - Logger.debug('Log Search Server not running') - - + Logger.error('Log Search Server not running') + raise if __name__ == "__main__": LogSearchServiceCheck().execute() \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/templates/logsearch.properties.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/templates/logsearch.properties.j2 b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/templates/logsearch.properties.j2 index 3f5db30..eaa0a90 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/templates/logsearch.properties.j2 +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/templates/logsearch.properties.j2 @@ -58,6 +58,8 @@ logsearch.auth.external_auth.host_url={{logsearch_auth_external_host_url}} logsearch.auth.external_auth.login_url={{logsearch_auth_external_login_url}} logsearch.roles.allowed=AMBARI.ADMINISTRATOR +logsearch.protocol={{logsearch_ui_protocol}} + # Custom properties {% for key, value in logsearch_custom_properties.items() %} {{key}}={{value}} http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2 b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2 index aba06c6..6795dab 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2 +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logfeeder-env.sh.j2 @@ -33,11 +33,11 @@ if [ "$LOGFEEDER_JAVA_MEM" = "" ]; then fi {% if logsearch_solr_ssl_enabled %} -export LOGFEEDER_SOLR_SSL_ENABLED="true" -export LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_LOCATION={{logfeeder_solr_ssl_client_keystore_location}} -export LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD={{logfeeder_solr_ssl_client_keystore_password}} -export LOGFEEDER_SOLR_SSL_CLIENT_KEYSTORE_TYPE={{logfeeder_solr_ssl_client_keystore_type}} -export LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION={{logfeeder_solr_ssl_client_truststore_location}} -export LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD={{logfeeder_solr_ssl_client_truststore_password}} -export LOGFEEDER_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE={{logfeeder_solr_ssl_client_truststore_type}} +export LOGFEEDER_SSL="true" +export LOGFEEDER_KEYSTORE_LOCATION={{logfeeder_keystore_location}} +export LOGFEEDER_KEYSTORE_PASSWORD={{logfeeder_keystore_password}} +export LOGFEEDER_KEYSTORE_TYPE={{logfeeder_keystore_type}} +export LOGFEEDER_TRUSTSTORE_LOCATION={{logfeeder_truststore_location}} +export LOGFEEDER_TRUSTSTORE_PASSWORD={{logfeeder_truststore_password}} +export LOGFEEDER_TRUSTSTORE_TYPE={{logfeeder_truststore_type}} {% endif %} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2 b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2 index 7b0aed3..17967a9 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2 +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-env.sh.j2 @@ -38,12 +38,12 @@ export LOGSEARCH_DEBUG={{logsearch_debug_enabled}} export LOGSEARCH_DEBUG_PORT={{logsearch_debug_port}} -{% if logsearch_solr_ssl_enabled %} -export LOGSEARCH_SOLR_SSL_ENABLED="true" -export LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_LOCATION={{logsearch_solr_ssl_client_keystore_location}} -export LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_PASSWORD={{logsearch_solr_ssl_client_keystore_password}} -export LOGSEARCH_SOLR_SSL_CLIENT_KEYSTORE_TYPE={{logsearch_solr_ssl_client_keystore_type}} -export LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_LOCATION={{logsearch_solr_ssl_client_truststore_location}} -export LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_PASSWORD={{logsearch_solr_ssl_client_truststore_password}} -export LOGSEARCH_SOLR_SSL_CLIENT_TRUSTSTORE_TYPE={{logsearch_solr_ssl_client_truststore_type}} +{% if logsearch_solr_ssl_enabled or logsearch_ui_protocol == 'https' %} +export LOGSEARCH_SSL="true" +export LOGSEARCH_KEYSTORE_LOCATION={{logsearch_keystore_location}} +export LOGSEARCH_KEYSTORE_PASSWORD={{logsearch_keystore_password}} +export LOGSEARCH_KEYSTORE_TYPE={{logsearch_keystore_type}} +export LOGSEARCH_TRUSTSTORE_LOCATION={{logsearch_truststore_location}} +export LOGSEARCH_TRUSTSTORE_PASSWORD={{logsearch_truststore_password}} +export LOGSEARCH_TRUSTSTORE_TYPE={{logsearch_truststore_type}} {% endif %} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2 ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2 b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2 index 2b17e63..607c833 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2 +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/properties/logsearch-solr-env.sh.j2 @@ -94,10 +94,10 @@ SOLR_PORT={{logsearch_solr_port}} # Be sure to update the paths to the correct keystore for your environment {% if logsearch_solr_ssl_enabled %} -SOLR_SSL_KEY_STORE={{logsearch_solr_ssl_server_keystore_location}} -SOLR_SSL_KEY_STORE_PASSWORD={{logsearch_solr_ssl_server_keystore_password}} -SOLR_SSL_TRUST_STORE={{logsearch_solr_ssl_server_keystore_location}} -SOLR_SSL_TRUST_STORE_PASSWORD={{logsearch_solr_ssl_server_keystore_password}} +SOLR_SSL_KEY_STORE={{logsearch_solr_keystore_location}} +SOLR_SSL_KEY_STORE_PASSWORD={{logsearch_solr_keystore_password}} +SOLR_SSL_TRUST_STORE={{logsearch_solr_keystore_location}} +SOLR_SSL_TRUST_STORE_PASSWORD={{logsearch_solr_keystore_password}} SOLR_SSL_NEED_CLIENT_AUTH=false SOLR_SSL_WANT_CLIENT_AUTH=false {% endif %} http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/quicklinks/quicklinks.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/quicklinks/quicklinks.json b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/quicklinks/quicklinks.json index fc71dfc..b6f6a09 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/quicklinks/quicklinks.json +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/quicklinks/quicklinks.json @@ -3,7 +3,14 @@ "description": "default quick links configuration", "configuration": { "protocol": { - "type": "http" + "type":"https", + "checks":[ + { + "property":"logsearch_ui_protocol", + "desired":"https", + "site":"logsearch-env" + } + ] }, "links": [ { http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/test/python/stacks/2.3/ATLAS/test_metadata_server.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.3/ATLAS/test_metadata_server.py b/ambari-server/src/test/python/stacks/2.3/ATLAS/test_metadata_server.py index d8b24ea..ad531de 100644 --- a/ambari-server/src/test/python/stacks/2.3/ATLAS/test_metadata_server.py +++ b/ambari-server/src/test/python/stacks/2.3/ATLAS/test_metadata_server.py @@ -151,12 +151,12 @@ class TestMetadataServer(RMFTestCase): mode=0644, content = '' ) - self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh -z c6401.ambari.apache.org:2181/logsearch --download-config -d /tmp/solr_config_basic_configs_0.[0-9]* -cs basic_configs -rt 30 -i 5') - self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh -z c6401.ambari.apache.org:2181/logsearch --upload-config -d /etc/atlas/conf/solr -cs basic_configs -rt 30 -i 5') + self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/logsearch --download-config --config-dir /tmp/solr_config_basic_configs_0.[0-9]* --config-set basic_configs --retry 30 --interval 5') + self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/logsearch --upload-config --config-dir /etc/atlas/conf/solr --config-set basic_configs --retry 30 --interval 5') - self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh -z c6401.ambari.apache.org:2181/logsearch --create-collection -c vertex_index -cs basic_configs -s 1 -r 1 -m 1 -rt 5 -i 10') - self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh -z c6401.ambari.apache.org:2181/logsearch --create-collection -c edge_index -cs basic_configs -s 1 -r 1 -m 1 -rt 5 -i 10') - self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh -z c6401.ambari.apache.org:2181/logsearch --create-collection -c fulltext_index -cs basic_configs -s 1 -r 1 -m 1 -rt 5 -i 10') + self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/logsearch --create-collection --collection vertex_index --config-set basic_configs --shards 1 --replication 1 --max-shards 1 --retry 5 --interval 10') + self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/logsearch --create-collection --collection edge_index --config-set basic_configs --shards 1 --replication 1 --max-shards 1 --retry 5 --interval 10') + self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/logsearch --create-collection --collection fulltext_index --config-set basic_configs --shards 1 --replication 1 --max-shards 1 --retry 5 --interval 10') def test_configure_default(self): self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/metadata_server.py", http://git-wip-us.apache.org/repos/asf/ambari/blob/e497f558/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py index 45bded1..48e071d 100644 --- a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py +++ b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py @@ -105,14 +105,14 @@ class TestLogSearch(RMFTestCase): content = InlineTemplate(self.getConfig()['configurations']['logsearch-audit_logs-solrconfig']['content']) ) - self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh -z c6401.ambari.apache.org:2181/logsearch --download-config -d /tmp/solr_config_hadoop_logs_0.[0-9]* -cs hadoop_logs -rt 30 -i 5') - self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh -z c6401.ambari.apache.org:2181/logsearch --upload-config -d /etc/ambari-logsearch-portal/conf/solr_configsets/hadoop_logs/conf -cs hadoop_logs -rt 30 -i 5') + self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/logsearch --download-config --config-dir /tmp/solr_config_hadoop_logs_0.[0-9]* --config-set hadoop_logs --retry 30 --interval 5') + self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/logsearch --upload-config --config-dir /etc/ambari-logsearch-portal/conf/solr_configsets/hadoop_logs/conf --config-set hadoop_logs --retry 30 --interval 5') - self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh -z c6401.ambari.apache.org:2181/logsearch --download-config -d /tmp/solr_config_history_0.[0-9]* -cs history -rt 30 -i 5') - self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh -z c6401.ambari.apache.org:2181/logsearch --upload-config -d /etc/ambari-logsearch-portal/conf/solr_configsets/history/conf -cs history -rt 30 -i 5') + self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/logsearch --download-config --config-dir /tmp/solr_config_history_0.[0-9]* --config-set history --retry 30 --interval 5') + self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/logsearch --upload-config --config-dir /etc/ambari-logsearch-portal/conf/solr_configsets/history/conf --config-set history --retry 30 --interval 5') - self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh -z c6401.ambari.apache.org:2181/logsearch --download-config -d /tmp/solr_config_audit_logs_0.[0-9]* -cs audit_logs -rt 30 -i 5') - self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh -z c6401.ambari.apache.org:2181/logsearch --upload-config -d /etc/ambari-logsearch-portal/conf/solr_configsets/audit_logs/conf -cs audit_logs -rt 30 -i 5') + self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/logsearch --download-config --config-dir /tmp/solr_config_audit_logs_0.[0-9]* --config-set audit_logs --retry 30 --interval 5') + self.assertResourceCalledRegexp('^Execute$', '^export JAVA_HOME=/usr/jdk64/jdk1.7.0_45 ; /usr/lib/ambari-logsearch-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/logsearch --upload-config --config-dir /etc/ambari-logsearch-portal/conf/solr_configsets/audit_logs/conf --config-set audit_logs --retry 30 --interval 5') self.assertResourceCalled('Execute', ('chmod', '-R', 'ugo+r', '/etc/ambari-logsearch-portal/conf/solr_configsets'), sudo=True
