This is an automated email from the ASF dual-hosted git repository.
smolnar pushed a commit to branch branch-2.7
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/branch-2.7 by this push:
new 0d18dac AMBARI-22847. Let HBase use ZK principal name set by users
when enabling Kerberos (until now it's been hardcoded to 'zookeeper') (#2223)
0d18dac is described below
commit 0d18dace6fe17a9a098eb2f763351601af9f07b5
Author: Sandor Molnar <[email protected]>
AuthorDate: Fri Aug 31 15:11:33 2018 +0200
AMBARI-22847. Let HBase use ZK principal name set by users when enabling
Kerberos (until now it's been hardcoded to 'zookeeper') (#2223)
---
.../common-services/HBASE/0.96.0.2.0/configuration/hbase-env.xml | 2 +-
.../common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py | 3 +++
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git
a/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/configuration/hbase-env.xml
b/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/configuration/hbase-env.xml
index ec3417b..4f62433 100644
---
a/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/configuration/hbase-env.xml
+++
b/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/configuration/hbase-env.xml
@@ -237,7 +237,7 @@ export HBASE_PID_DIR={{pid_dir}}
export HBASE_MANAGES_ZK=false
{% if security_enabled %}
-export HBASE_OPTS="$HBASE_OPTS -XX:+UseConcMarkSweepGC
-XX:ErrorFile={{log_dir}}/hs_err_pid%p.log
-Djava.security.auth.login.config={{client_jaas_config_file}}
-Djava.io.tmpdir={{java_io_tmpdir}}"
+export HBASE_OPTS="$HBASE_OPTS -XX:+UseConcMarkSweepGC
-XX:ErrorFile={{log_dir}}/hs_err_pid%p.log
-Djava.security.auth.login.config={{client_jaas_config_file}}
-Djava.io.tmpdir={{java_io_tmpdir}} {{zk_security_opts}}"
export HBASE_MASTER_OPTS="$HBASE_MASTER_OPTS -Xmx{{master_heapsize}}
-Djava.security.auth.login.config={{master_jaas_config_file}}"
export HBASE_REGIONSERVER_OPTS="$HBASE_REGIONSERVER_OPTS
-Xmn{{regionserver_xmn_size}}
-XX:CMSInitiatingOccupancyFraction={{regionserver_cms_initiating_occupancy_fraction}}
-XX:+UseCMSInitiatingOccupancyOnly -XX:ReservedCodeCacheSize=256m
-Xms{{regionserver_heapsize}} -Xmx{{regionserver_heapsize}}
-Djava.security.auth.login.config={{regionserver_jaas_config_file}}"
{% else %}
diff --git
a/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py
b/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py
index 911700b..292fdf2 100644
---
a/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py
+++
b/ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py
@@ -214,6 +214,9 @@ service_check_data = get_unique_id_and_date()
user_group = config['configurations']['cluster-env']["user_group"]
if security_enabled:
+ zk_principal_name =
default("/configurations/zookeeper-env/zookeeper_principal_name",
"zookeeper/[email protected]")
+ zk_principal_user = zk_principal_name.split('/')[0]
+ zk_security_opts = format('-Dzookeeper.sasl.client=true
-Dzookeeper.sasl.client.username={zk_principal_user}
-Dzookeeper.sasl.clientconfig=Client')
_hostname_lowercase = config['agentLevelParams']['hostname'].lower()
master_jaas_princ =
config['configurations']['hbase-site']['hbase.master.kerberos.principal'].replace('_HOST',_hostname_lowercase)
master_keytab_path =
config['configurations']['hbase-site']['hbase.master.keytab.file']
