This is an automated email from the ASF dual-hosted git repository.
brahma pushed a commit to branch branch-2.7
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/branch-2.7 by this push:
new e00261fc3c [AMBARI-25624] "Creating Kerberos keytabs" takes too long
(#3353)
e00261fc3c is described below
commit e00261fc3c8cece53438cb1ffdc7bd658ede08c6
Author: Yubi Lee <[email protected]>
AuthorDate: Sat Sep 10 15:05:12 2022 +0900
[AMBARI-25624] "Creating Kerberos keytabs" takes too long (#3353)
Signed-off-by: Brahma Reddy Battula <[email protected]>
---
.../kerberos/CreateKeytabFilesServerAction.java | 2 +-
.../stageutils/KerberosKeytabController.java | 36 +++++++++++++---------
2 files changed, 23 insertions(+), 15 deletions(-)
diff --git
a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java
b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java
index f1d546151d..8e7dea745c 100644
---
a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java
+++
b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java
@@ -159,7 +159,7 @@ public class CreateKeytabFilesServerAction extends
KerberosServerAction {
CommandReport commandReport = null;
String message = null;
- Set<ResolvedKerberosKeytab> keytabsToCreate =
kerberosKeytabController.getFromPrincipal(resolvedPrincipal);
+ Set<ResolvedKerberosKeytab> keytabsToCreate =
kerberosKeytabController.getFromPrincipalExceptServiceMapping(resolvedPrincipal);
KerberosPrincipalEntity principalEntity =
kerberosPrincipalDAO.find(resolvedPrincipal.getPrincipal());
try {
diff --git
a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/stageutils/KerberosKeytabController.java
b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/stageutils/KerberosKeytabController.java
index 1fa654c64a..037c796643 100644
---
a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/stageutils/KerberosKeytabController.java
+++
b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/stageutils/KerberosKeytabController.java
@@ -91,7 +91,7 @@ public class KerberosKeytabController {
* @return found keytab or null
*/
public ResolvedKerberosKeytab getKeytabByFile(String file, boolean
resolvePrincipals) {
- return fromKeytabEntity(kerberosKeytabDAO.find(file), resolvePrincipals);
+ return fromKeytabEntity(kerberosKeytabDAO.find(file), resolvePrincipals,
false);
}
/**
@@ -100,7 +100,7 @@ public class KerberosKeytabController {
* @return all keytabs
*/
public Set<ResolvedKerberosKeytab> getAllKeytabs() {
- return fromKeytabEntities(kerberosKeytabDAO.findAll());
+ return fromKeytabEntities(kerberosKeytabDAO.findAll(), false);
}
/**
@@ -110,10 +110,17 @@ public class KerberosKeytabController {
* @return set of keytabs found
*/
public Set<ResolvedKerberosKeytab>
getFromPrincipal(ResolvedKerberosPrincipal rkp) {
- List<KerberosKeytabEntity> keytabs =
kerberosKeytabDAO.findByPrincipalAndHost(
- rkp.getPrincipal(), rkp.getHostId());
+ return
fromKeytabEntities(kerberosKeytabDAO.findByPrincipalAndHost(rkp.getPrincipal(),
rkp.getHostId()), false);
+ }
- return fromKeytabEntities(keytabs);
+ /**
+ * Returns all keytabs that contains given principal without service mapping.
+ *
+ * @param rkp principal to filter keytabs by
+ * @return set of keytabs found
+ */
+ public Set<ResolvedKerberosKeytab>
getFromPrincipalExceptServiceMapping(ResolvedKerberosPrincipal rkp) {
+ return
fromKeytabEntities(kerberosKeytabDAO.findByPrincipalAndHost(rkp.getPrincipal(),
rkp.getHostId()), true);
}
/**
@@ -135,7 +142,7 @@ public class KerberosKeytabController {
filter.setPrincipals(identityFilter);
}
- Set<ResolvedKerberosPrincipal> filteredPrincipals =
fromPrincipalEntities(kerberosKeytabPrincipalDAO.findByFilters(filters));
+ Set<ResolvedKerberosPrincipal> filteredPrincipals =
fromPrincipalEntities(kerberosKeytabPrincipalDAO.findByFilters(filters), false);
HashMap<String, ResolvedKerberosKeytab> resultMap = new HashMap<>();
for (ResolvedKerberosPrincipal principal : filteredPrincipals) {
if (!resultMap.containsKey(principal.getKeytabPath())) {
@@ -207,8 +214,9 @@ public class KerberosKeytabController {
return
Lists.newArrayList(KerberosKeytabPrincipalDAO.KerberosKeytabPrincipalFilter.createEmptyFilter());
}
- private ResolvedKerberosKeytab fromKeytabEntity(KerberosKeytabEntity kke,
boolean resolvePrincipals) {
- Set<ResolvedKerberosPrincipal> principals = resolvePrincipals ?
fromPrincipalEntities(kke.getKerberosKeytabPrincipalEntities()) : new
HashSet<>();
+ private ResolvedKerberosKeytab fromKeytabEntity(KerberosKeytabEntity kke,
boolean resolvePrincipals, boolean exceptServiceMapping) {
+ Set<ResolvedKerberosPrincipal> principals = resolvePrincipals ?
+ fromPrincipalEntities(kke.getKerberosKeytabPrincipalEntities(),
exceptServiceMapping) : new HashSet<>();
return new ResolvedKerberosKeytab(
kke.getKeytabPath(),
kke.getOwnerName(),
@@ -222,18 +230,18 @@ public class KerberosKeytabController {
}
private ResolvedKerberosKeytab fromKeytabEntity(KerberosKeytabEntity kke) {
- return fromKeytabEntity(kke, true);
+ return fromKeytabEntity(kke, true, false);
}
- private Set<ResolvedKerberosKeytab>
fromKeytabEntities(Collection<KerberosKeytabEntity> keytabEntities) {
+ private Set<ResolvedKerberosKeytab>
fromKeytabEntities(Collection<KerberosKeytabEntity> keytabEntities, boolean
exceptServiceMapping) {
ImmutableSet.Builder<ResolvedKerberosKeytab> builder =
ImmutableSet.builder();
- for (KerberosKeytabEntity kkpe : keytabEntities) {
- builder.add(fromKeytabEntity(kkpe));
+ for (KerberosKeytabEntity kke : keytabEntities) {
+ builder.add(fromKeytabEntity(kke, true, exceptServiceMapping));
}
return builder.build();
}
- private Set<ResolvedKerberosPrincipal>
fromPrincipalEntities(Collection<KerberosKeytabPrincipalEntity>
principalEntities) {
+ private Set<ResolvedKerberosPrincipal>
fromPrincipalEntities(Collection<KerberosKeytabPrincipalEntity>
principalEntities, boolean exceptServiceMapping) {
ImmutableSet.Builder<ResolvedKerberosPrincipal> builder =
ImmutableSet.builder();
for (KerberosKeytabPrincipalEntity kkpe : principalEntities) {
KerberosPrincipalEntity kpe = kkpe.getKerberosPrincipalEntity();
@@ -246,7 +254,7 @@ public class KerberosKeytabController {
kpe.isService(),
kpe.getCachedKeytabPath(),
kkpe.getKeytabPath(),
- kkpe.getServiceMappingAsMultimap());
+ exceptServiceMapping ? null : kkpe.getServiceMappingAsMultimap());
builder.add(rkp);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
