Repository: incubator-hawq Updated Branches: refs/heads/master abd74ed1c -> ed5029c76
HAWQ-1476. Augment enable-ranger-plugin.sh to support kerberos. (close #1248) Project: http://git-wip-us.apache.org/repos/asf/incubator-hawq/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-hawq/commit/ed5029c7 Tree: http://git-wip-us.apache.org/repos/asf/incubator-hawq/tree/ed5029c7 Diff: http://git-wip-us.apache.org/repos/asf/incubator-hawq/diff/ed5029c7 Branch: refs/heads/master Commit: ed5029c76515d36cae0c41e96d19eee0b4710561 Parents: abd74ed Author: stanlyxiang <[email protected]> Authored: Thu Jun 1 15:41:55 2017 +0800 Committer: Lili Ma <[email protected]> Committed: Thu Jun 1 16:34:03 2017 +0800 ---------------------------------------------------------------------- ranger-plugin/conf/ranger-servicedef-hawq.json | 2 +- ranger-plugin/scripts/enable-ranger-plugin.sh | 28 ++++++++++++++++++++- 2 files changed, 28 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/ed5029c7/ranger-plugin/conf/ranger-servicedef-hawq.json ---------------------------------------------------------------------- diff --git a/ranger-plugin/conf/ranger-servicedef-hawq.json b/ranger-plugin/conf/ranger-servicedef-hawq.json index 172eb3a..b8ce53e 100644 --- a/ranger-plugin/conf/ranger-servicedef-hawq.json +++ b/ranger-plugin/conf/ranger-servicedef-hawq.json @@ -244,7 +244,7 @@ "name": "authentication", "type": "enum", "subType": "authType", - "mandatory": false, + "mandatory": true, "validationRegEx": "", "validationMessage": "", "uiHint": "", http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/ed5029c7/ranger-plugin/scripts/enable-ranger-plugin.sh ---------------------------------------------------------------------- diff --git a/ranger-plugin/scripts/enable-ranger-plugin.sh b/ranger-plugin/scripts/enable-ranger-plugin.sh index 5b702c9..0e839b7 100755 --- a/ranger-plugin/scripts/enable-ranger-plugin.sh +++ b/ranger-plugin/scripts/enable-ranger-plugin.sh @@ -20,7 +20,7 @@ # function usage() { - echo "USAGE: enable-ranger-plugin.sh -r ranger_host:ranger_port -u ranger_user -p ranger_password [-h hawq_host:hawq_port] -w hawq_user -q hawq_password" + echo "USAGE: enable-ranger-plugin.sh -r ranger_host:ranger_port -u ranger_user -p ranger_password [-h hawq_host:hawq_port -t lookup_authentication_type -s hawq_kerberos_service_name] -w hawq_user -q hawq_password" exit 1 } @@ -131,6 +131,18 @@ function get_hawq_password() { done } +function get_hawq_kerberos_service_name() { + if [[ -z "$HAWQ_KERBEROS_SERVICE_NAME" ]]; then + HAWQ_KERBEROS_SERVICE_NAME="postgres" + fi +} + +function get_lookup_authentication_type() { + if [[ -z "$LOOKUP_AUTHENTICATION_TYPE" ]]; then + LOOKUP_AUTHENTICATION_TYPE="simple" + fi +} + function parse_params() { while [[ $# -gt 0 ]] do @@ -160,6 +172,14 @@ function parse_params() { HAWQ_PASSWORD="$2" shift ;; + -s) + HAWQ_KERBEROS_SERVICE_NAME="$2" + shift + ;; + -t) + LOOKUP_AUTHENTICATION_TYPE="$2" + shift + ;; *) usage ;; @@ -175,6 +195,8 @@ function validate_params() { get_hawq_url get_hawq_user get_hawq_password + get_hawq_kerberos_service_name + get_lookup_authentication_type echo "RANGER URL = ${RANGER_URL}" echo "RANGER User = ${RANGER_USER}" echo "RANGER Password = $(mask ${RANGER_PASSWORD})" @@ -182,6 +204,8 @@ function validate_params() { echo "HAWQ PORT = ${HAWQ_PORT}" echo "HAWQ User = ${HAWQ_USER}" echo "HAWQ Password = $(mask ${HAWQ_PASSWORD})" + echo "HAWQ Lookup Authentication Type = ${LOOKUP_AUTHENTICATION_TYPE}" + echo "HAWQ Kerberos Service Name = ${HAWQ_KERBEROS_SERVICE_NAME}" } function check_hawq_service_definition() { @@ -217,6 +241,8 @@ function create_hawq_service_instance() { \"isEnabled\":true, \"configs\":{\"username\":\"${HAWQ_USER}\", \"password\":\"${HAWQ_PASSWORD}\", + \"authentication\":\"${LOOKUP_AUTHENTICATION_TYPE}\", + \"principal\":\"${HAWQ_KERBEROS_SERVICE_NAME}\", \"hostname\":\"${HAWQ_HOST}\", \"port\":\"${HAWQ_PORT}\"}}"
