This is an automated email from the ASF dual-hosted git repository. ssulav pushed a commit to branch HDDS-14720 in repository https://gitbox.apache.org/repos/asf/ozone-installer.git
commit c075086062c012da4d8f3b19d78021fcd13d5366 Author: Soumitra Sulav <[email protected]> AuthorDate: Fri Feb 27 21:37:14 2026 +0530 HDDS-14720. Set OZONE_HOME and Path only for the service user bash shell --- README.md | 2 +- ozone_installer.py | 31 +++++++++++++++++++++++++++- roles/java/tasks/main.yml | 8 +++---- roles/ozone_config/defaults/main.yml | 1 + roles/ozone_config/templates/ozone-env.sh.j2 | 3 --- roles/ozone_layout/tasks/main.yml | 14 +++++++++---- 6 files changed, 46 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 64ecb0c..cc28a5e 100644 --- a/README.md +++ b/README.md @@ -260,7 +260,7 @@ ANSIBLE_CONFIG=ansible.cfg ansible-playbook -i inventories/dev/hosts.ini playboo ## Notes - Idempotent where possible; runtime `ozone` init/start guarded with `creates:`. -- JAVA_HOME and PATH are persisted for resume; runtime settings are exported via `ozone-env.sh`. +- JAVA_HOME, OZONE_HOME, and PATH are set only for the service user (in `~/.bashrc`); runtime settings are exported via `ozone-env.sh`. - Local snapshot mode archives from the controller and uploads/extracts on targets using `unarchive`. - Logs are written to a per-run file under `logs/` named: - `ansible-<timestamp>-<hosts_raw_sanitized>.log` diff --git a/ozone_installer.py b/ozone_installer.py index f512e6f..243ec01 100755 --- a/ozone_installer.py +++ b/ozone_installer.py @@ -26,7 +26,12 @@ import tempfile import logging from datetime import datetime from pathlib import Path -from typing import List, Optional, Tuple +from typing import Any, Dict, List, Optional, Tuple + +try: + import yaml +except ImportError: + yaml = None # type: ignore # Optional nicer interactive prompts (fallback to built-in prompts if unavailable) try: @@ -286,6 +291,28 @@ def expand_braces(expr: str) -> List[str]: pre, a, b, post = m.group(1), int(m.group(2)), int(m.group(3)), m.group(4) return [f"{pre}{i}{post}" for i in range(a, b + 1)] +def _load_group_vars() -> Dict[str, Any]: + """Load inventories/dev/group_vars/all.yml if it exists. Returns {} on failure.""" + if not yaml: + return {} + path = ANSIBLE_ROOT / "inventories" / "dev" / "group_vars" / "all.yml" + if not path.exists(): + return {} + try: + with open(path, encoding="utf-8") as f: + data = yaml.safe_load(f) + return dict(data) if isinstance(data, dict) else {} + except Exception: + return {} + + +def _merge_extra_vars(extra_vars: Dict[str, Any]) -> Dict[str, Any]: + """Merge group_vars/all.yml into extra_vars; extra_vars override group_vars.""" + base = _load_group_vars() + base.update(extra_vars) + return base + + def parse_data_dirs(data_raw: Optional[str]) -> str: """ Accepts comma-separated data dirs; each may contain brace expansion (e.g. /data/ozone{1..3}). @@ -771,6 +798,7 @@ def main(argv: List[str]) -> int: ask_pass = auth_method == "password" and not password if stop_only or stop_and_clean: + extra_vars = _merge_extra_vars(extra_vars) with tempfile.NamedTemporaryFile(mode="w", suffix=".ini", delete=False) as inv_f: inv_f.write(inventory_text or "") inv_path = Path(inv_f.name) @@ -792,6 +820,7 @@ def main(argv: List[str]) -> int: pass # Full install: persist config and run cluster playbook + extra_vars = _merge_extra_vars(extra_vars) with tempfile.TemporaryDirectory() as tdir: inv_path = Path(tdir) / "hosts.ini" ev_path = Path(tdir) / "vars.json" diff --git a/roles/java/tasks/main.yml b/roles/java/tasks/main.yml index c05aecd..88daabe 100644 --- a/roles/java/tasks/main.yml +++ b/roles/java/tasks/main.yml @@ -76,12 +76,12 @@ content: "{{ merged_all | to_nice_json }}" mode: "0644" -- name: "Export JAVA_HOME and update PATH in profile.d/ozone.sh" +- name: "Export JAVA_HOME and update PATH in service user shell config" blockinfile: - path: "/etc/profile.d/ozone.sh" + path: "{{ (service_user == 'root') | ternary('/root', '/home/' + service_user) }}/.bashrc" create: true - owner: root - group: root + owner: "{{ service_user }}" + group: "{{ service_group }}" mode: "0644" marker: "# {mark} {{ JAVA_MARKER }}" block: | diff --git a/roles/ozone_config/defaults/main.yml b/roles/ozone_config/defaults/main.yml index a527b6b..c419d27 100644 --- a/roles/ozone_config/defaults/main.yml +++ b/roles/ozone_config/defaults/main.yml @@ -17,6 +17,7 @@ install_base: "/opt/ozone" # data_base: single path or comma-separated paths (e.g. /data/ozone or /data/ozone1,/data/ozone2) data_base: "/data/ozone" +ozone_opts: "-XX:ParallelGCThreads=8" CONFIG_DIR: "" # if provided, can be used to feed additional properties via vars diff --git a/roles/ozone_config/templates/ozone-env.sh.j2 b/roles/ozone_config/templates/ozone-env.sh.j2 index dc5c255..4d412ca 100644 --- a/roles/ozone_config/templates/ozone-env.sh.j2 +++ b/roles/ozone_config/templates/ozone-env.sh.j2 @@ -31,10 +31,7 @@ export HADOOP_CONF_DIR="{{ install_base }}/current/etc/hadoop" # Relaxed module access for Java 17/21 (needed by Ozone and dependencies) export JAVA_TOOL_OPTIONS="${JAVA_TOOL_OPTIONS:+$JAVA_TOOL_OPTIONS} --add-opens=java.base/jdk.internal.misc=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED" -{% if ozone_opts | default('-XX:ParallelGCThreads=8') | length > 0 %} -# Extra JVM options for all Ozone components export OZONE_OPTS="{{ ozone_opts | default('-XX:ParallelGCThreads=8') }}" -{% endif %} export OZONE_OM_USER="{{ service_user }}" diff --git a/roles/ozone_layout/tasks/main.yml b/roles/ozone_layout/tasks/main.yml index 6487765..02c2ee0 100644 --- a/roles/ozone_layout/tasks/main.yml +++ b/roles/ozone_layout/tasks/main.yml @@ -29,12 +29,18 @@ }} become: true -- name: "Ensure OZONE_HOME and PATH are in profile.d/ozone.sh" - blockinfile: +- name: "Remove system-wide ozone env (now set only for service user)" + file: path: "/etc/profile.d/ozone.sh" + state: absent + become: true + +- name: "Ensure OZONE_HOME and PATH in service user shell config" + blockinfile: + path: "{{ (service_user == 'root') | ternary('/root', '/home/' + service_user) }}/.bashrc" create: true - owner: root - group: root + owner: "{{ service_user }}" + group: "{{ service_group }}" mode: "0644" marker: "# {mark} {{ ENV_MARKER }}" block: | --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
