Repository: incubator-ranger Updated Branches: refs/heads/master 641be5c0a -> 62a3bd07a
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/62a3bd07/winpkg/src/scripts/install.ps1 ---------------------------------------------------------------------- diff --git a/winpkg/src/scripts/install.ps1 b/winpkg/src/scripts/install.ps1 deleted file mode 100644 index b6a80db..0000000 --- a/winpkg/src/scripts/install.ps1 +++ /dev/null @@ -1,491 +0,0 @@ -### Licensed to the Apache Software Foundation (ASF) under one or more -### contributor license agreements. See the NOTICE file distributed with -### this work for additional information regarding copyright ownership. -### The ASF licenses this file to You under the Apache License, Version 2.0 -### (the "License"); you may not use this file except in compliance with -### the License. You may obtain a copy of the License at -### -### http://www.apache.org/licenses/LICENSE-2.0 -### -### Unless required by applicable law or agreed to in writing, software -### distributed under the License is distributed on an "AS IS" BASIS, -### WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -### See the License for the specific language governing permissions and -### limitations under the License. - -### -### Install script that can be used to install Ranger -### To invoke the scipt, run the following command from PowerShell: -### install.ps1 -username <username> -password <password> or -### install.ps1 -credentialFilePath <credentialFilePath> -### -### where: -### <username> and <password> represent account credentials used to run -### Ranger services as Windows services. -### <credentialFilePath> encripted credentials file path -### -### By default, Hadoop is installed to "C:\Hadoop". To change this set -### HADOOP_NODE_INSTALL_ROOT environment variable to a location were -### you'd like Hadoop installed. -### -### Script pre-requisites: -### JAVA_HOME must be set to point to a valid Java location. -### HADOOP_HOME must be set to point to a valid Hadoop install location. -### -### To uninstall previously installed Single-Node cluster run: -### uninstall.ps1 -### -### NOTE: Notice @version@ strings throughout the file. First compile -### winpkg with "ant winpkg", that will replace the version string. - -### - -param( - [String] - [Parameter( ParameterSetName='UsernamePassword', Position=0, Mandatory=$true )] - [Parameter( ParameterSetName='UsernamePasswordBase64', Position=0, Mandatory=$true )] - $username, - [String] - [Parameter( ParameterSetName='UsernamePassword', Position=1, Mandatory=$true )] - $password, - [String] - [Parameter( ParameterSetName='UsernamePasswordBase64', Position=1, Mandatory=$true )] - $passwordBase64, - [Parameter( ParameterSetName='CredentialFilePath', Mandatory=$true )] - $credentialFilePath, - [String] - $roles - ) - -function Main( $scriptDir ) -{ - $FinalName = "[email protected]@" - if ( -not (Test-Path ENV:WINPKG_LOG)) - { - $ENV:WINPKG_LOG = "$FinalName.winpkg.log" - } - - $HDP_INSTALL_PATH, $HDP_RESOURCES_DIR = Initialize-InstallationEnv $scriptDir "$FinalName.winpkg.log" - $nodeInstallRoot = "$ENV:HADOOP_NODE_INSTALL_ROOT" - - - ### - ### Create the Credential object from the given username and password or the provided credentials file - ### - $serviceCredential = Get-HadoopUserCredentials -credentialsHash @{"username" = $username; "password" = $password; ` - "passwordBase64" = $passwordBase64; "credentialFilePath" = $credentialFilePath} - $username = $serviceCredential.UserName - Write-Log "Username: $username" - Write-Log "CredentialFilePath: $credentialFilePath" - - ### - ### Install and Configure ranger (Looks like this config will come from earlier HDP installation steps ) - ### - if ( $ENV:IS_RANGER -eq "yes" ) { - $roles = "ranger-admin" - } - - Write-Log "Roles are $roles" - Install "ranger" $nodeInstallRoot $serviceCredential $roles - Configure "ranger" $nodeInstallRoot $serviceCredential - Write-Log "Installation of Ranger Admin Tool completed successfully" - - #################################################################### - ### Install and Configure ranger-hdfs plugin ### - #################################################################### - - $roles = '' - - Install "ranger-hdfs" $nodeInstallRoot $serviceCredential $roles - ### - ### Apply configuration changes to hdfs-site.xml - ### - $hdfsChanges = @{ - "dfs.permissions.enabled" = "true" - "dfs.permissions" = "true" - } - ### - ### Apply configuration changes to xasecure-audit.xml - ### - $hdfsAuditChanges = @{ - "xasecure.audit.db.is.enabled" = "true" - "xasecure.audit.jpa.javax.persistence.jdbc.url" = "jdbc:mysql://${ENV:RANGER_AUDIT_DB_HOST}:${ENV:RANGER_AUDIT_DB_PORT}/${ENV:RANGER_AUDIT_DB_DBNAME}" - "xasecure.audit.jpa.javax.persistence.jdbc.user" = "${ENV:RANGER_AUDIT_DB_USERNAME}" - "xasecure.audit.jpa.javax.persistence.jdbc.password" = "crypted" - "xasecure.audit.repository.name" = "${ENV:RANGER_HDFS_REPO}" - "xasecure.audit.credential.provider.file" = "jceks://file/${ENV:RANGER_HDFS_CRED_KEYSTORE_FILE}" - "xasecure.audit.jpa.javax.persistence.jdbc.driver" = "com.mysql.jdbc.Driver" - "xasecure.audit.hdfs.is.enabled" = "false" - "xasecure.audit.hdfs.config.destination.directroy" = "${ENV:RANGER_HDFS_DESTINATION_DIRECTORY}" - "xasecure.audit.hdfs.config.destination.file" = "${ENV:RANGER_HDFS_DESTINTATION_FILE}" - "xasecure.audit.hdfs.config.destination.flush.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_FLUSH_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.destination.rollover.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_ROLLOVER_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.destination.open.retry.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.buffer.directroy" = "{ENV:RANGER.HDFS_LOCAL_BUFFER_DIRECTORY}" - "xasecure.audit.hdfs.config.local.buffer.file" = "{ENV:RANGER.HDFS_LOCAL_BUFFER_FILE}" - "xasecure.audit.hdfs.config.local.buffer.flush.interval.seconds"= "{ENV:RANGER_HDFS_LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds"= "{ENV:RANGER_HDFS_LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.archive.directroy" = "{ENV:RANGER_HDFS_LOCAL_ARCHIVE_DIRECTORY}" - "xasecure.audit.hdfs.config.local.archive.max.file.count" = "{ENV:RANGER_HDFS_LOCAL_ARCHIVE_MAX_FILE_COUNT}" - - } - ### - ### Apply configuration changes to xasecure-hdfs-security.xml - ### - $hdfsSecurityChanges = @{ - "hdfs.authorization.verifier.classname" = "org.apache.ranger.pdp.hdfs.RangerAuthorizer" - "xasecure.hdfs.policymgr.url" = "${ENV:RANGER_EXTERNAL_URL}/service/assets/policyList/${ENV:RANGER_HDFS_REPO}" - "xasecure.hdfs.policymgr.url.saveAsFile" = "${ENV:RANGER_HOME}\tmp\hadoop_${ENV:RANGER_HDFS_REPO}" - "xasecure.hdfs.policymgr.url.laststoredfile" = "${ENV:RANGER_HOME}\tmp\hadoop_${ENV:RANGER_HDFS_REPO}_json" - "xasecure.hdfs.policymgr.url.reloadIntervalInMillis" = "30000" - } - - ### Since we modify different files, this hashtable contains hashtables for - ### each files. So its a hashtable of hashtables! - $configs = @{} - $configs.Add("hdfsChanges",$hdfsChanges) - $configs.Add("hdfsAuditChanges",$hdfsAuditChanges) - $configs.Add("hdfsSecurityChanges",$hdfsSecurityChanges) - - Configure "ranger-hdfs" $nodeInstallRoot $serviceCredential $configs - - Write-Log "Installation of ranger-hdfs completed successfully" - - - #################################################################### - ### Install and Configure ranger-hive plugin ### - #################################################################### - - $roles = '' - Install "ranger-hive" $nodeInstallRoot $serviceCredential $roles - - #### - #### Apply configuration changes to hive-site.xml - #### - $hivechanges = @{ - "hive.security.authorization.enabled" = "true" - "hive.security.authorization.manager" = "org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory" - "hive.conf.restricted.list" = "hive.security.authorization.enabled, hive.security.authorization.manager, hive.security.authenticator.manager" - } - - #### - #### Apply configuration changes to hiveserver2-site.xml - #### - #$xmlFile = Join-Path $ENV:HIVE_CONF_DIR "hiveserver2-site.xml" - $hiveServerChanges = @{ - "hive.security.authorization.enabled" = "true" - "hive.security.authorization.manager" = "org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory" - "hive.security.authenticator.manager" = "org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator" - "hive.conf.restricted.list" = "hive.security.authorization.enabled, hive.security.authorization.manager, hive.security.authenticator.manager" - } - - #### - #### Apply configuration changes to xasecure-audit.xml - #### - #$xmlFile = Join-Path $ENV:HIVE_CONF_DIR "xasecure-audit.xml" - $hiveAuditChanges = @{ - "xasecure.audit.db.is.enabled" = "true" - "xasecure.audit.jpa.javax.persistence.jdbc.url" = "jdbc:mysql://${ENV:RANGER_AUDIT_DB_HOST}:${ENV:RANGER_AUDIT_DB_PORT}/${ENV:RANGER_AUDIT_DB_DBNAME}" - "xasecure.audit.jpa.javax.persistence.jdbc.user" = "${ENV:RANGER_AUDIT_DB_USERNAME}" - "xasecure.audit.jpa.javax.persistence.jdbc.password" = "crypted" - "xasecure.audit.repository.name" = "${ENV:RANGER_HIVE_REPO}" - "xasecure.audit.credential.provider.file" = "jceks://file/${ENV:RANGER_HIVE_CRED_KEYSTORE_FILE}" - "xasecure.audit.jpa.javax.persistence.jdbc.driver" = "com.mysql.jdbc.Driver" - "xasecure.audit.hdfs.is.enabled" = "false" - "xasecure.audit.hdfs.config.destination.directroy" = "${ENV:RANGER_HDFS_DESTINATION_DIRECTORY}" - "xasecure.audit.hdfs.config.destination.file" = "${ENV:RANGER_HDFS_DESTINTATION_FILE}" - "xasecure.audit.hdfs.config.destination.flush.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_FLUSH_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.destination.rollover.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_ROLLOVER_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.destination.open.retry.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.buffer.directroy" = "{ENV:RANGER.HDFS_LOCAL_BUFFER_DIRECTORY}" - "xasecure.audit.hdfs.config.local.buffer.file" = "{ENV:RANGER.HDFS_LOCAL_BUFFER_FILE}" - "xasecure.audit.hdfs.config.local.buffer.flush.interval.seconds"= "{ENV:RANGER_HDFS_LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds"= "{ENV:RANGER_HDFS_LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.archive.directroy" = "{ENV:RANGER_HDFS_LOCAL_ARCHIVE_DIRECTORY}" - "xasecure.audit.hdfs.config.local.archive.max.file.count" = "{ENV:RANGER_HDFS_LOCAL_ARCHIVE_MAX_FILE_COUNT}" - - } - - #### - #### Apply configuration changes to xasecure-hive-security.xml - #### - # - #$xmlFile = Join-Path $ENV:HIVE_CONF_DIR "xasecure-hive-security.xml" - # - $hiveSecurityChanges = @{ - "hive.authorization.verifier.classname" = "org.apache.ranger.pdp.hive.RangerAuthorizer" - "xasecure.hive.policymgr.url" = "${ENV:RANGER_EXTERNAL_URL}/service/assets/policyList/${ENV:RANGER_HIVE_REPO}" - "xasecure.hive.policymgr.url.saveAsFile" = "${ENV:RANGER_HOME}\tmp\hive_${ENV:RANGER_HIVE_REPO}" - "xasecure.hive.policymgr.url.laststoredfile" = "${ENV:RANGER_HOME}\tmp\hive_${ENV:RANGER_HIVE_REPO}_json" - "xasecure.hive.policymgr.url.reloadIntervalInMillis" = "30000" - "xasecure.hive.update.xapolicies.on.grant.revoke" = "true" - "xasecure.policymgr.url" = "${ENV:RANGER_EXTERNAL_URL}" - } - - $configs = @{} - #$configs.Add("hiveChanges",$hiveChanges) - $configs.Add("hiveServerChanges",$hiveServerChanges) - $configs.Add("hiveAuditChanges",$hiveAuditChanges) - $configs.Add("hiveSecurityChanges",$hiveSecurityChanges) - Configure "ranger-hive" $nodeInstallRoot $serviceCredential $configs - Write-Log "Installation of ranger-hive completed successfully" - - - ##################################################################### - #### Install and Configure ranger-hbase plugin ### - ##################################################################### - # - - if ("$ENV:HBASE" -eq "yes") { - - $roles = '' - Install "ranger-hbase" $nodeInstallRoot $serviceCredential $roles - - #### - #### Apply configuration changes to hbase-site.xml - #### - #$xmlFile = Join-Path $ENV:HBASE_CONF_DIR "hbase-site.xml" - $hbaseChanges = @{ - "hbase.security.authorization" = "true" - "hbase.coprocessor.master.classes" = "org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor" - "hbase.coprocessor.region.classes" = "org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor" - "hbase.rpc.protection" = "PRIVACY" - "hbase.rpc.engine" = "org.apache.hadoop.hbase.ipc.SecureRpcEngine" - } - - #### - #### Apply configuration changes to xasecure-audit.xml - #### - #$xmlFile = Join-Path $ENV:HBASE_CONF_DIR "xasecure-audit.xml" - $hbaseAuditChanges = @{ - "xasecure.audit.db.is.enabled" = "false" - "xasecure.audit.jpa.javax.persistence.jdbc.url" = "jdbc:mysql://${ENV:RANGER_AUDIT_DB_HOST}:${ENV:RANGER_AUDIT_DB_PORT}/${ENV:RANGER_AUDIT_DB_DBNAME}" - "xasecure.audit.jpa.javax.persistence.jdbc.user" = "${ENV:RANGER_AUDIT_DB_USERNAME}" - "xasecure.audit.jpa.javax.persistence.jdbc.password" = "crypted" - "xasecure.audit.repository.name" = "${ENV:RANGER_HBASE_REPO}" - "xasecure.audit.credential.provider.file" = "jceks://file/${ENV:RANGER_HBASE_CRED_KEYSTORE_FILE}" - "xasecure.audit.jpa.javax.persistence.jdbc.driver" = "com.mysql.jdbc.Driver" - "xasecure.audit.hdfs.is.enabled" = "false" - "xasecure.audit.hdfs.config.destination.directroy" = "${ENV:RANGER_HDFS_DESTINATION_DIRECTORY}" - "xasecure.audit.hdfs.config.destination.file" = "${ENV:RANGER_HDFS_DESTINTATION_FILE}" - "xasecure.audit.hdfs.config.destination.flush.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_FLUSH_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.destination.rollover.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_ROLLOVER_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.destination.open.retry.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.buffer.directroy" = "{ENV:RANGER.HDFS_LOCAL_BUFFER_DIRECTORY}" - "xasecure.audit.hdfs.config.local.buffer.file" = "{ENV:RANGER.HDFS_LOCAL_BUFFER_FILE}" - "xasecure.audit.hdfs.config.local.buffer.flush.interval.seconds"= "{ENV:RANGER_HDFS_LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds"= "{ENV:RANGER_HDFS_LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.archive.directroy" = "{ENV:RANGER_HDFS_LOCAL_ARCHIVE_DIRECTORY}" - "xasecure.audit.hdfs.config.local.archive.max.file.count" = "{ENV:RANGER_HDFS_LOCAL_ARCHIVE_MAX_FILE_COUNT}" - - - } - - #### - #### Apply configuration changes to xasecure-hbase-security.xml - #### - # - #$xmlFile = Join-Path $ENV:HBASE_CONF_DIR "xasecure-hbase-security.xml" - # - $hbaseSecurityChanges = @{ - "hbase.authorization.verifier.classname" = "org.apache.ranger.pdp.hbase.RangerAuthorizer" - "xasecure.hbase.policymgr.url" = "${ENV:RANGER_EXTERNAL_URL}/service/assets/policyList/${ENV:RANGER_HBASE_REPO}" - "xasecure.hbase.policymgr.url.saveAsFile" = "${ENV:RANGER_HOME}\tmp\hbase_${ENV:RANGER_HBASE_REPO}" - "xasecure.hbase.policymgr.url.laststoredfile" = "${ENV:RANGER_HOME}\tmp\hbase_${ENV:RANGER_HBASE_REPO}_json" - "xasecure.hbase.policymgr.url.reloadIntervalInMillis" = "30000" - "xasecure.hbase.update.xapolicies.on.grant.revoke" = "true" - "xasecure.policymgr.url" = "${ENV:RANGER_EXTERNAL_URL}" - } - - $configs = @{} - $configs.Add("hbaseChanges",$hbaseChanges) - $configs.Add("hbaseAuditChanges",$hbaseAuditChanges) - $configs.Add("hbaseSecurityChanges",$hbaseSecurityChanges) - Configure "ranger-hbase" $nodeInstallRoot $serviceCredential $configs - Write-Log "Installation of ranger-hbase completed successfully" - - Configure "ranger-hbase" $nodeInstallRoot $serviceCredential $configs - Write-Log "Installation of ranger-hbase completed successfully" - } else { - Write-Log "Not installing ranger-hbase, since HBase is not installed" - } - - - - ##################################################################### - #### Install and Configure ranger-knox plugin ### - ##################################################################### - # - - if ("$ENV:KNOX" -eq "yes") { - - $roles = '' - Install "ranger-knox" $nodeInstallRoot $serviceCredential $roles - - #### - #### Apply configuration changes to xasecure-audit.xml - #### - #$xmlFile = Join-Path $ENV:KNOX_CONF_DIR "xasecure-audit.xml" - $knoxAuditChanges = @{ - "xasecure.audit.db.is.enabled" = "true" - "xasecure.audit.jpa.javax.persistence.jdbc.url" = "jdbc:mysql://${ENV:RANGER_AUDIT_DB_HOST}:${ENV:RANGER_AUDIT_DB_PORT}/${ENV:RANGER_AUDIT_DB_DBNAME}" - "xasecure.audit.jpa.javax.persistence.jdbc.user" = "${ENV:RANGER_AUDIT_DB_USERNAME}" - "xasecure.audit.jpa.javax.persistence.jdbc.password" = "crypted" - "xasecure.audit.repository.name" = "${ENV:RANGER_KNOX_REPO}" - "xasecure.audit.credential.provider.file" = "jceks://file/${ENV:RANGER_KNOX_CRED_KEYSTORE_FILE}" - "xasecure.audit.jpa.javax.persistence.jdbc.driver" = "com.mysql.jdbc.Driver" - "xasecure.audit.hdfs.is.enabled" = "false" - "xasecure.audit.hdfs.config.destination.directroy" = "${ENV:RANGER_HDFS_DESTINATION_DIRECTORY}" - "xasecure.audit.hdfs.config.destination.file" = "${ENV:RANGER_HDFS_DESTINTATION_FILE}" - "xasecure.audit.hdfs.config.destination.flush.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_FLUSH_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.destination.rollover.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_ROLLOVER_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.destination.open.retry.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.buffer.directroy" = "{ENV:RANGER.HDFS_LOCAL_BUFFER_DIRECTORY}" - "xasecure.audit.hdfs.config.local.buffer.file" = "{ENV:RANGER.HDFS_LOCAL_BUFFER_FILE}" - "xasecure.audit.hdfs.config.local.buffer.flush.interval.seconds"= "{ENV:RANGER_HDFS_LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds"= "{ENV:RANGER_HDFS_LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS}" - "xasecure.audit.hdfs.config.local.archive.directroy" = "{ENV:RANGER_HDFS_LOCAL_ARCHIVE_DIRECTORY}" - "xasecure.audit.hdfs.config.local.archive.max.file.count" = "{ENV:RANGER_HDFS_LOCAL_ARCHIVE_MAX_FILE_COUNT}" - - - } - - #### - #### Apply configuration changes to xasecure-knox-security.xml - #### - # - #$xmlFile = Join-Path $ENV:KNOX_CONF_DIR "xasecure-knox-security.xml" - # - $knoxSecurityChanges = @{ - "knox.authorization.verifier.classname" = "org.apache.ranger.pdp.knox.RangerAuthorizer" - "xasecure.knox.policymgr.url" = "${ENV:RANGER_EXTERNAL_URL}/service/assets/policyList/${ENV:RANGER_KNOX_REPO}" - "xasecure.knox.policymgr.url.saveAsFile" = "${ENV:RANGER_HOME}\tmp\knox_${ENV:RANGER_KNOX_REPO}" - "xasecure.knox.policymgr.url.laststoredfile" = "${ENV:RANGER_HOME}\tmp\knox_${ENV:RANGER_KNOX_REPO}_json" - "xasecure.knox.policymgr.url.reloadIntervalInMillis" = "30000" - "xasecure.knox.update.xapolicies.on.grant.revoke" = "true" - "xasecure.policymgr.url" = "${ENV:RANGER_EXTERNAL_URL}" - } - - $configs = @{} - $configs.Add("knoxAuditChanges",$knoxAuditChanges) - $configs.Add("knoxSecurityChanges",$knoxSecurityChanges) - Configure "ranger-knox" $nodeInstallRoot $serviceCredential $configs - Write-Log "Installation of ranger-knox completed successfully" - - Configure "ranger-knox" $nodeInstallRoot $serviceCredential $configs - Write-Log "Installation of ranger-knox completed successfully" - - } else { - Write-Log "Not installing ranger-knox, since Knox is not installed" - } - - - ##################################################################### - #### Install and Configure ranger-storm plugin ### - ##################################################################### - # - - # Storm not yet supported on Windows - # - #if ("$ENV:STORM" -eq "yes") { - # $roles = '' - # Install "ranger-storm" $nodeInstallRoot $serviceCredential $roles - - # #### - # #### Apply configuration changes to xasecure-audit.xml - # #### - # #$xmlFile = Join-Path $ENV:STORM_CONF_DIR "xasecure-audit.xml" - # $stormAuditChanges = @{ - # "xasecure.audit.db.is.enabled" = "true" - # "xasecure.audit.jpa.javax.persistence.jdbc.url" = "jdbc:mysql://${ENV:RANGER_AUDIT_DB_HOST}:${ENV:RANGER_AUDIT_DB_PORT}/${ENV:RANGER_AUDIT_DB_DBNAME}" - # "xasecure.audit.jpa.javax.persistence.jdbc.user" = "${ENV:RANGER_AUDIT_DB_USERNAME}" - # "xasecure.audit.jpa.javax.persistence.jdbc.password" = "crypted" - # "xasecure.audit.repository.name" = "${ENV:RANGER_STORM_REPO}" - # "xasecure.audit.credential.provider.file" = "jceks://file/${ENV:RANGER_STORM_CRED_KEYSTORE_FILE}" - # "xasecure.audit.jpa.javax.persistence.jdbc.driver" = "com.mysql.jdbc.Driver" - # "xasecure.audit.hdfs.is.enabled" = "false" - # "xasecure.audit.hdfs.config.destination.directroy" = "${ENV:RANGER_HDFS_DESTINATION_DIRECTORY}" - # "xasecure.audit.hdfs.config.destination.file" = "${ENV:RANGER_HDFS_DESTINTATION_FILE}" - # "xasecure.audit.hdfs.config.destination.flush.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_FLUSH_INTERVAL_SECONDS}" - # "xasecure.audit.hdfs.config.destination.rollover.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_ROLLOVER_INTERVAL_SECONDS}" - # "xasecure.audit.hdfs.config.destination.open.retry.interval.seconds"= "{ENV:RANGER_HDFS_DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS}" - # "xasecure.audit.hdfs.config.local.buffer.directroy" = "{ENV:RANGER.HDFS_LOCAL_BUFFER_DIRECTORY}" - # "xasecure.audit.hdfs.config.local.buffer.file" = "{ENV:RANGER.HDFS_LOCAL_BUFFER_FILE}" - # "xasecure.audit.hdfs.config.local.buffer.flush.interval.seconds"= "{ENV:RANGER_HDFS_LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS}" - # "xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds"= "{ENV:RANGER_HDFS_LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS}" - # "xasecure.audit.hdfs.config.local.archive.directroy" = "{ENV:RANGER_HDFS_LOCAL_ARCHIVE_DIRECTORY}" - # "xasecure.audit.hdfs.config.local.archive.max.file.count" = "{ENV:RANGER_HDFS_LOCAL_ARCHIVE_MAX_FILE_COUNT}" - - - # } - - # #### - # #### Apply configuration changes to xasecure-storm-security.xml - # #### - # # - # #$xmlFile = Join-Path $ENV:STORM_CONF_DIR "xasecure-storm-security.xml" - # # - # $stormSecurityChanges = @{ - # "storm.authorization.verifier.classname" = "org.apache.ranger.pdp.storm.RangerAuthorizer" - # "xasecure.storm.policymgr.url" = "${ENV:RANGER_EXTERNAL_URL}/service/assets/policyList/${ENV:RANGER_STORM_REPO}" - # "xasecure.storm.policymgr.url.saveAsFile" = "${ENV:RANGER_HOME}\tmp\storm_${ENV:RANGER_STORM_REPO}" - # "xasecure.storm.policymgr.url.laststoredfile" = "${ENV:RANGER_HOME}\tmp\storm_${ENV:RANGER_STORM_REPO}_json" - # "xasecure.storm.policymgr.url.reloadIntervalInMillis" = "30000" - # "xasecure.storm.update.xapolicies.on.grant.revoke" = "true" - # "xasecure.policymgr.url" = "${ENV:RANGER_EXTERNAL_URL}" - # } - - # $configs = @{} - # $configs.Add("stormAuditChanges",$stormAuditChanges) - # $configs.Add("stormSecurityChanges",$stormSecurityChanges) - # Configure "ranger-storm" $nodeInstallRoot $serviceCredential $configs - # Write-Log "Installation of ranger-storm completed successfully" - - # Configure "ranger-storm" $nodeInstallRoot $serviceCredential $configs - # Write-Log "Installation of ranger-storm completed successfully" - #} else { - # Write-Log "Not installing ranger-storm, since Storm is not installed" - #} - - - ##################################################################### - #### Install and Configure ranger-usersync service ### - ##################################################################### - # - if ( $ENV:IS_RANGER -eq "yes" ) { - $roles = "ranger-usersync" - } else { - $roles = "" - } - Install "ranger-usersync" $nodeInstallRoot $serviceCredential $roles - Configure "ranger-usersync" $nodeInstallRoot $serviceCredential - Write-Log "Installation of ranger-usersync completed successfully" - - -} - -try -{ - $scriptDir = Resolve-Path (Split-Path $MyInvocation.MyCommand.Path) - $utilsModule = Import-Module -Name "$scriptDir\..\resources\Winpkg.Utils.psm1" -ArgumentList ("ranger") -PassThru - $apiModule = Import-Module -Name "$scriptDir\InstallApi.psm1" -PassThru - Main $scriptDir -} -catch [Exception] -{ - Write-Log $_.Exception.Message $_ - throw $_.Exception.Message -} -finally -{ - if( $apiModule -ne $null ) - { - Remove-Module $apiModule - } - - if( $utilsModule -ne $null ) - { - - Remove-Module $utilsModule - } -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/62a3bd07/winpkg/src/scripts/uninstall.cmd ---------------------------------------------------------------------- diff --git a/winpkg/src/scripts/uninstall.cmd b/winpkg/src/scripts/uninstall.cmd deleted file mode 100644 index 50671e3..0000000 --- a/winpkg/src/scripts/uninstall.cmd +++ /dev/null @@ -1,18 +0,0 @@ -@echo off -@rem Licensed to the Apache Software Foundation (ASF) under one or more -@rem contributor license agreements. See the NOTICE file distributed with -@rem this work for additional information regarding copyright ownership. -@rem The ASF licenses this file to You under the Apache License, Version 2.0 -@rem (the "License"); you may not use this file except in compliance with -@rem the License. You may obtain a copy of the License at -@rem -@rem http://www.apache.org/licenses/LICENSE-2.0 -@rem -@rem Unless required by applicable law or agreed to in writing, software -@rem distributed under the License is distributed on an "AS IS" BASIS, -@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -@rem See the License for the specific language governing permissions and -@rem limitations under the License. - -powershell.exe -NoProfile -InputFormat none -ExecutionPolicy unrestricted -File %~dp0uninstall.ps1 %* -goto :eof http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/62a3bd07/winpkg/src/scripts/uninstall.ps1 ---------------------------------------------------------------------- diff --git a/winpkg/src/scripts/uninstall.ps1 b/winpkg/src/scripts/uninstall.ps1 deleted file mode 100644 index ec5fb89..0000000 --- a/winpkg/src/scripts/uninstall.ps1 +++ /dev/null @@ -1,42 +0,0 @@ -### Licensed to the Apache Software Foundation (ASF) under one or more -### contributor license agreements. See the NOTICE file distributed with -### this work for additional information regarding copyright ownership. -### The ASF licenses this file to You under the Apache License, Version 2.0 -### (the "License"); you may not use this file except in compliance with -### the License. You may obtain a copy of the License at -### -### http://www.apache.org/licenses/LICENSE-2.0 -### -### Unless required by applicable law or agreed to in writing, software -### distributed under the License is distributed on an "AS IS" BASIS, -### WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -### See the License for the specific language governing permissions and -### limitations under the License. - - -function Main( $scriptDir ) -{ - Write-Log "Uninstalling Ranger [email protected]@" - Uninstall "ranger" $ENV:HADOOP_NODE_INSTALL_ROOT - Write-Log "Finished Uninstalling ranger" -} - -try -{ - $scriptDir = Resolve-Path (Split-Path $MyInvocation.MyCommand.Path) - $utilsModule = Import-Module -Name "$scriptDir\..\resources\Winpkg.Utils.psm1" -ArgumentList ("ranger") -PassThru - $apiModule = Import-Module -Name "$scriptDir\InstallApi.psm1" -PassThru - Main $scriptDir -} -finally -{ - if( $apiModule -ne $null ) - { - Remove-Module $apiModule - } - - if( $utilsModule -ne $null ) - { - Remove-Module $utilsModule - } -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/62a3bd07/winpkg/src/template/bin/hiveserver2-ranger.cmd ---------------------------------------------------------------------- diff --git a/winpkg/src/template/bin/hiveserver2-ranger.cmd b/winpkg/src/template/bin/hiveserver2-ranger.cmd deleted file mode 100644 index 3ed65df..0000000 --- a/winpkg/src/template/bin/hiveserver2-ranger.cmd +++ /dev/null @@ -1,91 +0,0 @@ -@echo off -@rem Licensed to the Apache Software Foundation (ASF) under one or more -@rem contributor license agreements. See the NOTICE file distributed with -@rem this work for additional information regarding copyright ownership. -@rem The ASF licenses this file to You under the Apache License, Version 2.0 -@rem (the "License"); you may not use this file except in compliance with -@rem the License. You may obtain a copy of the License at -@rem -@rem http://www.apache.org/licenses/LICENSE-2.0 -@rem -@rem Unless required by applicable law or agreed to in writing, software -@rem distributed under the License is distributed on an "AS IS" BASIS, -@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -@rem See the License for the specific language governing permissions and -@rem limitations under the License. - -set CLASS=org.apache.hive.service.server.HiveServer2 -pushd %HIVE_LIB% -for /f %%a IN ('dir /b hive-service-*.jar') do ( - set JAR=%HIVE_LIB%\%%a -) -popd - -if defined HBASE_HOME ( - dir %HBASE_HOME%\lib > nul - if %errorlevel%==0 ( - pushd %HBASE_HOME%\lib - set HIVE_HBASE_PATH= - for /f %%a IN ('dir /b hbase-server-**-hadoop2.jar') do ( - call :AddToHiveHbasePath %HBASE_HOME%\lib\%%a - ) - for /f %%a IN ('dir /b hbase-client-**-hadoop2.jar') do ( - call :AddToHiveHbasePath %HBASE_HOME%\lib\%%a - ) - for /f %%a IN ('dir /b hbase-protocol-**-hadoop2.jar') do ( - call :AddToHiveHbasePath %HBASE_HOME%\lib\%%a - ) - for /f %%a IN ('dir /b htrace-core-**.jar') do ( - call :AddToHiveHbasePath %HBASE_HOME%\lib\%%a - ) - for /f %%a IN ('dir /b hbase-common-**-hadoop2.jar') do ( - call :AddToHiveHbasePath %HBASE_HOME%\lib\%%a - ) - for /f %%a IN ('dir /b hbase-hadoop-compat-**-hadoop2.jar') do ( - call :AddToHiveHbasePath %HBASE_HOME%\lib\%%a - ) - ) - popd - if defined HBASE_CONF_DIR ( - dir %HBASE_CONF_DIR% > nul - if %errorlevel%==0 ( - call :AddToHiveHbasePath %HBASE_CONF_DIR% - ) - ) - ) -) - -if [%1]==[hiveserver2_help] goto :hiveserver2_help - -if [%1]==[hiveserver2_catservice] goto :hiveserver2_catservice - -:hiveserver2 - echo "Starting Hive Thrift Server" - - @rem hadoop 20 or newer - skip the aux_jars option and hiveconf - call %HIVE_BIN_PATH%\ext\util\execHiveCmd.cmd %CLASS% -goto :EOF - -:hiveserver2_help - set HIVEARGS=-h - goto :hiveserver2 -goto :EOF - -:hiveserver2_catservice -@echo ^<service^> -@echo ^<id^>HiveServer2^</id^> -@echo ^<name^>HiveServer2^</name^> -@echo ^<description^>Hadoop HiveServer2 Service^</description^> -@echo ^<executable^>%JAVA_HOME%\bin\java^</executable^> -@echo ^<arguments^>%JAVA_HEAP_MAX% %HADOOP_OPTS% -classpath %CLASSPATH%;%HIVE_HBASE_PATH% %CLASS% -hiveconf hive.hadoop.classpath=%HIVE_LIB%\* -hiveconf hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator -hiveconf hive.metastore.uris=" " %HIVE_OPTS%^</arguments^> -@echo ^</service^> -goto :EOF - -:AddToHiveHbasePath -if not defined HIVE_HBASE_PATH ( - set HIVE_HBASE_PATH=%1 - ) else ( - set HIVE_HBASE_PATH=%HIVE_HBASE_PATH%;%1 - ) -) -goto :EOF http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/62a3bd07/winpkg/src/template/bin/xasecure-hadoop-env.cmd ---------------------------------------------------------------------- diff --git a/winpkg/src/template/bin/xasecure-hadoop-env.cmd b/winpkg/src/template/bin/xasecure-hadoop-env.cmd deleted file mode 100644 index 79aeb92..0000000 --- a/winpkg/src/template/bin/xasecure-hadoop-env.cmd +++ /dev/null @@ -1,28 +0,0 @@ -@echo off -if not defined HADOOP_HOME ( - set HADOOP_HOME=%~dp0 -) - -for /f "usebackq delims=|" %%G in (`dir /b "%HADOOP_HOME%\share\hadoop\common\lib" ^| findstr /i "^ranger-hdfs-plugin-.*\.jar"`) do ( - - set "XASECURE_PLUGIN_PATH=%HADOOP_HOME%\share\hadoop\common\lib\%%~G" - -) - -if not defined XASECURE_PLUGIN_PATH ( - goto exit -) - -if exist %XASECURE_PLUGIN_PATH% ( - - set XASECURE_PLUGIN_OPTS= -javaagent:%XASECURE_PLUGIN_PATH%=authagent - rem Convert \\ to \ in path since its causing problem with findstr below - Echo.%HADOOP_NAMENODE_OPTS:\\=\% | findstr /C:"%XASECURE_PLUGIN_OPTS:\\=\%">nul && ( - REM OPTIONS already set continue - ) || ( - set HADOOP_NAMENODE_OPTS= %XASECURE_PLUGIN_OPTS% %HADOOP_NAMENODE_OPTS% - set HADOOP_SECONDARYNAMENODE_OPTS= %XASECURE_PLUGIN_OPTS% %HADOOP_SECONDARYNAMENODE_OPTS% - ) -) - -:exit
