git commit: WHIRR-751. Improve Kerberos service

graham Tue, 12 Nov 2013 07:10:23 -0800

Updated Branches:
  refs/heads/trunk 9c6ed3f1c -> a7863d954


WHIRR-751. Improve Kerberos service


Project: http://git-wip-us.apache.org/repos/asf/whirr/repo
Commit: http://git-wip-us.apache.org/repos/asf/whirr/commit/a7863d95
Tree: http://git-wip-us.apache.org/repos/asf/whirr/tree/a7863d95
Diff: http://git-wip-us.apache.org/repos/asf/whirr/diff/a7863d95

Branch: refs/heads/trunk
Commit: a7863d954c0c4537635872b4b3f3157776ec6b85
Parents: 9c6ed3f
Author: Graham Gear <graham.g...@gmail.com>
Authored: Tue Nov 12 15:09:34 2013 +0000
Committer: Graham Gear <graham.g...@gmail.com>
Committed: Tue Nov 12 15:09:34 2013 +0000

----------------------------------------------------------------------
 .../service/kerberos/KerberosBaseHandler.java   |  7 ++++-
 .../functions/configure_kerberos_server.sh      | 32 +++++++++++++------
 .../functions/install_kerberos_client.sh        | 32 +++++++++++++------
 .../functions/install_kerberos_server.sh        |  4 ++-
 .../kerberos/KerberosServerDryRunTest.java      | 33 ++++++++++++++++++++
 5 files changed, 88 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/whirr/blob/a7863d95/services/kerberos/src/main/java/org/apache/whirr/service/kerberos/KerberosBaseHandler.java
----------------------------------------------------------------------
diff --git 
a/services/kerberos/src/main/java/org/apache/whirr/service/kerberos/KerberosBaseHandler.java
 
b/services/kerberos/src/main/java/org/apache/whirr/service/kerberos/KerberosBaseHandler.java
index e86555c..b23f3da 100644
--- 
a/services/kerberos/src/main/java/org/apache/whirr/service/kerberos/KerberosBaseHandler.java
+++ 
b/services/kerberos/src/main/java/org/apache/whirr/service/kerberos/KerberosBaseHandler.java
@@ -39,7 +39,12 @@ public abstract class KerberosBaseHandler extends 
ClusterActionHandlerSupport {
   protected void beforeBootstrap(ClusterActionEvent event) throws IOException {
     addStatement(event, call("configure_hostnames"));
     addStatement(event, call("retry_helpers"));
-    addStatement(event, 
call(getInstallFunction(event.getClusterSpec().getConfiguration(), "java", 
"install_openjdk")));
+    if 
(!(event.getClusterSpec().getConfiguration().containsKey("whirr.env.jdk_installed")
+        && event.getClusterSpec()
+        .getConfiguration().getBoolean("whirr.env.jdk_installed"))) {
+      addStatement(event,
+          call(getInstallFunction(event.getClusterSpec().getConfiguration(), 
"java", "install_openjdk")));
+    }
     addStatement(event, call("install_kerberos_client"));
   }
 

http://git-wip-us.apache.org/repos/asf/whirr/blob/a7863d95/services/kerberos/src/main/resources/functions/configure_kerberos_server.sh
----------------------------------------------------------------------
diff --git 
a/services/kerberos/src/main/resources/functions/configure_kerberos_server.sh 
b/services/kerberos/src/main/resources/functions/configure_kerberos_server.sh
index 6b78a95..6f002b2 100644
--- 
a/services/kerberos/src/main/resources/functions/configure_kerberos_server.sh
+++ 
b/services/kerberos/src/main/resources/functions/configure_kerberos_server.sh
@@ -20,10 +20,22 @@ set -x
 function configure_kerberos_server() {
   KERBEROS_USER=${KERBEROS_USER:-$CLUSTER_USER}
   KERBEROS_REALM_REGEX=$(echo $KERBEROS_REALM | sed s/\\\./\\\\\./g)
-  service krb5kdc stop
-  service kadmin stop
-  sed -i -e "s/EXAMPLE\.COM/$KERBEROS_REALM_REGEX/" 
/var/kerberos/krb5kdc/kdc.conf
-  yum install -y expect
+  if which dpkg &> /dev/null; then
+    KERBEROS_HOME=/etc/krb5kdc
+    KERBEROS_SERVICE_KDC=krb5-kdc
+    KERBEROS_SERVICE_ADMIN=krb5-admin-server
+    export DEBIAN_FRONTEND=noninteractive
+    retry_apt_get update
+    retry_apt_get -q -y install expect
+  elif which rpm &> /dev/null; then
+    KERBEROS_HOME=/var/kerberos/krb5kdc
+    KERBEROS_SERVICE_KDC=krb5kdc
+    KERBEROS_SERVICE_ADMIN=kadmin
+    retry_yum install -y expect
+  fi
+  service $KERBEROS_SERVICE_KDC stop
+  service $KERBEROS_SERVICE_ADMIN stop
+  sed -i -e "s/EXAMPLE\.COM/$KERBEROS_REALM_REGEX/" $KERBEROS_HOME/kdc.conf
   cat >> run_kdb5_util <<END
 #!/usr/bin/expect -f
 set timeout 5000
@@ -35,7 +47,11 @@ END
   chmod +x run_kdb5_util
   ./run_kdb5_util
   rm -rf run_kdb5_util
-  sed -i -e "s/EXAMPLE\.COM/$KERBEROS_REALM_REGEX/" 
/var/kerberos/krb5kdc/kadm5.acl
+  if [ -f $KERBEROS_HOME/kadm5.acl ]; then
+    sed -i -e "s/EXAMPLE\.COM/$KERBEROS_REALM_REGEX/" $KERBEROS_HOME/kadm5.acl
+  else
+    echo "*/admin@$KERBEROS_REALM      *" > $KERBEROS_HOME/kadm5.acl
+  fi
   cat >> run_addpinc <<END
 #!/usr/bin/expect -f
 set timeout 5000
@@ -52,9 +68,7 @@ END
   ./run_addpinc $KERBEROS_USER $KERBEROS_USER $KERBEROS_REALM
   ./run_addpinc hdfs hdfs $KERBEROS_REALM
   rm -rf ./run_addpinc
-  service krb5kdc start
-  service kadmin start
-  chkconfig krb5kdc on
-  chkconfig kadmin on
+  service $KERBEROS_SERVICE_KDC start
+  service $KERBEROS_SERVICE_ADMIN start
   CONFIGURE_KERBEROS_DONE=1
 }

http://git-wip-us.apache.org/repos/asf/whirr/blob/a7863d95/services/kerberos/src/main/resources/functions/install_kerberos_client.sh
----------------------------------------------------------------------
diff --git 
a/services/kerberos/src/main/resources/functions/install_kerberos_client.sh 
b/services/kerberos/src/main/resources/functions/install_kerberos_client.sh
index 74a4189..9a21ef1 100644
--- a/services/kerberos/src/main/resources/functions/install_kerberos_client.sh
+++ b/services/kerberos/src/main/resources/functions/install_kerberos_client.sh
@@ -19,18 +19,32 @@ set -x
 
 function install_kerberos_client() {
   if which dpkg &> /dev/null; then
-    retry_apt_get -y install krb5-libs krb5-workstation unzip
+    export DEBIAN_FRONTEND=noninteractive
+    retry_apt_get update
+    retry_apt_get -q -y install krb5-user krb5-config unzip
   elif which rpm &> /dev/null; then
     retry_yum install -y krb5-libs krb5-workstation unzip
   fi
-  if [ ! -z "${JDK_INSTALL_URL+xxx}" ]; then
-    JCE_POLICY_URL=$(dirname $JDK_INSTALL_URL)"/jce_policy-6.zip"
-    wget $JCE_POLICY_URL
-    if [ -f jce_policy-6.zip ]; then
-           unzip jce_policy-6.zip
-           mkdir -p /tmp/java_security_old
-           mv /usr/java/default/jre/lib/security/US_export_policy.jar 
/usr/java/default/jre/lib/security/local_policy.jar /tmp/java_security_old
-           mv jce/*.jar /usr/java/default/jre/lib/security
+  if [ -z "${JAVA_HOME+xxx}" ]; then
+    if which java &> /dev/null; then
+      JAVA_HOME=$(readlink -f $(which java) | sed "s:/bin/java::")
+    fi
+  fi
+  if [ ! -z "${JAVA_HOME+xxx}" ]; then
+    JAVA_VERSION_MAJOR=$($JAVA_HOME/bin/java -version 2>&1 | grep "java 
version" | sed 's/java version \"1\.\([0-9]*\)\..*/\1/')
+    if [ "$JAVA_VERSION_MAJOR" == "6" ]; then
+        JAVA_JCE=jce_policy-6.zip
+    elif [ "$JAVA_VERSION_MAJOR" == "7" ]; then
+        JAVA_JCE=UnlimitedJCEPolicyJDK7.zip
+    fi
+    if [ ! -z "${JAVA_JCE+xxx}" ]; then
+      if [ ! -z "${JDK_INSTALL_URL+xxx}" ]; then
+        wget -nv $(dirname $JDK_INSTALL_URL)"/"$JAVA_JCE
+        if [ -f $JAVA_JCE ]; then
+        unzip -q -o -j $JAVA_JCE -d $JAVA_HOME/jre/lib/security
+          rm $JAVA_JCE
+        fi
+      fi
     fi
   fi
 }

http://git-wip-us.apache.org/repos/asf/whirr/blob/a7863d95/services/kerberos/src/main/resources/functions/install_kerberos_server.sh
----------------------------------------------------------------------
diff --git 
a/services/kerberos/src/main/resources/functions/install_kerberos_server.sh 
b/services/kerberos/src/main/resources/functions/install_kerberos_server.sh
index 7a9b86c..0cf22ab 100644
--- a/services/kerberos/src/main/resources/functions/install_kerberos_server.sh
+++ b/services/kerberos/src/main/resources/functions/install_kerberos_server.sh
@@ -19,7 +19,9 @@ set -x
 
 function install_kerberos_server() {
   if which dpkg &> /dev/null; then
-    retry_apt_get -y install krb5-server
+    export DEBIAN_FRONTEND=noninteractive
+    retry_apt_get update
+    retry_apt_get -q -y install krb5-kdc krb5-admin-server
   elif which rpm &> /dev/null; then
     retry_yum install -y krb5-server
   fi

http://git-wip-us.apache.org/repos/asf/whirr/blob/a7863d95/services/kerberos/src/test/java/org/apache/whirr/service/kerberos/KerberosServerDryRunTest.java
----------------------------------------------------------------------
diff --git 
a/services/kerberos/src/test/java/org/apache/whirr/service/kerberos/KerberosServerDryRunTest.java
 
b/services/kerberos/src/test/java/org/apache/whirr/service/kerberos/KerberosServerDryRunTest.java
index 5a80478..21b8531 100644
--- 
a/services/kerberos/src/test/java/org/apache/whirr/service/kerberos/KerberosServerDryRunTest.java
+++ 
b/services/kerberos/src/test/java/org/apache/whirr/service/kerberos/KerberosServerDryRunTest.java
@@ -23,8 +23,11 @@ import static 
com.google.common.base.Predicates.containsPattern;
 
 import java.util.Set;
 
+import junit.framework.AssertionFailedError;
+
 import org.apache.whirr.service.BaseServiceDryRunTest;
 import org.apache.whirr.service.DryRunModule.DryRun;
+import org.junit.Assert;
 import org.junit.Test;
 
 import com.google.common.base.Predicate;
@@ -57,4 +60,34 @@ public class KerberosServerDryRunTest extends 
BaseServiceDryRunTest {
     assertScriptPredicateOnPhase(dryRun, "configure", configurePredicate());
   }
 
+  @Test
+  public void testJavaInstalled() throws Exception {
+    DryRun dryRun = 
launchWithClusterSpec(newClusterSpecForProperties(ImmutableMap.of("whirr.instance-templates",
 "1 "
+        + KerberosServerHandler.ROLE + "+" + KerberosClientHandler.ROLE)));
+    assertScriptPredicateOnPhase(dryRun, "bootstrap", bootstrapPredicate());
+    assertScriptPredicateOnPhase(dryRun, "bootstrap", 
containsPattern("install_openjdk"));
+  }
+
+  @Test
+  public void testJavaInstalledFalse() throws Exception {
+    DryRun dryRun = 
launchWithClusterSpec(newClusterSpecForProperties(ImmutableMap.of("whirr.instance-templates",
 "1 "
+        + KerberosServerHandler.ROLE + "+" + KerberosClientHandler.ROLE, 
"whirr.env.jdk_installed", "false")));
+    assertScriptPredicateOnPhase(dryRun, "bootstrap", bootstrapPredicate());
+    assertScriptPredicateOnPhase(dryRun, "bootstrap", 
containsPattern("install_openjdk"));
+  }
+
+  @Test
+  public void testJavaInstalledTrue() throws Exception {
+    DryRun dryRun = 
launchWithClusterSpec(newClusterSpecForProperties(ImmutableMap.of("whirr.instance-templates",
 "1 "
+        + KerberosServerHandler.ROLE + "+" + KerberosClientHandler.ROLE, 
"whirr.env.jdk_installed", "true")));
+    assertScriptPredicateOnPhase(dryRun, "bootstrap", bootstrapPredicate());
+    boolean assertFailed = false;
+    try {
+      assertScriptPredicateOnPhase(dryRun, "bootstrap", 
containsPattern("install_openjdk"));
+    } catch (AssertionFailedError assertionFailedError) {
+      assertFailed = true;
+    }
+    Assert.assertTrue(assertFailed);
+  }
+
 }

git commit: WHIRR-751. Improve Kerberos service

Reply via email to