[jira] [Updated] (AMBARI-7890) Make changes in ambari-web code to support knox kerberization

Jaimin D Jetly (JIRA) Tue, 21 Oct 2014 17:51:02 -0700

     [ 
https://issues.apache.org/jira/browse/AMBARI-7890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jaimin D Jetly updated AMBARI-7890:
-----------------------------------
    Description: 
*1. Show knox section on Configure Services page with the 
{{knox_principal_name}} and {{knox_keytab_path}} properties. These properties 
will be added to knox-env.xml file*

*2. Edit core-site.xml if HDFS service is installed on the cluster*
{code}
<property>
    <name>hadoop.proxyuser.knox.groups</name>
    <value>users</value>
</property>
<property>
    <name>hadoop.proxyuser.knox.hosts</name>
    <value>FQDN_OF_KNOX_HOST</value>
</property>
{code}

*3. Edit webhcat-site.xml if Hive is installed*
{code}
<property>
    <name>webhcat.proxyuser.knox.groups</name>
    <value>users</value>
</property>
<property>
    <name>webhcat.proxyuser.knox.hosts</name>
    <value>FQDN_OF_KNOX_HOST</value>
</property>
{code}

*4. Edit oozie-site.xml if Oozie is installed*
{code}
<property>
   <name>oozie.service.ProxyUserService.proxyuser.knox.groups</name>
   <value>users</value>
</property>
<property>
   <name>oozie.service.ProxyUserService.proxyuser.knox.hosts</name>
   <value>FQDN_OF_KNOX_HOST</value>
</property>
{code}

*5. Edit hive-site.xml (Enable http transport mode and use substitution in Hive 
Server2.) This configs should show on Hive service page only if Knox is 
installed*

hive.server2.allow.user.substitution=true

hive.server2.transport.mode=http 

hive.server2.thrift.http.port=10001

hive.server2.thrift.http.path=cliservice

*6. Edit gateway-site.xml*

gateway.hadoop.kerberos.secured=true


  was:
*1. Show knox section on Configure Services page with the 
{{knox_principal_name}} and {{knox_keytab_path}} properties. These properties 
will be added to knox-env.xml file*

*2. Edit core-site.xml if HDFS service is installed on the cluster*
{code}
<property>
    <name>webhcat.proxyuser.knox.groups</name>
    <value>users</value>
</property>
<property>
    <name>webhcat.proxyuser.knox.hosts</name>
    <value>FQDN_OF_KNOX_HOST</value>
</property>
{code}

*3. Edit webhcat-site.xml if Hive is installed*
{code}
<property>
    <name>hadoop.proxyuser.knox.groups</name>
    <value>users</value>
</property>
<property>
    <name>hadoop.proxyuser.knox.hosts</name>
    <value>FQDN_OF_KNOX_HOST</value>
</property>
{code}

*4. Edit oozie-site.xml if Oozie is installed*
{code}
<property>
   <name>oozie.service.ProxyUserService.proxyuser.knox.groups</name>
   <value>users</value>
</property>
<property>
   <name>oozie.service.ProxyUserService.proxyuser.knox.hosts</name>
   <value>FQDN_OF_KNOX_HOST</value>
</property>
{code}

*5. Edit hive-site.xml (Enable http transport mode and use substitution in Hive 
Server2.) This configs should show on Hive service page only if Knox is 
installed*

hive.server2.allow.user.substitution=true

hive.server2.transport.mode=http 

hive.server2.thrift.http.port=10001

hive.server2.thrift.http.path=cliservice

*6. Edit gateway-site.xml*

gateway.hadoop.kerberos.secured=true



> Make changes in ambari-web code to support knox kerberization
> -------------------------------------------------------------
>
>                 Key: AMBARI-7890
>                 URL: https://issues.apache.org/jira/browse/AMBARI-7890
>             Project: Ambari
>          Issue Type: Technical task
>          Components: ambari-web
>    Affects Versions: 1.7.0
>            Reporter: Jaimin D Jetly
>            Assignee: Jaimin D Jetly
>             Fix For: 1.7.0
>
>
> *1. Show knox section on Configure Services page with the 
> {{knox_principal_name}} and {{knox_keytab_path}} properties. These properties 
> will be added to knox-env.xml file*
> *2. Edit core-site.xml if HDFS service is installed on the cluster*
> {code}
> <property>
>     <name>hadoop.proxyuser.knox.groups</name>
>     <value>users</value>
> </property>
> <property>
>     <name>hadoop.proxyuser.knox.hosts</name>
>     <value>FQDN_OF_KNOX_HOST</value>
> </property>
> {code}
> *3. Edit webhcat-site.xml if Hive is installed*
> {code}
> <property>
>     <name>webhcat.proxyuser.knox.groups</name>
>     <value>users</value>
> </property>
> <property>
>     <name>webhcat.proxyuser.knox.hosts</name>
>     <value>FQDN_OF_KNOX_HOST</value>
> </property>
> {code}
> *4. Edit oozie-site.xml if Oozie is installed*
> {code}
> <property>
>    <name>oozie.service.ProxyUserService.proxyuser.knox.groups</name>
>    <value>users</value>
> </property>
> <property>
>    <name>oozie.service.ProxyUserService.proxyuser.knox.hosts</name>
>    <value>FQDN_OF_KNOX_HOST</value>
> </property>
> {code}
> *5. Edit hive-site.xml (Enable http transport mode and use substitution in 
> Hive Server2.) This configs should show on Hive service page only if Knox is 
> installed*
> hive.server2.allow.user.substitution=true
> hive.server2.transport.mode=http 
> hive.server2.thrift.http.port=10001
> hive.server2.thrift.http.path=cliservice
> *6. Edit gateway-site.xml*
> gateway.hadoop.kerberos.secured=true



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (AMBARI-7890) Make changes in ambari-web code to support knox kerberization

Reply via email to