[jira] [Commented] (AMBARI-9385) Implement Keytab regeneration

[Hadoop QA (JIRA)]

    [ 
https://issues.apache.org/jira/browse/AMBARI-9385?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14296441#comment-14296441
 ] 

Hadoop QA commented on AMBARI-9385:
-----------------------------------

{color:red}-1 overall{color}.  Here are the results of testing the latest 
attachment 
  http://issues.apache.org/jira/secure/attachment/12695187/AMBARI-9385_01.patch
  against trunk revision .

    {color:green}+1 @author{color}.  The patch does not contain any @author 
tags.

    {color:green}+1 tests included{color}.  The patch appears to include 1 new 
or modified test files.

    {color:green}+1 javac{color}.  The applied patch does not increase the 
total number of javac compiler warnings.

    {color:green}+1 release audit{color}.  The applied patch does not increase 
the total number of release audit warnings.

    {color:red}-1 core tests{color}.  The patch failed these unit tests in 
ambari-server:

                  
org.apache.ambari.server.controller.AmbariManagementControllerImplTest
                  org.apache.ambari.server.controller.KerberosHelperTest

Test results: 
https://builds.apache.org/job/Ambari-trunk-test-patch/1523//testReport/
Console output: 
https://builds.apache.org/job/Ambari-trunk-test-patch/1523//console

This message is automatically generated.

> Implement Keytab regeneration
> -----------------------------
>
>                 Key: AMBARI-9385
>                 URL: https://issues.apache.org/jira/browse/AMBARI-9385
>             Project: Ambari
>          Issue Type: Task
>          Components: ambari-server
>    Affects Versions: 2.0.0
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>              Labels: kerberos, keytabs
>             Fix For: 2.0.0
>
>         Attachments: AMBARI-9385_01.patch
>
>
> Create API entry point to initiate Kerberos keytab regeneration for the 
> cluster:
> {code}
> PUT /api/v1/clusters/{clustername}?kerberos_regenerate_keytabs="true"
> {code}
> The entry point should invoke code to determine which principals need to be 
> updated and then generate the following stages:
> # Update Principal Passwords
> # Generate Keytabs
> # Distribute Keytab
> This could be done in a method within 
> {{org.apache.ambari.server.controller.KerberosHelper}} named 
> {{regenerateKeytabs}} and flow similarly to 
> {{org.apache.ambari.server.controller.KerberosHelper#toggleKerberos}}
> A Server-side action implementation already exists for generating keytabs - 
> see 
> {{org.apache.ambari.server.serveraction.kerberos.CreateKeytabFilesServerAction}}.
> A process is already in place to distribute keytabs - 
> {{org/apache/ambari/server/controller/KerberosHelper.java:1192}}
> A new Server-side action _may_ need to be created to update relavant 
> principal passwords, however 
> {{org.apache.ambari.server.serveraction.kerberos.CreatePrincipalsServerAction}}
>  may work for this, unaltered.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)