[
https://issues.apache.org/jira/browse/AMBARI-9471?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14316444#comment-14316444
]
Hadoop QA commented on AMBARI-9471:
-----------------------------------
{color:red}-1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12698107/AMBARI-9471.patch
against trunk revision .
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:red}-1 tests included{color}. The patch doesn't appear to include
any new or modified tests.
Please justify why no new tests are needed for this
patch.
Also please list what manual steps were performed to
verify this patch.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:green}+1 core tests{color}. The patch passed unit tests in .
Test results:
https://builds.apache.org/job/Ambari-trunk-test-patch/1643//testReport/
Console output:
https://builds.apache.org/job/Ambari-trunk-test-patch/1643//console
This message is automatically generated.
> Ambari Web UI changes required to support Ranger Installation part 2
> --------------------------------------------------------------------
>
> Key: AMBARI-9471
> URL: https://issues.apache.org/jira/browse/AMBARI-9471
> Project: Ambari
> Issue Type: Task
> Components: ambari-web
> Affects Versions: 2.0.0
> Reporter: Andrii Babiichuk
> Assignee: Andrii Babiichuk
> Fix For: 2.0.0
>
> Attachments: AMBARI-9471.patch
>
>
> We need to make following changes from the Ambari Web, since these are not
> possible currently from stack definition.
> I have grouped logical properties together in the table, and if we can group
> them on UI using fieldset or some other ui control, it would be really
> helpful.
> Note: Ranger Policy Admin and User/Group Sync Process fields will be under
> the "Ranger" service and Ranger Agents fields will be under the corresponding
> component ( HDFS/Hive/HBASE/KNOX/STORM currently)
> {color:blue} +*Ranger Policy Admin:*+{color}
> +Admin Setting+
> |Name|Type|Default|Label|
> |ambari_user_password|Password|ambari|Ranger Admin user's password for Ambari|
> |SQL_CONNECTOR_JAR|Text|/usr/share/java/mysql-connector-java.jar|Location of
> Sql Connector Jar |
> +DB Settings+
> |DB_FLAVOR|SelectOne(MYSQL,ORACLE)|MYSQL|DB Flavor|
> |SQL_COMMAND_INVOKER|Text|mysql| |
> |db_host|Text|<Blank>|Ranger Database Host|
> |db_root_user|Text|<Blank>|Ranger DB root user|
> |db_root_password|Password|<Blank>|Ranger DB root password|
> |db_name|Text|<Blank>|Ranger Database name|
> |db_user|Text|<Blank>|Ranger DB username|
> |db_password|Password|<Blank>|Ranger DB password|
> |audit_db_name|Text|<Blank>|Ranger Audit Database name|
> |audit_db_user|Text|<Blank>|Ranger Audit DB username|
> |audit_db_password|Password|<Blank>|Ranger Audit DB password|
> +Ranger Settings+
> |policymgr_external_url|Text(URL)|http://localhost:6080| External URL|
> |policymgr_http_enabled|Checkbox|Selected|HTTP enabled|
> |unix_user|Text|ranger|Used to create user and assign permission|
> |unix_group|Text|ranger|Used to create group and assign permission|
> |authentication_method|SelectOne(LDAP,ACTIVE_DIRECTORY,UNIX,NONE)|NONE|Authentication
> method|
> +Unix Authentication Settings( Enable only if authentication_method=UNIX )+
> |remoteLoginEnabled|Checkbox|Selected|Allow remote Login|
> |authServiceHostName|Text|localhost| |
> |authServicePort|Text(Numerical)|5151| |
> +LDAP Settings ( Enable only if authentication_method=LDAP )+
> |xa_ldap_url|Text| |E.g. ldap://71.127.43.33:389|
> |xa_ldap_userDNpattern|Text| |E.g. "uid={0},ou=users,dc=xasecure,dc=net" |
> |xa_ldap_groupSearchBase|Text| |E.g."ou=groups,dc=xasecure,dc=net"|
> |xa_ldap_groupSearchFilter|Text|
> |E.g."(member=uid={0},ou=users,dc=xasecure,dc=net)"|
> |xa_ldap_groupRoleAttribute|Text| |E.g."cn"|
> +AD Settings ( Enable only if authentication_method=AD )+
> |xa_ldap_ad_domain|Text|<Blank>|E.g."xasecure.net" |
> |xa_ldap_ad_url|Text|<Blank>|E.g."ldap://ad.xasecure.net:389"; |
> {color:blue}+*User/Group Sync Process:*+{color}
> |Name|Type|Default|Label|
> |{color:red}-RANGER_HOST-{color}|Text|<Blank>|Policy Admin URL|
> |SYNC_INTERVAL|Text|360|sync interval in minutes|
> |SYNC_LDAP_URL|Text|<Blank>|E.g. ldap://ldap.example.com:389|
> |SYNC_LDAP_BIND_DN|Text|<Blank>|E.g.
> cn=admin,ou=users,dc=hadoop,dc=apache,dc-org|
> |SYNC_LDAP_BIND_PASSWORD|Text|<Blank>| |
> |SYNC_LDAP_USER_SEARCH_BASE|Text|<Blank>|Eg. ou=users,dc=xasecure,dc=net |
> |SYNC_LDAP_USER_SEARCH_SCOPE|Text|sub| |
> |SYNC_LDAP_USER_OBJECT_CLASS|Text|person|objectclass to identify user entries|
> |SYNC_LDAP_USER_SEARCH_FILTER|Text|<Blank>|optional additional filter
> constraining the users selected for syncing|
> |SYNC_LDAP_USER_NAME_ATTRIBUTE|Text|cn|attribute from user entry that would
> be treated as user name|
> |SYNC_LDAP_USER_GROUP_NAME_ATTRIBUTE|Text|memberof,ismemberof|attribute from
> user entry whose values would be treated as group values|
> |SYNC_LDAP_USERNAME_CASE_CONVERSION|Text|lower|Case Conversion Flags|
> |SYNC_LDAP_GROUPNAME_CASE_CONVERSION|Text|lower|Case Conversion Flags|
> |CRED_KEYSTORE_FILE|Text|<Blank>| |
> {color:blue}+*RANGER Agents*+ (for each agent -
> HDFS/Hive/Hbase/Knox/Storm){color}
> |Name|Type|Default|Label|
> |ranger-\[service_name\]-plugin-enabled|Checkbox|No (if unchecked : No, if
> checked : Yes ) | Enable Ranger for <ServiceName>|
> |{color:red}-RANGER_HOST-{color}|Text|<Blank>|Policy Admin URL|
> |{color:red}-SQL_CONNECTOR_JAR-{color}|Text|/usr/share/java/mysql-connector-java.jar|Location
> of Sql Connector Jar |
> |XAAUDIT.DB.IS_ENABLED|Checkbox|Disabled|Audit to DB|
> |XAAUDIT.HDFS.IS_ENABLED|Checkbox|Disabled|Audit to HDFS|
> {color:blue}+*RANGER Agents*+, new section : Ranger plugin repository and
> policy users + (for each agent - HDFS/Hive/Hbase/Knox/Storm){color}
> |Name|Type|Default|Label|
> |POLICY_USER|Text |ambari-qa |Ranger default policy User for <component name>
> |
> |REPOSITORY_CONFIG_USERNAME|Text |<component name> |Ranger repository config
> username |
> |REPOSITORY_CONFIG_PASSWORD|Text|<component name>|Ranger repository config
> password |
> +HDFS Audit Settings ( Enabled Only if XAAUDIT.HDFS.IS_ENABLED is checked )+
> |XAAUDIT.HDFS.DESTINATION_DIRECTORY|Text|hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%||
> |XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY|Text|__REPLACE__LOG_DIR/hbase/audit/%app-type%|
> |
> |XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY|Text|__REPLACE__LOG_DIR/hbase/audit/archive/%app-type%|
> |
> |XAAUDIT.HDFS.DESTINTATION_FILE|Text|%hostname%-audit.log| |
> |XAAUDIT.HDFS.DESTINTATION_FLUSH_INTERVAL_SECONDS|Text|900| |
> |XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS|Text|86400| |
> |XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS|Text|60| |
> |XAAUDIT.HDFS.LOCAL_BUFFER_FILE|Text|%time:yyyyMMdd-HHmm.ss%.log| |
> |XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS|Text|60| |
> |XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS|Text|600| |
> |XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT|Text|10| |
> +Grant/Revoke Settings ( Only for Hive/HBase Plugin )+
> |UPDATE_XAPOLICIES_ON_GRANT_REVOKE|Checkbox|Enabled|Should HBase/Hive
> GRANT/REVOKE update XA policies?|
> +SSL Settings+
> |SSL_KEYSTORE_FILE_PATH|Text|/etc/hadoop/conf/ranger-plugin-keystore.jks| |
> |SSL_KEYSTORE_PASSWORD|Text|myKeyFilePassword| |
> |SSL_TRUSTSTORE_FILE_PATH|Text|/etc/hadoop/conf/ranger-plugin-truststore.jks|
> |
> |SSL_TRUSTSTORE_PASSWORD|Text|changeit| |
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
