----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/34629/#review85292 -----------------------------------------------------------
Ship it! Ship It! - Yusaku Sako On May 25, 2015, 10:04 p.m., Robert Levas wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/34629/ > ----------------------------------------------------------- > > (Updated May 25, 2015, 10:04 p.m.) > > > Review request for Ambari, Aleksandr Kovalenko, Andrii Tkach, Jaimin Jetly, > and Yusaku Sako. > > > Bugs: AMBARI-11360 > https://issues.apache.org/jira/browse/AMBARI-11360 > > > Repository: ambari > > > Description > ------- > > Attempted to disable kerb, fails on step to unkerberize because KDC admin is > locked out. > > Click retry, can't make it past that. > > Need option to skip and finish "disable kerberos" even if Ambari cannot get > the principals cleaned up (i.e. cannot access the KDC) Losing access to the > KDC and attempting to disable where ambari can't clean-up the principals > should be a skip'able step. User should still be able to get to a clean, > not-enabled-kerberos-ambari-state w/o accessing the KDC. > > *Solution* > Based on user input, execute API call to disable Kerberos with the > *manage_kerberos_identities* _directive_ set to *false*. Example: > ``` > PUT /api/v1/clusters/c1?manage_kerberos_identities=false > { > "Clusters": { > "security_type" : "NONE" > } > } > ``` > > > Diffs > ----- > > ambari-web/app/controllers/main/admin/kerberos/disable_controller.js > 358f922 > ambari-web/app/mixins/wizard/wizardProgressPageController.js 28e8f41 > ambari-web/app/utils/ajax/ajax.js 254e2a9 > > Diff: https://reviews.apache.org/r/34629/diff/ > > > Testing > ------- > > Manually tested with downed KDC. > > > Thanks, > > Robert Levas > >
