[jira] [Commented] (AMBARI-14036) Add recommendations for authorization provider(upgrade ambari 1.7.0 -> ambari 2.1.3)

Hadoop QA (JIRA) Tue, 24 Nov 2015 05:20:51 -0800

    [ 
https://issues.apache.org/jira/browse/AMBARI-14036?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15024493#comment-15024493
 ]


Hadoop QA commented on AMBARI-14036:
------------------------------------

{color:red}-1 overall{color}.  Here are the results of testing the latest 
attachment 
  http://issues.apache.org/jira/secure/attachment/12774048/AMBARI-14036.patch
  against trunk revision .

    {color:red}-1 patch{color}.  The patch command could not apply the patch.

Console output: 
https://builds.apache.org/job/Ambari-trunk-test-patch/4381//console

This message is automatically generated.

> Add recommendations for authorization provider(upgrade ambari 1.7.0 -> ambari 
> 2.1.3)
> ------------------------------------------------------------------------------------
>
>                 Key: AMBARI-14036
>                 URL: https://issues.apache.org/jira/browse/AMBARI-14036
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.1.3
>            Reporter: Vitaly Brodetskyi
>            Assignee: Vitaly Brodetskyi
>            Priority: Critical
>             Fix For: 2.1.3
>
>         Attachments: AMBARI-14036.patch
>
>
> Basic implementation AMBARI-9587
> *1st task:*
> While upgrading a cluster above 2.0.0 Ambari version, if knox topology file 
> is present without authorization provider then add correct authorization 
> provider i.e
> # If Ranger plugin is not enabled for Knox then
> {code}
> <provider> <role>authorization</role> <name>AclsAuthz</name> 
> <enabled>true</enabled> </provider> 
> {code}
> # If Ranger plugin for knox is enabled then
> {code}
> <provider> <role>authorization</role> <name>XASecurePDPKnox</name> 
> <enabled>true</enabled> </provider> 
> {code}
> NOTE: If this logic is going in upgrade catalog for 2.0.0 then we can simply 
> modify knox topology to add "<provider> <role>authorization</role> 
> <name>AclsAuthz</name> <enabled>true</enabled> </provider>" as Ranger service 
> itself was added in 2.0.0 
> *2nd task:*
> Stack advisor right now recommends the value of authorization provider in 
> topology file when ranger plugin is enabled or disabled. But this will happen 
> only if authorization provider tag is present in topology file or else the 
> recommendation logic will be skipped. Stack advisor code needs to be changed 
> so that while enabling or disabling ranger plugin for knox if authorization 
> provider tag does not exist then the corresponding authorization provider tag 
> should be added while sending back recommendation to ambari-web.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (AMBARI-14036) Add recommendations for authorization provider(upgrade ambari 1.7.0 -> ambari 2.1.3)

Reply via email to