ramackri opened a new pull request, #1006: URL: https://github.com/apache/ranger/pull/1006
## Summary Fixes `plugins-docker-build` container health-check failures for **ranger-knox** and **ozone-om** after the download-timeout work (already on `master` via #980). - **Ozone:** Use Java 17 `apache/ozone-runner:20241022-jdk17-1`, run plugin enable with the container `JAVA_HOME`, and start OM after SCM/datanode to avoid startup-order flakes. - **Knox:** Package Jersey/HK2/`javax.inject` in the Knox plugin tarball for auditserver destination (post RANGER-5632), and tail `gateway.log` when the gateway fails to start for easier CI diagnosis. ## Problem [CI run 27224706558](https://github.com/apache/ranger/actions/runs/27224706558) — `plugins-download-archives` passed, but `plugins-docker-build` failed at the final container check: | Container | Symptom | Root cause | |-----------|---------|------------| | `ozone-om` | Exited during plugin enable / OM start | `UnsupportedClassVersionError` — Ranger 3.0 built with Java 17; `ozone-runner:20230615-1` runs Java 11 | | `ranger-knox` | Gateway failed to start | Likely missing Jersey auditserver client deps in `knox-agent.xml` after RANGER-5632 removed Solr/HDFS audit destinations | Secondary Ozone issue: OM, SCM, and datanode started in parallel (`Connection refused: scm:9863`, `ServerNotLeaderException`). ## Changes | Area | File | Change | |------|------|--------| | Ozone runner | `dev-support/ranger-docker/.env`, `Dockerfile.ranger-ozone` | `OZONE_RUNNER_VERSION=20241022-jdk17-1` | | Ozone plugin enable | `scripts/ozone/ranger-ozone-setup.sh` | Use `${JAVA_HOME}` instead of hardcoded Java 11 | | Ozone ordering | `docker-compose.ranger-ozone.yml` | `om` `depends_on` `scm` + `datanode` | | Knox packaging | `distro/src/main/assembly/knox-agent.xml` | Add Jersey/HK2/Jackson/`javax.inject` transitive deps | | Knox diagnostics | `scripts/knox/ranger-knox.sh` | Tail gateway logs when PID missing | ## Related - Jira: [RANGER-5637](https://issues.apache.org/jira/browse/RANGER-5637) - Prior CI download fix merged to `master` in #980 (`plugins-download-archives` job) - Knox audit packaging context: RANGER-5632 (#999) ## Test plan - [ ] CI `plugins-docker-build` — all containers in health check stay running: `ranger-knox`, `ozone-om`, `ozone-scm`, `ozone-datanode` - [ ] Local smoke (optional): ```bash docker pull apache/ozone-runner:20241022-jdk17-1 cd dev-support/ranger-docker ./scripts/ozone/ozone-plugin-docker-setup.sh docker compose -f docker-compose.ranger.yml \ -f docker-compose.ranger-hadoop.yml \ -f docker-compose.ranger-hbase.yml \ -f docker-compose.ranger-kafka.yml \ -f docker-compose.ranger-hive.yml \ -f docker-compose.ranger-knox.yml \ -f docker-compose.ranger-ozone.yml build --no-cache ranger-knox om docker compose ... up -d docker inspect -f '{{.State.Status}}' ranger-knox ozone-om ``` - [ ] If Knox still fails, `docker logs ranger-knox` should now include `gateway.log` tail -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
