-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/47498/
-----------------------------------------------------------

(Updated May 18, 2016, 10:47 a.m.)


Review request for Ambari, Alejandro Fernandez and Nate Cole.


Bugs: AMBARI-16717
    https://issues.apache.org/jira/browse/AMBARI-16717


Repository: ambari


Description
-------

When upgrading Knox, the {{data}} directory and its security artifacts are not 
copied over to the "versioned" data directory. This causes the {{gateway.jks}} 
keystore to be automatically re-generated. If the installation was using a 
custom keystore/certificate, then this will cause connections to be rejected 
after a successful startup. 

{code:title=Knox 2.2 -> 2.3.0.0}
/usr/hdp/current/knox-server/data -> /var/lib/knox/data
{code}

{code:title=Knox 2.3.2.0+}
/usr/hdp/current/knox-server/data -> /var/lib/knox/data-2.3.2.0-1234
{code}

As a result, after upgrading the {{/var/lib/knox/data-2.3.2.0-1234}} does not 
contain any of the security artifacts from the prior version.


Diffs (updated)
-----

  
ambari-server/src/main/resources/common-services/FALCON/0.5.0.2.1/package/scripts/falcon_server_upgrade.py
 8eca96c 
  
ambari-server/src/main/resources/common-services/FLUME/1.4.0.2.0/package/scripts/flume_handler.py
 4d72463 
  
ambari-server/src/main/resources/common-services/FLUME/1.4.0.2.0/package/scripts/flume_upgrade.py
 64c0032 
  
ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py
 e5e4103 
  
ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/upgrade.py
 63949f8 
  
ambari-server/src/main/resources/common-services/OOZIE/4.0.0.2.0/package/scripts/oozie_server.py
 fcce418 
  
ambari-server/src/main/resources/common-services/OOZIE/4.0.0.2.0/package/scripts/oozie_server_upgrade.py
 28d2991 
  
ambari-server/src/main/resources/stacks/HDP/2.2/upgrades/nonrolling-upgrade-2.2.xml
 5f0c6aa 
  
ambari-server/src/main/resources/stacks/HDP/2.2/upgrades/nonrolling-upgrade-2.3.xml
 cf79368 
  
ambari-server/src/main/resources/stacks/HDP/2.2/upgrades/nonrolling-upgrade-2.4.xml
 fab12c8 
  
ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.3.xml
 1887414 
  
ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.4.xml
 469f2e7 
  
ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.5.xml
 56cd6d0 
  ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/upgrade-2.3.xml 
6b74af0 
  
ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.4.xml
 29ebeff 
  
ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.5.xml
 7d67f8e 
  ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/upgrade-2.4.xml 
e3bc7a3 
  
ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/nonrolling-upgrade-2.5.xml
 5616cb4 
  ambari-server/src/main/resources/stacks/HDP/2.5/upgrades/upgrade-2.5.xml 
d755516 
  ambari-server/src/test/python/stacks/2.0.6/OOZIE/test_oozie_server.py ef97d20 
  ambari-server/src/test/python/stacks/2.1/FALCON/test_falcon_server.py 6dfb609 
  ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py fbc55ca 

Diff: https://reviews.apache.org/r/47498/diff/


Testing
-------

mvn clean test

Verified that an upgrade copies the data directory and that Knox starts up on 
the custom keystore.


Thanks,

Jonathan Hurley

Reply via email to