-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/53504/
-----------------------------------------------------------
Review request for Ambari, Jonathan Hurley, Nate Cole, Robert Nettleton, and
Sandor Magyari.
Bugs: AMBARI-18804
https://issues.apache.org/jira/browse/AMBARI-18804
Repository: ambari
Description
-------
Since users would have manually set up the Ambari principal after enabling
Kerberos using `ambari-server setup-security` `option #3` ("Setup Ambari
kerberos JAAS configuration") in Ambari versions before 2.4.0, there is no need
to configure Ambari to automatically manage its principals after an upgrade to
version 2.4.0 and above.
Therefore, upon upgrade to Ambari 2.4.0 or above, the upgrade process (in
`UpgradeCatalog240`) should ensure that `kerberos-env/create_ambari_principal`
is set to "false". By default this value will be set to "true" after
`org.apache.ambari.server.upgrade.AbstractUpgradeCatalog#addNewConfigurationsFromXml`
is executed.
Note: This may have an effect on Ambari versions 2.4.2 and above if Kerberos
authentication is enabled and the SPNEGO (`HTTP/_HOST`) principal and keytab
file is already created and installed.
Diffs
-----
ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog240.java
54afd8d
ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java
958758f
Diff: https://reviews.apache.org/r/53504/diff/
Testing
-------
Manually tested upgrade from 2.2.2.
# Local test results:
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1:11:23.488s
[INFO] Finished at: Fri Nov 04 18:28:36 EDT 2016
[INFO] Final Memory: 61M/1909M
[INFO] ------------------------------------------------------------------------
# Jenkins test results: PENDING
Thanks,
Robert Levas
