-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/53477/
-----------------------------------------------------------
Review request for Ambari, Attila Doroszlai and Sebastian Toader.
Bugs: AMBARI-18479 and AMBARI-18770
https://issues.apache.org/jira/browse/AMBARI-18479
https://issues.apache.org/jira/browse/AMBARI-18770
Repository: ambari
Description
-------
YARN ResourceManager UI alert check fails when YARN RM HA + SPNEGO is
configured. The issue is curl is configured to follow redirects, but not send
the initial requests credentials to the redirected location.
>From curl manual:
(HTTP/HTTPS) If the server reports that the requested page has moved to a
different location (indicated with a Location: header and a 3XX response code),
this
option will make curl redo the request on the new place. If used
together with -i, --include or -I, --head, headers from all requested pages
will be shown.
When authentication is used, curl only sends its credentials to
the initial host. If a redirect takes curl to a different host, it won't be
able to intercept
the user+password. See also --location-trusted on how to change
this.
In the patch a changed the -L switch to --location-trusted
Diffs
-----
ambari-common/src/main/python/resource_management/libraries/functions/curl_krb_request.py
2acf871
ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/service_check.py
daa8e7e
Diff: https://reviews.apache.org/r/53477/diff/
Testing
-------
Manual testing.
1. Installed Ambari from RPM
2. Added the following services: HDFS, YARN, MapReduce2, ZooKeeper
3. Enabled kerberos
4. Enabled YARN HA
5. Enabled SPNEGO Authentication
6. Ran service check on YARN and checked alert statuses
Tests in ambari project ran clean.
Tests run: 4662, Failures: 0, Errors: 0, Skipped: 34
Ran 442 tests in 102.060s
Thanks,
Attila Magyar
