----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/53477/#review155112 -----------------------------------------------------------
Fix it, then Ship it! ambari-common/src/main/python/resource_management/libraries/functions/curl_krb_request.py (line 183) <https://reviews.apache.org/r/53477/#comment224963> Please add some unit test to verify that the curl command is invoked with the correct parameters. ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/service_check.py (line 132) <https://reviews.apache.org/r/53477/#comment224965> Please add unit test to ensure that the curl command is invoked with correct parameters. - Sebastian Toader On Nov. 7, 2016, 9:22 a.m., Attila Magyar wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/53477/ > ----------------------------------------------------------- > > (Updated Nov. 7, 2016, 9:22 a.m.) > > > Review request for Ambari, Attila Doroszlai and Sebastian Toader. > > > Bugs: AMBARI-18479 and AMBARI-18770 > https://issues.apache.org/jira/browse/AMBARI-18479 > https://issues.apache.org/jira/browse/AMBARI-18770 > > > Repository: ambari > > > Description > ------- > > YARN ResourceManager UI alert check fails when YARN RM HA + SPNEGO is > configured. The issue is curl is configured to follow redirects, but not send > the initial requests credentials to the redirected location. > > From curl manual: > (HTTP/HTTPS) If the server reports that the requested page has moved to a > different location (indicated with a Location: header and a 3XX response > code), this > option will make curl redo the request on the new place. If > used together with -i, --include or -I, --head, headers from all requested > pages will be shown. > When authentication is used, curl only sends its credentials > to the initial host. If a redirect takes curl to a different host, it won't > be able to intercept > the user+password. See also --location-trusted on how to change > this. > > In the patch a changed the -L switch to --location-trusted > > > Diffs > ----- > > > ambari-common/src/main/python/resource_management/libraries/functions/curl_krb_request.py > 2acf871 > > ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/service_check.py > daa8e7e > > Diff: https://reviews.apache.org/r/53477/diff/ > > > Testing > ------- > > Manual testing. > 1. Installed Ambari from RPM > 2. Added the following services: HDFS, YARN, MapReduce2, ZooKeeper > 3. Enabled kerberos > 4. Enabled YARN HA > 5. Enabled SPNEGO Authentication > 6. Ran service check on YARN and checked alert statuses > > Tests in ambari project ran clean. > > Tests run: 4662, Failures: 0, Errors: 0, Skipped: 34 > Ran 442 tests in 102.060s > > > Thanks, > > Attila Magyar > >
