-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56783/
-----------------------------------------------------------
(Updated Feb. 21, 2017, 12:03 p.m.)
Review request for Ambari, Laszlo Puskas, Robert Levas, and Sebastian Toader.
Changes
-------
- using kafka migrator instead of ambari zk migrator to avoid hardcoding znode
names
- added /consumer acl removal to atlas
Bugs: AMBARI-20063
https://issues.apache.org/jira/browse/AMBARI-20063
Repository: ambari
Description
-------
After enabling kerberos kafka sets secure ACLs on certain znodes. These secure
ACLs should be removed by ambari during dekerberization.
Note that the znode names are hardcoded in the params.py because AFAIK they are
also hardcoded in kafka. I'm still waiting for a kafka developer to confirm
this.
Diffs (updated)
-----
ambari-server/src/main/resources/common-services/ATLAS/0.1.0.2.3/package/scripts/metadata_server.py
ad3270e
ambari-server/src/main/resources/common-services/ATLAS/0.1.0.2.3/package/scripts/params.py
e270733
ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/kafka_broker.py
0901730
ambari-server/src/main/resources/common-services/KAFKA/0.8.1/package/scripts/params.py
1d3a195
Diff: https://reviews.apache.org/r/56783/diff/
Testing
-------
Manually:
- created cluster with kafka
- enabled kerberos
- checked that acls on kafka znodes are secure
- disabled kerberos
- checked that acls on kafka znodes are 'world:anyone:crdwa'
Ran 271 tests in 7.521s
OK
----------------------------------------------------------------------
Total run:1173
Total errors:0
Total failures:0
----------------------------------------------------------------------
Ran 451 tests in 99.286s
OK
Results :
Tests run: 4925, Failures: 0, Errors: 0, Skipped: 39
Thanks,
Attila Magyar
