Repository: ambari Updated Branches: refs/heads/trunk 43ab9e61f -> 336e2b1ff
AMBARI-7824. Slider View: Unable to create app when cluster is secured - keytab doesnt exist (srimanth) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/336e2b1f Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/336e2b1f Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/336e2b1f Branch: refs/heads/trunk Commit: 336e2b1ff3984f892c4d1d8c1b3fa93a86026de9 Parents: 43ab9e6 Author: Srimanth Gunturi <sgunt...@hortonworks.com> Authored: Thu Oct 16 18:52:57 2014 -0700 Committer: Srimanth Gunturi <sgunt...@hortonworks.com> Committed: Thu Oct 16 23:07:42 2014 -0700 ---------------------------------------------------------------------- .../0.51.0/slider-agent-0.51.0.tar.gz | Bin 472393 -> 471859 bytes .../slider-core/0.51.0/slider-core-0.51.0.jar | Bin 1155217 -> 1167680 bytes contrib/views/slider/pom.xml | 5 ++ .../slider/SliderAppsViewControllerImpl.java | 49 +++++++++++++++++-- 4 files changed, 50 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/336e2b1f/contrib/views/slider/lib/org/apache/slider/slider-agent/0.51.0/slider-agent-0.51.0.tar.gz ---------------------------------------------------------------------- diff --git a/contrib/views/slider/lib/org/apache/slider/slider-agent/0.51.0/slider-agent-0.51.0.tar.gz b/contrib/views/slider/lib/org/apache/slider/slider-agent/0.51.0/slider-agent-0.51.0.tar.gz index f724da9..9d22825 100644 Binary files a/contrib/views/slider/lib/org/apache/slider/slider-agent/0.51.0/slider-agent-0.51.0.tar.gz and b/contrib/views/slider/lib/org/apache/slider/slider-agent/0.51.0/slider-agent-0.51.0.tar.gz differ http://git-wip-us.apache.org/repos/asf/ambari/blob/336e2b1f/contrib/views/slider/lib/org/apache/slider/slider-core/0.51.0/slider-core-0.51.0.jar ---------------------------------------------------------------------- diff --git a/contrib/views/slider/lib/org/apache/slider/slider-core/0.51.0/slider-core-0.51.0.jar b/contrib/views/slider/lib/org/apache/slider/slider-core/0.51.0/slider-core-0.51.0.jar index 7c2e42f..cbcca5c 100644 Binary files a/contrib/views/slider/lib/org/apache/slider/slider-core/0.51.0/slider-core-0.51.0.jar and b/contrib/views/slider/lib/org/apache/slider/slider-core/0.51.0/slider-core-0.51.0.jar differ http://git-wip-us.apache.org/repos/asf/ambari/blob/336e2b1f/contrib/views/slider/pom.xml ---------------------------------------------------------------------- diff --git a/contrib/views/slider/pom.xml b/contrib/views/slider/pom.xml index 3f311c8..cb07dd4 100644 --- a/contrib/views/slider/pom.xml +++ b/contrib/views/slider/pom.xml @@ -252,6 +252,11 @@ </dependency> <dependency> <groupId>org.apache.hadoop</groupId> + <artifactId>hadoop-yarn-registry</artifactId> + <version>${hadoop.version}</version> + </dependency> + <dependency> + <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-yarn-common</artifactId> <version>${hadoop.version}</version> </dependency> http://git-wip-us.apache.org/repos/asf/ambari/blob/336e2b1f/contrib/views/slider/src/main/java/org/apache/ambari/view/slider/SliderAppsViewControllerImpl.java ---------------------------------------------------------------------- diff --git a/contrib/views/slider/src/main/java/org/apache/ambari/view/slider/SliderAppsViewControllerImpl.java b/contrib/views/slider/src/main/java/org/apache/ambari/view/slider/SliderAppsViewControllerImpl.java index 92f95c9..bdd3c0f 100644 --- a/contrib/views/slider/src/main/java/org/apache/ambari/view/slider/SliderAppsViewControllerImpl.java +++ b/contrib/views/slider/src/main/java/org/apache/ambari/view/slider/SliderAppsViewControllerImpl.java @@ -66,6 +66,7 @@ import org.apache.slider.client.SliderClient; import org.apache.slider.common.params.ActionCreateArgs; import org.apache.slider.common.params.ActionFlexArgs; import org.apache.slider.common.params.ActionFreezeArgs; +import org.apache.slider.common.params.ActionInstallKeytabArgs; import org.apache.slider.common.params.ActionInstallPackageArgs; import org.apache.slider.common.params.ActionThawArgs; import org.apache.slider.core.exceptions.SliderException; @@ -84,6 +85,7 @@ import com.google.gson.JsonArray; import com.google.gson.JsonElement; import com.google.gson.JsonObject; import com.google.gson.JsonParser; +import com.google.gson.JsonPrimitive; import com.google.inject.Inject; import com.google.inject.Singleton; @@ -134,7 +136,7 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController { ambariUsername, ambariPassword); try { AmbariClusterInfo clusterInfo = ambariClient.getClusterInfo(); - if (clusterName.equals(clusterInfo.getName())) { + if (clusterInfo!=null && clusterName.equals(clusterInfo.getName())) { AmbariCluster cluster = ambariClient.getCluster(clusterInfo); AmbariServiceInfo hdfsServiceInfo = null; AmbariServiceInfo yarnServiceInfo = null; @@ -1039,6 +1041,7 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController { final String appType = json.get("typeName").getAsString(); final String appName = json.get("name").getAsString(); final String queueName = json.has("queue") ? json.get("queue").getAsString() : null; + final boolean securityEnabled = Boolean.valueOf(getHadoopConfigs().get("security_enabled")); JsonObject configs = json.get("typeConfigs").getAsJsonObject(); JsonObject resourcesObj = json.get("resources").getAsJsonObject(); JsonArray componentsArray = resourcesObj.get("components").getAsJsonArray(); @@ -1070,7 +1073,7 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController { appCreateFolder.mkdirs(); File appConfigJsonFile = new File(appCreateFolder, "appConfig.json"); File resourcesJsonFile = new File(appCreateFolder, "resources.json"); - saveAppConfigs(configs, componentsArray, appConfigJsonFile); + saveAppConfigs(configs, componentsArray, appName, securityEnabled, appConfigJsonFile); saveAppResources(resourcesObj, resourcesJsonFile); final ActionCreateArgs createArgs = new ActionCreateArgs(); @@ -1087,9 +1090,16 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController { installArgs.packageURI = getAppsFolderPath() + "/" + localAppPackageFileName; installArgs.replacePkg = true; + final ActionInstallKeytabArgs keytabArgs = new ActionInstallKeytabArgs(); + keytabArgs.keytabUri = getUserToRunAsKeytab(); + keytabArgs.folder = appName; + return invokeSliderClientRunnable(new SliderClientContextRunnable<String>() { @Override public String run(SliderClient sliderClient) throws YarnException, IOException, InterruptedException { + if (securityEnabled) { + sliderClient.actionInstallKeytab(keytabArgs); + } sliderClient.actionInstallPkg(installArgs); sliderClient.actionCreate(appName, createArgs); ApplicationId applicationId = sliderClient.applicationId; @@ -1157,8 +1167,28 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController { } } + /* + * When security is enabled, the AppMaster itself needs the keytab identifying the calling user. + * The user's keytab should be at the same location as the view's keytab, and should be + * named as ${username}.headless.keytab + */ + private String getUserToRunAsKeytab() { + String viewKeytab = viewContext.getProperties().get(PARAM_VIEW_PRINCIPAL_KEYTAB); + String prefix = ""; + int index = viewKeytab.lastIndexOf('/'); + if (index > -1) { + prefix = viewKeytab.substring(0, index); + } + String username = getUserToRunAs(); + String userKeytab = prefix + "/" + username + ".headless.keytab"; + if (logger.isDebugEnabled()) { + logger.debug(username + " keytab: " + userKeytab); + } + return userKeytab; + } + private void saveAppConfigs(JsonObject configs, JsonArray componentsArray, - File appConfigJsonFile) throws IOException { + String appName, boolean securityEnabled, File appConfigJsonFile) throws IOException { JsonObject appConfigs = new JsonObject(); appConfigs.addProperty("schema", "http://example.org/specification/v2.0.0";); appConfigs.add("metadata", new JsonObject()); @@ -1173,7 +1203,15 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController { } } } - appConfigs.add("components", componentsObj); + if (securityEnabled) { + JsonObject appMasterComponent = new JsonObject(); + String userToRunAsKeytab = getUserToRunAsKeytab(); + String fileName = userToRunAsKeytab.substring(userToRunAsKeytab.lastIndexOf('/') + 1); + appMasterComponent.add("slider.am.login.keytab.name", new JsonPrimitive(fileName)); + appMasterComponent.add("slider.hdfs.keytab.dir", new JsonPrimitive(".slider/keytabs/" + appName)); + componentsObj.add("slider-appmaster", appMasterComponent); + } + appConfigs.add("components", componentsObj); String jsonString = new GsonBuilder().setPrettyPrinting().create().toJson(appConfigs); FileOutputStream fos = null; try { @@ -1184,6 +1222,9 @@ public class SliderAppsViewControllerImpl implements SliderAppsViewController { fos.close(); } } + if (logger.isDebugEnabled()) { + logger.debug("Saved appConfigs.json at " + appConfigJsonFile.getAbsolutePath()); + } } @Override
