Repository: ambari Updated Branches: refs/heads/trunk c097a8f7b -> 662ce6007
AMBARI-8177. ATS should remain enabled after kerberization, and keytab owner should be yarn (alejandro) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/662ce600 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/662ce600 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/662ce600 Branch: refs/heads/trunk Commit: 662ce6007ade2413c965e6340706522469357de9 Parents: c097a8f Author: Alejandro Fernandez <afernan...@hortonworks.com> Authored: Wed Nov 5 18:37:31 2014 -0800 Committer: Alejandro Fernandez <afernan...@hortonworks.com> Committed: Thu Nov 6 11:40:23 2014 -0800 ---------------------------------------------------------------------- ambari-web/app/controllers/main/admin/security.js | 14 +++++++++++++- .../controllers/main/admin/security/add/step3.js | 16 +++++----------- ambari-web/app/data/HDP2/secure_mapping.js | 2 +- ambari-web/app/data/HDP2/secure_properties.js | 6 ++---- ambari-web/app/messages.js | 1 - 5 files changed, 21 insertions(+), 18 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/662ce600/ambari-web/app/controllers/main/admin/security.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/controllers/main/admin/security.js b/ambari-web/app/controllers/main/admin/security.js index 0d4c031..a38e264 100644 --- a/ambari-web/app/controllers/main/admin/security.js +++ b/ambari-web/app/controllers/main/admin/security.js @@ -38,7 +38,13 @@ App.MainAdminSecurityController = Em.Controller.extend({ getDisableSecurityStatus: function (status) { return App.db.getDisableSecurityStatus(); }, - + content: Em.Object.create({ + isATSInstalled: function() { + // Because the ATS component can be installed/removed at will, the check has to happen every time that security is added. + var yarnService = App.Service.find().findProperty('serviceName','YARN'); + return !!yarnService && yarnService.get('hostComponents').someProperty('componentName', 'APP_TIMELINE_SERVER'); + }.property('App.router.clusterController.isLoaded') + }), notifySecurityOff: false, notifySecurityAdd: false, @@ -64,6 +70,12 @@ App.MainAdminSecurityController = Em.Controller.extend({ secureServices = $.extend(true, [], require('data/secure_configs')); } + // Typically, ATS will support Kerberos in HDP 2.2 and higher + if (this.get('content.isATSInstalled') && App.get('doesATSSupportKerberos')) { + var yarnConfigCategories = secureServices.findProperty('serviceName', 'YARN').configCategories; + yarnConfigCategories.push(App.ServiceConfigCategory.create({ name: 'AppTimelineServer', displayName : 'Application Timeline Service'})); + } + var installedServices = App.Service.find().mapProperty('serviceName'); //General (only non service tab) tab is always displayed services.push(secureServices.findProperty('serviceName', 'GENERAL')); http://git-wip-us.apache.org/repos/asf/ambari/blob/662ce600/ambari-web/app/controllers/main/admin/security/add/step3.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/controllers/main/admin/security/add/step3.js b/ambari-web/app/controllers/main/admin/security/add/step3.js index 2bcd59c..c2bba07 100644 --- a/ambari-web/app/controllers/main/admin/security/add/step3.js +++ b/ambari-web/app/controllers/main/admin/security/add/step3.js @@ -46,7 +46,8 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({ 'NIMBUS': 'storm_user', 'STORM_UI_SERVER': 'storm_user', 'FALCON_SERVER': 'falcon_user', - 'KNOX_GATEWAY': 'knox_user' + 'KNOX_GATEWAY': 'knox_user', + 'APP_TIMELINE_SERVER': 'yarn_user' }; if (App.get('isHadoop22Stack')) { map['DRPC_SERVER'] = 'storm_user' @@ -120,13 +121,6 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({ }, { componentName: 'APP_TIMELINE_SERVER', - principal: 'apptimelineserver_principal_name', - keytab: 'apptimelineserver_keytab', - displayName: Em.I18n.t('admin.addSecurity.user.yarn.atsUser'), - isHadoop2Stack: true - }, - { - componentName: 'APP_TIMELINE_SERVER', principal: 'apptimelineserver_http_principal_name', keytab: 'apptimelineserver_http_keytab', displayName: Em.I18n.t('admin.addSecurity.user.yarn.atsHTTPUser'), @@ -262,8 +256,8 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({ var componentToOwnerMap = {}; for (var component in componentToUserMap) { var user = componentToUserMap[component]; - var secutityUser = securityUsers.findProperty('name', user); - componentToOwnerMap[component] = secutityUser.value; + var securityUser = securityUsers.findProperty('name', user); + componentToOwnerMap[component] = securityUser.value; } return componentToOwnerMap; }, @@ -351,7 +345,7 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({ setHostComponentsSecureValue: function (result, host, addedPrincipalsHost, securityUsers, hadoopGroupId) { var componentsToDisplay = ['NAMENODE', 'SECONDARY_NAMENODE', 'DATANODE', 'JOBTRACKER', 'ZOOKEEPER_SERVER', 'HIVE_SERVER', 'TASKTRACKER', 'OOZIE_SERVER', 'NAGIOS_SERVER', 'HBASE_MASTER', 'HBASE_REGIONSERVER', 'HISTORYSERVER', 'RESOURCEMANAGER', 'NODEMANAGER', 'JOURNALNODE', - 'SUPERVISOR', 'NIMBUS', 'STORM_UI_SERVER', 'FALCON_SERVER', 'KNOX_GATEWAY']; + 'SUPERVISOR', 'NIMBUS', 'STORM_UI_SERVER', 'FALCON_SERVER', 'KNOX_GATEWAY', 'APP_TIMELINE_SERVER']; if (App.get('isHadoop22Stack')) { componentsToDisplay.push('DRPC_SERVER'); } http://git-wip-us.apache.org/repos/asf/ambari/blob/662ce600/ambari-web/app/data/HDP2/secure_mapping.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/data/HDP2/secure_mapping.js b/ambari-web/app/data/HDP2/secure_mapping.js index 62afd26..6299bce 100644 --- a/ambari-web/app/data/HDP2/secure_mapping.js +++ b/ambari-web/app/data/HDP2/secure_mapping.js @@ -204,7 +204,7 @@ var props = [ "name": "yarn.timeline-service.enabled", "templateName": [], "foreignKey": null, - "value": "false", + "value": App.get('isHadoop22Stack') ? "true" : "false", "nonSecureValue": "false", "filename": "yarn-site.xml", "serviceName": "YARN" http://git-wip-us.apache.org/repos/asf/ambari/blob/662ce600/ambari-web/app/data/HDP2/secure_properties.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/data/HDP2/secure_properties.js b/ambari-web/app/data/HDP2/secure_properties.js index ccc942e..77cfc9a 100644 --- a/ambari-web/app/data/HDP2/secure_properties.js +++ b/ambari-web/app/data/HDP2/secure_properties.js @@ -523,8 +523,7 @@ var props = { "isVisible": true, "isOverridable": true, "serviceName": "YARN", - "category": "AppTimelineServer", - "component": "APP_TIMELINE_SERVER" + "category": "AppTimelineServer" }, { "id": "puppet var", @@ -537,8 +536,7 @@ var props = { "isVisible": true, "isOverridable": true, "serviceName": "YARN", - "category": "AppTimelineServer", - "component": "APP_TIMELINE_SERVER" + "category": "AppTimelineServer" }, // YARN Resource Manager http://git-wip-us.apache.org/repos/asf/ambari/blob/662ce600/ambari-web/app/messages.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/messages.js b/ambari-web/app/messages.js index 531532e..e324659 100644 --- a/ambari-web/app/messages.js +++ b/ambari-web/app/messages.js @@ -1107,7 +1107,6 @@ Em.I18n.translations = { 'admin.addSecurity.hive.user.httpUser': 'Hive SPNEGO User', 'admin.addSecurity.oozie.user.httpUser': 'Oozie SPNEGO User', 'admin.addSecurity.falcon.user.httpUser': 'Falcon SPNEGO User', - 'admin.addSecurity.user.yarn.atsUser': 'YARN ATS User', 'admin.addSecurity.user.yarn.atsHTTPUser': 'YARN ATS HTTP User', 'admin.addSecurity.knox.user': 'Knox Gateway', 'admin.addSecurity.enable.onClose': 'You are in the process of enabling security on your cluster. ' +
