Repository: ambari Updated Branches: refs/heads/trunk 36f92c70b -> 53bc491ca
AMBARI-10825. Missed Support for Wire Encyption (alexantonenko) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/53bc491c Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/53bc491c Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/53bc491c Branch: refs/heads/trunk Commit: 53bc491ca4d8bf828e699bbe1587e12687efe1eb Parents: 36f92c7 Author: Alex Antonenko <hiv...@gmail.com> Authored: Thu Apr 30 00:25:10 2015 +0300 Committer: Alex Antonenko <hiv...@gmail.com> Committed: Thu Apr 30 00:25:21 2015 +0300 ---------------------------------------------------------------------- .../HDFS/2.1.0.2.0/configuration/ssl-client.xml | 24 ++++++++++++++++- .../HDFS/2.1.0.2.0/configuration/ssl-server.xml | 28 ++++++++++---------- .../YARN/configuration-mapred/ssl-client.xml | 24 ++++++++++++++++- .../YARN/configuration-mapred/ssl-server.xml | 28 ++++++++++---------- .../YARN/configuration-mapred/ssl-client.xml | 24 ++++++++++++++++- .../YARN/configuration-mapred/ssl-server.xml | 28 ++++++++++---------- 6 files changed, 111 insertions(+), 45 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-client.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-client.xml b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-client.xml index ec8cfac..74f89f5 100644 --- a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-client.xml +++ b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-client.xml @@ -21,11 +21,33 @@ <property> <name>ssl.client.truststore.location</name> <value>/etc/security/clientKeys/all.jks</value> - <description>Truststore to be used by clients. Must be specified.</description> + <description>Location of the trust store file.</description> </property> <property> <name>ssl.client.truststore.type</name> <value>jks</value> <description>Optional. Default value is "jks".</description> </property> + <property> + <name>sssl.client.truststore.password</name> + <value>bigdata</value> + <property-type>PASSWORD</property-type> + <description>Password to open the trust store file.</description> + </property> + <property> + <name>ssl.client.truststore.reload.interval</name> + <value>10000</value> + <description>Truststore reload interval, in milliseconds.</description> + </property> + <property> + <name>ssl.client.keystore.location</name> + <value>/etc/security/clientKeys/keystore.jks</value> + <description>Location of the keystore file.</description> + </property> + <property> + <name>ssl.client.keystore.password</name> + <value>bigdata</value> + <property-type>PASSWORD</property-type> + <description>Password to open the keystore file.</description> + </property> </configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-server.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-server.xml b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-server.xml index 20b8b1e..c152711 100644 --- a/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-server.xml +++ b/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/configuration/ssl-server.xml @@ -20,8 +20,8 @@ <configuration> <property> <name>ssl.server.truststore.location</name> - <value>/etc/security/serverKeys/truststore.jks</value> - <description>Truststore to be used by NN and DN. Must be specified.</description> + <value>/etc/security/clientKeys/all.jks</value> + <description>Location of the trust store file.</description> </property> <property> <name>ssl.server.truststore.type</name> @@ -29,25 +29,25 @@ <description>Optional. Default value is "jks".</description> </property> <property> - <name>ssl.server.keystore.location</name> - <value>/etc/security/serverKeys/keystore.jks</value> - <description>Keystore to be used by NN and DN. Must be specified.</description> + <name>sssl.server.truststore.password</name> + <value>bigdata</value> + <property-type>PASSWORD</property-type> + <description>Password to open the trust store file.</description> </property> <property> - <name>ssl.server.keystore.password</name> - <property-type>PASSWORD</property-type> - <value>bigdata</value> - <description>Must be specified.</description> + <name>ssl.server.truststore.reload.interval</name> + <value>10000</value> + <description>Truststore reload interval, in milliseconds.</description> </property> <property> - <name>ssl.server.keystore.type</name> - <value>jks</value> - <description>Optional. Default value is "jks".</description> + <name>ssl.server.keystore.location</name> + <value>/etc/security/clientKeys/keystore.jks</value> + <description>Location of the keystore file.</description> </property> <property> - <name>ssl.server.keystore.keypassword</name> + <name>ssl.server.keystore.password</name> <value>bigdata</value> <property-type>PASSWORD</property-type> - <description>Must be specified.</description> + <description>Password to open the keystore file.</description> </property> </configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml b/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml index ec8cfac..74f89f5 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml +++ b/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml @@ -21,11 +21,33 @@ <property> <name>ssl.client.truststore.location</name> <value>/etc/security/clientKeys/all.jks</value> - <description>Truststore to be used by clients. Must be specified.</description> + <description>Location of the trust store file.</description> </property> <property> <name>ssl.client.truststore.type</name> <value>jks</value> <description>Optional. Default value is "jks".</description> </property> + <property> + <name>sssl.client.truststore.password</name> + <value>bigdata</value> + <property-type>PASSWORD</property-type> + <description>Password to open the trust store file.</description> + </property> + <property> + <name>ssl.client.truststore.reload.interval</name> + <value>10000</value> + <description>Truststore reload interval, in milliseconds.</description> + </property> + <property> + <name>ssl.client.keystore.location</name> + <value>/etc/security/clientKeys/keystore.jks</value> + <description>Location of the keystore file.</description> + </property> + <property> + <name>ssl.client.keystore.password</name> + <value>bigdata</value> + <property-type>PASSWORD</property-type> + <description>Password to open the keystore file.</description> + </property> </configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml b/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml index 20b8b1e..c152711 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml +++ b/ambari-server/src/main/resources/stacks/HDP/2.1.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml @@ -20,8 +20,8 @@ <configuration> <property> <name>ssl.server.truststore.location</name> - <value>/etc/security/serverKeys/truststore.jks</value> - <description>Truststore to be used by NN and DN. Must be specified.</description> + <value>/etc/security/clientKeys/all.jks</value> + <description>Location of the trust store file.</description> </property> <property> <name>ssl.server.truststore.type</name> @@ -29,25 +29,25 @@ <description>Optional. Default value is "jks".</description> </property> <property> - <name>ssl.server.keystore.location</name> - <value>/etc/security/serverKeys/keystore.jks</value> - <description>Keystore to be used by NN and DN. Must be specified.</description> + <name>sssl.server.truststore.password</name> + <value>bigdata</value> + <property-type>PASSWORD</property-type> + <description>Password to open the trust store file.</description> </property> <property> - <name>ssl.server.keystore.password</name> - <property-type>PASSWORD</property-type> - <value>bigdata</value> - <description>Must be specified.</description> + <name>ssl.server.truststore.reload.interval</name> + <value>10000</value> + <description>Truststore reload interval, in milliseconds.</description> </property> <property> - <name>ssl.server.keystore.type</name> - <value>jks</value> - <description>Optional. Default value is "jks".</description> + <name>ssl.server.keystore.location</name> + <value>/etc/security/clientKeys/keystore.jks</value> + <description>Location of the keystore file.</description> </property> <property> - <name>ssl.server.keystore.keypassword</name> + <name>ssl.server.keystore.password</name> <value>bigdata</value> <property-type>PASSWORD</property-type> - <description>Must be specified.</description> + <description>Password to open the keystore file.</description> </property> </configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml index ec8cfac..74f89f5 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml +++ b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-client.xml @@ -21,11 +21,33 @@ <property> <name>ssl.client.truststore.location</name> <value>/etc/security/clientKeys/all.jks</value> - <description>Truststore to be used by clients. Must be specified.</description> + <description>Location of the trust store file.</description> </property> <property> <name>ssl.client.truststore.type</name> <value>jks</value> <description>Optional. Default value is "jks".</description> </property> + <property> + <name>sssl.client.truststore.password</name> + <value>bigdata</value> + <property-type>PASSWORD</property-type> + <description>Password to open the trust store file.</description> + </property> + <property> + <name>ssl.client.truststore.reload.interval</name> + <value>10000</value> + <description>Truststore reload interval, in milliseconds.</description> + </property> + <property> + <name>ssl.client.keystore.location</name> + <value>/etc/security/clientKeys/keystore.jks</value> + <description>Location of the keystore file.</description> + </property> + <property> + <name>ssl.client.keystore.password</name> + <value>bigdata</value> + <property-type>PASSWORD</property-type> + <description>Password to open the keystore file.</description> + </property> </configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/53bc491c/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml index 20b8b1e..c152711 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml +++ b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/YARN/configuration-mapred/ssl-server.xml @@ -20,8 +20,8 @@ <configuration> <property> <name>ssl.server.truststore.location</name> - <value>/etc/security/serverKeys/truststore.jks</value> - <description>Truststore to be used by NN and DN. Must be specified.</description> + <value>/etc/security/clientKeys/all.jks</value> + <description>Location of the trust store file.</description> </property> <property> <name>ssl.server.truststore.type</name> @@ -29,25 +29,25 @@ <description>Optional. Default value is "jks".</description> </property> <property> - <name>ssl.server.keystore.location</name> - <value>/etc/security/serverKeys/keystore.jks</value> - <description>Keystore to be used by NN and DN. Must be specified.</description> + <name>sssl.server.truststore.password</name> + <value>bigdata</value> + <property-type>PASSWORD</property-type> + <description>Password to open the trust store file.</description> </property> <property> - <name>ssl.server.keystore.password</name> - <property-type>PASSWORD</property-type> - <value>bigdata</value> - <description>Must be specified.</description> + <name>ssl.server.truststore.reload.interval</name> + <value>10000</value> + <description>Truststore reload interval, in milliseconds.</description> </property> <property> - <name>ssl.server.keystore.type</name> - <value>jks</value> - <description>Optional. Default value is "jks".</description> + <name>ssl.server.keystore.location</name> + <value>/etc/security/clientKeys/keystore.jks</value> + <description>Location of the keystore file.</description> </property> <property> - <name>ssl.server.keystore.keypassword</name> + <name>ssl.server.keystore.password</name> <value>bigdata</value> <property-type>PASSWORD</property-type> - <description>Must be specified.</description> + <description>Password to open the keystore file.</description> </property> </configuration>