AMBARI-21464 - Ranger is Missing from BigInsights to HDP Upgrade Packs (jonathanhurley)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/0cb9194f Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/0cb9194f Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/0cb9194f Branch: refs/heads/branch-feature-AMBARI-21348 Commit: 0cb9194f568534f7dde7d881fc31f06a619759f9 Parents: 69e492f Author: Jonathan Hurley <jhur...@hortonworks.com> Authored: Wed Jul 12 21:32:10 2017 -0400 Committer: Jonathan Hurley <jhur...@hortonworks.com> Committed: Wed Jul 12 21:32:10 2017 -0400 ---------------------------------------------------------------------- .../4.2.5/upgrades/config-upgrade.xml | 68 +++++++ .../upgrades/nonrolling-upgrade-to-hdp-2.6.xml | 164 ++++++++++++++++ .../BigInsights/4.2/upgrades/config-upgrade.xml | 94 +++++++++ .../upgrades/nonrolling-upgrade-to-hdp-2.6.xml | 190 +++++++++++++++++++ 4 files changed, 516 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/0cb9194f/ambari-server/src/main/resources/stacks/BigInsights/4.2.5/upgrades/config-upgrade.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/BigInsights/4.2.5/upgrades/config-upgrade.xml b/ambari-server/src/main/resources/stacks/BigInsights/4.2.5/upgrades/config-upgrade.xml index b51a744..e33b8fb 100644 --- a/ambari-server/src/main/resources/stacks/BigInsights/4.2.5/upgrades/config-upgrade.xml +++ b/ambari-server/src/main/resources/stacks/BigInsights/4.2.5/upgrades/config-upgrade.xml @@ -63,6 +63,74 @@ </component> </service> + <service name="RANGER"> + <component name="RANGER_ADMIN"> + <changes> + <definition xsi:type="configure" id="hdp_2_6_0_0_remove_bind_anonymous"> + <type>ranger-env</type> + <transfer operation="delete" delete-key="bind_anonymous" /> + </definition> + <definition xsi:type="configure" id="admin_log4j_parameterize" summary="Parameterizing Ranger Log4J Properties"> + <type>admin-log4j</type> + <set key="ranger_xa_log_maxfilesize" value="256"/> + <set key="ranger_xa_log_maxbackupindex" value="20"/> + <replace key="content" find="log4j.appender.xa_log_appender=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.xa_log_appender=org.apache.log4j.DailyRollingFileAppender
log4j.appender.xa_log_appender.MaxFileSize={{ranger_xa_log_maxfilesize}}MB"/> + <replace key="content" find="log4j.appender.xa_log_appender=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.xa_log_appender=org.apache.log4j.DailyRollingFileAppender
log4j.appender.xa_log_appender.MaxBackupIndex={{ranger_xa_log_maxbackupindex}}"/> + </definition> + </changes> + </component> + <component name="RANGER_USERSYNC"> + <changes> + <definition xsi:type="configure" id="usersync_log4j_parameterize" summary="Parameterizing Ranger Usersync Log4J Properties"> + <type>usersync-log4j</type> + <set key="ranger_usersync_log_maxfilesize" value="256"/> + <set key="ranger_usersync_log_maxbackupindex" value="20"/> + <replace key="content" find="log4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender
log4j.appender.logFile.MaxFileSize = {{ranger_usersync_log_maxfilesize}}MB"/> + <replace key="content" find="log4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender
log4j.appender.logFile.MaxBackupIndex = {{ranger_usersync_log_maxbackupindex}}"/> + </definition> + + <definition xsi:type="configure" id="hdp_2_6_0_0_disable_delta_sync_during_upgrade"> + <type>ranger-ugsync-site</type> + <set key="ranger.usersync.ldap.deltasync" value="false" + if-type="ranger-ugsync-site" if-key="ranger.usersync.source.impl.class" if-value="org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder"/> + </definition> + </changes> + </component> + <component name="RANGER_TAGSYNC"> + <changes> + <definition xsi:type="configure" id="tagsync_log4j_parameterize" summary="Parameterizing Ranger Tagsync Log4J Properties"> + <type>tagsync-log4j</type> + <set key="ranger_tagsync_log_maxfilesize" value="256"/> + <set key="ranger_tagsync_log_number_of_backup_files" value="20"/> + <replace key="content" find="log4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender
log4j.appender.logFile.MaxFileSize = {{ranger_tagsync_log_maxfilesize}}MB"/> + <replace key="content" find="log4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender
log4j.appender.logFile.MaxBackupIndex = {{ranger_tagsync_log_number_of_backup_files}}"/> + </definition> + </changes> + </component> + </service> + <service name="RANGER_KMS"> + <component name="RANGER_KMS_SERVER"> + <changes> + <definition xsi:type="configure" id="kms_log4j_parameterize" summary="Parameterizing Ranger KMS Log4J Properties"> + <type>kms-log4j</type> + <set key="ranger_kms_log_maxfilesize" value="256"/> + <set key="ranger_kms_log_maxbackupindex" value="20"/> + <set key="ranger_kms_audit_log_maxfilesize" value="256"/> + <set key="ranger_kms_audit_log_maxbackupindex" value="20"/> + <replace key="content" find="log4j.appender.kms=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.kms=org.apache.log4j.DailyRollingFileAppender
log4j.appender.kms.MaxFileSize = {{ranger_kms_log_maxfilesize}}MB"/> + <replace key="content" find="log4j.appender.kms=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.kms=org.apache.log4j.DailyRollingFileAppender
log4j.appender.kms.MaxBackupIndex = {{ranger_kms_log_maxbackupindex}}"/> + <replace key="content" find="log4j.appender.kms-audit=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.kms-audit=org.apache.log4j.DailyRollingFileAppender
log4j.appender.kms-audit.MaxFileSize = {{ranger_kms_audit_log_maxfilesize}}MB"/> + <replace key="content" find="log4j.appender.kms-audit=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.kms-audit=org.apache.log4j.DailyRollingFileAppender
log4j.appender.kms-audit.MaxBackupIndex = {{ranger_kms_audit_log_maxbackupindex}}"/> + </definition> + <definition xsi:type="configure" id="hdp_2_6_0_0_remove_ranger_kms_duplicate_ssl"> + <type>ranger-kms-site</type> + <transfer operation="delete" delete-key="ranger.https.attrib.keystore.file" if-type="ranger-kms-site" if-key="ranger.service.https.attrib.keystore.file" if-key-state="present"/> + <transfer operation="delete" delete-key="ranger.service.https.attrib.clientAuth" if-type="ranger-kms-site" if-key="ranger.service.https.attrib.client.auth" if-key-state="present"/> + </definition> + </changes> + </component> + </service> + <service name="HIVE"> <component name="HIVE_SERVER"> <changes> http://git-wip-us.apache.org/repos/asf/ambari/blob/0cb9194f/ambari-server/src/main/resources/stacks/BigInsights/4.2.5/upgrades/nonrolling-upgrade-to-hdp-2.6.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/BigInsights/4.2.5/upgrades/nonrolling-upgrade-to-hdp-2.6.xml b/ambari-server/src/main/resources/stacks/BigInsights/4.2.5/upgrades/nonrolling-upgrade-to-hdp-2.6.xml index 2c82cb3..5f1e06c 100644 --- a/ambari-server/src/main/resources/stacks/BigInsights/4.2.5/upgrades/nonrolling-upgrade-to-hdp-2.6.xml +++ b/ambari-server/src/main/resources/stacks/BigInsights/4.2.5/upgrades/nonrolling-upgrade-to-hdp-2.6.xml @@ -25,6 +25,7 @@ <prerequisite-checks> <check>org.apache.ambari.server.checks.ServicesYarnWorkPreservingCheck</check> <check>org.apache.ambari.server.checks.JavaVersionCheck</check> + <check>org.apache.ambari.server.checks.RangerSSLConfigCheck</check> <configuration> <!-- Configuration properties for all pre-reqs including required pre-reqs --> <check-properties name="org.apache.ambari.server.checks.HiveDynamicServiceDiscoveryCheck"> @@ -117,6 +118,18 @@ <function>prepare_express_upgrade</function> </task> </execute-stage> + + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Backup Ranger Database"> + <task xsi:type="manual"> + <message>Before continuing, please backup the Ranger Admin database on the following host(s): {{hosts.all}}.</message> + </task> + </execute-stage> + + <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Backup Ranger KMS Database"> + <task xsi:type="manual"> + <message>Before continuing, please backup Ranger KMS database on the following host(s): {{hosts.all}}.</message> + </task> + </execute-stage> </group> <group xsi:type="stop" name="STOP_LOW_LEVEL_SERVICE_COMPONENTS" title="Stop Components for Core Services"> @@ -140,6 +153,16 @@ <component>NFS_GATEWAY</component> </service> + <service name="RANGER"> + <component>RANGER_USERSYNC</component> + <component>RANGER_ADMIN</component> + <component>RANGER_TAGSYNC</component> + </service> + + <service name="RANGER_KMS"> + <component>RANGER_KMS_SERVER</component> + </service> + <service name="ZOOKEEPER"> <component>ZOOKEEPER_SERVER</component> </service> @@ -187,6 +210,44 @@ <task xsi:type="configure" id="biginsights_4_2_hbase_env_config" /> </execute-stage> + <!--RANGER--> + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Apply config changes for Ranger Admin"> + <task xsi:type="configure" id="hdp_2_6_0_0_remove_bind_anonymous"/> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Parameterizing Ranger Admin Log4J Properties"> + <task xsi:type="configure" id="admin_log4j_parameterize"> + <summary>Updating the Ranger admin Log4J properties to include parameterizations</summary> + </task> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_USERSYNC" title="Parameterizing Ranger Usersync Log4J Properties"> + <task xsi:type="configure" id="usersync_log4j_parameterize"> + <summary>Updating the Ranger usersync Log4J properties to include parameterizations</summary> + </task> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_TAGSYNC" title="Parameterizing Ranger Tagsync Log4J Properties"> + <task xsi:type="configure" id="tagsync_log4j_parameterize"> + <summary>Updating the Ranger tagsync Log4J properties to include parameterizations</summary> + </task> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_USERSYNC" title="Apply config changes for Ranger Usersync"> + <task xsi:type="configure" id="hdp_2_6_0_0_disable_delta_sync_during_upgrade"/> + </execute-stage> + + <!--RANGER-KMS--> + <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Parameterizing Ranger Kms Log4J Properties"> + <task xsi:type="configure" id="kms_log4j_parameterize"> + <summary>Updating the KMS Log4J properties to include parameterizations</summary> + </task> + </execute-stage> + + <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Apply config changes for Ranger KMS"> + <task xsi:type="configure" id="hdp_2_6_0_0_remove_ranger_kms_duplicate_ssl"/> + </execute-stage> + <!-- HIVE --> <execute-stage service="HIVE" component="HIVE_SERVER" title="Apply config changes for Hive Server"> <task xsi:type="configure" id="biginsights_4_2_0_0_hive_env_configure"/> @@ -254,6 +315,18 @@ </service> </group> + <group xsi:type="restart" name="RANGER" title="Ranger"> + <service-check>false</service-check> + <skippable>true</skippable> + <supports-auto-skip-failure>false</supports-auto-skip-failure> + <parallel-scheduler/> + <service name="RANGER"> + <component>RANGER_ADMIN</component> + <component>RANGER_USERSYNC</component> + <component>RANGER_TAGSYNC</component> + </service> + </group> + <group xsi:type="restart" name="HDFS" title="HDFS"> <service-check>false</service-check> <skippable>true</skippable> @@ -292,6 +365,16 @@ </execute-stage> </group> + <group xsi:type="restart" name="RANGER_KMS" title="Ranger KMS"> + <service-check>false</service-check> + <skippable>true</skippable> + <supports-auto-skip-failure>false</supports-auto-skip-failure> + <parallel-scheduler/> + <service name="RANGER_KMS"> + <component>RANGER_KMS_SERVER</component> + </service> + </group> + <group xsi:type="restart" name="KAFKA" title="Kafka"> <service-check>false</service-check> <skippable>true</skippable> @@ -374,6 +457,8 @@ <skippable>true</skippable> <priority> <service>ZOOKEEPER</service> + <service>RANGER</service> + <service>RANGER_KMS</service> <service>HDFS</service> <service>KAFKA</service> <service>YARN</service> @@ -567,6 +652,61 @@ </component> </service> + <service name="RANGER"> + <component name="RANGER_ADMIN"> + <pre-upgrade> + + <task xsi:type="execute" hosts="all"> + <script>scripts/ranger_admin.py</script> + <function>set_pre_start</function> + </task> + + <task xsi:type="execute" hosts="any"> + <summary>Upgrading Ranger database schema</summary> + <script>scripts/ranger_admin.py</script> + <function>setup_ranger_database</function> + </task> + + <task xsi:type="configure_function" hosts="all" /> + + <task xsi:type="execute" hosts="any"> + <summary>Applying Ranger java patches</summary> + <script>scripts/ranger_admin.py</script> + <function>setup_ranger_java_patches</function> + </task> + </pre-upgrade> + + <pre-downgrade copy-upgrade="true" /> + + <upgrade> + <task xsi:type="restart-task"/> + </upgrade> + + </component> + + <component name="RANGER_USERSYNC"> + <upgrade> + <task xsi:type="restart-task"/> + </upgrade> + </component> + + <component name="RANGER_TAGSYNC"> + + <pre-upgrade> + <task xsi:type="execute" hosts="all"> + <script>scripts/ranger_tagsync.py</script> + <function>configure_atlas_user_for_tagsync</function> + </task> + </pre-upgrade> + + <pre-downgrade copy-upgrade="true" /> + + <upgrade> + <task xsi:type="restart-task"/> + </upgrade> + </component> + </service> + <service name="HDFS"> <component name="NAMENODE"> <upgrade> @@ -605,6 +745,30 @@ </component> </service> + <service name="RANGER_KMS"> + <component name="RANGER_KMS_SERVER"> + <pre-upgrade> + <task xsi:type="execute" hosts="any" sequential="true"> + <summary>Upgrading Ranger KMS database schema</summary> + <script>scripts/kms_server.py</script> + <function>setup_ranger_kms_database</function> + </task> + </pre-upgrade> + + <pre-downgrade> + <task xsi:type="execute" hosts="any" sequential="true"> + <summary>Downgrading Ranger KMS database schema</summary> + <script>scripts/kms_server.py</script> + <function>setup_ranger_kms_database</function> + </task> + </pre-downgrade> + + <upgrade> + <task xsi:type="restart-task"/> + </upgrade> + </component> + </service> + <service name="MAPREDUCE2"> <component name="HISTORYSERVER"> <upgrade> http://git-wip-us.apache.org/repos/asf/ambari/blob/0cb9194f/ambari-server/src/main/resources/stacks/BigInsights/4.2/upgrades/config-upgrade.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/BigInsights/4.2/upgrades/config-upgrade.xml b/ambari-server/src/main/resources/stacks/BigInsights/4.2/upgrades/config-upgrade.xml index b46f476..070207a 100644 --- a/ambari-server/src/main/resources/stacks/BigInsights/4.2/upgrades/config-upgrade.xml +++ b/ambari-server/src/main/resources/stacks/BigInsights/4.2/upgrades/config-upgrade.xml @@ -18,6 +18,98 @@ <upgrade-config-changes xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="upgrade-config.xsd"> <services> + <service name="RANGER"> + <component name="RANGER_ADMIN"> + <changes> + + <definition xsi:type="configure" id="hdp_2_5_0_0_remove_audit_db_flag"> + <type>ranger-env</type> + <transfer operation="delete" delete-key="xasecure.audit.destination.db"/> + </definition> + + <definition xsi:type="configure" id="hdp_2_5_0_0_remove_audit_db_admin_properties"> + <type>admin-properties</type> + <transfer operation="delete" delete-key="audit_db_name" /> + <transfer operation="delete" delete-key="audit_db_user" /> + <transfer operation="delete" delete-key="audit_db_password" /> + </definition> + + <definition xsi:type="configure" id="hdp_2_5_0_0_remove_audit_db_ranger_admin_site"> + <type>ranger-admin-site</type> + <set key="ranger.audit.source.type" value="solr"/> + <transfer operation="delete" delete-key="ranger.jpa.audit.jdbc.driver" /> + <transfer operation="delete" delete-key="ranger.jpa.audit.jdbc.url" /> + <transfer operation="delete" delete-key="ranger.jpa.audit.jdbc.user" /> + <transfer operation="delete" delete-key="ranger.jpa.audit.jdbc.password" /> + <transfer operation="delete" delete-key="ranger.jpa.audit.jdbc.credential.alias" /> + <transfer operation="delete" delete-key="ranger.jpa.audit.jdbc.dialect" /> + </definition> + + <definition xsi:type="configure" id="hdp_2_5_0_0_remove_sso_property"> + <type>ranger-admin-site</type> + <transfer operation="delete" delete-key="ranger.sso.cookiename" /> + <transfer operation="delete" delete-key="ranger.sso.query.param.originalurl" /> + </definition> + + <definition xsi:type="configure" id="hdp_2_5_0_0_set_external_solrCloud_flag"> + <type>ranger-env</type> + <set key="is_external_solrCloud_enabled" value="true" + if-type="ranger-env" if-key="is_solrCloud_enabled" if-value="true"/> + </definition> + + <definition xsi:type="configure" id="hdp_2_6_0_0_remove_bind_anonymous"> + <type>ranger-env</type> + <transfer operation="delete" delete-key="bind_anonymous" /> + </definition> + </changes> + </component> + + <component name="RANGER_USERSYNC"> + <changes> + <definition xsi:type="configure" id="hdp_2_6_0_0_disable_delta_sync_during_upgrade"> + <type>ranger-ugsync-site</type> + <set key="ranger.usersync.ldap.deltasync" value="false" + if-type="ranger-ugsync-site" if-key="ranger.usersync.source.impl.class" if-value="org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder"/> + </definition> + </changes> + </component> + </service> + + <service name="RANGER_KMS"> + <component name="RANGER_KMS_SERVER"> + <changes> + <definition xsi:type="configure" id="hdp_2_5_0_0_remove_ranger_kms_audit_db"> + <type>ranger-kms-audit</type> + <transfer operation="delete" delete-key="xasecure.audit.destination.db" /> + <transfer operation="delete" delete-key="xasecure.audit.destination.db.jdbc.url" /> + <transfer operation="delete" delete-key="xasecure.audit.destination.db.user" /> + <transfer operation="delete" delete-key="xasecure.audit.destination.db.password" /> + <transfer operation="delete" delete-key="xasecure.audit.destination.db.jdbc.driver" /> + <transfer operation="delete" delete-key="xasecure.audit.credential.provider.file" /> + <transfer operation="delete" delete-key="xasecure.audit.destination.db.batch.filespool.dir" /> + </definition> + <definition xsi:type="configure" id="kms_log4j_parameterize" summary="Parameterizing Ranger KMS Log4J Properties"> + <type>kms-log4j</type> + <set key="ranger_kms_log_maxfilesize" value="256"/> + <set key="ranger_kms_log_maxbackupindex" value="20"/> + <set key="ranger_kms_audit_log_maxfilesize" value="256"/> + <set key="ranger_kms_audit_log_maxbackupindex" value="20"/> + <replace key="content" find="log4j.appender.kms=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.kms=org.apache.log4j.DailyRollingFileAppender
log4j.appender.kms.MaxFileSize = {{ranger_kms_log_maxfilesize}}MB"/> + <replace key="content" find="log4j.appender.kms=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.kms=org.apache.log4j.DailyRollingFileAppender
log4j.appender.kms.MaxBackupIndex = {{ranger_kms_log_maxbackupindex}}"/> + <replace key="content" find="log4j.appender.kms-audit=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.kms-audit=org.apache.log4j.DailyRollingFileAppender
log4j.appender.kms-audit.MaxFileSize = {{ranger_kms_audit_log_maxfilesize}}MB"/> + <replace key="content" find="log4j.appender.kms-audit=org.apache.log4j.DailyRollingFileAppender" replace-with="log4j.appender.kms-audit=org.apache.log4j.DailyRollingFileAppender
log4j.appender.kms-audit.MaxBackupIndex = {{ranger_kms_audit_log_maxbackupindex}}"/> + </definition> + <definition xsi:type="configure" id="hdp_2_6_0_0_remove_ranger_kms_duplicate_ssl"> + <type>ranger-kms-site</type> + <transfer operation="delete" delete-key="ranger.https.attrib.keystore.file" + if-type="ranger-kms-site" if-key="ranger.service.https.attrib.keystore.file" if-key-state="present"/> + <transfer operation="delete" delete-key="ranger.service.https.attrib.clientAuth" + if-type="ranger-kms-site" if-key="ranger.service.https.attrib.client.auth" if-key-state="present"/> + </definition> + </changes> + </component> + </service> + <service name="HDFS"> <component name="NAMENODE"> <changes> @@ -143,4 +235,6 @@ </component> </service> </services> + + </upgrade-config-changes> http://git-wip-us.apache.org/repos/asf/ambari/blob/0cb9194f/ambari-server/src/main/resources/stacks/BigInsights/4.2/upgrades/nonrolling-upgrade-to-hdp-2.6.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/BigInsights/4.2/upgrades/nonrolling-upgrade-to-hdp-2.6.xml b/ambari-server/src/main/resources/stacks/BigInsights/4.2/upgrades/nonrolling-upgrade-to-hdp-2.6.xml index b66c234..5b8f8d9 100644 --- a/ambari-server/src/main/resources/stacks/BigInsights/4.2/upgrades/nonrolling-upgrade-to-hdp-2.6.xml +++ b/ambari-server/src/main/resources/stacks/BigInsights/4.2/upgrades/nonrolling-upgrade-to-hdp-2.6.xml @@ -25,6 +25,7 @@ <prerequisite-checks> <check>org.apache.ambari.server.checks.ServicesYarnWorkPreservingCheck</check> <check>org.apache.ambari.server.checks.JavaVersionCheck</check> + <check>org.apache.ambari.server.checks.RangerSSLConfigCheck</check> <configuration> <!-- Configuration properties for all pre-reqs including required pre-reqs --> <check-properties name="org.apache.ambari.server.checks.HiveDynamicServiceDiscoveryCheck"> @@ -117,6 +118,18 @@ <function>prepare_express_upgrade</function> </task> </execute-stage> + + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Backup Ranger Database"> + <task xsi:type="manual"> + <message>Before continuing, please backup the Ranger Admin database on the following host(s): {{hosts.all}}.</message> + </task> + </execute-stage> + + <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Backup Ranger KMS Database"> + <task xsi:type="manual"> + <message>Before continuing, please backup Ranger KMS database on the following host(s): {{hosts.all}}.</message> + </task> + </execute-stage> </group> <group xsi:type="stop" name="STOP_LOW_LEVEL_SERVICE_COMPONENTS" title="Stop Components for Core Services"> @@ -140,6 +153,16 @@ <component>NFS_GATEWAY</component> </service> + <service name="RANGER"> + <component>RANGER_USERSYNC</component> + <component>RANGER_ADMIN</component> + <component>RANGER_TAGSYNC</component> + </service> + + <service name="RANGER_KMS"> + <component>RANGER_KMS_SERVER</component> + </service> + <service name="ZOOKEEPER"> <component>ZOOKEEPER_SERVER</component> </service> @@ -211,6 +234,70 @@ <execute-stage service="OOZIE" component="OOZIE_SERVER" title="Apply config changes for Oozie server"> <task xsi:type="configure" id="biginsights_4_2_oozie_server_update_environment_tomcat" /> </execute-stage> + + <!-- RANGER --> + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Apply config changes for Ranger Admin"> + <task xsi:type="configure" id="hdp_2_5_0_0_remove_audit_db_flag"/> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Apply config changes for Ranger Admin"> + <task xsi:type="configure" id="hdp_2_5_0_0_remove_audit_db_admin_properties"/> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Apply config changes for Ranger Admin"> + <task xsi:type="configure" id="hdp_2_5_0_0_remove_audit_db_ranger_admin_site"/> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Apply config changes for Ranger Admin"> + <task xsi:type="configure" id="hdp_2_5_0_0_remove_sso_property"/> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Apply config changes for Ranger Admin"> + <task xsi:type="configure" id="hdp_2_5_0_0_set_external_solrCloud_flag"/> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Calculating Ranger Properties"> + <condition xsi:type="security" type="kerberos"/> + <task xsi:type="server_action" class="org.apache.ambari.server.serveraction.upgrades.RangerKerberosConfigCalculation"> + <summary>Calculating Ranger Properties</summary> + </task> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Configuring Ranger Alerts"> + <task xsi:type="server_action" class="org.apache.ambari.server.serveraction.upgrades.RangerWebAlertConfigAction"> + <summary>Configuring Ranger Alerts</summary> + </task> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_ADMIN" title="Apply config changes for Ranger Admin"> + <task xsi:type="configure" id="hdp_2_6_0_0_remove_bind_anonymous"/> + </execute-stage> + + <execute-stage service="RANGER" component="RANGER_USERSYNC" title="Apply config changes for Ranger Usersync"> + <task xsi:type="configure" id="hdp_2_6_0_0_disable_delta_sync_during_upgrade"/> + </execute-stage> + + <!-- RANGER KMS --> + <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Apply config changes for Ranger KMS Server"> + <task xsi:type="configure" id="hdp_2_5_0_0_remove_ranger_kms_audit_db"/> + </execute-stage> + + <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Parameterizing Ranger Kms Log4J Properties"> + <task xsi:type="configure" id="kms_log4j_parameterize"> + <summary>Updating the KMS Log4J properties to include parameterizations</summary> + </task> + </execute-stage> + + <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Calculating Ranger Properties"> + <condition xsi:type="security" type="kerberos"/> + <task xsi:type="server_action" class="org.apache.ambari.server.serveraction.upgrades.RangerKmsProxyConfig"> + <summary>Adding Ranger proxy user properties</summary> + </task> + </execute-stage> + + <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Apply config changes for Ranger KMS"> + <task xsi:type="configure" id="hdp_2_6_0_0_remove_ranger_kms_duplicate_ssl"/> + </execute-stage> </group> @@ -254,6 +341,18 @@ </service> </group> + <group xsi:type="restart" name="RANGER" title="Ranger"> + <service-check>false</service-check> + <skippable>true</skippable> + <supports-auto-skip-failure>false</supports-auto-skip-failure> + <parallel-scheduler/> + <service name="RANGER"> + <component>RANGER_ADMIN</component> + <component>RANGER_USERSYNC</component> + <component>RANGER_TAGSYNC</component> + </service> + </group> + <group xsi:type="restart" name="HDFS" title="HDFS"> <service-check>false</service-check> <skippable>true</skippable> @@ -292,6 +391,16 @@ </execute-stage> </group> + <group xsi:type="restart" name="RANGER_KMS" title="Ranger KMS"> + <service-check>false</service-check> + <skippable>true</skippable> + <supports-auto-skip-failure>false</supports-auto-skip-failure> + <parallel-scheduler/> + <service name="RANGER_KMS"> + <component>RANGER_KMS_SERVER</component> + </service> + </group> + <group xsi:type="restart" name="KAFKA" title="Kafka"> <service-check>false</service-check> <skippable>true</skippable> @@ -374,6 +483,8 @@ <skippable>true</skippable> <priority> <service>ZOOKEEPER</service> + <service>RANGER</service> + <service>RANGER_KMS</service> <service>HDFS</service> <service>KAFKA</service> <service>YARN</service> @@ -567,6 +678,61 @@ </component> </service> + <service name="RANGER"> + <component name="RANGER_ADMIN"> + <pre-upgrade> + + <task xsi:type="execute" hosts="all"> + <script>scripts/ranger_admin.py</script> + <function>set_pre_start</function> + </task> + + <task xsi:type="execute" hosts="any"> + <summary>Upgrading Ranger database schema</summary> + <script>scripts/ranger_admin.py</script> + <function>setup_ranger_database</function> + </task> + + <task xsi:type="configure_function" hosts="all" /> + + <task xsi:type="execute" hosts="any"> + <summary>Applying Ranger java patches</summary> + <script>scripts/ranger_admin.py</script> + <function>setup_ranger_java_patches</function> + </task> + </pre-upgrade> + + <pre-downgrade copy-upgrade="true" /> + + <upgrade> + <task xsi:type="restart-task"/> + </upgrade> + + </component> + + <component name="RANGER_USERSYNC"> + <upgrade> + <task xsi:type="restart-task"/> + </upgrade> + </component> + + <component name="RANGER_TAGSYNC"> + + <pre-upgrade> + <task xsi:type="execute" hosts="all"> + <script>scripts/ranger_tagsync.py</script> + <function>configure_atlas_user_for_tagsync</function> + </task> + </pre-upgrade> + + <pre-downgrade copy-upgrade="true" /> + + <upgrade> + <task xsi:type="restart-task"/> + </upgrade> + </component> + </service> + <service name="HDFS"> <component name="NAMENODE"> <upgrade> @@ -605,6 +771,30 @@ </component> </service> + <service name="RANGER_KMS"> + <component name="RANGER_KMS_SERVER"> + <pre-upgrade> + <task xsi:type="execute" hosts="any" sequential="true"> + <summary>Upgrading Ranger KMS database schema</summary> + <script>scripts/kms_server.py</script> + <function>setup_ranger_kms_database</function> + </task> + </pre-upgrade> + + <pre-downgrade> + <task xsi:type="execute" hosts="any" sequential="true"> + <summary>Downgrading Ranger KMS database schema</summary> + <script>scripts/kms_server.py</script> + <function>setup_ranger_kms_database</function> + </task> + </pre-downgrade> + + <upgrade> + <task xsi:type="restart-task"/> + </upgrade> + </component> + </service> + <service name="MAPREDUCE2"> <component name="HISTORYSERVER"> <upgrade>