> On Nov. 15, 2018, 3:40 p.m., Velmurugan Periasamy wrote: > > security-admin/scripts/db_setup.py > > Lines 485 (patched) > > <https://reviews.apache.org/r/69347/diff/1/?file=2108095#file2108095line585> > > > > 1] Would be better to isolate this logic to a method so that it can be > > reused instead of repeating in all places, i.e. import_db_patches, > > execute_java_patches, change_admin_default_password, > > change_all_admin_default_password, import_core_db_schema all of these > > places have the same logic. > > > > 2] Should this 10 min be made configurable?
1) Will be tracking it separately with RANGER-2287 2) I have introduced one variable at line 32 to make it configurable. but currently it may not be possible for all db specifically postgres however will explore this further. - Pradeep ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/69347/#review210579 ----------------------------------------------------------- On Nov. 15, 2018, 1:43 p.m., Pradeep Agrawal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/69347/ > ----------------------------------------------------------- > > (Updated Nov. 15, 2018, 1:43 p.m.) > > > Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, > Nikhil P, Ramesh Mani, and Velmurugan Periasamy. > > > Bugs: RANGER-2286 > https://issues.apache.org/jira/browse/RANGER-2286 > > > Repository: ranger > > > Description > ------- > > **Problem Statement:** Before execution of any db/java patch db_setup.py file > makes an entry in x_db_version_h table for that patch version and keep status > active='N'. after this it steps ahead and try to apply the patch. if patch > gets applies then active status is updated to 'Y'. if patch execution fails > then it deletes that entry and terminates ranger installation so that user > can retry the ranger install process. Sometime due to network or a runtime > error Ranger could not change the active status to 'Y' or delete the entry in > that case ranger install may be prevented due to leftover DB entry as the > next install attempt may wait for the status to be 'Y' while it could be > possible that there would not be any process which can apply the patch(this > will happen in Non-HA case). > This prevents any further attempt to install/start Ranger without manually > deleting the entry from the database. > > **Proposed Solution:** > if entries made by a host is older than 10 minute then ranger setup process > will try to delete such entry and retry the patch execution. > > Patch execution process shall have following rules after this patch. > 1) Before execution a patch setup process will check whether a patch is > applied or not; if patch is already applied then it will move to next patch. > 2) If patch is not applied then it will check whether patch status entry > exist with active='N' in x_db_version_h table from any of the host. > 3) If patch status entry with active='N' exist in x_db_version_h table for a > different host then ranger setup process will wait untill the another host > applies the patch successfully and update the patch status entry to > active='Y'. Please note that patch recheck such entry in every 2 > minutes(default recheck interval) > 4) If patch status entry with active='N' exist in x_db_version_h table for > the same host then ranger setup process will wait for maximum 10 minutes. > After that ranger process will delete that entry and check the entry again. > if entry does not exist then it will try to apply the patch again else it > will wait for forever or unless you delete such entries manually. Please > note that ranger will be checking the status entry every 2 minutes untill 10 > minute wait time expires. > > **Note** > 1) Patch has been provided for ranger supported all the db flavors. > 2) Cureent patch also removes several lines of audit db related dead code > which is not required now. > > > Diffs > ----- > > security-admin/scripts/db_setup.py 73b24aca0 > > > Diff: https://reviews.apache.org/r/69347/diff/1/ > > > Testing > ------- > > **Steps performed for Ranger-admin ** > > 1. To reproduce the case first installed ranger-0.7: > 2. Now from the master branch. > 3. Created Build with patch and untar the build. > 4. Opened install.properties and provided db configuration in > install.properties which was provided in ranger-0.7 branch build. > 5. Called setup.sh > 6. Ranger setup process shall try to apply the new db/java patches. > 7. As soon as setup process started executing the patch J10014, terminated > the script by using ctrl+c > 8. logged into ranger db and ensured that J10014 patch entry has active='N' > 9. Called the setup.sh again > 10. setup process waited for the patch J10014 status for sometime and then it > deleted the entry of J10014 patch from x_db_version_h table. > 11. setup process continues and applied the patch J10014 successfully. > 12. setup process completed successfully after applying all the patches. > 13. started ranger-admin and was able to see the ranger-admin dashboard page. > > > Thanks, > > Pradeep Agrawal > >
