[
https://issues.apache.org/jira/browse/AMBARI-24195?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandor Molnar updated AMBARI-24195:
-----------------------------------
Description:
Here is a related issue which only occurs for fresh HDP-3.0 installs where the
cluster is setup manually and is a bit strange.
There are two scenarios:
1. When a cluster is kerberos enabled with Ranger installed, Now using Add
service wizard Add Storm service and on the customize configuration page, we
see that Ranger Storm plugin is enabled and
[service-advisor|https://github.com/hortonworks/hdp_ambari_definitions/blob/AMBARI-2.7.0.0/src/main/resources/stacks/HDP/3.0/services/STORM/service_advisor.py#L216-L222]
provides appropriate recommendations by showing:
{noformat}
* ranger-storm-plugin-enabled with recommended value Yes.
* nimbus.authorizer with recommended value
org.apache.ranger.authorization.storm.authorizer.RangerStormAuthorizer.
{noformat}
2. When a cluster is kerberos enabled with Ranger and Storm installed and we
then enable Ranger Storm plugin the service-advisor recommendations differ this
time by showing:
{noformat}
* ranger-storm-plugin-enabled with recommended value Yes.
* nimbus.authorizer with recommended value Property removed.
{noformat}
Looks like in the first case the {{security_enabled}} is {{True}} whereas in
the second case the flag is {{False}} while the cluster is actually kerberized.
was:
Here is a related issue which only occurs for fresh HDP-3.0 installs where the
cluster is setup manually and is a bit strange.
There are two scenarios:
1. When a cluster is kerberos enabled with Ranger installed, Now using Add
service wizard Add Storm service and on the customize configuration page, we
see that Ranger Storm plugin is enabled and
[[service-advisor|https://github.com/hortonworks/hdp_ambari_definitions/blob/AMBARI-2.7.0.0/src/main/resources/stacks/HDP/3.0/services/STORM/service_advisor.py#L216-L222]|https://github.com/hortonworks/hdp_ambari_definitions/blob/AMBARI-2.7.0.0/src/main/resources/stacks/HDP/3.0/services/STORM/service_advisor.py#L216-L222]
provides appropriate recommendations by showing:
{noformat}
* ranger-storm-plugin-enabled with recommended value Yes.
* nimbus.authorizer with recommended value
org.apache.ranger.authorization.storm.authorizer.RangerStormAuthorizer.
{noformat}
2. When a cluster is kerberos enabled with Ranger and Storm installed and we
then enable Ranger Storm plugin the service-advisor recommendations differ this
time by showing:
{noformat}
* ranger-storm-plugin-enabled with recommended value Yes.
* nimbus.authorizer with recommended value Property removed.
{noformat}
Looks like in the first case the {{security_enabled}} is {{True}} whereas in
the second case the flag is {{False}} while the cluster is actually kerberized.
> Ranger Storm plugin toggle behavior changes under different scenarios
> ---------------------------------------------------------------------
>
> Key: AMBARI-24195
> URL: https://issues.apache.org/jira/browse/AMBARI-24195
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.7.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Blocker
> Fix For: 2.7.0
>
>
> Here is a related issue which only occurs for fresh HDP-3.0 installs where
> the cluster is setup manually and is a bit strange.
> There are two scenarios:
> 1. When a cluster is kerberos enabled with Ranger installed, Now using Add
> service wizard Add Storm service and on the customize configuration page, we
> see that Ranger Storm plugin is enabled and
> [service-advisor|https://github.com/hortonworks/hdp_ambari_definitions/blob/AMBARI-2.7.0.0/src/main/resources/stacks/HDP/3.0/services/STORM/service_advisor.py#L216-L222]
> provides appropriate recommendations by showing:
> {noformat}
> * ranger-storm-plugin-enabled with recommended value Yes.
> * nimbus.authorizer with recommended value
> org.apache.ranger.authorization.storm.authorizer.RangerStormAuthorizer.
> {noformat}
> 2. When a cluster is kerberos enabled with Ranger and Storm installed and we
> then enable Ranger Storm plugin the service-advisor recommendations differ
> this time by showing:
> {noformat}
> * ranger-storm-plugin-enabled with recommended value Yes.
> * nimbus.authorizer with recommended value Property removed.
> {noformat}
> Looks like in the first case the {{security_enabled}} is {{True}} whereas in
> the second case the flag is {{False}} while the cluster is actually
> kerberized.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
