> On Aug. 4, 2016, 4:48 p.m., Jayush Luniya wrote: > > ambari-server/src/main/resources/common-services/ATLAS/0.7.0.2.5/configuration/ranger-atlas-policymgr-ssl.xml, > > line 25 > > <https://reviews.apache.org/r/50791/diff/1/?file=1462821#file1462821line25> > > > > We should not setting any properties with value that has "hdp" > > hardcoded in it in common-services. This should be set to whatever is the > > Apache default and then overridden in the HDP stack. > > > > Refer: > > > > https://github.com/apache/ambari/blob/trunk/ambari-server/src/main/resources/common-services/KAFKA/0.9.0/configuration/ranger-kafka-policymgr-ssl.xml#L22-L27 > > > > and > > > > > > https://github.com/apache/ambari/blob/trunk/ambari-server/src/main/resources/stacks/HDP/2.3/services/KAFKA/configuration/ranger-kafka-policymgr-ssl.xml#L22-L27
Removed changes done common-service version in updated patch > On Aug. 4, 2016, 4:48 p.m., Jayush Luniya wrote: > > ambari-server/src/main/resources/common-services/ATLAS/0.7.0.2.5/configuration/ranger-atlas-policymgr-ssl.xml, > > line 43 > > <https://reviews.apache.org/r/50791/diff/1/?file=1462821#file1462821line43> > > > > No hdp hardcoding in common-services Removed changes done common-service version in updated patch - Mugdha ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/50791/#review144781 ----------------------------------------------------------- On Aug. 4, 2016, 6:48 p.m., Mugdha Varadkar wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/50791/ > ----------------------------------------------------------- > > (Updated Aug. 4, 2016, 6:48 p.m.) > > > Review request for Ambari, Alejandro Fernandez, Gautam Borad, Jayush Luniya, > Robert Levas, and Velmurugan Periasamy. > > > Bugs: AMBARI-18019 > https://issues.apache.org/jira/browse/AMBARI-18019 > > > Repository: ambari > > > Description > ------- > > In-order to support AMBARI-17902 changes for ranger-atlas plugin, trying to > accommodate below code in common-services/ATLAS/0.7.0.2.5/kerberos.json. > { > "name": "/ATLAS/ATLAS_SERVER/atlas", > "principal": { > "configuration": > "ranger-atlas-audit/xasecure.audit.jaas.Client.option.principal" > }, > "keytab": { > "configuration": > "ranger-atlas-audit/xasecure.audit.jaas.Client.option.keyTab" > } > } > However these configs are not being available at ranger-atlas-audit.xml > > This occurs because the Kerberos Descriptors does not allow using the same > identity name more than once. > After AMBARI-17993 fix this is made possible by using reference tag. > > > Changes include: > 1) updating kerberos.json > 2) moving ranger related configs file from > /stacks/HDP/2.5/services/ATLAS/configuration to > /common-services/ATLAS/0.7.0.2.5/configuration as common service version > 0.7.0.2.5 is maintained. > > > Diffs > ----- > > > ambari-server/src/main/resources/common-services/ATLAS/0.7.0.2.5/kerberos.json > 2be4b7d > > ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py > 43c767d > > Diff: https://reviews.apache.org/r/50791/diff/ > > > Testing > ------- > > Tested Atlas installation in secure mode with and without Ranger > > > Thanks, > > Mugdha Varadkar > >
