def reset(options):
if not is_root():
err = configDefaults.MESSAGE_ERROR_RESET_NOT_ROOT
raise FatalException(4, err)
status, stateDesc = is_server_runing()
if status:
err = 'Ambari-server must be stopped to reset'
raise FatalException(1, err)
#force reset if silent option provided
if get_silent():
default = "yes"
else:
default = "no"
choice = get_YN_input("**** WARNING **** You are about to reset and clear the "
"Ambari Server database. This will remove all cluster "
"host and configuration information from the database. "
"You will be required to re-configure the Ambari server "
"and re-run the cluster wizard. \n"
"Are you SURE you want to perform the reset "
"[yes/no] ({0})? ".format(default), get_silent())
okToRun = choice
if not okToRun:
err = "Ambari Server 'reset' cancelled"
raise FatalException(1, err)
_reset_database(options)
pass
def start(args):
status, pid = is_server_runing()
if status:
err = "Ambari Server is already running."
raise FatalException(1, err)
server_process_main(args)
def status(args):
args.exit_message = None
status, pid = is_server_runing()
pid_file_path = os.path.join(configDefaults.PID_DIR, PID_NAME)
if status:
print "Ambari Server running"
print "Found Ambari Server PID: " + str(pid) + " at: " + pid_file_path
else:
print "Ambari Server not running. Stale PID File at: " + pid_file_path
def set_current(options):
server_status, pid = is_server_runing()
if not server_status:
err = 'Ambari Server is not running.'
raise FatalException(1, err)
finalize_options = SetCurrentVersionOptions(options)
if finalize_options.no_finalize_options_set():
err = 'Must specify --cluster-name and --version-display-name. Please invoke ambari-server.py --help to print the options.'
raise FatalException(1, err)
admin_login = get_validated_string_input(prompt="Enter Ambari Admin login: "******"Enter Ambari Admin password: "******"Failed to read properties file.")
base_url = get_ambari_server_api_base(properties)
url = base_url + "clusters/{0}/stack_versions".format(finalize_options.cluster_name)
admin_auth = base64.encodestring('%s:%s' % (admin_login, admin_password)).replace('\n', '')
request = urllib2.Request(url)
request.add_header('Authorization', 'Basic %s' % admin_auth)
request.add_header('X-Requested-By', 'ambari')
data = {
"ClusterStackVersions": {
"repository_version": finalize_options.desired_repo_version,
"state": "CURRENT",
"force": "true" if finalize_options.force_repo_version else "false"
}
}
if get_verbose():
sys.stdout.write('\nCalling API ' + url + ' : ' + str(data) + '\n')
request.add_data(json.dumps(data))
request.get_method = lambda: 'PUT'
try:
response = urllib2.urlopen(request)
except urllib2.HTTPError, e:
code = e.getcode()
content = e.read()
err = 'Error during setting current version. Http status code - {0}. \n {1}'.format(
code, content)
raise FatalException(1, err)
def stop(args):
if (args != None):
args.exit_message = None
status, pid = is_server_runing()
if status:
try:
os.killpg(os.getpgid(pid), signal.SIGKILL)
except OSError, e:
print_info_msg("Unable to stop Ambari Server - " + str(e))
return
pid_file_path = os.path.join(configDefaults.PID_DIR, PID_NAME)
os.remove(pid_file_path)
print "Ambari Server stopped"
def stop(args):
if (args != None):
args.exit_message = None
status, pid = is_server_runing()
if status:
try:
os.killpg(os.getpgid(pid), signal.SIGKILL)
except OSError, e:
print_info_msg("Unable to stop Ambari Server - " + str(e))
return
pid_file_path = os.path.join(configDefaults.PID_DIR, PID_NAME)
os.remove(pid_file_path)
print "Ambari Server stopped"
def status(args):
logger.info("Get status of ambari-server.")
args.exit_message = None
status, pid = is_server_runing()
pid_file_path = os.path.join(configDefaults.PID_DIR, PID_NAME)
if status:
args.exit_code = 0
print "Ambari Server running"
print "Found Ambari Server PID: " + str(pid) + " at: " + pid_file_path
else:
if os.path.exists(pid_file_path):
print "Ambari Server not running. Stale PID File at: " + pid_file_path
else:
print "Ambari Server not running."
args.exit_code = 3
def enable_stack(options, args):
if options.stack_name == None:
print_error_msg ("Please provide stack name using --stack option")
return -1
if options.stack_versions == None:
print_error_msg ("Please provide stack version using --version option")
return -1
print_info_msg ("Going to enable Stack Versions: " + str(options.stack_versions) + " for the stack: " + str(options.stack_name))
retcode = enable_stack_version(options.stack_name,options.stack_versions)
if retcode == 0:
status, pid = is_server_runing()
if status:
print "restarting ambari server"
stop(options)
start(options)
def start(options):
from ambari_windows_service import AmbariServerService, ctrlHandler
status, pid = is_server_runing()
if status:
err = "Ambari Server is already running."
raise FatalException(1, err)
AmbariServerService.set_ctrl_c_handler(ctrlHandler)
#Run as a normal process. Invoke the ServiceMain directly.
childProc = server_process_main(options)
childProc.wait()
pid_file_path = os.path.join(configDefaults.PID_DIR, PID_NAME)
remove_file(pid_file_path)
def start(options):
from ambari_windows_service import AmbariServerService, ctrlHandler
status, pid = is_server_runing()
if status:
err = "Ambari Server is already running."
raise FatalException(1, err)
AmbariServerService.set_ctrl_c_handler(ctrlHandler)
#Run as a normal process. Invoke the ServiceMain directly.
childProc = server_process_main(options)
childProc.wait()
pid_file_path = os.path.join(configDefaults.PID_DIR, PID_NAME)
remove_file(pid_file_path)
def stop(args):
logger.info("Stopping ambari-server.")
if (args != None):
args.exit_message = None
status, pid = is_server_runing()
if status:
try:
os.kill(pid, signal.SIGTERM)
except OSError, e:
print_info_msg("Unable to stop Ambari Server - " + str(e))
return
pid_file_path = os.path.join(configDefaults.PID_DIR, PID_NAME)
os.remove(pid_file_path)
print "Ambari Server stopped"
logger.info("Ambari Server stopped")
def set_current(options):
logger.info("Set current cluster version.")
server_status, pid = is_server_runing()
if not server_status:
err = 'Ambari Server is not running.'
raise FatalException(1, err)
finalize_options = SetCurrentVersionOptions(options)
if finalize_options.no_finalize_options_set():
err = 'Must specify --cluster-name and --version-display-name. Please invoke ambari-server.py --help to print the options.'
raise FatalException(1, err)
admin_login = get_validated_string_input(
prompt="Enter Ambari Admin login: "******"Enter Ambari Admin password: "******"Failed to read properties file.")
base_url = get_ambari_server_api_base(properties)
url = base_url + "clusters/{0}/stack_versions".format(
finalize_options.cluster_name)
admin_auth = base64.encodestring(
'%s:%s' % (admin_login, admin_password)).replace('\n', '')
request = urllib2.Request(url)
request.add_header('Authorization', 'Basic %s' % admin_auth)
request.add_header('X-Requested-By', 'ambari')
data = {
"ClusterStackVersions": {
"repository_version": finalize_options.desired_repo_version,
"state": "CURRENT",
"force": finalize_options.force_repo_version
}
}
if get_verbose():
sys.stdout.write('\nCalling API ' + url + ' : ' + str(data) + '\n')
request.add_data(json.dumps(data))
request.get_method = lambda: 'PUT'
try:
response = urllib2.urlopen(request)
except urllib2.HTTPError, e:
code = e.getcode()
content = e.read()
err = 'Error during setting current version. Http status code - {0}. \n {1}'.format(
code, content)
raise FatalException(1, err)
def sync_ldap(options):
if not is_root():
err = 'Ambari-server sync-ldap should be run with ' \
'root-level privileges'
raise FatalException(4, err)
server_status, pid = is_server_runing()
if not server_status:
err = 'Ambari Server is not running.'
raise FatalException(1, err)
properties = get_ambari_properties()
if properties == -1:
raise FatalException(1, "Failed to read properties file.")
ldap_configured = properties.get_property(IS_LDAP_CONFIGURED)
if ldap_configured != 'true':
err = "LDAP is not configured. Run 'ambari-server setup-ldap' first."
raise FatalException(1, err)
# set ldap sync options
ldap_sync_options = LdapSyncOptions(options)
if ldap_sync_options.no_ldap_sync_options_set():
err = 'Must specify a sync option (all, existing, users or groups). Please invoke ambari-server.py --help to print the options.'
raise FatalException(1, err)
admin_login = get_validated_string_input(prompt="Enter Ambari Admin login: "******"Enter Ambari Admin password: "******"Event":{"specs":[{"principal_type":"users","sync_type":"all"},{"principal_type":"groups","sync_type":"all"}]}}]
elif ldap_sync_options.ldap_sync_existing:
sys.stdout.write('Syncing existing.')
bodies = [{"Event":{"specs":[{"principal_type":"users","sync_type":"existing"},{"principal_type":"groups","sync_type":"existing"}]}}]
else:
sys.stdout.write('Syncing specified users and groups.')
bodies = [{"Event":{"specs":[]}}]
body = bodies[0]
events = body['Event']
specs = events['specs']
if ldap_sync_options.ldap_sync_users is not None:
new_specs = [{"principal_type":"users","sync_type":"specific","names":""}]
get_ldap_event_spec_names(ldap_sync_options.ldap_sync_users, specs, new_specs)
if ldap_sync_options.ldap_sync_groups is not None:
new_specs = [{"principal_type":"groups","sync_type":"specific","names":""}]
get_ldap_event_spec_names(ldap_sync_options.ldap_sync_groups, specs, new_specs)
if get_verbose():
sys.stdout.write('\nCalling API ' + url + ' : ' + str(bodies) + '\n')
request.add_data(json.dumps(bodies))
request.get_method = lambda: 'POST'
try:
response = urllib2.urlopen(request)
except Exception as e:
err = 'Sync event creation failed. Error details: %s' % e
raise FatalException(1, err)
response_status_code = response.getcode()
if response_status_code != 201:
err = 'Error during syncing. Http status code - ' + str(response_status_code)
raise FatalException(1, err)
response_body = json.loads(response.read())
url = response_body['resources'][0]['href']
request = urllib2.Request(url)
request.add_header('Authorization', 'Basic %s' % admin_auth)
request.add_header('X-Requested-By', 'ambari')
body = [{"LDAP":{"synced_groups":"*","synced_users":"*"}}]
request.add_data(json.dumps(body))
request.get_method = lambda: 'GET'
request_in_progress = True
while request_in_progress:
sys.stdout.write('.')
sys.stdout.flush()
try:
response = urllib2.urlopen(request)
except Exception as e:
request_in_progress = False
err = 'Sync event check failed. Error details: %s' % e
raise FatalException(1, err)
response_status_code = response.getcode()
if response_status_code != 200:
err = 'Error during syncing. Http status code - ' + str(response_status_code)
raise FatalException(1, err)
response_body = json.loads(response.read())
sync_info = response_body['Event']
if sync_info['status'] == 'ERROR':
raise FatalException(1, str(sync_info['status_detail']))
elif sync_info['status'] == 'COMPLETE':
print '\n\nCompleted LDAP Sync.'
print 'Summary:'
for principal_type, summary in sync_info['summary'].iteritems():
print ' {0}:'.format(principal_type)
for action, amount in summary.iteritems():
print ' {0} = {1!s}'.format(action, amount)
request_in_progress = False
else:
time.sleep(1)
sys.stdout.write('\n')
sys.stdout.flush()
def main(options, args, parser):
init_logging()
# set silent
set_silent(options.silent)
# debug mode
set_debug_mode_from_options(options)
init_debug(options)
#perform checks
options.warnings = []
if len(args) == 0:
print parser.print_help()
parser.error("No action entered")
action_map = create_user_action_map(args, options)
action = args[0]
try:
action_obj = action_map[action]
except KeyError:
parser.error("Invalid action: " + action)
if action == SETUP_ACTION:
if are_cmd_line_db_args_blank(options):
options.must_set_database_options = True
elif not are_cmd_line_db_args_valid(options):
parser.error('All database options should be set. Please see help for the options.')
else:
options.must_set_database_options = False
#correct database
fix_database_options(options, parser)
matches = 0
for args_number_required in action_obj.possible_args_numbers:
matches += int(len(args) == args_number_required)
if matches == 0:
print parser.print_help()
possible_args = ' or '.join(str(x) for x in action_obj.possible_args_numbers)
parser.error("Invalid number of arguments. Entered: " + str(len(args)) + ", required: " + possible_args)
options.exit_message = "Ambari Server '%s' completed successfully." % action
options.exit_code = None
try:
if action in _action_option_dependence_map:
required, optional = _action_option_dependence_map[action]
for opt_str, opt_dest in required:
if hasattr(options, opt_dest) and getattr(options, opt_dest) is None:
print "Missing option {0} for action {1}".format(opt_str, action)
print_action_arguments_help(action)
print "Run ambari-server.py --help to see detailed description of each option"
raise FatalException(1, "Missing option")
action_obj.execute()
if action_obj.need_restart:
pstatus, pid = is_server_runing()
if pstatus:
print 'NOTE: Restart Ambari Server to apply changes' + \
' ("ambari-server restart|stop+start")'
if options.warnings:
for warning in options.warnings:
print_warning_msg(warning)
pass
options.exit_message = "Ambari Server '%s' completed with warnings." % action
pass
except FatalException as e:
if e.reason is not None:
print_error_msg("Exiting with exit code {0}. \nREASON: {1}".format(e.code, e.reason))
logger.exception(str(e))
sys.exit(e.code)
except NonFatalException as e:
options.exit_message = "Ambari Server '%s' completed with warnings." % action
if e.reason is not None:
print_warning_msg(e.reason)
if options.exit_message is not None:
print options.exit_message
if options.exit_code is not None: # not all actions may return a system exit code
sys.exit(options.exit_code)
def setup_sso(options):
print_info_msg("Setup SSO.")
server_status, pid = is_server_runing()
if not server_status:
err = 'Ambari Server is not running.'
raise FatalException(1, err)
if not get_silent():
validate_options(options)
ambari_properties = get_ambari_properties()
admin_login, admin_password = get_ambari_admin_username_password_pair(
options)
properties = get_sso_properties(ambari_properties, admin_login,
admin_password)
if not options.sso_enabled:
ambari_auth_enabled = get_value_from_dictionary(
properties, AMBARI_SSO_AUTH_ENABLED)
manage_services = get_value_from_dictionary(
properties, SSO_MANAGE_SERVICES)
if ambari_auth_enabled or manage_services:
if (ambari_auth_enabled and 'true' == ambari_auth_enabled) or \
(manage_services and 'true' == manage_services):
sso_status = "enabled"
else:
sso_status = "disabled"
else:
sso_status = "not configured"
sys.stdout.write("\nSSO is currently %s\n" % sso_status)
if sso_status == "enabled":
enable_sso = not get_YN_input(
"Do you want to disable SSO authentication [y/n] (n)? ",
False)
elif get_YN_input(
"Do you want to configure SSO authentication [y/n] (y)? ",
True):
enable_sso = True
else:
return False
else:
enable_sso = options.sso_enabled == 'true'
if enable_sso:
populate_sso_provider_url(options, properties)
populate_sso_public_cert(options, properties)
populate_ambari_requires_sso(options, properties)
populate_service_management(options, properties, ambari_properties,
admin_login, admin_password)
populate_jwt_cookie_name(options, properties)
populate_jwt_audiences(options, properties)
update_sso_conf(ambari_properties, properties, admin_login,
admin_password)
else:
remove_sso_conf(ambari_properties, admin_login, admin_password)
else:
warning = "setup-sso is not enabled in silent mode."
raise NonFatalException(warning)
pass
def setup_trusted_proxy(options):
print_info_msg("Setup Trusted Proxy")
server_status, pid = is_server_runing()
if not server_status:
err = 'Ambari Server is not running.'
raise FatalException(1, err)
if not get_silent():
validate_options(options)
ambari_properties = get_ambari_properties()
admin_login, admin_password = get_ambari_admin_username_password_pair(
options)
properties = get_trusted_proxy_properties(ambari_properties,
admin_login, admin_password)
if not options.tproxy_enabled:
tproxy_support_enabled = get_value_from_dictionary(
properties, TPROXY_SUPPORT_ENABLED)
if tproxy_support_enabled:
if 'true' == tproxy_support_enabled:
tproxy_status = "enabled"
else:
tproxy_status = "disabled"
else:
tproxy_status = "not configured"
print_info_msg("\nTrusted Proxy support is currently %s\n" %
tproxy_status)
if tproxy_status == "enabled":
enable_tproxy = not get_YN_input(
"Do you want to disable Trusted Proxy support [y/n] (n)? ",
False)
elif get_YN_input(
"Do you want to configure Trusted Proxy Support [y/n] (y)? ",
True):
enable_tproxy = True
else:
return False
else:
enable_tproxy = options.tproxy_enabled == 'true'
if enable_tproxy:
properties[TPROXY_SUPPORT_ENABLED] = "true"
if not options.tproxy_configuration_file_path:
add_new_trusted_proxy = add_new_trusted_proxy_config(
properties)
while add_new_trusted_proxy:
add_new_trusted_proxy = add_new_trusted_proxy_config(
properties)
else:
parse_trusted_configuration_file(
options.tproxy_configuration_file_path, properties)
update_tproxy_conf(ambari_properties, properties, admin_login,
admin_password)
else:
remove_tproxy_conf(ambari_properties, admin_login, admin_password)
else:
warning = "setup-trusted-proxy is not enabled in silent mode."
raise NonFatalException(warning)
pass
def update_host_names(args, options):
services_stopped = userInput.get_YN_input(
"Please, confirm Ambari services are stopped [y/n] (n)? ", False)
if not services_stopped:
print 'Exiting...'
sys.exit(1)
pending_commands = userInput.get_YN_input(
"Please, confirm there are no pending commands on cluster [y/n] (n)? ",
False)
if not pending_commands:
print 'Exiting...'
sys.exit(1)
db_backup_done = userInput.get_YN_input(
"Please, confirm you have made backup of the Ambari db [y/n] (n)? ",
False)
if not db_backup_done:
print 'Exiting...'
sys.exit(1)
status, pid = serverUtils.is_server_runing()
if status:
raise FatalException(1, "Ambari Server should be stopped")
try:
host_mapping_file_path = args[1]
except IndexError:
#host_mapping file is mandatory
raise FatalException(
1,
"Invalid number of host update arguments. Probably, you forgot to add json file with "
"host changes.")
if not os.path.isfile(host_mapping_file_path):
raise FatalException(1, "Invalid file path or file doesn't exist")
if not os.access(host_mapping_file_path, os.R_OK):
raise FatalException(1, "File is not readable")
jdk_path = serverConfiguration.get_java_exe_path()
if jdk_path is None:
print_error_msg(
"No JDK found, please run the \"setup\" "
"command to install a JDK automatically or install any "
"JDK manually to " + configDefaults.JDK_INSTALL_DIR)
sys.exit(1)
properties = serverConfiguration.get_ambari_properties()
serverConfiguration.parse_properties_file(options)
options.database_index = LINUX_DBMS_KEYS_LIST.index(
properties[JDBC_DATABASE_PROPERTY])
dbConfiguration.ensure_jdbc_driver_is_installed(
options, serverConfiguration.get_ambari_properties())
serverClassPath = ServerClassPath(
serverConfiguration.get_ambari_properties(), options)
class_path = serverClassPath.get_full_ambari_classpath_escaped_for_shell()
command = HOST_UPDATE_HELPER_CMD.format(jdk_path, class_path,
host_mapping_file_path)
ambari_user = serverConfiguration.read_ambari_user()
current_user = setupSecurity.ensure_can_start_under_current_user(
ambari_user)
environ = setupSecurity.generate_env(options, ambari_user, current_user)
(retcode, stdout, stderr) = os_utils.run_os_command(command, env=environ)
print_info_msg("Return code from update host names command, retcode = " +
str(retcode))
if retcode > 0:
print_error_msg(
"Error executing update host names, please check the server logs.")
raise FatalException(1, 'Host names update failed.')
else:
print_info_msg('Host names update completed successfully')
def setup_ldap(options):
logger.info("Setup LDAP.")
properties = get_ambari_properties()
server_status, pid = is_server_runing()
if not server_status:
err = 'Ambari Server is not running.'
raise FatalException(1, err)
current_client_security = get_value_from_properties(properties,CLIENT_SECURITY,"no auth method")
if current_client_security != 'ldap':
query = "Currently '" + current_client_security + "' is configured, do you wish to use LDAP instead [y/n] (n)? "
if get_YN_input(query, False):
pass
else:
err = "Currently '" + current_client_security + "' configured. Can not setup LDAP."
raise FatalException(1, err)
isSecure = get_is_secure(properties)
ldap_property_list_reqd = init_ldap_properties_list_reqd(properties, options)
ldap_property_list_opt = [LDAP_MGR_USERNAME_PROPERTY,
LDAP_MGR_PASSWORD_PROPERTY,
SSL_TRUSTSTORE_TYPE_PROPERTY,
SSL_TRUSTSTORE_PATH_PROPERTY,
SSL_TRUSTSTORE_PASSWORD_PROPERTY]
ldap_property_list_passwords=[LDAP_MGR_PASSWORD_PROPERTY,
SSL_TRUSTSTORE_PASSWORD_PROPERTY]
LDAP_MGR_DN_DEFAULT = None
SSL_TRUSTSTORE_TYPE_DEFAULT = get_value_from_properties(properties, SSL_TRUSTSTORE_TYPE_PROPERTY, "jks")
SSL_TRUSTSTORE_PATH_DEFAULT = get_value_from_properties(properties, SSL_TRUSTSTORE_PATH_PROPERTY)
ldap_property_value_map = {}
for ldap_prop in ldap_property_list_reqd:
input = get_validated_string_input(ldap_prop.ldap_prop_val_prompt, ldap_prop.ldap_prop_name, ldap_prop.prompt_regex,
"Invalid characters in the input!", False, ldap_prop.allow_empty_prompt,
answer = ldap_prop.option)
if input is not None and input != "":
ldap_property_value_map[ldap_prop.prop_name] = input
bindAnonymously = ldap_property_value_map[LDAP_ANONYMOUS_BIND]
anonymous = (bindAnonymously and bindAnonymously.lower() == 'true')
mgr_password = None
# Ask for manager credentials only if bindAnonymously is false
if not anonymous:
username = get_validated_string_input("Manager DN* {0}: ".format(
get_prompt_default(LDAP_MGR_DN_DEFAULT)), LDAP_MGR_DN_DEFAULT, ".*",
"Invalid characters in the input!", False, False, answer = options.ldap_manager_dn)
ldap_property_value_map[LDAP_MGR_USERNAME_PROPERTY] = username
mgr_password = configure_ldap_password(options)
ldap_property_value_map[LDAP_MGR_PASSWORD_PROPERTY] = mgr_password
useSSL = ldap_property_value_map[LDAP_USE_SSL]
ldaps = (useSSL and useSSL.lower() == 'true')
ts_password = None
if ldaps:
truststore_default = "n"
truststore_set = bool(SSL_TRUSTSTORE_PATH_DEFAULT)
if truststore_set:
truststore_default = "y"
custom_trust_store = True if options.trust_store_path is not None and options.trust_store_path else False
if not custom_trust_store:
custom_trust_store = get_YN_input("Do you want to provide custom TrustStore for Ambari [y/n] ({0})?".
format(truststore_default),
truststore_set)
if custom_trust_store:
ts_type = get_validated_string_input("TrustStore type [jks/jceks/pkcs12] {0}:".format(get_prompt_default(SSL_TRUSTSTORE_TYPE_DEFAULT)),
SSL_TRUSTSTORE_TYPE_DEFAULT, "^(jks|jceks|pkcs12)?$", "Wrong type", False, answer=options.trust_store_type)
ts_path = None
while True:
ts_path = get_validated_string_input("Path to TrustStore file {0}:".format(get_prompt_default(SSL_TRUSTSTORE_PATH_DEFAULT)),
SSL_TRUSTSTORE_PATH_DEFAULT, ".*", False, False, answer = options.trust_store_path)
if os.path.exists(ts_path):
break
else:
print 'File not found.'
hasAnswer = options.trust_store_path is not None and options.trust_store_path
quit_if_has_answer(hasAnswer)
ts_password = read_password("", ".*", "Password for TrustStore:", "Invalid characters in password", options.trust_store_password)
ldap_property_value_map[SSL_TRUSTSTORE_TYPE_PROPERTY] = ts_type
ldap_property_value_map[SSL_TRUSTSTORE_PATH_PROPERTY] = ts_path
ldap_property_value_map[SSL_TRUSTSTORE_PASSWORD_PROPERTY] = ts_password
pass
elif properties.get_property(SSL_TRUSTSTORE_TYPE_PROPERTY):
print 'The TrustStore is already configured: '
print ' ' + SSL_TRUSTSTORE_TYPE_PROPERTY + ' = ' + properties.get_property(SSL_TRUSTSTORE_TYPE_PROPERTY)
print ' ' + SSL_TRUSTSTORE_PATH_PROPERTY + ' = ' + properties.get_property(SSL_TRUSTSTORE_PATH_PROPERTY)
print ' ' + SSL_TRUSTSTORE_PASSWORD_PROPERTY + ' = ' + properties.get_property(SSL_TRUSTSTORE_PASSWORD_PROPERTY)
if get_YN_input("Do you want to remove these properties [y/n] (y)? ", True, options.trust_store_reconfigure):
properties.removeOldProp(SSL_TRUSTSTORE_TYPE_PROPERTY)
properties.removeOldProp(SSL_TRUSTSTORE_PATH_PROPERTY)
properties.removeOldProp(SSL_TRUSTSTORE_PASSWORD_PROPERTY)
pass
pass
print '=' * 20
print 'Review Settings'
print '=' * 20
for property in ldap_property_list_reqd:
if ldap_property_value_map.has_key(property):
print("%s: %s" % (property, ldap_property_value_map[property]))
for property in ldap_property_list_opt:
if ldap_property_value_map.has_key(property):
if property not in ldap_property_list_passwords:
print("%s: %s" % (property, ldap_property_value_map[property]))
else:
print("%s: %s" % (property, BLIND_PASSWORD))
save_settings = True if options.ldap_save_settings is not None else get_YN_input("Save settings [y/n] (y)? ", True)
if save_settings:
if isSecure:
if mgr_password:
encrypted_passwd = encrypt_password(LDAP_MGR_PASSWORD_ALIAS, mgr_password, options)
if mgr_password != encrypted_passwd:
ldap_property_value_map[LDAP_MGR_PASSWORD_PROPERTY] = encrypted_passwd
pass
if ts_password:
encrypted_passwd = encrypt_password(SSL_TRUSTSTORE_PASSWORD_ALIAS, ts_password, options)
if ts_password != encrypted_passwd:
ldap_property_value_map[SSL_TRUSTSTORE_PASSWORD_PROPERTY] = encrypted_passwd
pass
pass
# Persisting values
if mgr_password:
ldap_property_value_map[LDAP_MGR_PASSWORD_PROPERTY] = store_password_file(mgr_password, LDAP_MGR_PASSWORD_FILENAME)
print 'Saving LDAP properties...'
ldap_property_value_map[IS_LDAP_CONFIGURED] = "true"
#Saving LDAP configuration in Ambari DB using the REST API
update_ldap_configuration(properties, ldap_property_value_map)
#The only property we want to write out in Ambari.properties is the client.security type being LDAP
ldap_property_value_map.clear()
ldap_property_value_map[CLIENT_SECURITY] = 'ldap'
update_properties_2(properties, ldap_property_value_map)
print 'Saving LDAP properties finished'
return 0
def setup_sso(options):
logger.info("Setup SSO.")
if not is_root():
raise FatalException(
4,
'ambari-server setup-sso should be run with root-level privileges')
server_status, pid = is_server_runing()
if not server_status:
err = 'Ambari Server is not running.'
raise FatalException(1, err)
if not get_silent():
validate_options(options)
properties = get_ambari_properties()
admin_login, admin_password = get_ambari_admin_username_password_pair(
options)
if not options.sso_enabled:
sso_enabled_from_db = get_sso_property_from_db(
properties, admin_login, admin_password, SSO_MANAGE_SERVICES)
sso_enabled = sso_enabled_from_db == None or sso_enabled_from_db in [
'true'
]
print_info_msg(
"SSO is currently {0}".format(
"not configured" if sso_enabled_from_db == None else (
"enabled" if sso_enabled else "disabled")), True)
if sso_enabled:
enable_sso = not get_YN_input(
"Do you want to disable SSO authentication [y/n] (n)? ",
False)
else:
if get_YN_input(
"Do you want to configure SSO authentication [y/n] (y)? ",
True):
enable_sso = True
else:
return False
else:
enable_sso = options.sso_enabled == 'true'
services = ''
if enable_sso:
populate_sso_provider_url(options, properties)
populate_sso_public_cert(options, properties)
populate_jwt_cookie_name(options, properties)
populate_jwt_audiences(options, properties)
services = get_services_requires_sso(options, properties,
admin_login, admin_password)
update_sso_conf(properties, enable_sso, services, admin_login,
admin_password)
enable_jwt_auth = WILDCARD_FOR_ALL_SERVICES == services or SERVICE_NAME_AMBARI in services
properties.process_pair(JWT_AUTH_ENBABLED,
"true" if enable_jwt_auth else "false")
update_properties(properties)
pass
else:
warning = "setup-sso is not enabled in silent mode."
raise NonFatalException(warning)
pass
def main(options, args, parser):
# set silent
set_silent(options.silent)
# debug mode
set_debug_mode_from_options(options)
init_debug(options)
#perform checks
options.warnings = []
if are_cmd_line_db_args_blank(options):
options.must_set_database_options = True
elif not are_cmd_line_db_args_valid(options):
parser.error('All database options should be set. Please see help for the options.')
else:
options.must_set_database_options = False
#correct database
fix_database_options(options, parser)
if len(args) == 0:
print parser.print_help()
parser.error("No action entered")
action_map = create_user_action_map(args, options)
action = args[0]
try:
action_obj = action_map[action]
except KeyError:
parser.error("Invalid action: " + action)
matches = 0
for args_number_required in action_obj.possible_args_numbers:
matches += int(len(args) == args_number_required)
if matches == 0:
print parser.print_help()
possible_args = ' or '.join(str(x) for x in action_obj.possible_args_numbers)
parser.error("Invalid number of arguments. Entered: " + str(len(args)) + ", required: " + possible_args)
options.exit_message = "Ambari Server '%s' completed successfully." % action
try:
action_obj.execute()
if action_obj.need_restart:
pstatus, pid = is_server_runing()
if pstatus:
print 'NOTE: Restart Ambari Server to apply changes' + \
' ("ambari-server restart|stop+start")'
if options.warnings:
for warning in options.warnings:
print_warning_msg(warning)
pass
options.exit_message = "Ambari Server '%s' completed with warnings." % action
pass
except FatalException as e:
if e.reason is not None:
print_error_msg("Exiting with exit code {0}. \nREASON: {1}".format(e.code, e.reason))
sys.exit(e.code)
except NonFatalException as e:
options.exit_message = "Ambari Server '%s' completed with warnings." % action
if e.reason is not None:
print_warning_msg(e.reason)
if options.exit_message is not None:
print options.exit_message
def main(options, args, parser):
# set silent
set_silent(options.silent)
# debug mode
set_debug_mode_from_options(options)
init_debug(options)
#perform checks
options.warnings = []
if are_cmd_line_db_args_blank(options):
options.must_set_database_options = True
elif not are_cmd_line_db_args_valid(options):
parser.error(
'All database options should be set. Please see help for the options.'
)
else:
options.must_set_database_options = False
#correct database
fix_database_options(options, parser)
if len(args) == 0:
print parser.print_help()
parser.error("No action entered")
action_map = create_user_action_map(args, options)
action = args[0]
try:
action_obj = action_map[action]
except KeyError:
parser.error("Invalid action: " + action)
matches = 0
for args_number_required in action_obj.possible_args_numbers:
matches += int(len(args) == args_number_required)
if matches == 0:
print parser.print_help()
possible_args = ' or '.join(
str(x) for x in action_obj.possible_args_numbers)
parser.error("Invalid number of arguments. Entered: " +
str(len(args)) + ", required: " + possible_args)
options.exit_message = "Ambari Server '%s' completed successfully." % action
try:
action_obj.execute()
if action_obj.need_restart:
pstatus, pid = is_server_runing()
if pstatus:
print 'NOTE: Restart Ambari Server to apply changes' + \
' ("ambari-server restart|stop+start")'
if options.warnings:
for warning in options.warnings:
print_warning_msg(warning)
pass
options.exit_message = "Ambari Server '%s' completed with warnings." % action
pass
except FatalException as e:
if e.reason is not None:
print_error_msg("Exiting with exit code {0}. \nREASON: {1}".format(
e.code, e.reason))
sys.exit(e.code)
except NonFatalException as e:
options.exit_message = "Ambari Server '%s' completed with warnings." % action
if e.reason is not None:
print_warning_msg(e.reason)
if options.exit_message is not None:
print options.exit_message
def run_db_cleanup(options):
if validate_args(options):
return 1
status, stateDesc = is_server_runing()
if not options.silent:
db_title = get_db_type(get_ambari_properties()).title
confirmBackup = get_YN_input(
"Ambari Server configured for {0}. Confirm you have made a backup of the Ambari Server database [y/n]"
.format(db_title), True)
if not confirmBackup:
print_info_msg("Ambari Server Database cleanup aborted")
return 0
if status:
print_error_msg(
"The database cleanup cannot proceed while Ambari Server is running. Please shut down Ambari first."
)
return 1
confirm = get_YN_input(
"Ambari server is using db type {0}. Cleanable database entries older than {1} will be cleaned up. Proceed [y/n]"
.format(db_title, options.cleanup_from_date), True)
if not confirm:
print_info_msg("Ambari Server Database cleanup aborted")
return 0
jdk_path = get_java_exe_path()
if jdk_path is None:
print_error_msg(
"No JDK found, please run the \"setup\" command to install a JDK automatically or install any "
"JDK manually to {0}".format(configDefaults.JDK_INSTALL_DIR))
return 1
ensure_jdbc_driver_is_installed(options, get_ambari_properties())
serverClassPath = ServerClassPath(get_ambari_properties(), options)
class_path = serverClassPath.get_full_ambari_classpath_escaped_for_shell()
ambari_user = read_ambari_user()
current_user = ensure_can_start_under_current_user(ambari_user)
environ = generate_env(options, ambari_user, current_user)
print "Cleaning up the database ..."
command = DB_CLEANUP_CMD.format(jdk_path, class_path, options.cluster_name,
options.cleanup_from_date)
(retcode, stdout, stderr) = run_os_command(command, env=environ)
print_info_msg("Return code from database cleanup command, retcode = " +
str(retcode))
if stdout:
print "Console output from database cleanup command:"
print stdout
print
if stderr:
print "Error output from database cleanup command:"
print stderr
print
if retcode > 0:
print_error_msg(
"Error wncountered while cleaning up the Ambari Server Database. Check the ambari-server.log for details."
)
else:
print "Cleanup completed. Check the ambari-server.log for details."
return retcode
def update_host_names(args, options):
services_stopped = userInput.get_YN_input("Please, confirm Ambari services are stopped [y/n] (n)? ", False)
if not services_stopped:
print 'Exiting...'
sys.exit(1)
pending_commands = userInput.get_YN_input("Please, confirm there are no pending commands on cluster [y/n] (n)? ", False)
if not pending_commands:
print 'Exiting...'
sys.exit(1)
db_backup_done = userInput.get_YN_input("Please, confirm you have made backup of the Ambari db [y/n] (n)? ", False)
if not db_backup_done:
print 'Exiting...'
sys.exit(1)
status, pid = serverUtils.is_server_runing()
if status:
raise FatalException(1, "Ambari Server should be stopped")
try:
host_mapping_file_path = args[1]
except IndexError:
#host_mapping file is mandatory
raise FatalException(1, "Invalid number of host update arguments. Probably, you forgot to add json file with "
"host changes.")
if not os.path.isfile(host_mapping_file_path):
raise FatalException(1, "Invalid file path or file doesn't exist")
if not os.access(host_mapping_file_path, os.R_OK):
raise FatalException(1, "File is not readable")
jdk_path = serverConfiguration.get_java_exe_path()
if jdk_path is None:
print_error_msg("No JDK found, please run the \"setup\" "
"command to install a JDK automatically or install any "
"JDK manually to " + configDefaults.JDK_INSTALL_DIR)
sys.exit(1)
properties = serverConfiguration.get_ambari_properties()
serverConfiguration.parse_properties_file(options)
options.database_index = LINUX_DBMS_KEYS_LIST.index(properties[JDBC_DATABASE_PROPERTY])
dbConfiguration.ensure_jdbc_driver_is_installed(options, serverConfiguration.get_ambari_properties())
serverClassPath = ServerClassPath(serverConfiguration.get_ambari_properties(), options)
class_path = serverClassPath.get_full_ambari_classpath_escaped_for_shell()
command = HOST_UPDATE_HELPER_CMD.format(jdk_path, class_path, host_mapping_file_path)
ambari_user = serverConfiguration.read_ambari_user()
current_user = setupSecurity.ensure_can_start_under_current_user(ambari_user)
environ = setupSecurity.generate_env(options, ambari_user, current_user)
(retcode, stdout, stderr) = os_utils.run_os_command(command, env=environ)
print_info_msg("Return code from update host names command, retcode = " + str(retcode))
if retcode > 0:
print_error_msg("Error executing update host names, please check the server logs.")
raise FatalException(1, 'Host names update failed.')
else:
print_info_msg('Host names update completed successfully')
def main(options, args, parser):
# init logger
properties = get_ambari_properties()
python_log_level = logging.INFO
python_log_name = "ambari-server-command.log"
custom_log_level = properties["server.python.log.level"]
if custom_log_level:
if custom_log_level == "INFO":
python_log_level = logging.INFO
if custom_log_level == "DEBUG":
python_log_level = logging.DEBUG
custom_log_name = properties["server.python.log.name"]
if custom_log_name:
python_log_name = custom_log_name
python_log = os.path.join(configDefaults.OUT_DIR, python_log_name)
setup_logging(logger, python_log, python_log_level)
# set silent
set_silent(options.silent)
# debug mode
set_debug_mode_from_options(options)
init_debug(options)
#perform checks
options.warnings = []
if are_cmd_line_db_args_blank(options):
options.must_set_database_options = True
elif not are_cmd_line_db_args_valid(options):
parser.error(
'All database options should be set. Please see help for the options.'
)
else:
options.must_set_database_options = False
#correct database
fix_database_options(options, parser)
if len(args) == 0:
print parser.print_help()
parser.error("No action entered")
action_map = create_user_action_map(args, options)
action = args[0]
try:
action_obj = action_map[action]
except KeyError:
parser.error("Invalid action: " + action)
matches = 0
for args_number_required in action_obj.possible_args_numbers:
matches += int(len(args) == args_number_required)
if matches == 0:
print parser.print_help()
possible_args = ' or '.join(
str(x) for x in action_obj.possible_args_numbers)
parser.error("Invalid number of arguments. Entered: " +
str(len(args)) + ", required: " + possible_args)
options.exit_message = "Ambari Server '%s' completed successfully." % action
options.exit_code = None
try:
action_obj.execute()
if action_obj.need_restart:
pstatus, pid = is_server_runing()
if pstatus:
print 'NOTE: Restart Ambari Server to apply changes' + \
' ("ambari-server restart|stop+start")'
if options.warnings:
for warning in options.warnings:
print_warning_msg(warning)
pass
options.exit_message = "Ambari Server '%s' completed with warnings." % action
pass
except FatalException as e:
if e.reason is not None:
print_error_msg("Exiting with exit code {0}. \nREASON: {1}".format(
e.code, e.reason))
logger.exception(str(e))
sys.exit(e.code)
except NonFatalException as e:
options.exit_message = "Ambari Server '%s' completed with warnings." % action
if e.reason is not None:
print_warning_msg(e.reason)
if options.exit_message is not None:
print options.exit_message
if options.exit_code is not None: # not all actions may return a system exit code
sys.exit(options.exit_code)
