def setup_jce_policy(args):
if os.path.exists(args[1]):
if not os.path.split(args[1])[0] == configDefaults.SERVER_RESOURCES_DIR:
try:
shutil.copy(args[1], configDefaults.SERVER_RESOURCES_DIR)
except Exception as e:
err = "Fail while trying to copy {0} to {1}. {2}".format(args[1], configDefaults.SERVER_RESOURCES_DIR, e)
raise FatalException(1, err)
else:
err = "Can not run 'setup-jce'. Invalid path {0}.".format(args[1])
raise FatalException(1, err)
properties = get_ambari_properties()
jdk_path = properties.get_property(JAVA_HOME_PROPERTY)
resources_dir = properties.get_property(RESOURCES_DIR_PROPERTY)
zip_name = os.path.split(args[1])[1]
properties.process_pair(JCE_NAME_PROPERTY, zip_name)
print 'Installing JCE policy...'
try:
JDKSetup.unpack_jce_policy(jdk_path, resources_dir, zip_name)
except FatalException as e:
err = 'Installing JCE failed: {0}. Exiting.'.format(e)
raise FatalException(e.code, err)
update_properties(properties)
print 'NOTE: Restart Ambari Server to apply changes' + \
' ("ambari-server restart|stop|start")'
def setup_jce_policy(args):
if os.path.exists(args[1]):
if not os.path.split(args[1])[0] == configDefaults.SERVER_RESOURCES_DIR:
try:
shutil.copy(args[1], configDefaults.SERVER_RESOURCES_DIR)
except Exception as e:
err = "Fail while trying to copy {0} to {1}. {2}".format(args[1], configDefaults.SERVER_RESOURCES_DIR, e)
raise FatalException(1, err)
else:
err = "Can not run 'setup-jce'. Invalid path {0}.".format(args[1])
raise FatalException(1, err)
properties = get_ambari_properties()
jdk_path = properties.get_property(JAVA_HOME_PROPERTY)
resources_dir = properties.get_property(RESOURCES_DIR_PROPERTY)
zip_name = os.path.split(args[1])[1]
properties.process_pair(JCE_NAME_PROPERTY, zip_name)
print 'Installing JCE policy...'
try:
JDKSetup.unpack_jce_policy(jdk_path, resources_dir, zip_name)
except FatalException as e:
err = 'Installing JCE failed: {0}. Exiting.'.format(e)
raise FatalException(e.code, err)
update_properties(properties)
print 'NOTE: Restart TBDS Server to apply changes' + \
' ("tbds-server restart|stop|start")'
def ensure_jdbc_driver_installed(self, properties):
server_jdbc_path = properties.get_property(JDBC_DRIVER_PATH_PROPERTY)
if server_jdbc_path and os.path.isfile(server_jdbc_path):
return True
default_driver_path = self._get_default_driver_path(properties)
if default_driver_path and os.path.isfile(default_driver_path):
ambari_should_use_existing_default_jdbc = get_YN_input(
"Should ambari use existing default jdbc {0} [y/n] (y)? ".
format(default_driver_path), True)
if ambari_should_use_existing_default_jdbc:
properties.process_pair(JDBC_DRIVER_PATH_PROPERTY,
default_driver_path)
update_properties(properties)
return True
path_to_custom_jdbc_driver = get_validated_string_input(
"Enter full path to custom jdbc driver: ", None, None, None, False,
False)
if path_to_custom_jdbc_driver and os.path.isfile(
path_to_custom_jdbc_driver):
try:
custom_jdbc_name = os.path.basename(path_to_custom_jdbc_driver)
if not path_to_custom_jdbc_driver == os.path.join(
configDefaults.JAVA_SHARE_PATH, custom_jdbc_name):
if os.path.isfile(
os.path.join(configDefaults.JAVA_SHARE_PATH,
custom_jdbc_name)):
replace_jdbc_in_share_dir = get_YN_input(
"You already have file {0} in /usr/share/java/. Should it be replaced? [y/n] (y)? "
.format(custom_jdbc_name), True)
if replace_jdbc_in_share_dir:
try:
os.remove(
os.path.join(
configDefaults.JAVA_SHARE_PATH,
custom_jdbc_name))
except Exception, ee:
err = 'ERROR: Could not remove jdbc file. %s' % os.path.join(
configDefaults.JAVA_SHARE_PATH,
custom_jdbc_name)
raise FatalException(1, err)
shutil.copy(path_to_custom_jdbc_driver,
configDefaults.JAVA_SHARE_PATH)
print "Copying {0} to {1}".format(
path_to_custom_jdbc_driver,
configDefaults.JAVA_SHARE_PATH)
except Exception, e:
err = "Can not copy file {0} to {1} due to: {2} . Please check file " \
"permissions and free disk space.".format(path_to_custom_jdbc_driver, configDefaults.JAVA_SHARE_PATH, str(e))
raise FatalException(1, err)
properties.process_pair(JDBC_DRIVER_PATH_PROPERTY,
path_to_custom_jdbc_driver)
update_properties(properties)
return True
def add_jdbc_properties(properties):
for db_name in CUSTOM_JDBC_DB_NAMES:
if db_name == "sqlanywhere":
symlink_name = db_name + "-jdbc-driver" + TAR_GZ_ARCHIVE_TYPE
else:
symlink_name = db_name + "-jdbc-driver.jar"
resources_dir = get_resources_location(properties)
custom_db_jdbc_property_name = "custom." + db_name + ".jdbc.name"
if os.path.lexists(os.path.join(resources_dir, symlink_name)):
properties.process_pair(custom_db_jdbc_property_name, symlink_name)
properties.process_pair("previous." + custom_db_jdbc_property_name, default_connectors_map[db_name])
update_properties(properties)
def _setup_database(options):
properties = get_ambari_properties()
if properties == -1:
raise FatalException(-1, "Error getting ambari properties")
factory = DBMSConfigFactory()
dbmsAmbari = factory.create(options, properties, "Ambari")
resultA = dbmsAmbari.configure_database(properties)
# Now save the properties file
if resultA:
update_properties(properties)
dbmsAmbari.setup_database()
def download_and_install_jdk(options):
properties = get_ambari_properties()
if properties == -1:
err = "Error getting ambari properties"
raise FatalException(-1, err)
jdkSetup = JDKSetup()
jdkSetup.download_and_install_jdk(options, properties)
if jdkSetup.jdk_index != jdkSetup.custom_jdk_number:
jdkSetup.download_and_unpack_jce_policy(properties)
update_properties(properties)
return 0
def setup_sso(options):
logger.info("Setup SSO.")
if not is_root():
raise FatalException(
4,
'ambari-server setup-sso should be run with root-level privileges')
if not get_silent():
validateOptions(options)
properties = get_ambari_properties()
must_setup_params = False
if not options.sso_enabled:
sso_enabled = properties.get_property(
JWT_AUTH_ENBABLED).lower() in ['true']
if sso_enabled:
if get_YN_input(
"Do you want to disable SSO authentication [y/n] (n)?",
False):
properties.process_pair(JWT_AUTH_ENBABLED, "false")
else:
if get_YN_input(
"Do you want to configure SSO authentication [y/n] (y)?",
True):
properties.process_pair(JWT_AUTH_ENBABLED, "true")
must_setup_params = True
else:
return False
else:
properties.process_pair(JWT_AUTH_ENBABLED, options.sso_enabled)
must_setup_params = options.sso_enabled == 'true'
if must_setup_params:
populateSsoProviderUrl(options, properties)
populateSsoPublicCert(options, properties)
populateJwtCookieName(options, properties)
populateJwtAudiences(options, properties)
update_properties(properties)
pass
else:
warning = "setup-sso is not enabled in silent mode."
raise NonFatalException(warning)
pass
def setup_jce_policy(args):
logger.info("Setup JCE policy for ambari-server.")
if not os.path.exists(args[1]):
err = "Can not run 'setup-jce'. Invalid path {0}.".format(args[1])
raise FatalException(1, err)
properties = get_ambari_properties()
resources_dir = get_resources_location(properties)
zip_path = os.path.split(args[1])
zip_dir = zip_path[0]
if not zip_dir == resources_dir:
try:
shutil.copy(args[1], resources_dir)
except Exception as e:
err = "Fail while trying to copy {0} to {1}. {2}".format(
args[1], resources_dir, e)
raise FatalException(1, err)
jdk_path = properties.get_property(JAVA_HOME_PROPERTY)
if not jdk_path or not os.path.exists(jdk_path):
err = "JDK not installed, you need to run 'ambari-server setup' before attempting to install the JCE policy."
raise FatalException(1, err)
zip_name = zip_path[1]
properties.process_pair(JCE_NAME_PROPERTY, zip_name)
print 'Installing JCE policy...'
try:
JDKSetup.unpack_jce_policy(jdk_path, resources_dir, zip_name)
except FatalException as e:
err = 'Installing JCE failed: {0}. Exiting.'.format(e)
raise FatalException(e.code, err)
update_properties(properties)
print 'NOTE: Restart Ambari Server to apply changes' + \
' ("ambari-server restart|stop|start")'
def download_and_install_jdk(options):
properties = get_ambari_properties()
if properties == -1:
err = "Error getting ambari properties"
raise FatalException(-1, err)
jdkSetup = JDKSetup()
jdkSetup.download_and_install_jdk(options, properties)
if jdkSetup.jdk_index != jdkSetup.custom_jdk_number:
jdkSetup.download_and_unpack_jce_policy(properties)
update_properties(properties)
ambari_java_version_valid = check_ambari_java_version_is_valid(get_JAVA_HOME(), jdkSetup.JAVA_BIN, 8, properties)
if not ambari_java_version_valid:
jdkSetup = JDKSetup() # recreate object
jdkSetup.download_and_install_jdk(options, properties, True)
if jdkSetup.jdk_index != jdkSetup.custom_jdk_number:
jdkSetup.download_and_unpack_jce_policy(properties, True)
update_properties(properties)
return 0
def setup_jce_policy(args):
if not os.path.exists(args[1]):
err = "Can not run 'setup-jce'. Invalid path {0}.".format(args[1])
raise FatalException(1, err)
properties = get_ambari_properties()
resources_dir = get_resources_location(properties)
zip_path = os.path.split(args[1])
zip_dir = zip_path[0]
if not zip_dir == resources_dir:
try:
shutil.copy(args[1], resources_dir)
except Exception as e:
err = "Fail while trying to copy {0} to {1}. {2}".format(args[1], resources_dir, e)
raise FatalException(1, err)
jdk_path = properties.get_property(JAVA_HOME_PROPERTY)
if not jdk_path or not os.path.exists(jdk_path):
err = "JDK not installed, you need to run 'ambari-server setup' before attempting to install the JCE policy."
raise FatalException(1, err)
zip_name = zip_path[1]
properties.process_pair(JCE_NAME_PROPERTY, zip_name)
print 'Installing JCE policy...'
try:
JDKSetup.unpack_jce_policy(jdk_path, resources_dir, zip_name)
except FatalException as e:
err = 'Installing JCE failed: {0}. Exiting.'.format(e)
raise FatalException(e.code, err)
update_properties(properties)
print 'NOTE: Restart Ambari Server to apply changes' + \
' ("ambari-server restart|stop|start")'
def server_process_main(options, scmStatus=None):
properties = get_ambari_properties()
if properties == -1:
err = "Error getting ambari properties"
raise FatalException(-1, err)
properties_for_print = []
logger.info("Ambari server properties config:")
for key, value in properties.getPropertyDict().items():
if "passwd" not in key and "password" not in key:
properties_for_print.append(key + "=" + value)
logger.info(properties_for_print)
# debug mode, including stop Java process at startup
try:
set_debug_mode_from_options(options)
except AttributeError:
pass
if not check_reverse_lookup():
print_warning_msg(
"The hostname was not found in the reverse DNS lookup. "
"This may result in incorrect behavior. "
"Please check the DNS setup and fix the issue.")
check_database_name_property()
parse_properties_file(options)
is_active_instance = get_is_active_instance()
if not is_active_instance:
print_warning_msg(
"This instance of ambari server is not designated as active. Cannot start ambari server."
)
err = "This is not an active instance. Shutting down..."
raise FatalException(1, err)
ambari_user = read_ambari_user()
current_user = ensure_can_start_under_current_user(ambari_user)
print_info_msg("Ambari Server is not running...")
jdk_path = find_jdk()
if jdk_path is None:
err = "No JDK found, please run the \"ambari-server setup\" " \
"command to install a JDK automatically or install any " \
"JDK manually to " + configDefaults.JDK_INSTALL_DIR
raise FatalException(1, err)
if not options.skip_properties_validation:
missing_properties = get_missing_properties(properties)
if missing_properties:
err = "Required properties are not found: " + str(missing_properties) + ". To skip properties validation " \
"use \"--skip-properties-validation\""
raise FatalException(1, err)
# Preparations
if is_root():
print configDefaults.MESSAGE_SERVER_RUNNING_AS_ROOT
ensure_jdbc_driver_is_installed(options, properties)
ensure_dbms_is_running(options, properties, scmStatus)
if scmStatus is not None:
scmStatus.reportStartPending()
refresh_stack_hash(properties)
if scmStatus is not None:
scmStatus.reportStartPending()
ensure_server_security_is_configured()
if scmStatus is not None:
scmStatus.reportStartPending()
java_exe = get_java_exe_path()
serverClassPath = ServerClassPath(properties, options)
debug_mode = get_debug_mode()
debug_start = (debug_mode & 1) or SERVER_START_DEBUG
suspend_start = (debug_mode & 2) or SUSPEND_START_MODE
suspend_mode = 'y' if suspend_start else 'n'
environ = generate_env(options, ambari_user, current_user)
class_path = serverClassPath.get_full_ambari_classpath_escaped_for_shell(
validate_classpath=True)
if options.skip_database_check:
global jvm_args
jvm_args += " -DskipDatabaseConsistencyCheck"
print "Ambari Server is starting with the database consistency check skipped. Do not make any changes to your cluster " \
"topology or perform a cluster upgrade until you correct the database consistency issues. See \"" \
+ configDefaults.DB_CHECK_LOG + "\" for more details on the consistency issues."
properties.process_pair(CHECK_DATABASE_SKIPPED_PROPERTY, "true")
else:
print "Ambari database consistency check started..."
if options.fix_database_consistency:
jvm_args += " -DfixDatabaseConsistency"
properties.process_pair(CHECK_DATABASE_SKIPPED_PROPERTY, "false")
update_properties(properties)
param_list = generate_child_process_param_list(ambari_user, java_exe,
class_path, debug_start,
suspend_mode)
# The launched shell process and sub-processes should have a group id that
# is different from the parent.
def make_process_independent():
if IS_FOREGROUND: # upstart script is not able to track process from different pgid.
return
processId = os.getpid()
if processId > 0:
try:
os.setpgid(processId, processId)
except OSError, e:
print_warning_msg('setpgid({0}, {0}) failed - {1}'.format(
pidJava, str(e)))
pass
def setup_sso(options):
logger.info("Setup SSO.")
if not is_root():
raise FatalException(
4,
'ambari-server setup-sso should be run with root-level privileges')
server_status, pid = is_server_runing()
if not server_status:
err = 'Ambari Server is not running.'
raise FatalException(1, err)
if not get_silent():
validate_options(options)
properties = get_ambari_properties()
admin_login, admin_password = get_ambari_admin_username_password_pair(
options)
if not options.sso_enabled:
sso_enabled_from_db = get_sso_property_from_db(
properties, admin_login, admin_password, SSO_MANAGE_SERVICES)
sso_enabled = sso_enabled_from_db == None or sso_enabled_from_db in [
'true'
]
print_info_msg(
"SSO is currently {0}".format(
"not configured" if sso_enabled_from_db == None else (
"enabled" if sso_enabled else "disabled")), True)
if sso_enabled:
enable_sso = not get_YN_input(
"Do you want to disable SSO authentication [y/n] (n)? ",
False)
else:
if get_YN_input(
"Do you want to configure SSO authentication [y/n] (y)? ",
True):
enable_sso = True
else:
return False
else:
enable_sso = options.sso_enabled == 'true'
services = ''
if enable_sso:
populate_sso_provider_url(options, properties)
populate_sso_public_cert(options, properties)
populate_jwt_cookie_name(options, properties)
populate_jwt_audiences(options, properties)
services = get_services_requires_sso(options, properties,
admin_login, admin_password)
update_sso_conf(properties, enable_sso, services, admin_login,
admin_password)
enable_jwt_auth = WILDCARD_FOR_ALL_SERVICES == services or SERVICE_NAME_AMBARI in services
properties.process_pair(JWT_AUTH_ENBABLED,
"true" if enable_jwt_auth else "false")
update_properties(properties)
pass
else:
warning = "setup-sso is not enabled in silent mode."
raise NonFatalException(warning)
pass
def setup_sso(args):
logger.info("Setup SSO.")
if not is_root():
err = 'ambari-server setup-sso should be run with ' \
'root-level privileges'
raise FatalException(4, err)
if not get_silent():
properties = get_ambari_properties()
must_setup_params = False
store_new_cert = False
sso_enabled = properties.get_property(JWT_AUTH_ENBABLED).lower() in [
'true'
]
if sso_enabled:
if get_YN_input(
"Do you want to disable SSO authentication [y/n] (n)?",
False):
properties.process_pair(JWT_AUTH_ENBABLED, "false")
else:
if get_YN_input(
"Do you want to configure SSO authentication [y/n] (y)?",
True):
properties.process_pair(JWT_AUTH_ENBABLED, "true")
must_setup_params = True
else:
return False
if must_setup_params:
provider_url = get_value_from_properties(
properties, JWT_AUTH_PROVIDER_URL,
JWT_AUTH_PROVIDER_URL_DEFAULT)
provider_url = get_validated_string_input(
"Provider URL [URL] ({0}):".format(provider_url), provider_url,
REGEX_ANYTHING, "Invalid provider URL", False)
properties.process_pair(JWT_AUTH_PROVIDER_URL, provider_url)
cert_path = properties.get_property(JWT_PUBLIC_KEY)
cert_string = get_multi_line_input(
"Public Certificate pem ({0})".format(
'stored' if cert_path else 'empty'))
if cert_string is not None:
store_new_cert = True
if get_YN_input(
"Do you want to configure advanced properties [y/n] (n) ?",
False):
cookie_name = get_value_from_properties(
properties, JWT_COOKIE_NAME, JWT_COOKIE_NAME_DEFAULT)
cookie_name = get_validated_string_input(
"JWT Cookie name ({0}):".format(cookie_name), cookie_name,
REGEX_ANYTHING, "Invalid cookie name", False)
properties.process_pair(JWT_COOKIE_NAME, cookie_name)
audiences = properties.get_property(JWT_AUDIENCES)
audiences = get_validated_string_input(
"JWT audiences list (comma-separated), empty for any ({0}):"
.format(audiences), audiences, REGEX_ANYTHING,
"Invalid value", False)
properties.process_pair(JWT_AUDIENCES, audiences)
# TODO not required for now as we support Knox only
# orig_query_param = get_value_from_properties(JWT_ORIGINAL_URL_QUERY_PARAM, JWT_ORIGINAL_URL_QUERY_PARAM_DEFAULT)
# orig_query_param = get_validated_string_input("Original URL query parameter name ({}):".format(orig_query_param),
# orig_query_param,
# REGEX_ANYTHING,
# "Invalid value",
# False)
# properties.process_pair(JWT_ORIGINAL_URL_QUERY_PARAM, orig_query_param)
if store_new_cert:
full_cert = JWT_PUBLIC_KEY_HEADER + cert_string + JWT_PUBLIC_KEY_FOOTER
cert_path = store_password_file(full_cert,
JWT_PUBLIC_KEY_FILENAME)
properties.process_pair(JWT_PUBLIC_KEY, cert_path)
update_properties(properties)
pass
else:
warning = "setup-sso is not enabled in silent mode."
raise NonFatalException(warning)
pass
path, jdbc_name = os.path.split(args.jdbc_driver)
properties.process_pair("custom." + args.jdbc_db + ".jdbc.name", jdbc_name)
if os.path.isfile(os.path.join(resources_dir, jdbc_name)):
os.remove(os.path.join(resources_dir, jdbc_name))
try:
shutil.copy(args.jdbc_driver, resources_dir)
print "Copying {0} to {1}".format(args.jdbc_driver, resources_dir)
except Exception, e:
err = "Can not copy file {0} to {1} due to: {2} . Please check file " \
"permissions and free disk space.".format(args.jdbc_driver, resources_dir, str(e))
raise FatalException(1, err)
update_properties(properties)
print "JDBC driver was successfully initialized."
#
# Database
#
# Ask user for database connection properties
def prompt_db_properties(options):
factory = DBMSConfigFactory()
if not factory.force_dbms_setup():
ok = False
if options.must_set_database_options:
