AMBARI-4772. Security Wizard: History Server should be a different section for MR service. (jaimin)

ambari-web/app/controllers/main/admin/security/add/step3.js

@@ -126,53 +126,18 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({
           acl: '440'
         });
       }
-      if(host.get('hostComponents').someProperty('componentName', 'NAMENODE') ||
-        host.get('hostComponents').someProperty('componentName', 'SECONDARY_NAMENODE') ||  host.get('hostComponents').someProperty('componentName', 'JOURNALNODE')){
-        result.push({
-          host: host.get('hostName'),
-          component: Em.I18n.t('admin.addSecurity.hdfs.user.httpUser'),
-          principal: hadoopHttpPrincipal.value.replace('_HOST', host.get('hostName').toLowerCase()) + hadoopHttpPrincipal.unit,
-          keytabFile: stringUtils.getFileFromPath(hadoopHttpKeytabPath),
-          keytab: stringUtils.getPath(hadoopHttpKeytabPath),
-          owner: 'root',
-          group: hadoopGroupId,
-          acl: '440'
-        });
-      }
 
-      if (host.get('hostComponents').someProperty('componentName', 'WEBHCAT_SERVER')) {
-        var webHcatConfigs = configs.filterProperty('serviceName', 'WEBHCAT');
-        var webHCatHttpPrincipal = webHcatConfigs.findProperty('name', 'webHCat_http_principal_name');
-        var webHCatHttpKeytabPath = webHcatConfigs.findProperty('name', 'webhcat_http_keytab').value;
-        result.push({
-          host: host.get('hostName'),
-          component: Em.I18n.t('admin.addSecurity.webhcat.user.httpUser'),
-          principal: webHCatHttpPrincipal.value.replace('_HOST', host.get('hostName').toLowerCase()) + webHCatHttpPrincipal.unit,
-          keytabFile: stringUtils.getFileFromPath(webHCatHttpKeytabPath),
-          keytab: stringUtils.getPath(webHCatHttpKeytabPath),
-          owner: 'root',
-          group: hadoopGroupId,
-          acl: '440'
-        });
-      }
-      if (host.get('hostComponents').someProperty('componentName', 'OOZIE_SERVER')) {
-        var oozieConfigs = configs.filterProperty('serviceName', 'OOZIE');
-        var oozieHttpPrincipal = oozieConfigs.findProperty('name', 'oozie_http_principal_name');
-        var oozieHttpKeytabPath = oozieConfigs.findProperty('name', 'oozie_http_keytab').value;
-        result.push({
-          host: host.get('hostName'),
-          component: Em.I18n.t('admin.addSecurity.oozie.user.httpUser'),
-          principal: oozieHttpPrincipal.value.replace('_HOST', host.get('hostName').toLowerCase()) + oozieHttpPrincipal.unit,
-          keytabFile: stringUtils.getFileFromPath(oozieHttpKeytabPath),
-          keytab: stringUtils.getPath(oozieHttpKeytabPath),
-          owner: 'root',
-          group: hadoopGroupId,
-          acl: '440'
-        });
+      this.setComponentConfig(result,host,'NAMENODE','HDFS','hadoop_http_principal_name','hadoop_http_keytab',Em.I18n.t('admin.addSecurity.hdfs.user.httpUser'),hadoopGroupId);
+      this.setComponentConfig(result,host,'SECONDARY_NAMENODE','HDFS','hadoop_http_principal_name','hadoop_http_keytab',Em.I18n.t('admin.addSecurity.hdfs.user.httpUser'),hadoopGroupId);
+      this.setComponentConfig(result,host,'JOURNALNODE','HDFS','hadoop_http_principal_name','hadoop_http_keytab',Em.I18n.t('admin.addSecurity.hdfs.user.httpUser'),hadoopGroupId);
+      this.setComponentConfig(result,host,'WEBHCAT_SERVER','WEBHCAT','webHCat_http_principal_name','webhcat_http_keytab',Em.I18n.t('admin.addSecurity.webhcat.user.httpUser'),hadoopGroupId);
+      this.setComponentConfig(result,host,'OOZIE_SERVER','OOZIE','oozie_http_principal_name','oozie_http_keytab',Em.I18n.t('admin.addSecurity.oozie.user.httpUser'),hadoopGroupId);
+      //Derive Principal name and Keytabs only if its HDP-2 stack
+      if (App.get('isHadoop2Stack')) {
+        this.setComponentConfig(result,host,'HISTORYSERVER','MAPREDUCE2','jobhistory_http_principal_name','jobhistory_http_keytab',Em.I18n.t('admin.addSecurity.historyServer.user.httpUser'),hadoopGroupId);
+        this.setComponentConfig(result,host,'RESOURCEMANAGER','YARN','resourcemanager_http_principal_name','resourcemanager_http_keytab',Em.I18n.t('admin.addSecurity.rm.user.httpUser'),hadoopGroupId);
+        this.setComponentConfig(result,host,'NODEMANAGER','YARN','nodemanager_http_principal_name','nodemanager_http_keytab',Em.I18n.t('admin.addSecurity.nm.user.httpUser'),hadoopGroupId);
       }
-      this.setComponentConfig(result,host,'HISTORYSERVER','MAPREDUCE2','jobhistory_http_principal_name','jobhistory_http_keytab',Em.I18n.t('admin.addSecurity.historyServer.user.httpUser'),hadoopGroupId);
-      this.setComponentConfig(result,host,'RESOURCEMANAGER','YARN','resourcemanager_http_principal_name','resourcemanager_http_keytab',Em.I18n.t('admin.addSecurity.rm.user.httpUser'),hadoopGroupId);
-      this.setComponentConfig(result,host,'NODEMANAGER','YARN','nodemanager_http_principal_name','nodemanager_http_keytab',Em.I18n.t('admin.addSecurity.nm.user.httpUser'),hadoopGroupId);
 
       host.get('hostComponents').forEach(function(hostComponent){
         if(componentsToDisplay.contains(hostComponent.get('componentName'))){

ambari-web/app/data/HDP2/secure_properties.js

@@ -388,7 +388,7 @@ module.exports =
       "displayName": "History Server host",
       "value": "",
       "defaultValue": "",
-      "description": "The host that has been assigned to run JobHistoryServer",
+      "description": "The host that has been assigned to run History Server",
       "displayType": "masterHost",
       "isOverridable": false,
       "isVisible": true,
@@ -401,7 +401,7 @@ module.exports =
       "displayName": "Principal name",
       "value": "",
       "defaultValue": "jhs/_HOST",
-      "description": "Principal name for Job History Server. _HOST will get automatically replaced with actual hostname at an instance of Job History Server",
+      "description": "Principal name for History Server. _HOST will get automatically replaced with actual hostname at an instance of History Server",
       "displayType": "principal",
       "isVisible": true,
       "isOverridable": false,
@@ -415,7 +415,7 @@ module.exports =
       "displayName": "Path to keytab file",
       "value": "",
       "defaultValue": "/etc/security/keytabs/jhs.service.keytab",
-      "description": "Path to Job History Server keytab file",
+      "description": "Path to History Server keytab file",
       "displayType": "directory",
       "isVisible": true,
       "isOverridable": false,

ambari-web/app/data/secure_configs.js

@@ -47,19 +47,18 @@ module.exports = [
     sites: ['core-site', 'hdfs-site'],
     configs: configProperties.filterProperty('serviceName', 'HDFS')
   },
-
   {
     serviceName: 'MAPREDUCE',
     displayName: 'MapReduce',
     filename: 'mapred-site',
     configCategories: [
-      App.ServiceConfigCategory.create({ name: 'JobTracker', displayName: 'JobTracker and Job History Server'}),
+      App.ServiceConfigCategory.create({ name: 'JobTracker', displayName: 'JobTracker'}),
+      App.ServiceConfigCategory.create({ name: 'JobHistoryServer', displayName: 'History Server'}),
       App.ServiceConfigCategory.create({ name: 'TaskTracker', displayName: 'TaskTracker'})
     ],
     sites: ['mapred-site'],
     configs: configProperties.filterProperty('serviceName', 'MAPREDUCE')
   },
-
   {
     serviceName: 'HIVE',
     displayName: 'Hive',

ambari-web/app/data/secure_mapping.js

@@ -36,9 +36,9 @@ module.exports = [
 
   {
     "name": "hadoop.security.auth_to_local",
-    "templateName": ["jobtracker_primary_name", "kerberos_domain", "mapred_user", "tasktracker_primary_name", "namenode_primary_name", "hdfs_user", "datanode_primary_name", "hbase_master_primary_name", "hbase_user","hbase_regionserver_primary_name","oozie_primary_name","oozie_user"],
+    "templateName": ["jobtracker_primary_name", "kerberos_domain", "mapred_user", "tasktracker_primary_name", "namenode_primary_name", "hdfs_user", "datanode_primary_name", "hbase_master_primary_name", "hbase_user","hbase_regionserver_primary_name","oozie_primary_name","oozie_user","jobhistory_primary_name"],
     "foreignKey": null,
-    "value": "RULE:[2:$1@$0](<templateName[0]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[3]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[4]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[6]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[7]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[9]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[10]>@.*<templateName[1]>)s/.*/<templateName[11]>/\nDEFAULT",
+    "value": "RULE:[2:$1@$0](<templateName[0]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[3]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[4]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[6]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[7]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[9]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[10]>@.*<templateName[1]>)s/.*/<templateName[11]>/\nRULE:[2:$1@$0](<templateName[12]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nDEFAULT",
     "filename": "core-site.xml",
     "serviceName": "HDFS",
     "dependedServiceName": [{name: "HBASE", replace: "\nRULE:[2:$1@$0](<templateName[7]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[9]>@.*<templateName[1]>)s/.*/<templateName[8]>/"},{name: "OOZIE",replace: "\nRULE:[2:$1@$0](<templateName[10]>@.*<templateName[1]>)s/.*/<templateName[11]>/"}]
@@ -156,7 +156,7 @@ module.exports = [
   },
   {
     "name": "mapreduce.jobhistory.kerberos.principal",
-    "templateName": ["jobtracker_principal_name", "kerberos_domain"],
+    "templateName": ["jobhistory_principal_name", "kerberos_domain"],
     "foreignKey": null,
     "value": "<templateName[0]>@<templateName[1]>",
     "filename": "mapred-site.xml",
@@ -164,7 +164,7 @@ module.exports = [
   },
   {
     "name": "mapreduce.jobhistory.keytab.file",
-    "templateName": ["jobtracker_keytab"],
+    "templateName": ["jobhistory_keytab"],
     "foreignKey": null,
     "value": "<templateName[0]>",
     "filename": "mapred-site.xml",
@@ -348,9 +348,9 @@ module.exports = [
   },
   {
     "name": "oozie.authentication.kerberos.name.rules",
-    "templateName": ["jobtracker_primary_name", "kerberos_domain", "mapred_user", "tasktracker_primary_name", "namenode_primary_name", "hdfs_user", "datanode_primary_name", "hbase_master_primary_name", "hbase_user","hbase_regionserver_primary_name"],
+    "templateName": ["jobtracker_primary_name", "kerberos_domain", "mapred_user", "tasktracker_primary_name", "namenode_primary_name", "hdfs_user", "datanode_primary_name", "hbase_master_primary_name", "hbase_user","hbase_regionserver_primary_name", "jobhistory_primary_name"],
     "foreignKey": null,
-    "value": "RULE:[2:$1@$0](<templateName[0]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[3]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[4]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[6]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[7]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[9]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nDEFAULT",
+    "value": "RULE:[2:$1@$0](<templateName[0]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[3]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[4]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[6]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[7]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[9]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[10]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nDEFAULT",
     "filename": "oozie-site.xml",
     "serviceName": "OOZIE",
     "dependedServiceName": [{name: "HBASE", replace: "\nRULE:[2:$1@$0](<templateName[7]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[9]>@.*<templateName[1]>)s/.*/<templateName[8]>/"}]

ambari-web/app/data/secure_properties.js

@@ -359,7 +359,7 @@ module.exports =
       "displayName": "Principal name",
       "value": "",
       "defaultValue": "jt/_HOST",
-      "description": "Principal name for JobTracker and Job History Server. _HOST will get automatically replaced with actual hostname at instance of JobTracker and Job History Server",
+      "description": "Principal name for JobTracker . _HOST will get automatically replaced with actual hostname at instance of JobTracker",
       "displayType": "principal",
       "isVisible": true,
       "isOverridable": false,
@@ -373,7 +373,7 @@ module.exports =
       "displayName": "Path to keytab file",
       "value": "",
       "defaultValue": "/etc/security/keytabs/jt.service.keytab",
-      "description": "Path to JobTracker and Job History Server keytab file",
+      "description": "Path to JobTracker keytab file",
       "displayType": "directory",
       "isVisible": true,
       "isOverridable": false,
@@ -381,6 +381,47 @@ module.exports =
       "category": "JobTracker",
       "component": "JOBTRACKER"
     },
+    {
+      "id": "puppet var",
+      "name": "jobhistoryserver_host",
+      "displayName": "History Server host",
+      "value": "",
+      "defaultValue": "",
+      "description": "The host that has been assigned to run History Server",
+      "displayType": "masterHost",
+      "isOverridable": false,
+      "isVisible": true,
+      "serviceName": "MAPREDUCE",
+      "category": "JobHistoryServer"
+    },
+    {
+      "id": "puppet var",
+      "name": "jobhistory_principal_name",
+      "displayName": "Principal name",
+      "value": "",
+      "defaultValue": "jhs/_HOST",
+      "description": "Principal name for History Server. _HOST will get automatically replaced with actual hostname at an instance of History Server",
+      "displayType": "principal",
+      "isVisible": true,
+      "isOverridable": false,
+      "serviceName": "MAPREDUCE",
+      "category": "JobHistoryServer",
+      "component": "HISTORYSERVER"
+    },
+    {
+      "id": "puppet var",
+      "name": "jobhistory_keytab",
+      "displayName": "Path to keytab file",
+      "value": "",
+      "defaultValue": "/etc/security/keytabs/jhs.service.keytab",
+      "description": "Path to History Server keytab file",
+      "displayType": "directory",
+      "isVisible": true,
+      "isOverridable": false,
+      "serviceName": "MAPREDUCE",
+      "category": "JobHistoryServer",
+      "component": "HISTORYSERVER"
+    },
     {
       "id": "puppet var",
       "name": "tasktracker_hosts",