AMBARI-16085. Modify Ambari stacks for Ranger (for enabling plugins) to use service keytab for creating repositories and policies - Part2 (gautam)

ambari-common/src/main/python/resource_management/libraries/functions/ranger_functions_v2.py

@@ -389,6 +389,8 @@ class RangeradminV2:
             if len(policy_list) == policy_update_count:
               Logger.info("Ranger Repository created successfully and policies updated successfully providing ambari-qa user all permissions")
               return response_json
+        else:
+          return response_json
       else:
         Logger.info('Repository creation failed')
         return None

ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/package/scripts/params_linux.py

@@ -338,7 +338,7 @@ if has_ranger_admin:
   }
 
   if stack_supports_ranger_kerberos and security_enabled:
-    hbase_ranger_plugin_config['policydownload.auth.users'] = hbase_user
+    hbase_ranger_plugin_config['policy.download.auth.users'] = hbase_user
     hbase_ranger_plugin_config['tag.download.auth.users'] = hbase_user
     hbase_ranger_plugin_config['policy.grant.revoke.auth.users'] = hbase_user
 
@@ -351,10 +351,10 @@ if has_ranger_admin:
       'type': 'hbase'
     }
 
-  if 'hbase-master' in component_directory.lower():
+  if stack_supports_ranger_kerberos and security_enabled and 'hbase-master' in component_directory.lower():
     ranger_hbase_principal = master_jaas_princ
     ranger_hbase_keytab = master_keytab_path
-  else:
+  elif  stack_supports_ranger_kerberos and security_enabled and 'hbase-regionserver' in component_directory.lower():
     ranger_hbase_principal = regionserver_jaas_princ
     ranger_hbase_keytab = regionserver_keytab_path
 

ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/params_linux.py

@@ -486,7 +486,7 @@ if has_ranger_admin:
     'assetType': '1'
   }
   if stack_supports_ranger_kerberos and security_enabled:
-    hdfs_ranger_plugin_config['policydownload.auth.users'] = hdfs_user
+    hdfs_ranger_plugin_config['policy.download.auth.users'] = hdfs_user
     hdfs_ranger_plugin_config['tag.download.auth.users'] = hdfs_user
 
     hdfs_ranger_plugin_repo = {

ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/params_linux.py

@@ -644,7 +644,7 @@ if has_ranger_admin:
   }
 
   if stack_supports_ranger_kerberos and security_enabled:
-    hive_ranger_plugin_config['policydownload.auth.users'] = hive_user
+    hive_ranger_plugin_config['policy.download.auth.users'] = hive_user
     hive_ranger_plugin_config['tag.download.auth.users'] = hive_user
     hive_ranger_plugin_config['policy.grant.revoke.auth.users'] = hive_user
 

ambari-server/src/main/resources/common-services/KAFKA/0.8.1.2.2/package/scripts/params.py

@@ -212,7 +212,7 @@ if has_ranger_admin and is_supported_kafka_ranger:
   }
 
   if stack_supports_ranger_kerberos and security_enabled:
-    ranger_plugin_config['policydownload.auth.users'] = kafka_user
+    ranger_plugin_config['policy.download.auth.users'] = kafka_user
     ranger_plugin_config['tag.download.auth.users'] = kafka_user
 
 

ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py

@@ -321,7 +321,7 @@ if has_ranger_admin:
     }
 
   if stack_supports_ranger_kerberos and security_enabled:
-    knox_ranger_plugin_config['policydownload.auth.users'] = knox_user
+    knox_ranger_plugin_config['policy.download.auth.users'] = knox_user
     knox_ranger_plugin_config['tag.download.auth.users'] = knox_user
 
     knox_ranger_plugin_repo = {

ambari-server/src/main/resources/common-services/STORM/0.9.1.2.1/package/scripts/params_linux.py

@@ -289,7 +289,7 @@ if has_ranger_admin:
   }
 
   if stack_supports_ranger_kerberos and security_enabled:
-    storm_ranger_plugin_config['policydownload.auth.users'] = storm_user
+    storm_ranger_plugin_config['policy.download.auth.users'] = storm_user
     storm_ranger_plugin_config['tag.download.auth.users'] = storm_user
 
     storm_ranger_plugin_repo = {
@@ -300,10 +300,10 @@ if has_ranger_admin:
       'type': 'storm'
     }
 
-  if 'storm-nimbus' in status_params.component_directory.lower():
+  if stack_supports_ranger_kerberos and security_enabled and 'storm-nimbus' in status_params.component_directory.lower():
     ranger_storm_principal = nimbus_jaas_principal
     ranger_storm_keytab = nimbus_keytab_path
-  else:
+  elif stack_supports_ranger_kerberos and security_enabled and 'storm-client' in status_params.component_directory.lower():
     ranger_storm_principal = storm_ui_jaas_principal
     ranger_storm_keytab = storm_ui_keytab_path
 

ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/params_linux.py

@@ -416,7 +416,7 @@ if has_ranger_admin:
     }
 
     if stack_supports_ranger_kerberos and security_enabled:
-      ranger_plugin_config['policydownload.auth.users'] = yarn_user
+      ranger_plugin_config['policy.download.auth.users'] = yarn_user
       ranger_plugin_config['tag.download.auth.users'] = yarn_user
 
     #For curl command in ranger plugin to get db connector