Explorar o código

AMBARI-11113 Reduce the number of Advanced Oozie properties exposed to users in Ambari UI. (dsen)

Dmytro Sen %!s(int64=10) %!d(string=hai) anos
pai
achega
7266faea1d

+ 2 - 2
ambari-server/src/main/resources/common-services/OOZIE/4.0.0.2.0/alerts.json

@@ -11,7 +11,7 @@
         "source": {
           "type": "WEB",
           "uri": {
-            "http": "{{oozie-site/oozie.base.url}}/oozie",
+            "http": "{{oozie-site/oozie.base.url}}/oozie/?user.name=oozie",
             "kerberos_keytab": "{{oozie-site/oozie.authentication.kerberos.keytab}}",
             "kerberos_principal": "{{oozie-site/oozie.authentication.kerberos.principal}}"
           },
@@ -41,4 +41,4 @@
       }
     ]
   }
-}
+}

+ 166 - 0
ambari-server/src/main/resources/stacks/HDP/2.3/services/OOZIE/configuration/oozie-site.xml

@@ -0,0 +1,166 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+        
+       http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+
+<configuration supports_final="true" supports_do_not_extend="true">
+
+  <property>
+    <name>oozie.authentication.kerberos.name.rules</name>
+    <value>
+      RULE:[2:$1@$0]([jt]t@.*TODO-KERBEROS-DOMAIN)s/.*/TODO-MAPREDUSER/
+      RULE:[2:$1@$0]([nd]n@.*TODO-KERBEROS-DOMAIN)s/.*/TODO-HDFSUSER/
+      RULE:[2:$1@$0](hm@.*TODO-KERBEROS-DOMAIN)s/.*/TODO-HBASE-USER/
+      RULE:[2:$1@$0](rs@.*TODO-KERBEROS-DOMAIN)s/.*/TODO-HBASE-USER/
+      DEFAULT
+    </value>
+    <description>The mapping from kerberos principal names to local OS user names.</description>
+  </property>
+
+  <property>
+    <name>oozie.authentication.type</name>
+    <value>simple</value>
+    <description>
+      Authentication used for Oozie HTTP endpoint, the supported values are: simple | kerberos |
+      #AUTHENTICATION_HANDLER_CLASSNAME#.
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.base.url</name>
+    <value>http://localhost:11000/oozie</value>
+    <description>Base Oozie URL.</description>
+  </property>
+
+  <property>
+    <name>oozie.credentials.credentialclasses</name>
+    <value>hcat=org.apache.oozie.action.hadoop.HCatCredentials</value>
+    <description>
+      Credential Class to be used for HCat.
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.service.AuthorizationService.authorization.enabled</name>
+    <value>false</value>
+    <description>
+      Specifies whether security (user name/admin role) is enabled or not.
+      If disabled any user can manage Oozie system and manage any job.
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.service.HadoopAccessorService.hadoop.configurations</name>
+    <value>*=/etc/hadoop/conf</value>
+    <description>
+      Comma separated AUTHORITY=HADOOP_CONF_DIR, where AUTHORITY is the HOST:PORT of
+      the Hadoop service (JobTracker, HDFS). The wildcard '*' configuration is
+      used when there is no exact match for an authority. The HADOOP_CONF_DIR contains
+      the relevant Hadoop *-site.xml files. If the path is relative is looked within
+      the Oozie configuration directory; though the path can be absolute (i.e. to point
+      to Hadoop client conf/ directories in the local filesystem.
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.service.HadoopAccessorService.kerberos.enabled</name>
+    <value>false</value>
+    <description>
+      Indicates if Oozie is configured to use Kerberos.
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.service.URIHandlerService.uri.handlers</name>
+    <value>org.apache.oozie.dependency.FSURIHandler,org.apache.oozie.dependency.HCatURIHandler</value>
+    <description>
+      Enlist the different uri handlers supported for data availability checks.
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.services.ext</name>
+    <value>org.apache.oozie.service.JMSAccessorService,org.apache.oozie.service.PartitionDependencyManagerService,org.apache.oozie.service.HCatAccessorService
+    </value>
+    <description>
+      To add/replace services defined in 'oozie.services' with custom implementations.
+      Class names must be separated by commas.
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.db.schema.name</name>
+    <value>oozie</value>
+    <description>
+      Oozie DataBase Name
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.service.JPAService.jdbc.username</name>
+    <value>oozie</value>
+    <description>
+      Database user name to use to connect to the database
+    </description>
+  </property>
+
+  <property require-input = "true">
+    <name>oozie.service.JPAService.jdbc.password</name>
+    <value> </value>
+    <property-type>PASSWORD</property-type>
+    <description>
+      DB user password.
+
+      IMPORTANT: if password is emtpy leave a 1 space string, the service trims the value,
+      if empty Configuration assumes it is NULL.
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.service.JPAService.jdbc.driver</name>
+    <value>org.apache.derby.jdbc.EmbeddedDriver</value>
+    <description>
+      JDBC driver class.
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.service.JPAService.jdbc.url</name>
+    <value>jdbc:derby:${oozie.data.dir}/${oozie.db.schema.name}-db;create=true</value>
+    <description>
+      JDBC URL.
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.service.AuthorizationService.security.enabled</name>
+    <value>true</value>
+    <description>
+      Specifies whether security (user name/admin role) is enabled or not.
+      If disabled any user can manage Oozie system and manage any job.
+    </description>
+  </property>
+
+  <property>
+    <name>oozie.authentication.simple.anonymous.allowed</name>
+    <value>false</value>
+    <description>
+      Indicates if anonymous requests are allowed when using 'simple' authentication.
+    </description>
+  </property>
+
+</configuration>

+ 2 - 2
ambari-web/app/models/quick_links.js

@@ -155,9 +155,9 @@ App.QuickLinks.FIXTURES = [
   {
     id:19,
     label:'Oozie Web UI',
-    url:'%@://%@:%@/oozie',
+    url:'%@://%@:%@/oozie?user.name=%@',
     service_id: 'OOZIE',
-    template:'%@://%@:%@/oozie',
+    template:'%@://%@:%@/oozie?user.name=%@',
     http_config: 'oozie.base.url',
     site: 'oozie-site',
     regex: portRegex,

+ 1 - 1
ambari-web/app/views/common/quick_view_link_view.js

@@ -137,7 +137,7 @@ App.QuickViewLinks = Em.View.extend({
         var protocol = self.setProtocol(item.get('service_id'), self.get('configProperties'), self.ambariProperties());
         if (item.get('template')) {
           var port = item.get('http_config') && self.setPort(item, protocol);
-          if (item.get('service_id') == 'FALCON') {
+          if (['FALCON', 'OOZIE'].contains(item.get('service_id'))) {
             item.set('url', item.get('template').fmt(protocol, hosts[0], port, App.router.get('loginName')));
           } else {
             item.set('url', item.get('template').fmt(protocol, hosts[0], port));