AMBARI-9323. Kerberos: host/<hostname>@REALM principals are created (should not be created) (rlevas)

ambari-server/src/main/resources/stacks/HDP/2.2/services/HDFS/kerberos.json

@@ -54,24 +54,6 @@
                 "configuration": "hdfs-site/dfs.namenode.keytab.file"
               }
             },
-            {
-              "name": "namenode_host",
-              "principal": {
-                "value": "host/_HOST@${realm}",
-                "type" : "service"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/nn.service.keytab",
-                "owner": {
-                  "name": "${hadoop-env/hdfs_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                }
-              }
-            },
             {
               "name": "/spnego",
               "principal": {
@@ -110,24 +92,6 @@
                 },
                 "configuration": "hdfs-site/dfs.datanode.keytab.file"
               }
-            },
-            {
-              "name": "datanode_host",
-              "principal": {
-                "value": "host/_HOST@${realm}",
-                "type" : "service"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/dn.service.keytab",
-                "owner": {
-                  "name": "${hadoop-env/hdfs_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                }
-              }
             }
           ],
           "configurations" : [
@@ -163,24 +127,6 @@
                 "configuration": "hdfs-site/dfs.secondary.namenode.keytab.file"
               }
             },
-            {
-              "name": "secondary_namenode_host",
-              "principal": {
-                "value": "host/_HOST@${realm}",
-                "type" : "service"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/nn.service.keytab",
-                "owner": {
-                  "name": "${hadoop-env/hdfs_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                }
-              }
-            },
             {
               "name": "/spnego",
               "principal": {

ambari-server/src/main/resources/stacks/HDP/2.2/services/YARN/kerberos.json

@@ -47,24 +47,6 @@
                 "configuration": "yarn-site/yarn.nodemanager.keytab"
               }
             },
-            {
-              "name": "nodemanager_host",
-              "principal": {
-                "value": "host/_HOST@${realm}",
-                "type" : "service"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/nm.service.keytab",
-                "owner": {
-                  "name": "${yarn-env/yarn_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                }
-              }
-            },
             {
               "name": "/spnego",
               "principal": {
@@ -107,24 +89,6 @@
                 "configuration": "yarn-site/yarn.resourcemanager.keytab"
               }
             },
-            {
-              "name": "resource_manager_host",
-              "principal": {
-                "value": "host/_HOST@${realm}",
-                "type" : "service"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/rm.service.keytab",
-                "owner": {
-                  "name": "${yarn-env/yarn_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                }
-              }
-            },
             {
               "name": "/spnego",
               "principal": {
@@ -160,24 +124,6 @@
                 "configuration": "yarn-site/yarn.timeline-service.keytab"
               }
             },
-            {
-              "name": "app_timeline_server_host",
-              "principal": {
-                "value": "host/_HOST@${realm}",
-                "type" : "service"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/yarn.service.keytab",
-                "owner": {
-                  "name": "${yarn-env/yarn_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                }
-              }
-            },
             {
               "name": "/spnego",
               "principal": {
@@ -229,24 +175,6 @@
                 "configuration": "mapred-site/mapreduce.jobhistory.keytab"
               }
             },
-            {
-              "name": "history_server_host",
-              "principal": {
-                "value": "host/_HOST@${realm}",
-                "type" : "service"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/jhs.service.keytab",
-                "owner": {
-                  "name": "${mapred-env/mapred_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                }
-              }
-            },
             {
               "name": "/spnego",
               "principal": {

ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java

@@ -74,4 +74,23 @@ public class KerberosDescriptorTest {
     Assert.notNull(descriptor.getServices());
     Assert.notNull(descriptor.getService("HBASE"));
   }
+
+  @Test
+  public void testHDP22HDFSServiceDescriptor() throws IOException {
+    File hdfsDirectory = new File(hdp22ServicesDirectory, "HDFS");
+    KerberosDescriptor descriptor = KerberosDescriptor.fromFile(new File(hdfsDirectory, "kerberos.json"));
+    Assert.notNull(descriptor);
+    Assert.notNull(descriptor.getServices());
+    Assert.notNull(descriptor.getService("HDFS"));
+  }
+
+  @Test
+  public void testHDP22YarnServiceDescriptor() throws IOException {
+    File yarnDirectory = new File(hdp22ServicesDirectory, "YARN");
+    KerberosDescriptor descriptor = KerberosDescriptor.fromFile(new File(yarnDirectory, "kerberos.json"));
+    Assert.notNull(descriptor);
+    Assert.notNull(descriptor.getServices());
+    Assert.notNull(descriptor.getService("YARN"));
+    Assert.notNull(descriptor.getService("MAPREDUCE2"));
+  }
 }

ambari-server/src/test/resources/stacks/HDP/2.0.8/services/HDFS/kerberos.json

@@ -27,24 +27,6 @@
                 "configuration": "hdfs-site/dfs.namenode.keytab.file"
               }
             },
-            {
-              "name": "namenode_host",
-              "principal": {
-                "value": "host/_HOST@${realm}",
-                "type" : "service"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/nn.service.keytab",
-                "owner": {
-                  "name": "${hadoop-env/hdfs_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                }
-              }
-            },
             {
               "name": "/spnego",
               "principal": {
@@ -83,24 +65,6 @@
                 },
                 "configuration": "hdfs-site/dfs.datanode.keytab.file"
               }
-            },
-            {
-              "name": "datanode_host",
-              "principal": {
-                "value": "host/_HOST@${realm}",
-                "type" : "service"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/dn.service.keytab",
-                "owner": {
-                  "name": "${hadoop-env/hdfs_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                }
-              }
             }
           ]
         },
@@ -128,24 +92,6 @@
                 "configuration": "hdfs-site/dfs.secondary.namenode.kerberos.principal"
               }
             },
-            {
-              "name": "secondary_namenode_host",
-              "principal": {
-                "value": "host/_HOST@${realm}",
-                "type" : "service"
-              },
-              "keytab": {
-                "file": "${keytab_dir}/snn.service.keytab",
-                "owner": {
-                  "name": "${hadoop-env/hdfs_user}",
-                  "access": "r"
-                },
-                "group": {
-                  "name": "${cluster-env/user_group}",
-                  "access": ""
-                }
-              }
-            },
             {
               "name": "/spnego",
               "principal": {