Google Git
Sign in
apache / hawq / refs/tags/2.4.0.0-rc1 / . / ranger-plugin / scripts / enable-ranger-plugin.sh
blob: 0e839b7000c48332d585ac51e57abcf9e12a54d9 [file] [log] [blame]
#!/usr/bin/env bash
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
function usage() {
echo "USAGE: enable-ranger-plugin.sh -r ranger_host:ranger_port -u ranger_user -p ranger_password [-h hawq_host:hawq_port -t lookup_authentication_type -s hawq_kerberos_service_name] -w hawq_user -q hawq_password"
exit 1
}
function fail() {
echo "ERROR: $1"
exit 1
}
function mask() {
printf -v stars '%*s' ${#1} ''
echo "[${stars// /*}]"
}
function read_value() {
local input
read -p "Enter value for $1 : " input
echo $input
}
function read_password() {
local input
read -s -p "Enter value for $1 : " input
echo $input
}
function get_ranger_url() {
while [[ -z "$RANGER_URL" ]]
do
RANGER_URL=$(read_value "Ranger Admin host and port (e.g. abc.com:6080)")
done
local prefix="http://"
RANGER_URL=${RANGER_URL#$prefix}
}
function get_ranger_user() {
while [[ -z "$RANGER_USER" ]]
do
RANGER_USER=$(read_value "Ranger Admin user name")
done
}
function get_ranger_password() {
while [[ -z "$RANGER_PASSWORD" ]]
do
RANGER_PASSWORD=$(read_password "Ranger Admin password")
echo
done
}
# get property value from hawq-site.xml
function get_hawq_property() {
local hawq_site_file="$HAWQ_DIR/etc/hawq-site.xml"
local tag=$1
local value=''
if [ -f $hawq_site_file ] ; then
value=`cat $hawq_site_file | tr '\n' ' ' | awk -F '<property>' '{ for(i = 1; i <= NF; i++) { print $i; } }' | grep $tag | sed -n 's|.*<value>\(.*\)</value>.*|\1|p'`
fi
echo $value
}
function get_hawq_url() {
# get hawq master host and port
# 1. read from command parameter -h
# 2. read from hawq-site.xml
if [[ -z "$HAWQ_URL" ]]; then
local host=$(get_hawq_property hawq_master_address_host)
local port=$(get_hawq_property hawq_master_address_port)
if [[ -z "$host" || -z "$port" ]]; then
HAWQ_URL=''
else
HAWQ_URL="$host:$port"
fi
fi
# 3. read from user input
local default=`hostname -f`
default="${default}:5432"
while [[ -z "$HAWQ_URL" ]]
do
HAWQ_URL=$(read_value "HAWQ Master host and port [${default}]")
done
local prefix="http://"
HAWQ_URL=${HAWQ_URL#$prefix}
local parts=(${HAWQ_URL//:/ })
if [ ${#parts[@]} != 2 ]; then
fail "Incorrect value for HAWQ Master host and port."
fi
HAWQ_HOST=${parts[0]}
HAWQ_PORT=${parts[1]}
}
function get_hawq_user() {
local default="gpadmin"
while [[ -z "$HAWQ_USER" ]]
do
HAWQ_USER=$(read_value "HAWQ user name [${default}]")
done
}
function get_hawq_password() {
while [[ -z "$HAWQ_PASSWORD" ]]
do
HAWQ_PASSWORD=$(read_password "HAWQ password")
echo
done
}
function get_hawq_kerberos_service_name() {
if [[ -z "$HAWQ_KERBEROS_SERVICE_NAME" ]]; then
HAWQ_KERBEROS_SERVICE_NAME="postgres"
fi
}
function get_lookup_authentication_type() {
if [[ -z "$LOOKUP_AUTHENTICATION_TYPE" ]]; then
LOOKUP_AUTHENTICATION_TYPE="simple"
fi
}
function parse_params() {
while [[ $# -gt 0 ]]
do
key="$1"
case $key in
-r)
RANGER_URL="$2"
shift
;;
-u)
RANGER_USER="$2"
shift
;;
-p)
RANGER_PASSWORD="$2"
shift
;;
-h)
HAWQ_URL="$2"
shift
;;
-w)
HAWQ_USER="$2"
shift
;;
-q)
HAWQ_PASSWORD="$2"
shift
;;
-s)
HAWQ_KERBEROS_SERVICE_NAME="$2"
shift
;;
-t)
LOOKUP_AUTHENTICATION_TYPE="$2"
shift
;;
*)
usage
;;
esac
shift
done
}
function validate_params() {
get_ranger_url
get_ranger_user
get_ranger_password
get_hawq_url
get_hawq_user
get_hawq_password
get_hawq_kerberos_service_name
get_lookup_authentication_type
echo "RANGER URL = ${RANGER_URL}"
echo "RANGER User = ${RANGER_USER}"
echo "RANGER Password = $(mask ${RANGER_PASSWORD})"
echo "HAWQ HOST = ${HAWQ_HOST}"
echo "HAWQ PORT = ${HAWQ_PORT}"
echo "HAWQ User = ${HAWQ_USER}"
echo "HAWQ Password = $(mask ${HAWQ_PASSWORD})"
echo "HAWQ Lookup Authentication Type = ${LOOKUP_AUTHENTICATION_TYPE}"
echo "HAWQ Kerberos Service Name = ${HAWQ_KERBEROS_SERVICE_NAME}"
}
function check_hawq_service_definition() {
echo $(curl -sS -u ${RANGER_USER}:${RANGER_PASSWORD} http://${RANGER_URL}/service/public/v2/api/servicedef/name/hawq | grep hawq | wc -l)
}
function create_hawq_service_definition() {
if [ $(check_hawq_service_definition) == 0 ]; then
local json_file="$(dirname ${SCRIPT_DIR})/etc/ranger-servicedef-hawq.json"
if [ ! -f ${json_file} ]; then
fail "File ${json_file} not found."
fi
echo "HAWQ service definition was not found in Ranger Admin, creating it by uploading ${json_file}"
local output=$(curl -sS -u ${RANGER_USER}:${RANGER_PASSWORD} -H "Content-Type: application/json" -X POST http://${RANGER_URL}/service/plugins/definitions -d @${json_file})
local created=$(echo ${output} | grep created | wc -l)
if [ ${created} == 0 ] || [ $(check_hawq_service_definition) == 0 ]; then
fail "Creation of HAWQ service definition from ${json_file} in Ranger Admin at ${RANGER_URL} failed. ${output}"
fi
else
echo "HAWQ service definition already exists in Ranger Admin, nothing to do."
fi
}
function check_hawq_service_instance() {
echo $(curl -sS -u ${RANGER_USER}:${RANGER_PASSWORD} http://${RANGER_URL}/service/public/v2/api/service/name/hawq | grep hawq | wc -l)
}
function create_hawq_service_instance() {
if [ $(check_hawq_service_instance) == 0 ]; then
local payload="{\"name\":\"hawq\",
\"type\":\"hawq\",
\"description\":\"HAWQ Master\",
\"isEnabled\":true,
\"configs\":{\"username\":\"${HAWQ_USER}\",
\"password\":\"${HAWQ_PASSWORD}\",
\"authentication\":\"${LOOKUP_AUTHENTICATION_TYPE}\",
\"principal\":\"${HAWQ_KERBEROS_SERVICE_NAME}\",
\"hostname\":\"${HAWQ_HOST}\",
\"port\":\"${HAWQ_PORT}\"}}"
echo "HAWQ service instance was not found in Ranger Admin, creating it."
local output=$(curl -sS -u ${RANGER_USER}:${RANGER_PASSWORD} -H "Content-Type: application/json" -X POST http://${RANGER_URL}/service/public/v2/api/service -d "${payload}")
local created=$(echo ${output} | grep created | wc -l)
if [ ${created} == 0 ] || [ $(check_hawq_service_instance) == 0 ]; then
fail "Creation of HAWQ service instance in Ranger Admin at ${RANGER_URL} failed. ${output}"
fi
else
echo "HAWQ service instance already exists in Ranger Admin, nothing to do."
fi
}
function update_ranger_url() {
local policy_mgr_url="http://${RANGER_URL}"
local prop_file=$(dirname ${SCRIPT_DIR})/etc/rps.properties
sed -i -e "s|^POLICY_MGR_URL=.*|POLICY_MGR_URL=${policy_mgr_url}|g" ${prop_file}
echo "Updated POLICY_MGR_URL to ${policy_mgr_url} in ${prop_file}"
}
function update_java_home() {
local jdk64="/usr/jdk64"
local java_sdk="/etc/alternatives/java_sdk"
local prop_file=$(dirname ${SCRIPT_DIR})/etc/rps.properties
if [[ -d ${jdk64} ]]; then
local DIR_NAME=$(ls ${jdk64} | sort -r | head -1)
if [[ ${DIR_NAME} ]]; then
JAVA_HOME_DIR="${jdk64}/${DIR_NAME}"
fi
elif [[ -d ${java_sdk} ]]; then
JAVA_HOME_DIR="${java_sdk}"
fi
if [[ ${JAVA_HOME_DIR} ]]; then
sed -i -e "s|/usr/java/default|${JAVA_HOME_DIR}|g" ${prop_file}
echo "Updated default value of JAVA_HOME to ${JAVA_HOME_DIR} in ${prop_file}"
elif [[ ! ${JAVA_HOME} ]]; then
echo "Unable to locate JAVA_HOME on this machine. Please modify the default value of JAVA_HOME in ${prop_file}."
fi
}
main() {
if [[ $# -lt 1 ]]; then
usage
fi
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd -P)"
HAWQ_DIR="$SCRIPT_DIR/../.."
parse_params "$@"
validate_params
create_hawq_service_definition
create_hawq_service_instance
update_ranger_url
update_java_home
}
main "$@"