Skip to content

Commit 0f980ba

Browse files
kumaabkumaab
authored
RANGER-5396: Use Volume Mounts for all ranger-service configs (apache#728)
- Update hadoop_conf prop in install.properties to /home/ranger/scripts - Add try except in usersync setup script to avoid installation failures on CI runner.
1 parent 106ff45 commit 0f980ba

File tree

10 files changed

+46
-57
lines changed

10 files changed

+46
-57
lines changed

dev-support/ranger-docker/Dockerfile.ranger

Lines changed: 8 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -23,30 +23,21 @@ ARG RANGER_VERSION
2323
ARG RANGER_DB_TYPE
2424
ARG TARGETARCH
2525

26-
VOLUME /etc/keytabs
27-
28-
COPY ./dist/version /home/ranger/dist/
29-
COPY ./dist/ranger-${RANGER_VERSION}-admin.tar.gz /home/ranger/dist/
30-
31-
COPY ./scripts/admin/ranger.sh ${RANGER_SCRIPTS}/
32-
COPY ./scripts/admin/ranger-admin-install-${RANGER_DB_TYPE}.properties ${RANGER_SCRIPTS}/ranger-admin-install.properties
33-
COPY ./scripts/admin/create-ranger-services.py ${RANGER_SCRIPTS}/
34-
COPY ./scripts/hadoop/core-site.xml ${RANGER_SCRIPTS}/
35-
COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/
36-
COPY ./scripts/kdc/krb5.conf /etc/krb5.conf
26+
COPY ./dist/ranger-${RANGER_VERSION}-admin.tar.gz /home/ranger/dist/
27+
COPY ./scripts/admin/ranger.sh ${RANGER_SCRIPTS}/
28+
COPY ./scripts/admin/create-ranger-services.py ${RANGER_SCRIPTS}/
29+
COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/
3730

3831
RUN tar xvfz /home/ranger/dist/ranger-${RANGER_VERSION}-admin.tar.gz --directory=${RANGER_HOME} \
3932
&& ln -s ${RANGER_HOME}/ranger-${RANGER_VERSION}-admin ${RANGER_HOME}/admin \
4033
&& rm -f /home/ranger/dist/ranger-${RANGER_VERSION}-admin.tar.gz \
41-
&& cp -f ${RANGER_SCRIPTS}/ranger-admin-install.properties ${RANGER_HOME}/admin/install.properties \
42-
&& mkdir -p /var/run/ranger \
43-
&& mkdir -p /var/log/ranger \
34+
&& rm -f /opt/ranger/admin/install.properties \
35+
&& mkdir -p /var/run/ranger /var/log/ranger /usr/share/java/ \
4436
&& chown -R ranger:ranger ${RANGER_HOME}/admin/ ${RANGER_SCRIPTS}/ /var/run/ranger/ /var/log/ranger/ \
45-
&& chmod 755 ${RANGER_SCRIPTS}/ranger.sh ${RANGER_SCRIPTS}/wait_for_keytab.sh \
46-
&& mkdir -p /usr/share/java/
37+
&& chmod 755 ${RANGER_SCRIPTS}/ranger.sh ${RANGER_SCRIPTS}/wait_for_keytab.sh
4738

4839
FROM ranger AS ranger_postgres
49-
COPY ./downloads/postgresql-42.2.16.jre7.jar /home/ranger/dist/
40+
COPY ./downloads/postgresql-42.2.16.jre7.jar /home/ranger/dist/
5041
RUN mv /home/ranger/dist/postgresql-42.2.16.jre7.jar /usr/share/java/postgresql.jar
5142

5243
FROM ranger AS ranger_mysql

dev-support/ranger-docker/Dockerfile.ranger-kms

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -22,22 +22,15 @@ FROM ${RANGER_BASE_IMAGE}:${RANGER_BASE_VERSION} AS ranger-kms
2222
ARG KMS_VERSION
2323
ARG RANGER_DB_TYPE
2424

25-
VOLUME /etc/keytabs
26-
27-
COPY ./dist/version /home/ranger/dist/
28-
COPY ./dist/ranger-${KMS_VERSION}-kms.tar.gz /home/ranger/dist/
29-
25+
COPY ./dist/ranger-${KMS_VERSION}-kms.tar.gz /home/ranger/dist/
3026
COPY ./scripts/kms/ranger-kms.sh ${RANGER_SCRIPTS}/
31-
COPY ./scripts/kms/ranger-kms-install-${RANGER_DB_TYPE}.properties ${RANGER_SCRIPTS}/ranger-kms-install.properties
32-
COPY ./scripts/hadoop/core-site.xml ${RANGER_SCRIPTS}/
3327
COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/
34-
COPY ./scripts/kdc/krb5.conf /etc/krb5.conf
3528

3629
RUN tar xvfz /home/ranger/dist/ranger-${KMS_VERSION}-kms.tar.gz --directory=${RANGER_HOME} && \
3730
ln -s ${RANGER_HOME}/ranger-${KMS_VERSION}-kms ${RANGER_HOME}/kms && \
3831
rm -f /home/ranger/dist/ranger-${KMS_VERSION}-kms.tar.gz && \
32+
rm -f ${RANGER_HOME}/kms/install.properties && \
3933
mkdir -p /var/run/ranger_kms /var/log/ranger/kms /etc/ranger /usr/share/java/ && \
40-
cp -f ${RANGER_SCRIPTS}/ranger-kms-install.properties ${RANGER_HOME}/kms/install.properties && \
4134
touch /etc/init.d/ranger-kms && \
4235
ln -s /etc/init.d/ranger-kms /etc/rc2.d/S88ranger-kms && \
4336
ln -s /etc/init.d/ranger-kms /etc/rc2.d/K90ranger-kms && \

dev-support/ranger-docker/Dockerfile.ranger-tagsync

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -20,21 +20,14 @@ FROM ${RANGER_BASE_IMAGE}:${RANGER_BASE_VERSION}
2020

2121
ARG TAGSYNC_VERSION
2222

23-
VOLUME /etc/keytabs
24-
25-
COPY ./dist/version /home/ranger/dist/
26-
COPY ./dist/ranger-${TAGSYNC_VERSION}-tagsync.tar.gz /home/ranger/dist/
27-
23+
COPY ./dist/ranger-${TAGSYNC_VERSION}-tagsync.tar.gz /home/ranger/dist/
2824
COPY ./scripts/tagsync/ranger-tagsync.sh ${RANGER_SCRIPTS}/
29-
COPY ./scripts/tagsync/ranger-tagsync-install.properties ${RANGER_SCRIPTS}/
30-
COPY ./scripts/tagsync/ranger-tagsync-tags.json ${RANGER_SCRIPTS}/
31-
COPY ./scripts/hadoop/core-site.xml ${RANGER_SCRIPTS}/
3225
COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/
33-
COPY ./scripts/kdc/krb5.conf /etc/krb5.conf
3426

3527
RUN tar xvfz /home/ranger/dist/ranger-${TAGSYNC_VERSION}-tagsync.tar.gz --directory=${RANGER_HOME} && \
3628
ln -s ${RANGER_HOME}/ranger-${TAGSYNC_VERSION}-tagsync ${RANGER_HOME}/tagsync && \
3729
rm -f /home/ranger/dist/ranger-${TAGSYNC_VERSION}-tagsync.tar.gz && \
30+
rm -f ${RANGER_HOME}/tagsync/install.properties && \
3831
mkdir -p /opt/ranger/tagsync/data /var/run/ranger /var/log/ranger/tagsync /etc/ranger && \
3932
cp -f ${RANGER_SCRIPTS}/ranger-tagsync-install.properties ${RANGER_HOME}/tagsync/install.properties && \
4033
cp -f ${RANGER_SCRIPTS}/ranger-tagsync-tags.json ${RANGER_HOME}/tagsync/data/tags.json && \

dev-support/ranger-docker/Dockerfile.ranger-usersync

Lines changed: 3 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -20,25 +20,15 @@ FROM ${RANGER_BASE_IMAGE}:${RANGER_BASE_VERSION}
2020

2121
ARG USERSYNC_VERSION
2222

23-
VOLUME /etc/keytabs
24-
25-
COPY ./dist/version /home/ranger/dist/
26-
COPY ./dist/ranger-${USERSYNC_VERSION}-usersync.tar.gz /home/ranger/dist/
27-
23+
COPY ./dist/ranger-${USERSYNC_VERSION}-usersync.tar.gz /home/ranger/dist/
2824
COPY ./scripts/usersync/ranger-usersync.sh ${RANGER_SCRIPTS}/
29-
COPY ./scripts/usersync/ranger-usersync-install.properties ${RANGER_SCRIPTS}/
30-
COPY ./scripts/usersync/ugsync-file-source.csv ${RANGER_SCRIPTS}/
31-
COPY ./scripts/hadoop/core-site.xml ${RANGER_SCRIPTS}/
3225
COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/
33-
COPY ./scripts/kdc/krb5.conf /etc/krb5.conf
3426

3527
RUN tar xvfz /home/ranger/dist/ranger-${USERSYNC_VERSION}-usersync.tar.gz --directory=${RANGER_HOME} && \
3628
ln -s ${RANGER_HOME}/ranger-${USERSYNC_VERSION}-usersync ${RANGER_HOME}/usersync && \
3729
rm -f /home/ranger/dist/ranger-${USERSYNC_VERSION}-usersync.tar.gz && \
38-
cp -f ${RANGER_SCRIPTS}/ranger-usersync-install.properties ${RANGER_HOME}/usersync/install.properties && \
39-
mkdir -p /var/run/ranger /var/log/ranger/usersync && \
40-
mkdir -p /etc/ranger && \
41-
mkdir -p /etc/init.d /etc/rc2.d /etc/rc3.d && \
30+
rm -f ${RANGER_HOME}/usersync/install.properties && \
31+
mkdir -p /var/run/ranger /var/log/ranger/usersync /etc/ranger /etc/init.d /etc/rc2.d /etc/rc3.d && \
4232
touch /etc/init.d/ranger-usersync && \
4333
ln -s /etc/init.d/ranger-usersync /etc/rc2.d/S99ranger-usersync && \
4434
ln -s /etc/init.d/ranger-usersync /etc/rc2.d/K00ranger-usersync && \

dev-support/ranger-docker/docker-compose.ranger-kms.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,10 @@ services:
1414
hostname: ranger-kms.rangernw
1515
volumes:
1616
- ./dist/keytabs/ranger-kms:/etc/keytabs
17+
- ./scripts/kdc/krb5.conf:/etc/krb5.conf
18+
- ./scripts/hadoop/core-site.xml:/home/ranger/scripts/core-site.xml:ro
19+
- ./dist/version:/home/ranger/dist/version:ro
20+
- ./scripts/kms/ranger-kms-install-${RANGER_DB_TYPE}.properties:/opt/ranger/kms/install.properties
1721
stdin_open: true
1822
tty: true
1923
networks:

dev-support/ranger-docker/docker-compose.ranger-tagsync.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,11 @@ services:
1313
hostname: ranger-tagsync.rangernw
1414
volumes:
1515
- ./dist/keytabs/ranger-tagsync:/etc/keytabs
16+
- ./scripts/kdc/krb5.conf:/etc/krb5.conf
17+
- ./scripts/hadoop/core-site.xml:/home/ranger/scripts/core-site.xml:ro
18+
- ./dist/version:/home/ranger/dist/version:ro
19+
- ./scripts/tagsync/ranger-tagsync-tags.json:/home/ranger/scripts/ranger-tagsync-tags.json
20+
- ./scripts/tagsync/ranger-tagsync-install.properties:/opt/ranger/tagsync/install.properties
1621
stdin_open: true
1722
tty: true
1823
networks:

dev-support/ranger-docker/docker-compose.ranger-usersync.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,11 @@ services:
1313
hostname: ranger-usersync.rangernw
1414
volumes:
1515
- ./dist/keytabs/ranger-usersync:/etc/keytabs
16+
- ./scripts/kdc/krb5.conf:/etc/krb5.conf
17+
- ./scripts/hadoop/core-site.xml:/home/ranger/scripts/core-site.xml
18+
- ./dist/version:/home/ranger/dist/version:ro
19+
- ./scripts/usersync/ugsync-file-source.csv:/home/ranger/scripts/ugsync-file-source.csv
20+
- ./scripts/usersync/ranger-usersync-install.properties:/opt/ranger/usersync/install.properties
1621
stdin_open: true
1722
tty: true
1823
networks:

dev-support/ranger-docker/docker-compose.ranger.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,10 @@ services:
1414
hostname: ranger.rangernw
1515
volumes:
1616
- ./dist/keytabs/ranger:/etc/keytabs
17+
- ./dist/version:/home/ranger/dist/version:ro
18+
- ./scripts/kdc/krb5.conf:/etc/krb5.conf:ro
19+
- ./scripts/hadoop/core-site.xml:/home/ranger/scripts/core-site.xml:ro
20+
- ./scripts/admin/ranger-admin-install-${RANGER_DB_TYPE}.properties:/opt/ranger/admin/install.properties
1721
stdin_open: true
1822
tty: true
1923
networks:

dev-support/ranger-docker/scripts/usersync/ranger-usersync-install.properties

100644100755
Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@ rangerUsersync_password=rangerR0cks!
5555
#Set to run in kerberos environment
5656
usersync_principal=rangerusersync/[email protected]
5757
usersync_keytab=/etc/keytabs/rangerusersync.keytab
58-
hadoop_conf=/etc/hadoop/conf
58+
hadoop_conf=/home/ranger/scripts
5959
#
6060
# The file where all credential is kept in cryptic format
6161
#

unixauthservice/scripts/setup.py

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -550,18 +550,22 @@ def main():
550550

551551
fixPermList = [".", usersyncBaseDirFullName, confFolderName, certFolderName]
552552

553+
def _safe_chown_chmod(path, uid, gid, mode):
554+
try:
555+
os.chown(path, uid, gid)
556+
os.chmod(path, mode)
557+
except PermissionError as e:
558+
print(f"Skipping {path}: Permission denied ({e})")
559+
except OSError as e:
560+
print(f"Skipping {path}: OS error ({e})")
561+
553562
for dir in fixPermList:
554563
for root, dirs, files in os.walk(dir):
555-
os.chown(root, ownerId, groupId)
556-
os.chmod(root, 0o755)
564+
_safe_chown_chmod(root, ownerId, groupId, 0o755)
557565
for obj in dirs:
558-
dn = join(root, obj)
559-
os.chown(dn, ownerId, groupId)
560-
os.chmod(dn, 0o755)
566+
_safe_chown_chmod(join(root, obj), ownerId, groupId, 0o755)
561567
for obj in files:
562-
fn = join(root, obj)
563-
os.chown(fn, ownerId, groupId)
564-
os.chmod(fn, 0o750)
568+
_safe_chown_chmod(join(root, obj), ownerId, groupId, 0o750)
565569

566570
if isfile(nativeAuthProgramName):
567571
try:

0 commit comments

Comments
 (0)