Steps to enable Trace logging in Ambari server for Oracle Database. Step1: 1. Download ojdbc6_g.jar from Oracle JDBC driver trace jar and copy to /usr/share/java and make sure to have correct permissions. Note: take out the actual ojdbc.jar from the location. 2.Create /etc/ambari-server/conf/oracle.properties .level=ALL oracle.jdbc.level=INFO oracle.jdbc.handlers=java.util.logging.ConsoleHandler java.util.logging.ConsoleHandler.level=INFO java.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter 3. Add "-Doracle.jdbc.Trace=true -Djava.util.logging.config.file=/etc/ambari-server/conf/oracle.properties" property in /var/lib/ambari-server/ambari-env.sh export AMBARI_JVM_ARGS=$AMBARI_JVM_ARGS' -Xms512m -Xmx2048m -XX:MaxPermSize=128m -Djava.security.auth.login.config=$ROOT/etc/ambari-server/conf/krb5JAASLogin.conf -Djav to export AMBARI_JVM_ARGS=$AMBARI_JVM_ARGS' -Xms512m -Xmx2048m -XX:MaxPermSize=128m -Doracle.jdbc.Trace=true -Djava.util.logging.config.file=/etc/ambari-server/conf/oracle.properties -Djava.security.auth.login.config=$ROOT/etc/ambari-server/conf/krb5JAASLogin.conf -Djav After restart you will see logs being written to jdbc.log file ... View more

Steps to enable Query logging in Ambari server with Postgres Database 1. If it is Postgres as DB then add following property in ambari.properties server.jdbc.properties.loglevel=2 After restart you can see SQL query logging to Ambari-server.out file 2.If it is MySQL as DB then add/update following property in ambari.properties. append below value in JDBC URL ?logger=com.mysql.jdbc.log.Slf4JLogger&profileSQL=true Ex: server.jdbc.rca.url=jdbc:mysql://apappudb.hdp.com:3306/ambariupgrade?logger=com.mysql.jdbc.log.Slf4JLogger&profileSQL=true and server.jdbc.url=jdbc:mysql://apappudb.hdp.com:3306/ambariupgrade?logger=com.mysql.jdbc.log.Slf4JLogger&profileSQL=true After re-start you will find the logs in ambari-server.log ... View more

Steps to enable SSL for Grafana from the keystore file. 1. First create keystore file using below command. $JAVA_HOME/bin/keytool -genkey -keyalg RSA -alias grafana -keystore keystore.jks -validity 360 -keysize 2048 2. Now export cert from JKS file keytool -export -alias grafana -file server.cer -keystore keystore.jks 3. Convert cert from DER to PEM format openssl x509 -in server.cer -inform der -outform pem -out cert.pem 4. Export privatekey to PKCS12 file keytool -v -importkeystore -srckeystore keystore.jks -srcalias ambari -destkeystore myp12file.p12 -deststoretype PKCS12 5. Now export private key from PKCS12 to PEM format. openssl pkcs12 -in myp12file.p12 -clcerts -nodes -nocerts | openssl rsa > private.key Note: private.key should be unencrypted file. it should be like -----BEGIN RSA PRIVATE KEY----- xxxx -----END RSA PRIVATE KEY----- Should be not having like "-----BEGIN ENCRYPTED PRIVATE KEY-----" The reason for using un encrypted key is because Grafana does not have any option to take privatekey password. 6. configure below properties under "Advanced ams-grafana-ini" Advanced ams-grafana-ini protocol https Advanced ams-grafana-ini cert_file path/cert.pem Advanced ams-grafana-ini cert-Key path/private.key 7. Restart Grafana server 8. You should be able to access the UI using https://HOSTNAME:3000/ ... View more

1. Create keystore file first. keytool -genkey -keyalg RSA -alias ooziehost -keystore keystore.jks -validity 360 -keysize 2048 2. Login to Ambari server and go to Oozie configurations. 3. Add below configurations under "Advanced oozie-env" export OOZIE_HTTPS_PORT=11443 export OOZIE_HTTPS_KEYSTORE_FILE=/tmp/keystore.jks export OOZIE_HTTPS_KEYSTORE_PASS=bigdata 4. Restart Oozie service from UI. 5. Now launch the Oozie UI from quick links - you should be able to access the URL https://OOZIEHOST:11443/oozie/ Note: Make sure to import the cert into Ambari Truststore. ... View more