| <?xml version="1.0"?> |
| <?xml-stylesheet type="text/xsl" href="configuration.xsl"?> |
| <!-- |
| /** |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| --> |
| <configuration supports_final="false" supports_adding_forbidden="true"> |
| <!-- topology file --> |
| <property> |
| <name>content</name> |
| <display-name>topology template</display-name> |
| <value> |
| <topology> |
| |
| <gateway> |
| |
| <provider> |
| <role>authentication</role> |
| <name>ShiroProvider</name> |
| <enabled>true</enabled> |
| <param> |
| <name>sessionTimeout</name> |
| <value>30</value> |
| </param> |
| <param> |
| <name>main.ldapRealm</name> |
| <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value> |
| </param> |
| <param> |
| <name>main.ldapRealm.userDnTemplate</name> |
| <value>uid={0},ou=people,dc=hadoop,dc=apache,dc=org</value> |
| </param> |
| <param> |
| <name>main.ldapRealm.contextFactory.url</name> |
| <value>ldap://{{knox_host_name}}:33389</value> |
| </param> |
| <param> |
| <name>main.ldapRealm.contextFactory.authenticationMechanism</name> |
| <value>simple</value> |
| </param> |
| <param> |
| <name>urls./**</name> |
| <value>authcBasic</value> |
| </param> |
| </provider> |
| |
| <provider> |
| <role>identity-assertion</role> |
| <name>Default</name> |
| <enabled>true</enabled> |
| </provider> |
| |
| <provider> |
| <role>authorization</role> |
| <name>AclsAuthz</name> |
| <enabled>true</enabled> |
| </provider> |
| |
| </gateway> |
| |
| <service> |
| <role>NAMENODE</role> |
| <url>hdfs://{{namenode_host}}:{{namenode_rpc_port}}</url> |
| </service> |
| |
| <service> |
| <role>JOBTRACKER</role> |
| <url>rpc://{{rm_host}}:{{jt_rpc_port}}</url> |
| </service> |
| |
| <service> |
| <role>WEBHDFS</role> |
| {{webhdfs_service_urls}} |
| </service> |
| |
| <service> |
| <role>WEBHCAT</role> |
| <url>http://{{webhcat_server_host}}:{{templeton_port}}/templeton</url> |
| </service> |
| |
| <service> |
| <role>OOZIE</role> |
| <url>http://{{oozie_server_host}}:{{oozie_server_port}}/oozie</url> |
| </service> |
| |
| <service> |
| <role>WEBHBASE</role> |
| <url>http://{{hbase_master_host}}:{{hbase_master_port}}</url> |
| </service> |
| |
| <service> |
| <role>HIVE</role> |
| <url>http://{{hive_server_host}}:{{hive_http_port}}/{{hive_http_path}}</url> |
| </service> |
| |
| <service> |
| <role>RESOURCEMANAGER</role> |
| <url>http://{{rm_host}}:{{rm_port}}/ws</url> |
| </service> |
| </topology> |
| </value> |
| <description> |
| The configuration specifies the Hadoop cluster services Knox will provide access to. |
| </description> |
| <value-attributes> |
| <type>content</type> |
| <empty-value-valid>true</empty-value-valid> |
| <show-property-name>false</show-property-name> |
| </value-attributes> |
| <depends-on> |
| <property> |
| <type>ranger-knox-plugin-properties</type> |
| <name>ranger-knox-plugin-enabled</name> |
| </property> |
| </depends-on> |
| <on-ambari-upgrade add="true"/> |
| </property> |
| </configuration> |