| <?xml version="1.0"?> |
| <?xml-stylesheet type="text/xsl" href="configuration.xsl"?> |
| |
| <!-- Licensed to the Apache Software Foundation (ASF) under one or more --> |
| <!-- contributor license agreements. See the NOTICE file distributed with --> |
| <!-- this work for additional information regarding copyright ownership. --> |
| <!-- The ASF licenses this file to You under the Apache License, Version 2.0 --> |
| <!-- (the "License"); you may not use this file except in compliance with --> |
| <!-- the License. You may obtain a copy of the License at --> |
| <!-- --> |
| <!-- http://www.apache.org/licenses/LICENSE-2.0 --> |
| <!-- --> |
| <!-- Unless required by applicable law or agreed to in writing, software --> |
| <!-- distributed under the License is distributed on an "AS IS" BASIS, --> |
| <!-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --> |
| <!-- See the License for the specific language governing permissions and --> |
| <!-- limitations under the License. --> |
| |
| <% namenode_hosts = Array(@hadoop_namenode_host) -%> |
| <configuration> |
| |
| <property> |
| <!-- URI of NN. Fully qualified. No IP.--> |
| <name>fs.defaultFS</name> |
| <% if @ha != "disabled" -%> |
| <value>hdfs://<%= @nameservice_id %></value> |
| <% else -%> |
| <value>hdfs://<%= namenode_hosts[0] %>:<%= @hadoop_namenode_port %></value> |
| <% end -%> |
| </property> |
| |
| <% if @hdfs_nfs_bridge == "enabled" -%> |
| <property> |
| <name>hadoop.proxyuser.<%= @hdfs_nfs_bridge_user %>.groups</name> |
| <value><%= @hdfs_nfs_proxy_groups %></value> |
| <description> |
| The '<%= @hdfs_nfs_bridge_user %>' user is allowed to proxy all members of the groups. Note that in most cases you will need to include the |
| group "root" because the user "root" (which usually belonges to "root" group) will |
| generally be the user that initially executes the mount on the NFS client system. |
| Set this to '*' to allow nfsserver user to proxy any group. |
| </description> |
| </property> |
| |
| <property> |
| <name>hadoop.proxyuser.<%= @hdfs_nfs_bridge_user %>.hosts</name> |
| <value><%= @hdfs_nfs_gw_host %></value> |
| <description> |
| This is the host where the nfs gateway is running. Set this to '*' to allow |
| requests from any hosts to be proxied. |
| </description> |
| </property> |
| <% end -%> |
| |
| <% if @ha == "auto" and @zk -%> |
| <property> |
| <name>ha.zookeeper.quorum</name> |
| <value><%= @zk %></value> |
| </property> |
| <% end -%> |
| |
| <property> |
| <name>hadoop.security.authentication</name> |
| <value><%= @hadoop_security_authentication %></value> |
| </property> |
| |
| <% if @hadoop_security_authentication == "kerberos" %> |
| <property> |
| <name>hadoop.security.authorization</name> |
| <value>true</value> |
| </property> |
| <% end %> |
| |
| <% if @hadoop_security_group_mapping %> |
| <property> |
| <name>hadoop.security.group.mapping</name> |
| <value><%= @hadoop_security_group_mapping %></value> |
| </property> |
| <% end %> |
| |
| <% if @hadoop_core_proxyusers %> |
| <% @hadoop_core_proxyusers.sort.each do |superuser, data| %> |
| <property> |
| <name>hadoop.proxyuser.<%= superuser %>.hosts</name> |
| <value><%= data['hosts'] %></value> |
| </property> |
| <property> |
| <name>hadoop.proxyuser.<%= superuser %>.groups</name> |
| <value><%= data['groups'] %></value> |
| </property> |
| <% end %> |
| |
| <% end %> |
| <% if @hadoop_snappy_codec %> |
| <property> |
| <name>io.compression.codecs</name> |
| <value>org.apache.hadoop.io.compress.GzipCodec,org.apache.hadoop.io.compress.DefaultCodec,org.apache.hadoop.io.compress.BZip2Codec,org.apache.hadoop.io.compress.SnappyCodec</value> |
| </property> |
| <!-- property> |
| <name>io.compression.codec.lzo.class</name> |
| <value>com.hadoop.compression.lzo.LzoCodec</value> |
| </property--> |
| <% end %> |
| |
| <% if @hadoop_config_fs_inmemory_size_mb %> |
| <property> |
| <name>fs.inmemory.size.mb</name> |
| <value><%= @hadoop_config_fs_inmemory_size_mb %></value> |
| </property> |
| <% end %> |
| |
| <% if @hadoop_config_io_file_buffer_size %> |
| <property> |
| <name>io.file.buffer.size</name> |
| <value><%= @hadoop_config_io_file_buffer_size %></value> |
| </property> |
| <% end %> |
| |
| <% if @hadoop_http_authentication_type == "kerberos" -%> |
| <!-- enable proper authentication instead of static mock authentication as |
| Dr. Who --> |
| <property> |
| <name>hadoop.http.filter.initializers</name> |
| <value>org.apache.hadoop.security.AuthenticationFilterInitializer</value> |
| </property> |
| |
| <!-- disable anonymous access --> |
| <property> |
| <name>hadoop.http.authentication.simple.anonymous.allowed</name> |
| <value>false</value> |
| </property> |
| |
| <!-- enable kerberos authentication --> |
| <property> |
| <name>hadoop.http.authentication.type</name> |
| <value>kerberos</value> |
| </property> |
| |
| <property> |
| <name>hadoop.http.authentication.kerberos.principal</name> |
| <value>HTTP/_HOST@<%= @kerberos_realm %></value> |
| </property> |
| |
| <property> |
| <name>hadoop.http.authentication.kerberos.keytab</name> |
| <value>/etc/HTTP.keytab</value> |
| </property> |
| |
| <!-- provide secret for cross-service-cross-machine cookie --> |
| <property> |
| <name>hadoop.http.authentication.signature.secret.file</name> |
| <value><%= @hadoop_http_authentication_signature_secret_file %></value> |
| </property> |
| |
| <!-- make all services on all hosts use the same cookie domain --> |
| <property> |
| <name>hadoop.http.authentication.cookie.domain</name> |
| <value><%= @hadoop_http_authentication_cookie_domain %></value> |
| </property> |
| <% end -%> |
| |
| <% if (scope['::hadoop_cluster_node::cluster_components']).include? 'qfs' -%> |
| <!-- run mapreduce over QFS --> |
| <property> |
| <name>fs.AbstractFileSystem.qfs.impl</name> |
| <value>com.quantcast.qfs.hadoop.Qfs</value> |
| </property> |
| <property> |
| <name>fs.qfs.impl</name> |
| <value>com.quantcast.qfs.hadoop.QuantcastFileSystem</value> |
| </property> |
| <% end -%> |
| |
| <% if @kms_host %> |
| <property> |
| <name>hadoop.security.key.provider.path</name> |
| <value>kms://http@<%= @kms_host %>:<%= @kms_port %>/kms</value> |
| </property> |
| <% end -%> |
| </configuration> |