| { |
| "services": [ |
| { |
| "name": "HIVE", |
| "identities": [ |
| { |
| "name": "hive_spnego", |
| "reference": "/spnego" |
| }, |
| { |
| "name": "hive_smokeuser", |
| "reference": "/smokeuser" |
| } |
| ], |
| "configurations": [ |
| { |
| "hive-site": { |
| "hive.metastore.sasl.enabled": "true", |
| "hive.server2.authentication": "KERBEROS" |
| } |
| }, |
| { |
| "ranger-hive-audit": { |
| "xasecure.audit.jaas.Client.loginModuleName": "com.sun.security.auth.module.Krb5LoginModule", |
| "xasecure.audit.jaas.Client.loginModuleControlFlag": "required", |
| "xasecure.audit.jaas.Client.option.useKeyTab": "true", |
| "xasecure.audit.jaas.Client.option.storeKey": "false", |
| "xasecure.audit.jaas.Client.option.serviceName": "solr", |
| "xasecure.audit.destination.solr.force.use.inmemory.jaas.config": "true" |
| } |
| } |
| ], |
| "components": [ |
| { |
| "name": "HIVE_METASTORE", |
| "identities": [ |
| { |
| "name": "hive_hive_metastore_hdfs", |
| "reference": "/HDFS/NAMENODE/hdfs" |
| }, |
| { |
| "name": "hive_app_timeline_server_yarn", |
| "reference": "/YARN/APP_TIMELINE_SERVER/app_timeline_server_yarn" |
| }, |
| { |
| "name": "hive_hive_metastore_hive_server_hive", |
| "reference": "/HIVE/HIVE_SERVER/hive_server_hive", |
| "principal": { |
| "configuration": "hive-site/hive.metastore.kerberos.principal" |
| }, |
| "keytab": { |
| "configuration": "hive-site/hive.metastore.kerberos.keytab.file" |
| } |
| } |
| ] |
| }, |
| { |
| "name": "HIVE_SERVER", |
| "identities": [ |
| { |
| "name": "hive_hive_server_hdfs", |
| "reference": "/HDFS/NAMENODE/hdfs" |
| }, |
| { |
| "name": "hive_server_hive", |
| "principal": { |
| "value": "hive/_HOST@${realm}", |
| "type": "service", |
| "configuration": "hive-site/hive.server2.authentication.kerberos.principal", |
| "local_username": "${hive-env/hive_user}" |
| }, |
| "keytab": { |
| "file": "${keytab_dir}/hive.service.keytab", |
| "owner": { |
| "name": "${hive-env/hive_user}", |
| "access": "r" |
| }, |
| "group": { |
| "name": "${cluster-env/user_group}", |
| "access": "r" |
| }, |
| "configuration": "hive-site/hive.server2.authentication.kerberos.keytab" |
| } |
| }, |
| { |
| "name": "atlas_kafka", |
| "reference": "/HIVE/HIVE_SERVER/hive_server_hive", |
| "principal": { |
| "configuration": "hive-atlas-application.properties/atlas.jaas.KafkaClient.option.principal" |
| }, |
| "keytab": { |
| "configuration": "hive-atlas-application.properties/atlas.jaas.KafkaClient.option.keyTab" |
| } |
| }, |
| { |
| "name": "hive_hive_server_spnego", |
| "reference": "/spnego", |
| "principal": { |
| "configuration": "hive-site/hive.server2.authentication.spnego.principal" |
| }, |
| "keytab": { |
| "configuration": "hive-site/hive.server2.authentication.spnego.keytab" |
| } |
| }, |
| { |
| "name": "ranger_audit", |
| "reference": "/HIVE/HIVE_SERVER/hive_server_hive", |
| "principal": { |
| "configuration": "ranger-hive-audit/xasecure.audit.jaas.Client.option.principal" |
| }, |
| "keytab": { |
| "configuration": "ranger-hive-audit/xasecure.audit.jaas.Client.option.keyTab" |
| } |
| } |
| ] |
| }, |
| { |
| "name": "HIVE_SERVER_INTERACTIVE", |
| "identities": [ |
| { |
| "name": "hive_hive_server_interactive_hdfs", |
| "reference": "/HDFS/NAMENODE/hdfs" |
| }, |
| { |
| "name": "hive_hive_server_interactive_hive_server_hive", |
| "reference": "/HIVE/HIVE_SERVER/hive_server_hive" |
| }, |
| { |
| "name": "hive_hive_server_interactive_spnego", |
| "reference": "/HIVE/HIVE_SERVER/spnego" |
| }, |
| { |
| "name": "hive_hive_server_interactive_llap_zk_hive", |
| "reference": "/YARN/NODEMANAGER/llap_zk_hive" |
| }, |
| { |
| "name": "hive_hive_server_interactive_task_scheduler_am_registry", |
| "reference": "/HIVE/HIVE_SERVER/hive_server_hive", |
| "principal": { |
| "configuration": "hive-interactive-site/hive.llap.task.scheduler.am.registry.principal" |
| }, |
| "keytab": { |
| "configuration": "hive-interactive-site/hive.llap.task.scheduler.am.registry.keytab.file" |
| } |
| } |
| ] |
| } |
| ] |
| } |
| ] |
| } |