| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| http://www.apache.org/licenses/LICENSE-2.0 |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| --> |
| <configuration> |
| <property> |
| <name>dfs.replication</name> |
| <value>1</value> |
| </property> |
| <property> |
| <name>dfs.namenode.rpc-address</name> |
| <value>master.docker-hadoop-cluster-network:9000</value> |
| </property> |
| <property> |
| <name>dfs.permissions</name> |
| <value>true</value> |
| <description> If "true", enable permission checking in |
| HDFS. If "false", permission checking is turned |
| off, but all other behavior is |
| unchanged. Switching from one parameter value to the other does |
| not change the mode, owner or group of files or |
| directories. </description> |
| </property> |
| |
| <property> |
| <name>dfs.permissions.supergroup</name> |
| <value>root</value> |
| <description>The name of the group of super-users.</description> |
| </property> |
| |
| <property> |
| <name>dfs.namenode.handler.count</name> |
| <value>100</value> |
| <description>Added to grow Queue size so that more client connections are allowed</description> |
| </property> |
| |
| <property> |
| <name>ipc.server.max.response.size</name> |
| <value>5242880</value> |
| </property> |
| |
| <property> |
| <name>dfs.block.access.token.enable</name> |
| <value>true</value> |
| <description> If "true", access tokens are used as capabilities |
| for accessing datanodes. If "false", no access tokens are checked on |
| accessing datanodes. </description> |
| </property> |
| |
| <property> |
| <name>dfs.namenode.kerberos.principal</name> |
| <value>hdfs/_HOST@EXAMPLE.COM</value> |
| <description> Kerberos principal name for the NameNode </description> |
| </property> |
| |
| <property> |
| <name>dfs.secondary.namenode.kerberos.principal</name> |
| <value>hdfs/_HOST@EXAMPLE.COM</value> |
| <description>Kerberos principal name for the secondary NameNode. |
| </description> |
| </property> |
| |
| <property> |
| <name>dfs.secondary.http.address</name> |
| <value>master:50090</value> |
| <description>Address of secondary namenode web server</description> |
| </property> |
| |
| <property> |
| <name>dfs.secondary.https.port</name> |
| <value>50490</value> |
| <description>The https port where secondary-namenode binds</description> |
| </property> |
| |
| <property> |
| <name>dfs.web.authentication.kerberos.principal</name> |
| <value>HTTP/_HOST@EXAMPLE.COM</value> |
| <description> The HTTP Kerberos principal used by Hadoop-Auth in the HTTP endpoint. |
| The HTTP Kerberos principal MUST start with 'HTTP/' per Kerberos HTTP |
| SPNEGO specification. |
| </description> |
| </property> |
| |
| <property> |
| <name>dfs.web.authentication.kerberos.keytab</name> |
| <value>/etc/security/keytabs/hdfs.keytab</value> |
| <description>The Kerberos keytab file with the credentials for the HTTP |
| Kerberos principal used by Hadoop-Auth in the HTTP endpoint. |
| </description> |
| </property> |
| |
| <property> |
| <name>dfs.datanode.kerberos.principal</name> |
| <value>hdfs/_HOST@EXAMPLE.COM</value> |
| <description> |
| The Kerberos principal that the DataNode runs as. "_HOST" is replaced by the real |
| host name. |
| </description> |
| </property> |
| |
| <property> |
| <name>dfs.namenode.keytab.file</name> |
| <value>/etc/security/keytabs/hdfs.keytab</value> |
| <description> |
| Combined keytab file containing the namenode service and host |
| principals. |
| </description> |
| </property> |
| |
| <property> |
| <name>dfs.secondary.namenode.keytab.file</name> |
| <value>/etc/security/keytabs/hdfs.keytab</value> |
| <description> |
| Combined keytab file containing the namenode service and host |
| principals. |
| </description> |
| </property> |
| |
| <property> |
| <name>dfs.datanode.keytab.file</name> |
| <value>/etc/security/keytabs/hdfs.keytab</value> |
| <description> |
| The filename of the keytab file for the DataNode. |
| </description> |
| </property> |
| |
| <property> |
| <name>dfs.datanode.data.dir.perm</name> |
| <value>750</value> |
| <description>The permissions that should be there on |
| dfs.data.dir directories. The datanode will not come up if the |
| permissions are different on existing dfs.data.dir directories. If |
| the directories don't exist, they will be created with this |
| permission.</description> |
| </property> |
| |
| <property> |
| <name>dfs.access.time.precision</name> |
| <value>0</value> |
| <description>The access time for HDFS file is precise upto this |
| value.The default value is 1 hour. Setting a value of 0 |
| disables access times for HDFS. |
| </description> |
| </property> |
| |
| <property> |
| <name>dfs.cluster.administrators</name> |
| <value>root</value> |
| <description>ACL for who all can view the default servlets in the HDFS</description> |
| </property> |
| |
| <property> |
| <name>ipc.server.read.threadpool.size</name> |
| <value>5</value> |
| <description></description> |
| </property> |
| |
| <property> |
| <name>dfs.data.transfer.protection</name> |
| <value>authentication</value> |
| </property> |
| <property> |
| <name>dfs.encrypt.data.transfer</name> |
| <value>true</value> |
| </property> |
| |
| <property> |
| <name>dfs.datanode.data.dir.perm</name> |
| <value>700</value> |
| </property> |
| |
| <property> |
| <name>dfs.http.policy</name> |
| <value>HTTPS_ONLY</value> |
| </property> |
| </configuration> |
| |