| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| CORE-SITE.XML_fs.defaultFS=ofs://om |
| CORE-SITE.XML_fs.trash.interval=1 |
| |
| OZONE-SITE.XML_ozone.om.address=om |
| OZONE-SITE.XML_ozone.om.http-address=om:9874 |
| OZONE-SITE.XML_ozone.scm.container.size=1GB |
| OZONE-SITE.XML_ozone.scm.pipeline.creation.interval=30s |
| OZONE-SITE.XML_ozone.scm.pipeline.owner.container.count=1 |
| OZONE-SITE.XML_ozone.scm.names=scm |
| OZONE-SITE.XML_ozone.scm.datanode.id.dir=/data |
| OZONE-SITE.XML_ozone.scm.block.client.address=scm |
| OZONE-SITE.XML_ozone.metadata.dirs=/data/metadata |
| OZONE-SITE.XML_ozone.handler.type=distributed |
| OZONE-SITE.XML_ozone.scm.client.address=scm |
| OZONE-SITE.XML_hdds.block.token.enabled=true |
| OZONE-SITE.XML_ozone.replication=3 |
| OZONE-SITE.XML_ozone.datanode.pipeline.limit=1 |
| |
| OZONE-SITE.XML_ozone.recon.om.snapshot.task.interval.delay=1m |
| OZONE-SITE.XML_ozone.recon.db.dir=/data/metadata/recon |
| OZONE-SITE.XML_ozone.recon.om.snapshot.task.initial.delay=20s |
| OZONE-SITE.XML_ozone.recon.address=recon:9891 |
| |
| OZONE-SITE.XML_ozone.security.enabled=true |
| OZONE-SITE.XML_ozone.acl.enabled=true |
| OZONE-SITE.XML_ozone.acl.authorizer.class=org.apache.hadoop.ozone.security.acl.OzoneNativeAuthorizer |
| OZONE-SITE.XML_ozone.administrators="testuser/scm@EXAMPLE.COM,testuser/s3g@EXAMPLE.COM" |
| |
| OZONE-SITE.XML_hdds.datanode.dir=/data/hdds |
| HDFS-SITE.XML_dfs.datanode.address=0.0.0.0:1019 |
| HDFS-SITE.XML_dfs.datanode.http.address=0.0.0.0:1012 |
| CORE-SITE.XML_dfs.data.transfer.protection=authentication |
| CORE-SITE.XML_hadoop.security.authentication=kerberos |
| CORE-SITE.XML_hadoop.security.auth_to_local="RULE:[2:$1](testuser2.*) RULE:[2:$1@$0](.*)s/.*/root/" |
| CORE-SITE.XML_hadoop.security.key.provider.path=kms://http@kms:9600/kms |
| |
| |
| OZONE-SITE.XML_hdds.scm.kerberos.principal=scm/scm@EXAMPLE.COM |
| OZONE-SITE.XML_hdds.scm.kerberos.keytab.file=/etc/security/keytabs/scm.keytab |
| OZONE-SITE.XML_ozone.om.kerberos.principal=om/om@EXAMPLE.COM |
| OZONE-SITE.XML_ozone.om.kerberos.keytab.file=/etc/security/keytabs/om.keytab |
| OZONE-SITE.XML_ozone.recon.kerberos.keytab.file=/etc/security/keytabs/recon.keytab |
| OZONE-SITE.XML_ozone.recon.kerberos.principal=recon/recon@EXAMPLE.COM |
| |
| HDFS-SITE.XML_dfs.datanode.kerberos.principal=dn/_HOST@EXAMPLE.COM |
| HDFS-SITE.XML_dfs.datanode.keytab.file=/etc/security/keytabs/dn.keytab |
| HDFS-SITE.XML_dfs.web.authentication.kerberos.principal=HTTP/_HOST@EXAMPLE.COM |
| HDFS-SITE.XML_dfs.web.authentication.kerberos.keytab=/etc/security/keytabs/HTTP.keytab |
| |
| |
| OZONE-SITE.XML_ozone.security.http.kerberos.enabled=true |
| OZONE-SITE.XML_ozone.http.filter.initializers=org.apache.hadoop.security.AuthenticationFilterInitializer |
| |
| OZONE-SITE.XML_ozone.om.http.auth.type=kerberos |
| OZONE-SITE.XML_hdds.scm.http.auth.type=kerberos |
| OZONE-SITE.XML_hdds.datanode.http.auth.type=kerberos |
| OZONE-SITE.XML_ozone.s3g.http.auth.type=kerberos |
| OZONE-SITE.XML_ozone.recon.http.auth.type=kerberos |
| |
| OZONE-SITE.XML_hdds.scm.http.auth.kerberos.principal=HTTP/scm@EXAMPLE.COM |
| OZONE-SITE.XML_hdds.scm.http.auth.kerberos.keytab=/etc/security/keytabs/HTTP.keytab |
| OZONE-SITE.XML_ozone.om.http.auth.kerberos.principal=HTTP/om@EXAMPLE.COM |
| OZONE-SITE.XML_ozone.om.http.auth.kerberos.keytab=/etc/security/keytabs/HTTP.keytab |
| OZONE-SITE.XML_hdds.datanode.http.auth.kerberos.principal=HTTP/_HOST@EXAMPLE.COM |
| OZONE-SITE.XML_hdds.datanode.http.auth.kerberos.keytab=/etc/security/keytabs/HTTP.keytab |
| OZONE-SITE.XML_ozone.s3g.http.auth.kerberos.keytab=/etc/security/keytabs/HTTP.keytab |
| OZONE-SITE.XML_ozone.s3g.http.auth.kerberos.principal=HTTP/s3g@EXAMPLE.COM |
| OZONE-SITE.XML_ozone.recon.http.auth.kerberos.principal=HTTP/recon@EXAMPLE.COM |
| OZONE-SITE.XML_ozone.recon.http.auth.kerberos.keytab=/etc/security/keytabs/HTTP.keytab |
| |
| CORE-SITE.XML_hadoop.http.authentication.simple.anonymous.allowed=false |
| CORE-SITE.XML_hadoop.http.authentication.signature.secret.file=/etc/security/http_secret |
| CORE-SITE.XML_hadoop.http.authentication.type=kerberos |
| CORE-SITE.XML_hadoop.http.authentication.kerberos.principal=HTTP/_HOST@EXAMPLE.COM |
| CORE-SITE.XML_hadoop.http.authentication.kerberos.keytab=/etc/security/keytabs/HTTP.keytab |
| |
| |
| CORE-SITE.XML_hadoop.security.authorization=true |
| HADOOP-POLICY.XML_ozone.om.security.client.protocol.acl=* |
| HADOOP-POLICY.XML_hdds.security.client.datanode.container.protocol.acl=* |
| HADOOP-POLICY.XML_hdds.security.client.scm.container.protocol.acl=* |
| HADOOP-POLICY.XML_hdds.security.client.scm.block.protocol.acl=* |
| HADOOP-POLICY.XML_hdds.security.client.scm.certificate.protocol.acl=* |
| |
| HDFS-SITE.XML_rpc.metrics.quantile.enable=true |
| HDFS-SITE.XML_rpc.metrics.percentiles.intervals=60,300 |
| |
| #Enable this variable to print out all hadoop rpc traffic to the stdout. See http://byteman.jboss.org/ to define your own instrumentation. |
| #BYTEMAN_SCRIPT_URL=https://raw.githubusercontent.com/apache/hadoop/trunk/dev-support/byteman/hadooprpc.btm |
| |
| OZONE_DATANODE_SECURE_USER=root |
| SECURITY_ENABLED=true |
| KEYTAB_DIR=/etc/security/keytabs |
| KERBEROS_KEYSTORES=hadoop |
| KERBEROS_SERVER=kdc |
| JAVA_HOME=/usr/lib/jvm/jre |
| JSVC_HOME=/usr/bin |
| SLEEP_SECONDS=5 |
| KERBEROS_ENABLED=true |
| |
| no_proxy=om,scm,recon,s3g,kdc,localhost,127.0.0.1 |