Ranger Properties in Cloudera Runtime 7.1.7

Ranger Admin Advanced Configuration Snippet (Safety Valve) for conf/ranger-admin-site.xml

Description

For advanced use only. A string to be inserted into conf/ranger-admin-site.xml for this role only.

Related Name

Default Value

API Name

conf/ranger-admin-site.xml_role_safety_valve

Required

false

Ranger Admin Logging Advanced Configuration Snippet (Safety Valve)

Description

For advanced use only, a string to be inserted into log4j.properties for this role only.

Related Name

Default Value

API Name

log4j_safety_valve

Required

false

Enable auto refresh for metric configurations

Description

When true, Enable Metric Collection and Metric Filter parameters will be set automatically if they're changed. Otherwise, a refresh by hand is required.

Related Name

Default Value

false

API Name

metric_config_auto_refresh

Required

false

Heap Dump Directory

Description

Path to directory where heap dumps are generated when java.lang.OutOfMemoryError error is thrown. This directory is automatically created if it does not exist. If this directory already exists, it will be owned by the current role user with 1777 permissions. Sharing the same directory among multiple roles will cause an ownership race. The heap dump files are created with 600 permissions and are owned by the role user. The amount of free space in this directory should be greater than the maximum Java Process heap size configured for this role.

Related Name

oom_heap_dump_dir

Default Value

/tmp

API Name

oom_heap_dump_dir

Required

false

Dump Heap When Out of Memory

Description

When set, generates a heap dump file when when an out-of-memory error occurs.

Related Name

Default Value

true

API Name

oom_heap_dump_enabled

Required

true

Kill When Out of Memory

Description

When set, a SIGKILL signal is sent to the role process when java.lang.OutOfMemoryError is thrown.

Related Name

Default Value

true

API Name

oom_sigkill_enabled

Required

true

Automatically Restart Process

Description

When set, this role's process is automatically (and transparently) restarted in the event of an unexpected failure. This configuration applies in the time after the Start Wait Timeout period.

Related Name

Default Value

false

API Name

process_auto_restart

Required

true

Enable Metric Collection

Description

Cloudera Manager agent monitors each service and each of its role by publishing metrics to the Cloudera Manager Service Monitor. Setting it to false will stop Cloudera Manager agent from publishing any metric for corresponding service/roles. This is usually helpful for services that generate large amount of metrics which Service Monitor is not able to process.

Related Name

Default Value

true

API Name

process_should_monitor

Required

true

Process Start Retry Attempts

Description

Number of times to try starting a role's process when the process exits before the Start Wait Timeout period. After a process is running beyond the Start Wait Timeout, the retry count is reset. Setting this configuration to zero will prevent restart of the process during the Start Wait Timeout period.

Related Name

Default Value

3

API Name

process_start_retries

Required

false

Process Start Wait Timeout

Description

The time in seconds to wait for a role's process to start successfully on a host. Processes which exit/crash before this time will be restarted until reaching the limit specified by the Start Retry Attempts count parameter. Setting this configuration to zero will turn off this feature.

Related Name

Default Value

20

API Name

process_start_secs

Required

false

Ranger Admin Environment Advanced Configuration Snippet (Safety Valve)

Description

For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of this role except client configuration.

Related Name

Default Value

API Name

RANGER_ADMIN_role_env_safety_valve

Required

false

Ranger Admin Log Directory

Description

The log directory for log files of the role Ranger Admin.

Related Name

ranger.logs.base.dir

Default Value

/var/log/ranger/admin

API Name

log_dir

Required

false

Ranger Admin Logging Threshold

Description

The minimum log level for Ranger Admin logs

Related Name

Default Value

INFO

API Name

log_threshold

Required

false

Ranger Admin Maximum Log File Backups

Description

The maximum number of rolled log files to keep for Ranger Admin logs. Typically used by log4j or logback.

Related Name

Default Value

10

API Name

max_log_backup_index

Required

false

Ranger Admin Max Log Size

Description

The maximum size, in megabytes, per log file for Ranger Admin logs. Typically used by log4j or logback.

Related Name

Default Value

200 MiB

API Name

max_log_size

Required

false

Enable Health Alerts for this Role

Description

When set, Cloudera Manager will send alerts when the health of this role reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold

Related Name

Default Value

true

API Name

enable_alerts

Required

false

Enable Configuration Change Alerts

Description

When set, Cloudera Manager will send alerts when this entity's configuration changes.

Related Name

Default Value

false

API Name

enable_config_alerts

Required

false

Log Directory Free Space Monitoring Absolute Thresholds

Description

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory.

Related Name

Default Value

Warning: 10 GiB, Critical: 5 GiB

API Name

log_directory_free_space_absolute_thresholds

Required

false

Log Directory Free Space Monitoring Percentage Thresholds

Description

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory. Specified as a percentage of the capacity on that filesystem. This setting is not used if a Log Directory Free Space Monitoring Absolute Thresholds setting is configured.

Related Name

Default Value

Warning: Never, Critical: Never

API Name

log_directory_free_space_percentage_thresholds

Required

false

Metric Filter

Description

Defines a Metric Filter for this role. Cloudera Manager Agents will not send filtered metrics to the Service Monitor. Define the following fields:

• Health Test Metric Set - Select this parameter to collect only metrics required for health tests.
• Default Dashboard Metric Set - Select this parameter to collect only metrics required for the default dashboards. For user-defined charts, you must add the metrics you require for the chart using the Custom Metrics parameter.
• Include/Exclude Custom Metrics - Select Include to specify metrics that should be collected. Select Exclude to specify metrics that should not be collected. Enter the metric names to be included or excluded using the Metric Name parameter.
• Metric Name - The name of a metric that will be included or excluded during metric collection.

If you do not select Health Test Metric Set or Default Dashboard Metric Set, or specify metrics by name, metric filtering will be turned off (this is the default behavior).For example, the following configuration enables the collection of metrics required for Health Tests and the jvm_heap_used_mb metric:

• Include only Health Test Metric Set: Selected.
• Include/Exclude Custom Metrics: Set to Include.
• Metric Name: jvm_heap_used_mb

You can also view the JSON representation for this parameter by clicking View as JSON. In this example, the JSON looks like this:{ "includeHealthTestMetricSet": true, "filterType": "whitelist", "metrics": ["jvm_heap_used_mb"] }

Related Name

Default Value

API Name

monitoring_metric_filter

Required

false

Swap Memory Usage Rate Thresholds

Description

The health test thresholds on the swap memory usage rate of the process. Specified as the change of the used swap memory during the predefined period.

Related Name

Default Value

Warning: Never, Critical: Never

API Name

process_swap_memory_rate_thresholds

Required

false

Swap Memory Usage Rate Window

Description

The period to review when computing unexpected swap memory usage change of the process.

Related Name

common.process.swap_memory_rate_window

Default Value

5 minute(s)

API Name

process_swap_memory_rate_window

Required

false

Process Swap Memory Thresholds

Description

The health test thresholds on the swap memory usage of the process. This takes precedence over the host level threshold.

Related Name

Default Value

Warning: 200 B, Critical: Never

API Name

process_swap_memory_thresholds

Required

false

File Descriptor Monitoring Thresholds

Description

The health test thresholds of the number of file descriptors used. Specified as a percentage of file descriptor limit.

Related Name

Default Value

Warning: 50.0 %, Critical: 70.0 %

API Name

ranger_admin_fd_thresholds

Required

false

Ranger Admin Host Health Test

Description

When computing the overall Ranger Admin health, consider the host's health.

Related Name

Default Value

true

API Name

ranger_admin_host_health_enabled

Required

false

Ranger Admin Process Health Test

Description

Enables the health test that the Ranger Admin's process state is consistent with the role configuration

Related Name

Default Value

true

API Name

ranger_admin_scm_health_enabled

Required

false

Role Triggers

Description

The configured triggers for this role. This is a JSON-formatted list of triggers. These triggers are evaluated as part as the health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has the following fields:

• triggerName (mandatory) - The name of the trigger. This value must be unique for the specific role.
• triggerExpression (mandatory) - A tsquery expression representing the trigger.
• streamThreshold (optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire.
• enabled (optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.
• expressionEditorConfig (optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger configured for a DataNode fires if the DataNode has more than 1500 file descriptors opened:[{"triggerName": "sample-trigger", "triggerExpression": "IF (SELECT fd_open WHERE roleName=$ROLENAME and last(fd_open) > 1500) DO health:bad", "streamThreshold": 0, "enabled": "true"}]See the trigger rules documentation for more details on how to write triggers using tsquery.The JSON format is evolving and may change and, as a result, backward compatibility is not guaranteed between releases.

Related Name

Default Value

[]

API Name

role_triggers

Required

true

Unexpected Exits Thresholds

Description

The health test thresholds for unexpected exits encountered within a recent period specified by the unexpected_exits_window configuration for the role.

Related Name

Default Value

Warning: Never, Critical: Any

API Name

unexpected_exits_thresholds

Required

false

Unexpected Exits Monitoring Period

Description

The period to review when computing unexpected exits.

Related Name

Default Value

5 minute(s)

API Name

unexpected_exits_window

Required

false

Ranger Admin Diagnostics Collection Timeout

Description

The timeout in milliseconds to wait for diagnostics collection to complete.

Related Name

Default Value

5 minute(s)

API Name

csd_role_diagnostics_timeout

Required

false

Graceful Shutdown Timeout

Description

The timeout in milliseconds to wait for graceful shutdown to complete.

Related Name

Default Value

18 second(s)

API Name

graceful_stop_timeout

Required

false

Exclude Users from Audit Access Tab

Description

A single user, or a comma-separated list of multiple users that are excluded from Ranger audits when the Exclude Service Users checkbox is selected on the Ranger Audit Access tab in the Ranger Admin Web UI.

Related Name

ranger.accesslogs.exclude.users.list

Default Value

rangertagsync

API Name

ranger.accesslogs.exclude.users.list

Required

false

Kerberos Cookie Path

Description

Kerberos Cookie path

Related Name

ranger.admin.kerberos.cookie.path

Default Value

/

API Name

ranger.admin.kerberos.cookie.path

Required

false

Kerberos Token Valid Seconds

Description

Kerberos token validity

Related Name

ranger.admin.kerberos.token.valid.seconds

Default Value

30

API Name

ranger.admin.kerberos.token.valid.seconds

Required

false

Maximum Shards for Solr Collection of Ranger Audits

Description

Maximum number of shards for the Ranger Audit Solr collection. The recommended value is, number of replica given multiple by number of shards given for the collection.

Related Name

ranger.audit.solr.max.shards.per.node

Default Value

1

API Name

ranger.audit.solr.max.shards.per.node

Required

true

Replicas for Solr Collection of Ranger Audits

Description

Number of replicas for Ranger Audit Solr collection. The recommended value is, number of Solr servers running in the current cluster divided by number of shards for the collection.

Related Name

ranger.audit.solr.no.replica

Default Value

1

API Name

ranger.audit.solr.no.replica

Required

true

Shards for Solr Collection of Ranger Audits

Description

Number of shards required for Ranger Audit Solr collection. The recommended number of shards is equal or less than the number of Solr Server running in the current cluster.

Related Name

ranger.audit.solr.no.shards

Default Value

1

API Name

ranger.audit.solr.no.shards

Required

true

Enable Knox Trusted Proxy Support

Description

Determine if the Ranger service should allow authentication using Knox trusted proxy.

Related Name

ranger.authentication.allow.trustedproxy

Default Value

false

API Name

ranger.authentication.allow.trustedproxy

Required

false

Default Policy Groups

Description

Single or comma separated list of groups that are required in default policies for Ranger plugin services. The groups will be added for any new Ranger Plugin services created in Ranger Admin after setting value to this parameter.

Related Name

ranger.default.policy.groups

Default Value

API Name

ranger.default.policy.groups

Required

false

Default Policy Users

Description

Single or comma separated list of users that are required in default policies for Ranger plugin services. The users will be added for any new Ranger Plugin services created in Ranger Admin after setting value to this parameter.

Related Name

ranger.default.policy.users

Default Value

API Name

ranger.default.policy.users

Required

false

Admin AD Auth Base DN

Description

This parameter is only used if Authentication method is AD. The Distinguished Name (DN) of the starting point for directory server searches.

Related Name

ranger.ldap.ad.base.dn

Default Value

API Name

ranger.ldap.ad.base.dn

Required

false

Admin AD Auth Bind DN

Description

Full distinguished name (DN), including common name (CN), of an AD user account that has privileges to search for users. Only used if Authentication method is AD

Related Name

ranger.ldap.ad.bind.dn

Default Value

API Name

ranger.ldap.ad.bind.dn

Required

false

Admin AD Auth Domain Name

Description

AD domain. Only used if Authentication method is AD.

Related Name

ranger.ldap.ad.domain

Default Value

API Name

ranger.ldap.ad.domain

Required

false

Admin AD Auth Referral

Description

This parameter is only used if Authentication method is AD. Set to follow if multiple AD servers are configured to return continuation references for results. Set to ignore (default) if no referrals should be followed.

Related Name

ranger.ldap.ad.referral

Default Value

ignore

API Name

ranger.ldap.ad.referral

Required

false

Admin AD Auth URL

Description

AD URL. Only used if Authentication method is AD

Related Name

ranger.ldap.ad.url

Default Value

API Name

ranger.ldap.ad.url

Required

false

Admin AD Auth User Search Filter

Description

AD user search filter. Only used if Authentication method is AD.

Related Name

ranger.ldap.ad.user.searchfilter

Default Value

API Name

ranger.ldap.ad.user.searchfilter

Required

false

Admin LDAP Auth Base DN

Description

The Distinguished Name (DN) of the starting point for directory server searches. Only used if Authentication method is LDAP.

Related Name

ranger.ldap.base.dn

Default Value

API Name

ranger.ldap.base.dn

Required

false

Admin LDAP Auth Bind User

Description

Full distinguished name (DN), including common name (CN), of an LDAP user account that has privileges to search for users. This user is used for searching the users. This could be read-only LDAP user. Example: cn=admin,dc=example,dc=com

Related Name

ranger.ldap.bind.dn

Default Value

API Name

ranger.ldap.bind.dn

Required

false

Admin LDAP Auth Group Role Attribute

Description

LDAP group role attribute. Only used if Authentication method is LDAP.

Related Name

ranger.ldap.group.roleattribute

Default Value

API Name

ranger.ldap.group.roleattribute

Required

false

Admin LDAP Auth Group Search Base

Description

LDAP group searchbase. Only used if Authentication method is LDAP.

Related Name

ranger.ldap.group.searchbase

Default Value

API Name

ranger.ldap.group.searchbase

Required

false

Admin LDAP Auth Group Search Filter

Description

LDAP group search filter. Only used if Authentication method is LDAP.

Related Name

ranger.ldap.group.searchfilter

Default Value

API Name

ranger.ldap.group.searchfilter

Required

false

Admin LDAP Auth Referral

Description

This parameter is only used if Authentication method is LDAP. Set to follow if multiple LDAP servers are configured to return continuation references for results. Set to ignore (default) if no referrals should be followed. When this parameter is set to throw, all of the normal entries are returned in the enumeration first, before the ReferralException is thrown.

Related Name

ranger.ldap.referral

Default Value

ignore

API Name

ranger.ldap.referral

Required

false

Admin LDAP Auth URL

Description

LDAP server URL. Example: value = ldap://localhost:389 or ldaps://localhost:636

Related Name

ranger.ldap.url

Default Value

API Name

ranger.ldap.url

Required

false

Admin LDAP Auth User DN Pattern

Description

LDAP user DN. Only used if Authentication method is LDAP.

Related Name

ranger.ldap.user.dnpattern

Default Value

API Name

ranger.ldap.user.dnpattern

Required

false

Admin LDAP Auth User Search Filter

Description

LDAP user search filter. Only used if Authentication method is LDAP.

Related Name

ranger.ldap.user.searchfilter

Default Value

API Name

ranger.ldap.user.searchfilter

Required

false

SSO Browser Useragent

Description

Comma seperated values of browser agent

Related Name

ranger.sso.browser.useragent

Default Value

Mozilla, chrome

API Name

ranger.sso.browser.useragent

Required

false

Enable Ranger SSO

Description

Determine if Ranger is Knox SSO enabled or not ?

Related Name

ranger.sso.enabled

Default Value

false

API Name

ranger.sso.enabled

Required

false

SSO Provider Url

Description

SSO provider url Example: https://KNOX_HOST:KNOX_PORT/gateway/KNOXSSO_TOPOLOGY_NAME/api/v1/websso

Related Name

ranger.sso.providerurl

Default Value

API Name

ranger.sso.providerurl

Required

false

SSO Public Key

Description

Public key for SSO cookie verification

Related Name

ranger.sso.publicKey

Default Value

API Name

ranger.sso.publicKey

Required

false

Enable Auto Create Tag Service

Description

Whether to create tag service in Ranger Admin.

Related Name

ranger.tagservice.auto.create

Default Value

true

API Name

ranger.tagservice.auto.create

Required

false

Enable Tag Service Auto Link

Description

Whether to link the Tag service set in "Tag Service Name" parameter to all available services in Ranger Admin.

Related Name

ranger.tagservice.auto.link

Default Value

true

API Name

ranger.tagservice.auto.link

Required

false

Tag Service Name

Description

Name of the tag service that will be created in Ranger Admin when "Enable Auto Create Tag Service" parameter is enabled.

Related Name

ranger.tagservice.auto.name

Default Value

cm_tag

API Name

ranger.tagservice.auto.name

Required

false

Admin UNIX Auth Remote Login

Description

Whether remote login is enabled. Only used if Authentication method is UNIX.

Related Name

ranger.unixauth.remote.login.enabled

Default Value

true

API Name

ranger.unixauth.remote.login.enabled

Required

false

Admin UNIX Auth Service Hostname

Description

Host where unix authentication service is running. Only used if Authentication method is UNIX. {{RANGER_USERSYNC_HOST}} is a placeholder value which will be replaced with the host where Ranger Usersync will be installed in the current cluster.

Related Name

ranger.unixauth.service.hostname

Default Value

RANGER_USERSYNC_HOST

API Name

ranger.unixauth.service.hostname

Required

false

Ranger Admin Conf Path

Description

Staging directory for Ranger Admin Configuration. This should generally not be changed.

Related Name

ranger_admin_conf_path

Default Value

/etc/ranger/admin

API Name

ranger_admin_conf_path

Required

true

Ranger Admin Max Heapsize

Description

Maximum size for the Java Process heap. Passed to Java -Xmx. Measured in megabytes.

Related Name

ranger_admin_max_heap_size

Default Value

1 GiB

API Name

ranger_admin_max_heap_size

Required

true

Admin Authentication Method

Description

Authentication Method for login to Ranger Admin.

Related Name

ranger.authentication.method

Default Value

UNIX

API Name

ranger_authentication_method

Required

false

Ranger Database Host

Description

Hostname of the database used by Ranger Admin. If the port is non-default for your database type, use host:port notation.

Related Name

ranger_database_host

Default Value

API Name

ranger_database_host

Required

true

Ranger Database Name

Description

Name of Ranger Admin database.

Related Name

ranger_database_name

Default Value

ranger

API Name

ranger_database_name

Required

true

Ranger Database User Password

Description

Password for Ranger Admin database.

Related Name

ranger.jpa.jdbc.password

Default Value

API Name

ranger_database_password

Required

true

Ranger Database Type

Description

Database type to be used.

Related Name

ranger_database_type

Default Value

PostgreSQL

API Name

ranger_database_type

Required

true

Ranger Database User

Description

User for Ranger Admin database.

Related Name

ranger.jpa.jdbc.user

Default Value

rangeradmin

API Name

ranger_database_user

Required

true

Admin AD Auth Bind Password

Description

Password for the account that can search for users. Only used if Authentication method is AD

Related Name

ranger.ldap.ad.bind.password

Default Value

API Name

ranger_ldap_ad_bind_password

Required

false

Admin LDAP Auth Bind User Password

Description

Password for the account that can search for users.

Related Name

ranger.ldap.bind.password

Default Value

API Name

ranger_ldap_bind_password

Required

false

Knox Proxy User Groups

Description

Accepts a list of group names. The Knox user can impersonate only the users that belong to the groups specified in the list. The wildcard value * may be used to allow impersonation of any user belonging to any group.

Related Name

ranger.proxyuser.knox.groups

Default Value

*

API Name

ranger_proxyuser_knox_groups

Required

false

Knox Proxy User Hosts

Description

Accepts a list of IP addresses, IP address ranges in CIDR format and/or host names. The Knox user can impersonate only the requests coming from hosts specified in the list. The wildcard value * may be used to allow impersonation from any host.

Related Name

ranger.proxyuser.knox.hosts

Default Value

*

API Name

ranger_proxyuser_knox_hosts

Required

false

Knox Proxy User Users

Description

Accepts a list of usernames. The Knox user can impersonate only the users specified in the list. The wildcard value * may be used to allow impersonation of any user.

Related Name

ranger.proxyuser.knox.users

Default Value

*

API Name

ranger_proxyuser_knox_users

Required

false

Ranger Tomcat Work Dir

Description

Tomcat work directory for Ranger Admin. This should generally not be changed.

Related Name

ranger_tomcat_work_dir

Default Value

/var/lib/ranger/admin

API Name

ranger_tomcat_work_dir

Required

true

Maximum Process File Descriptors

Description

If configured, overrides the process soft and hard rlimits (also called ulimits) for file descriptors to the configured value.

Related Name

Default Value

API Name

rlimit_fds

Required

false

Admin Unix Auth Service Port

Description

Port for unix authentication service. Only used if Authentication method is UNIX.

Related Name

ranger.unixauth.service.port

Default Value

5151

API Name

ranger.unixauth.service.port

Required

false

Cgroup CPU Shares

Description

Number of CPU shares to assign to this role. The greater the number of shares, the larger the share of the host's CPUs that will be given to this role when the host experiences CPU contention. Must be between 2 and 262144. Defaults to 1024 for processes not managed by Cloudera Manager.

Related Name

cpu.shares

Default Value

1024

API Name

rm_cpu_shares

Required

true

Custom Control Group Resources (overrides Cgroup settings)

Description

Custom control group resources to assign to this role, which will be enforced by the Linux kernel. These resources should exist on the target hosts, otherwise an error will occur when the process starts. Use the same format as used for arguments to the cgexec command: resource1,resource2:path1 or resource3:path2 For example: 'cpu,memory:my/path blkio:my2/path2' ***These settings override other cgroup settings.***

Related Name

custom.cgroups

Default Value

API Name

rm_custom_resources

Required

false

Cgroup I/O Weight

Description

Weight for the read I/O requests issued by this role. The greater the weight, the higher the priority of the requests when the host experiences I/O contention. Must be between 100 and 1000. Defaults to 1000 for processes not managed by Cloudera Manager.

Related Name

blkio.weight

Default Value

500

API Name

rm_io_weight

Required

true

Cgroup Memory Hard Limit

Description

Hard memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'

Related Name

memory.limit_in_bytes

Default Value

-1 MiB

API Name

rm_memory_hard_limit

Required

true

Cgroup Memory Soft Limit

Description

Soft memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages charged to the process if and only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'

Related Name

memory.soft_limit_in_bytes

Default Value

-1 MiB

API Name

rm_memory_soft_limit

Required

true

Ranger Admin TLS/SSL Trust Store File

Description

The location on disk of the trust store, in .jks format, used to confirm the authenticity of TLS/SSL servers that Ranger Admin might connect to. This trust store must contain the certificate(s) used to sign the service(s) connected to. If this parameter is not provided, the default list of well-known certificate authorities is used instead.

Related Name

ranger.truststore.file

Default Value

API Name

ssl_client_truststore_location

Required

false

Ranger Admin TLS/SSL Trust Store Password

Description

The password for the Ranger Admin TLS/SSL Trust Store File. This password is not required to access the trust store; this field can be left blank. This password provides optional integrity checking of the file. The contents of trust stores are certificates, and certificates are public information.

Related Name

ranger.truststore.password

Default Value

API Name

ssl_client_truststore_password

Required

false

Enable TLS/SSL for Ranger Admin

Description

Encrypt communication between clients and Ranger Admin using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)).

Related Name

ranger.service.https.attrib.ssl.enabled

Default Value

false

API Name

ssl_enabled

Required

false

Ranger Admin TLS/SSL Server Keystore File Location

Description

The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when Ranger Admin is acting as a TLS/SSL server. The keystore must be in the format specified in Administration > Settings > Java Keystore Type.

Related Name

ranger.https.attrib.keystore.file

Default Value

API Name

ssl_server_keystore_location

Required

false

Ranger Admin TLS/SSL Server Keystore File Password

Description

The password for the Ranger Admin keystore file.

Related Name

ranger.service.https.attrib.keystore.pass

Default Value

API Name

ssl_server_keystore_password

Required

false

Stacks Collection Data Retention

Description

The amount of stacks data that is retained. After the retention limit is reached, the oldest data is deleted.

Related Name

stacks_collection_data_retention

Default Value

100 MiB

API Name

stacks_collection_data_retention

Required

false

Stacks Collection Directory

Description

The directory in which stacks logs are placed. If not set, stacks are logged into a stacks subdirectory of the role's log directory. If this directory already exists, it will be owned by the current role user with 755 permissions. Sharing the same directory among multiple roles will cause an ownership race.

Related Name

stacks_collection_directory

Default Value

API Name

stacks_collection_directory

Required

false

Stacks Collection Enabled

Description

Whether or not periodic stacks collection is enabled.

Related Name

stacks_collection_enabled

Default Value

false

API Name

stacks_collection_enabled

Required

true

Stacks Collection Frequency

Description

The frequency with which stacks are collected.

Related Name

stacks_collection_frequency

Default Value

5.0 second(s)

API Name

stacks_collection_frequency

Required

false

Stacks Collection Method

Description

The method used to collect stacks. The jstack option involves periodically running the jstack command against the role's daemon process. The servlet method is available for those roles that have an HTTP server endpoint exposing the current stacks traces of all threads. When the servlet method is selected, that HTTP endpoint is periodically scraped.

Related Name

stacks_collection_method

Default Value

jstack

API Name

stacks_collection_method

Required

false

Suppress Configuration Validator: CDH Version Validator

Description

Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_cdh_version_validator

Required

true

Suppress Parameter Validation: Ranger Admin Advanced Configuration Snippet (Safety Valve) for conf/ranger-admin-site.xml

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Admin Advanced Configuration Snippet (Safety Valve) for conf/ranger-admin-site.xml parameter.

Related Name

Default Value

false

API Name

role_config_suppression_conf/ranger-admin-site.xml_role_safety_valve

Required

true

Suppress Parameter Validation: Ranger Admin Logging Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Admin Logging Advanced Configuration Snippet (Safety Valve) parameter.

Related Name

Default Value

false

API Name

role_config_suppression_log4j_safety_valve

Required

true

Suppress Parameter Validation: Ranger Admin Log Directory

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Admin Log Directory parameter.

Related Name

Default Value

false

API Name

role_config_suppression_log_dir

Required

true

Suppress Parameter Validation: Heap Dump Directory

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Heap Dump Directory parameter.

Related Name

Default Value

false

API Name

role_config_suppression_oom_heap_dump_dir

Required

true

Suppress Parameter Validation: Exclude Users from Audit Access Tab

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Exclude Users from Audit Access Tab parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.accesslogs.exclude.users.list

Required

true

Suppress Parameter Validation: Kerberos Cookie Path

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Kerberos Cookie Path parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.admin.kerberos.cookie.path

Required

true

Suppress Parameter Validation: Default Policy Groups

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Default Policy Groups parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.default.policy.groups

Required

true

Suppress Parameter Validation: Default Policy Users

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Default Policy Users parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.default.policy.users

Required

true

Suppress Parameter Validation: Admin AD Auth Base DN

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin AD Auth Base DN parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.ad.base.dn

Required

true

Suppress Parameter Validation: Admin AD Auth Bind DN

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin AD Auth Bind DN parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.ad.bind.dn

Required

true

Suppress Parameter Validation: Admin AD Auth Domain Name

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin AD Auth Domain Name parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.ad.domain

Required

true

Suppress Parameter Validation: Admin AD Auth URL

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin AD Auth URL parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.ad.url

Required

true

Suppress Parameter Validation: Admin AD Auth User Search Filter

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin AD Auth User Search Filter parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.ad.user.searchfilter

Required

true

Suppress Parameter Validation: Admin LDAP Auth Base DN

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin LDAP Auth Base DN parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.base.dn

Required

true

Suppress Parameter Validation: Admin LDAP Auth Bind User

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin LDAP Auth Bind User parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.bind.dn

Required

true

Suppress Parameter Validation: Admin LDAP Auth Group Role Attribute

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin LDAP Auth Group Role Attribute parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.group.roleattribute

Required

true

Suppress Parameter Validation: Admin LDAP Auth Group Search Base

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin LDAP Auth Group Search Base parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.group.searchbase

Required

true

Suppress Parameter Validation: Admin LDAP Auth Group Search Filter

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin LDAP Auth Group Search Filter parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.group.searchfilter

Required

true

Suppress Parameter Validation: Admin LDAP Auth URL

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin LDAP Auth URL parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.url

Required

true

Suppress Parameter Validation: Admin LDAP Auth User DN Pattern

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin LDAP Auth User DN Pattern parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.user.dnpattern

Required

true

Suppress Parameter Validation: Admin LDAP Auth User Search Filter

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin LDAP Auth User Search Filter parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.user.searchfilter

Required

true

Suppress Parameter Validation: SSO Browser Useragent

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the SSO Browser Useragent parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.sso.browser.useragent

Required

true

Suppress Parameter Validation: SSO Provider Url

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the SSO Provider Url parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.sso.providerurl

Required

true

Suppress Parameter Validation: SSO Public Key

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the SSO Public Key parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.sso.publickey

Required

true

Suppress Parameter Validation: Tag Service Name

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Tag Service Name parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.tagservice.auto.name

Required

true

Suppress Parameter Validation: Admin UNIX Auth Service Hostname

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin UNIX Auth Service Hostname parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.unixauth.service.hostname

Required

true

Suppress Parameter Validation: Admin Unix Auth Service Port

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin Unix Auth Service Port parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.unixauth.service.port

Required

true

Suppress Parameter Validation: Ranger Admin Conf Path

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Admin Conf Path parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_admin_conf_path

Required

true

Suppress Parameter Validation: Ranger Admin Max Heapsize

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Admin Max Heapsize parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_admin_max_heap_size

Required

true

Suppress Parameter Validation: Ranger Admin Environment Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Admin Environment Advanced Configuration Snippet (Safety Valve) parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_admin_role_env_safety_valve

Required

true

Suppress Parameter Validation: Ranger Database Host

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Database Host parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_database_host

Required

true

Suppress Parameter Validation: Ranger Database Name

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Database Name parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_database_name

Required

true

Suppress Parameter Validation: Ranger Database User Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Database User Password parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_database_password

Required

true

Suppress Parameter Validation: Ranger Database User

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Database User parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_database_user

Required

true

Suppress Parameter Validation: Admin AD Auth Bind Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin AD Auth Bind Password parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_ldap_ad_bind_password

Required

true

Suppress Parameter Validation: Admin LDAP Auth Bind User Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin LDAP Auth Bind User Password parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_ldap_bind_password

Required

true

Suppress Parameter Validation: Knox Proxy User Groups

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Knox Proxy User Groups parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_proxyuser_knox_groups

Required

true

Suppress Parameter Validation: Knox Proxy User Hosts

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Knox Proxy User Hosts parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_proxyuser_knox_hosts

Required

true

Suppress Parameter Validation: Knox Proxy User Users

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Knox Proxy User Users parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_proxyuser_knox_users

Required

true

Suppress Parameter Validation: Ranger Tomcat Work Dir

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tomcat Work Dir parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_tomcat_work_dir

Required

true

Suppress Parameter Validation: Custom Control Group Resources (overrides Cgroup settings)

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Control Group Resources (overrides Cgroup settings) parameter.

Related Name

Default Value

false

API Name

role_config_suppression_rm_custom_resources

Required

true

Suppress Parameter Validation: Role Triggers

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Triggers parameter.

Related Name

Default Value

false

API Name

role_config_suppression_role_triggers

Required

true

Suppress Parameter Validation: Ranger Admin TLS/SSL Trust Store File

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Admin TLS/SSL Trust Store File parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_client_truststore_location

Required

true

Suppress Parameter Validation: Ranger Admin TLS/SSL Trust Store Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Admin TLS/SSL Trust Store Password parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_client_truststore_password

Required

true

Suppress Parameter Validation: Ranger Admin TLS/SSL Server Keystore File Location

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Admin TLS/SSL Server Keystore File Location parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_server_keystore_location

Required

true

Suppress Parameter Validation: Ranger Admin TLS/SSL Server Keystore File Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Admin TLS/SSL Server Keystore File Password parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_server_keystore_password

Required

true

Suppress Parameter Validation: Stacks Collection Directory

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Stacks Collection Directory parameter.

Related Name

Default Value

false

API Name

role_config_suppression_stacks_collection_directory

Required

true

Suppress Health Test: Audit Pipeline Test

Description

Whether to suppress the results of the Audit Pipeline Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_admin_audit_health

Required

true

Suppress Health Test: File Descriptors

Description

Whether to suppress the results of the File Descriptors heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_admin_file_descriptor

Required

true

Suppress Health Test: Host Health

Description

Whether to suppress the results of the Host Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_admin_host_health

Required

true

Suppress Health Test: Log Directory Free Space

Description

Whether to suppress the results of the Log Directory Free Space heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_admin_log_directory_free_space

Required

true

Suppress Health Test: Process Status

Description

Whether to suppress the results of the Process Status heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_admin_scm_health

Required

true

Suppress Health Test: Swap Memory Usage

Description

Whether to suppress the results of the Swap Memory Usage heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_admin_swap_memory_usage

Required

true

Suppress Health Test: Swap Memory Usage Rate Beta

Description

Whether to suppress the results of the Swap Memory Usage Rate Beta heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_admin_swap_memory_usage_rate

Required

true

Suppress Health Test: Unexpected Exits

Description

Whether to suppress the results of the Unexpected Exits heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_admin_unexpected_exits

Required

true

Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/atlas-application.properties

Description

For advanced use only. A string to be inserted into conf/atlas-application.properties for this role only.

Related Name

Default Value

API Name

conf/atlas-application.properties_role_safety_valve

Required

false

Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/ranger-tagsync-policymgr-ssl.xml

Description

For advanced use only. A string to be inserted into conf/ranger-tagsync-policymgr-ssl.xml for this role only.

Related Name

Default Value

API Name

conf/ranger-tagsync-policymgr-ssl.xml_role_safety_valve

Required

false

Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/ranger-tagsync-site.xml

Description

For advanced use only. A string to be inserted into conf/ranger-tagsync-site.xml for this role only.

Related Name

Default Value

API Name

conf/ranger-tagsync-site.xml_role_safety_valve

Required

false

Ranger Tagsync Logging Advanced Configuration Snippet (Safety Valve)

Description

For advanced use only, a string to be inserted into log4j.properties for this role only.

Related Name

Default Value

API Name

log4j_safety_valve

Required

false

Enable auto refresh for metric configurations

Description

When true, Enable Metric Collection and Metric Filter parameters will be set automatically if they're changed. Otherwise, a refresh by hand is required.

Related Name

Default Value

false

API Name

metric_config_auto_refresh

Required

false

Heap Dump Directory

Description

Path to directory where heap dumps are generated when java.lang.OutOfMemoryError error is thrown. This directory is automatically created if it does not exist. If this directory already exists, it will be owned by the current role user with 1777 permissions. Sharing the same directory among multiple roles will cause an ownership race. The heap dump files are created with 600 permissions and are owned by the role user. The amount of free space in this directory should be greater than the maximum Java Process heap size configured for this role.

Related Name

oom_heap_dump_dir

Default Value

/tmp

API Name

oom_heap_dump_dir

Required

false

Dump Heap When Out of Memory

Description

When set, generates a heap dump file when when an out-of-memory error occurs.

Related Name

Default Value

true

API Name

oom_heap_dump_enabled

Required

true

Kill When Out of Memory

Description

When set, a SIGKILL signal is sent to the role process when java.lang.OutOfMemoryError is thrown.

Related Name

Default Value

true

API Name

oom_sigkill_enabled

Required

true

Automatically Restart Process

Description

When set, this role's process is automatically (and transparently) restarted in the event of an unexpected failure. This configuration applies in the time after the Start Wait Timeout period.

Related Name

Default Value

false

API Name

process_auto_restart

Required

true

Enable Metric Collection

Description

Cloudera Manager agent monitors each service and each of its role by publishing metrics to the Cloudera Manager Service Monitor. Setting it to false will stop Cloudera Manager agent from publishing any metric for corresponding service/roles. This is usually helpful for services that generate large amount of metrics which Service Monitor is not able to process.

Related Name

Default Value

true

API Name

process_should_monitor

Required

true

Process Start Retry Attempts

Description

Number of times to try starting a role's process when the process exits before the Start Wait Timeout period. After a process is running beyond the Start Wait Timeout, the retry count is reset. Setting this configuration to zero will prevent restart of the process during the Start Wait Timeout period.

Related Name

Default Value

3

API Name

process_start_retries

Required

false

Process Start Wait Timeout

Description

The time in seconds to wait for a role's process to start successfully on a host. Processes which exit/crash before this time will be restarted until reaching the limit specified by the Start Retry Attempts count parameter. Setting this configuration to zero will turn off this feature.

Related Name

Default Value

20

API Name

process_start_secs

Required

false

Ranger Tagsync Environment Advanced Configuration Snippet (Safety Valve)

Description

For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of this role except client configuration.

Related Name

Default Value

API Name

RANGER_TAGSYNC_role_env_safety_valve

Required

false

Ranger Tagsync Log Directory

Description

The log directory for log files of the role Ranger Tagsync.

Related Name

ranger.tagsync.logdir

Default Value

/var/log/ranger/tagsync

API Name

log_dir

Required

false

Ranger Tagsync Logging Threshold

Description

The minimum log level for Ranger Tagsync logs

Related Name

Default Value

INFO

API Name

log_threshold

Required

false

Ranger Tagsync Maximum Log File Backups

Description

The maximum number of rolled log files to keep for Ranger Tagsync logs. Typically used by log4j or logback.

Related Name

Default Value

10

API Name

max_log_backup_index

Required

false

Ranger Tagsync Max Log Size

Description

The maximum size, in megabytes, per log file for Ranger Tagsync logs. Typically used by log4j or logback.

Related Name

Default Value

200 MiB

API Name

max_log_size

Required

false

Enable Health Alerts for this Role

Description

When set, Cloudera Manager will send alerts when the health of this role reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold

Related Name

Default Value

true

API Name

enable_alerts

Required

false

Enable Configuration Change Alerts

Description

When set, Cloudera Manager will send alerts when this entity's configuration changes.

Related Name

Default Value

false

API Name

enable_config_alerts

Required

false

Log Directory Free Space Monitoring Absolute Thresholds

Description

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory.

Related Name

Default Value

Warning: 10 GiB, Critical: 5 GiB

API Name

log_directory_free_space_absolute_thresholds

Required

false

Log Directory Free Space Monitoring Percentage Thresholds

Description

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory. Specified as a percentage of the capacity on that filesystem. This setting is not used if a Log Directory Free Space Monitoring Absolute Thresholds setting is configured.

Related Name

Default Value

Warning: Never, Critical: Never

API Name

log_directory_free_space_percentage_thresholds

Required

false

Metric Filter

Description

Defines a Metric Filter for this role. Cloudera Manager Agents will not send filtered metrics to the Service Monitor. Define the following fields:

• Health Test Metric Set - Select this parameter to collect only metrics required for health tests.
• Default Dashboard Metric Set - Select this parameter to collect only metrics required for the default dashboards. For user-defined charts, you must add the metrics you require for the chart using the Custom Metrics parameter.
• Include/Exclude Custom Metrics - Select Include to specify metrics that should be collected. Select Exclude to specify metrics that should not be collected. Enter the metric names to be included or excluded using the Metric Name parameter.
• Metric Name - The name of a metric that will be included or excluded during metric collection.

If you do not select Health Test Metric Set or Default Dashboard Metric Set, or specify metrics by name, metric filtering will be turned off (this is the default behavior).For example, the following configuration enables the collection of metrics required for Health Tests and the jvm_heap_used_mb metric:

• Include only Health Test Metric Set: Selected.
• Include/Exclude Custom Metrics: Set to Include.
• Metric Name: jvm_heap_used_mb

You can also view the JSON representation for this parameter by clicking View as JSON. In this example, the JSON looks like this:{ "includeHealthTestMetricSet": true, "filterType": "whitelist", "metrics": ["jvm_heap_used_mb"] }

Related Name

Default Value

API Name

monitoring_metric_filter

Required

false

Swap Memory Usage Rate Thresholds

Description

The health test thresholds on the swap memory usage rate of the process. Specified as the change of the used swap memory during the predefined period.

Related Name

Default Value

Warning: Never, Critical: Never

API Name

process_swap_memory_rate_thresholds

Required

false

Swap Memory Usage Rate Window

Description

The period to review when computing unexpected swap memory usage change of the process.

Related Name

common.process.swap_memory_rate_window

Default Value

5 minute(s)

API Name

process_swap_memory_rate_window

Required

false

Process Swap Memory Thresholds

Description

The health test thresholds on the swap memory usage of the process. This takes precedence over the host level threshold.

Related Name

Default Value

Warning: 200 B, Critical: Never

API Name

process_swap_memory_thresholds

Required

false

File Descriptor Monitoring Thresholds

Description

The health test thresholds of the number of file descriptors used. Specified as a percentage of file descriptor limit.

Related Name

Default Value

Warning: 50.0 %, Critical: 70.0 %

API Name

ranger_tagsync_fd_thresholds

Required

false

Ranger Tagsync Host Health Test

Description

When computing the overall Ranger Tagsync health, consider the host's health.

Related Name

Default Value

true

API Name

ranger_tagsync_host_health_enabled

Required

false

Ranger Tagsync Process Health Test

Description

Enables the health test that the Ranger Tagsync's process state is consistent with the role configuration

Related Name

Default Value

true

API Name

ranger_tagsync_scm_health_enabled

Required

false

Role Triggers

Description

The configured triggers for this role. This is a JSON-formatted list of triggers. These triggers are evaluated as part as the health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has the following fields:

• triggerName (mandatory) - The name of the trigger. This value must be unique for the specific role.
• triggerExpression (mandatory) - A tsquery expression representing the trigger.
• streamThreshold (optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire.
• enabled (optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.
• expressionEditorConfig (optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger configured for a DataNode fires if the DataNode has more than 1500 file descriptors opened:[{"triggerName": "sample-trigger", "triggerExpression": "IF (SELECT fd_open WHERE roleName=$ROLENAME and last(fd_open) > 1500) DO health:bad", "streamThreshold": 0, "enabled": "true"}]See the trigger rules documentation for more details on how to write triggers using tsquery.The JSON format is evolving and may change and, as a result, backward compatibility is not guaranteed between releases.

Related Name

Default Value

[]

API Name

role_triggers

Required

true

Unexpected Exits Thresholds

Description

The health test thresholds for unexpected exits encountered within a recent period specified by the unexpected_exits_window configuration for the role.

Related Name

Default Value

Warning: Never, Critical: Any

API Name

unexpected_exits_thresholds

Required

false

Unexpected Exits Monitoring Period

Description

The period to review when computing unexpected exits.

Related Name

Default Value

5 minute(s)

API Name

unexpected_exits_window

Required

false

Atlas Source: Kafka Consumer Group

Description

Kafka consumer group.

Related Name

atlas.kafka.entities.group.id

Default Value

ranger_entities_consumer

API Name

atlas.kafka.entities.group.id

Required

false

Graceful Shutdown Timeout

Description

The timeout in milliseconds to wait for graceful shutdown to complete.

Related Name

Default Value

18 second(s)

API Name

graceful_stop_timeout

Required

false

Capture Cluster name

Description

Capture cluster name.

Related Name

ranger.tagsync.atlas.default.cluster.name

Default Value

API Name

ranger.tagsync.atlas.default.cluster.name

Required

false

Enable Ranger Tagsync Cookie Authentication

Description

Enable cookie-based authentication for requests going from Ranger Tagsync to Ranger Admin.

Related Name

ranger.tagsync.cookie.enabled

Default Value

true

API Name

ranger.tagsync.cookie.enabled

Required

false

Ranger Tagsync Username

Description

Ranger Tagsync username in Ranger Admin.

Related Name

ranger.tagsync.dest.ranger.username

Default Value

rangertagsync

API Name

ranger.tagsync.dest.ranger.username

Required

false

Enable File Tag Source

Description

Whether to sync tags from file.

Related Name

ranger.tagsync.source.file

Default Value

false

API Name

ranger.tagsync.source.file

Required

false

File Source: File Update Polling Interval

Description

Sync Interval for updating tags from file.

Related Name

ranger.tagsync.source.file.check.interval.millis

Default Value

1 minute(s)

API Name

ranger.tagsync.source.file.check.interval.millis

Required

false

File Source: Filename

Description

Filename containing tags.

Related Name

ranger.tagsync.source.file.filename

Default Value

API Name

ranger.tagsync.source.file.filename

Required

false

Ranger Tagsync Conf Path

Description

Staging directory for Ranger Tagsync Configuration. This should generally not be changed.

Related Name

ranger_tagsync_conf_path

Default Value

/etc/ranger/tagsync

API Name

ranger_tagsync_conf_path

Required

true

Ranger Tagsync Max Heapsize

Description

Maximum size for the Java Process heap. Passed to Java -Xmx. Measured in megabytes.

Related Name

ranger_tagsync_max_heap_size

Default Value

1 GiB

API Name

ranger_tagsync_max_heap_size

Required

true

Maximum Process File Descriptors

Description

If configured, overrides the process soft and hard rlimits (also called ulimits) for file descriptors to the configured value.

Related Name

Default Value

API Name

rlimit_fds

Required

false

Cgroup CPU Shares

Description

Number of CPU shares to assign to this role. The greater the number of shares, the larger the share of the host's CPUs that will be given to this role when the host experiences CPU contention. Must be between 2 and 262144. Defaults to 1024 for processes not managed by Cloudera Manager.

Related Name

cpu.shares

Default Value

1024

API Name

rm_cpu_shares

Required

true

Custom Control Group Resources (overrides Cgroup settings)

Description

Custom control group resources to assign to this role, which will be enforced by the Linux kernel. These resources should exist on the target hosts, otherwise an error will occur when the process starts. Use the same format as used for arguments to the cgexec command: resource1,resource2:path1 or resource3:path2 For example: 'cpu,memory:my/path blkio:my2/path2' ***These settings override other cgroup settings.***

Related Name

custom.cgroups

Default Value

API Name

rm_custom_resources

Required

false

Cgroup I/O Weight

Description

Weight for the read I/O requests issued by this role. The greater the weight, the higher the priority of the requests when the host experiences I/O contention. Must be between 100 and 1000. Defaults to 1000 for processes not managed by Cloudera Manager.

Related Name

blkio.weight

Default Value

500

API Name

rm_io_weight

Required

true

Cgroup Memory Hard Limit

Description

Hard memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'

Related Name

memory.limit_in_bytes

Default Value

-1 MiB

API Name

rm_memory_hard_limit

Required

true

Cgroup Memory Soft Limit

Description

Soft memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages charged to the process if and only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'

Related Name

memory.soft_limit_in_bytes

Default Value

-1 MiB

API Name

rm_memory_soft_limit

Required

true

Ranger Tagsync TLS/SSL Trust Store File

Description

The location on disk of the trust store, in .jks format, used to confirm the authenticity of TLS/SSL servers that Ranger Tagsync might connect to. This trust store must contain the certificate(s) used to sign the service(s) connected to. If this parameter is not provided, the default list of well-known certificate authorities is used instead.

Related Name

xasecure.policymgr.clientssl.truststore

Default Value

API Name

ssl_client_truststore_location

Required

false

Ranger Tagsync TLS/SSL Trust Store Password

Description

The password for the Ranger Tagsync TLS/SSL Trust Store File. This password is not required to access the trust store; this field can be left blank. This password provides optional integrity checking of the file. The contents of trust stores are certificates, and certificates are public information.

Related Name

xasecure.policymgr.clientssl.truststore.password

Default Value

API Name

ssl_client_truststore_password

Required

false

Enable TLS/SSL for Ranger Tagsync

Description

Encrypt communication between clients and Ranger Tagsync using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)).

Related Name

Default Value

false

API Name

ssl_enabled

Required

false

Ranger Tagsync TLS/SSL Server Keystore File Location

Description

The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when Ranger Tagsync is acting as a TLS/SSL server. The keystore must be in the format specified in Administration > Settings > Java Keystore Type.

Related Name

xasecure.policymgr.clientssl.keystore

Default Value

API Name

ssl_server_keystore_location

Required

false

Ranger Tagsync TLS/SSL Server Keystore File Password

Description

The password for the Ranger Tagsync keystore file.

Related Name

xasecure.policymgr.clientssl.keystore.password

Default Value

API Name

ssl_server_keystore_password

Required

false

Stacks Collection Data Retention

Description

The amount of stacks data that is retained. After the retention limit is reached, the oldest data is deleted.

Related Name

stacks_collection_data_retention

Default Value

100 MiB

API Name

stacks_collection_data_retention

Required

false

Stacks Collection Directory

Description

The directory in which stacks logs are placed. If not set, stacks are logged into a stacks subdirectory of the role's log directory. If this directory already exists, it will be owned by the current role user with 755 permissions. Sharing the same directory among multiple roles will cause an ownership race.

Related Name

stacks_collection_directory

Default Value

API Name

stacks_collection_directory

Required

false

Stacks Collection Enabled

Description

Whether or not periodic stacks collection is enabled.

Related Name

stacks_collection_enabled

Default Value

false

API Name

stacks_collection_enabled

Required

true

Stacks Collection Frequency

Description

The frequency with which stacks are collected.

Related Name

stacks_collection_frequency

Default Value

5.0 second(s)

API Name

stacks_collection_frequency

Required

false

Stacks Collection Method

Description

The method used to collect stacks. The jstack option involves periodically running the jstack command against the role's daemon process. The servlet method is available for those roles that have an HTTP server endpoint exposing the current stacks traces of all threads. When the servlet method is selected, that HTTP endpoint is periodically scraped.

Related Name

stacks_collection_method

Default Value

jstack

API Name

stacks_collection_method

Required

false

Suppress Parameter Validation: Atlas Source: Kafka Consumer Group

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Atlas Source: Kafka Consumer Group parameter.

Related Name

Default Value

false

API Name

role_config_suppression_atlas.kafka.entities.group.id

Required

true

Suppress Configuration Validator: CDH Version Validator

Description

Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_cdh_version_validator

Required

true

Suppress Parameter Validation: Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/atlas-application.properties

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/atlas-application.properties parameter.

Related Name

Default Value

false

API Name

role_config_suppression_conf/atlas-application.properties_role_safety_valve

Required

true

Suppress Parameter Validation: Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/ranger-tagsync-policymgr-ssl.xml

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/ranger-tagsync-policymgr-ssl.xml parameter.

Related Name

Default Value

false

API Name

role_config_suppression_conf/ranger-tagsync-policymgr-ssl.xml_role_safety_valve

Required

true

Suppress Parameter Validation: Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/ranger-tagsync-site.xml

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/ranger-tagsync-site.xml parameter.

Related Name

Default Value

false

API Name

role_config_suppression_conf/ranger-tagsync-site.xml_role_safety_valve

Required

true

Suppress Parameter Validation: Ranger Tagsync Logging Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync Logging Advanced Configuration Snippet (Safety Valve) parameter.

Related Name

Default Value

false

API Name

role_config_suppression_log4j_safety_valve

Required

true

Suppress Parameter Validation: Ranger Tagsync Log Directory

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync Log Directory parameter.

Related Name

Default Value

false

API Name

role_config_suppression_log_dir

Required

true

Suppress Parameter Validation: Heap Dump Directory

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Heap Dump Directory parameter.

Related Name

Default Value

false

API Name

role_config_suppression_oom_heap_dump_dir

Required

true

Suppress Parameter Validation: Capture Cluster name

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Capture Cluster name parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.tagsync.atlas.default.cluster.name

Required

true

Suppress Parameter Validation: Ranger Tagsync Username

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync Username parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.tagsync.dest.ranger.username

Required

true

Suppress Parameter Validation: File Source: Filename

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the File Source: Filename parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.tagsync.source.file.filename

Required

true

Suppress Parameter Validation: Ranger Tagsync Conf Path

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync Conf Path parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_tagsync_conf_path

Required

true

Suppress Parameter Validation: Ranger Tagsync Max Heapsize

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync Max Heapsize parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_tagsync_max_heap_size

Required

true

Suppress Parameter Validation: Ranger Tagsync Environment Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync Environment Advanced Configuration Snippet (Safety Valve) parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_tagsync_role_env_safety_valve

Required

true

Suppress Parameter Validation: Custom Control Group Resources (overrides Cgroup settings)

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Control Group Resources (overrides Cgroup settings) parameter.

Related Name

Default Value

false

API Name

role_config_suppression_rm_custom_resources

Required

true

Suppress Parameter Validation: Role Triggers

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Triggers parameter.

Related Name

Default Value

false

API Name

role_config_suppression_role_triggers

Required

true

Suppress Parameter Validation: Ranger Tagsync TLS/SSL Trust Store File

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync TLS/SSL Trust Store File parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_client_truststore_location

Required

true

Suppress Parameter Validation: Ranger Tagsync TLS/SSL Trust Store Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync TLS/SSL Trust Store Password parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_client_truststore_password

Required

true

Suppress Parameter Validation: Ranger Tagsync TLS/SSL Server Keystore File Location

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync TLS/SSL Server Keystore File Location parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_server_keystore_location

Required

true

Suppress Parameter Validation: Ranger Tagsync TLS/SSL Server Keystore File Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync TLS/SSL Server Keystore File Password parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_server_keystore_password

Required

true

Suppress Parameter Validation: Stacks Collection Directory

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Stacks Collection Directory parameter.

Related Name

Default Value

false

API Name

role_config_suppression_stacks_collection_directory

Required

true

Suppress Health Test: Audit Pipeline Test

Description

Whether to suppress the results of the Audit Pipeline Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_tagsync_audit_health

Required

true

Suppress Health Test: File Descriptors

Description

Whether to suppress the results of the File Descriptors heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_tagsync_file_descriptor

Required

true

Suppress Health Test: Host Health

Description

Whether to suppress the results of the Host Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_tagsync_host_health

Required

true

Suppress Health Test: Log Directory Free Space

Description

Whether to suppress the results of the Log Directory Free Space heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_tagsync_log_directory_free_space

Required

true

Suppress Health Test: Process Status

Description

Whether to suppress the results of the Process Status heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_tagsync_scm_health

Required

true

Suppress Health Test: Swap Memory Usage

Description

Whether to suppress the results of the Swap Memory Usage heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_tagsync_swap_memory_usage

Required

true

Suppress Health Test: Swap Memory Usage Rate Beta

Description

Whether to suppress the results of the Swap Memory Usage Rate Beta heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_tagsync_swap_memory_usage_rate

Required

true

Suppress Health Test: Unexpected Exits

Description

Whether to suppress the results of the Unexpected Exits heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_tagsync_unexpected_exits

Required

true

Ranger Usersync Advanced Configuration Snippet (Safety Valve) for conf/ranger-ugsync-site.xml

Description

For advanced use only. A string to be inserted into conf/ranger-ugsync-site.xml for this role only.

Related Name

Default Value

API Name

conf/ranger-ugsync-site.xml_role_safety_valve

Required

false

Ranger Usersync Logging Advanced Configuration Snippet (Safety Valve)

Description

For advanced use only, a string to be inserted into log4j.properties for this role only.

Related Name

Default Value

API Name

log4j_safety_valve

Required

false

Enable auto refresh for metric configurations

Description

When true, Enable Metric Collection and Metric Filter parameters will be set automatically if they're changed. Otherwise, a refresh by hand is required.

Related Name

Default Value

false

API Name

metric_config_auto_refresh

Required

false

Heap Dump Directory

Description

Path to directory where heap dumps are generated when java.lang.OutOfMemoryError error is thrown. This directory is automatically created if it does not exist. If this directory already exists, it will be owned by the current role user with 1777 permissions. Sharing the same directory among multiple roles will cause an ownership race. The heap dump files are created with 600 permissions and are owned by the role user. The amount of free space in this directory should be greater than the maximum Java Process heap size configured for this role.

Related Name

oom_heap_dump_dir

Default Value

/tmp

API Name

oom_heap_dump_dir

Required

false

Dump Heap When Out of Memory

Description

When set, generates a heap dump file when when an out-of-memory error occurs.

Related Name

Default Value

true

API Name

oom_heap_dump_enabled

Required

true

Kill When Out of Memory

Description

When set, a SIGKILL signal is sent to the role process when java.lang.OutOfMemoryError is thrown.

Related Name

Default Value

true

API Name

oom_sigkill_enabled

Required

true

Automatically Restart Process

Description

When set, this role's process is automatically (and transparently) restarted in the event of an unexpected failure. This configuration applies in the time after the Start Wait Timeout period.

Related Name

Default Value

false

API Name

process_auto_restart

Required

true

Enable Metric Collection

Description

Cloudera Manager agent monitors each service and each of its role by publishing metrics to the Cloudera Manager Service Monitor. Setting it to false will stop Cloudera Manager agent from publishing any metric for corresponding service/roles. This is usually helpful for services that generate large amount of metrics which Service Monitor is not able to process.

Related Name

Default Value

true

API Name

process_should_monitor

Required

true

Process Start Retry Attempts

Description

Number of times to try starting a role's process when the process exits before the Start Wait Timeout period. After a process is running beyond the Start Wait Timeout, the retry count is reset. Setting this configuration to zero will prevent restart of the process during the Start Wait Timeout period.

Related Name

Default Value

3

API Name

process_start_retries

Required

false

Process Start Wait Timeout

Description

The time in seconds to wait for a role's process to start successfully on a host. Processes which exit/crash before this time will be restarted until reaching the limit specified by the Start Retry Attempts count parameter. Setting this configuration to zero will turn off this feature.

Related Name

Default Value

20

API Name

process_start_secs

Required

false

Ranger Usersync Environment Advanced Configuration Snippet (Safety Valve)

Description

For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of this role except client configuration.

Related Name

Default Value

API Name

RANGER_USERSYNC_role_env_safety_valve

Required

false

Ranger Usersync Log Directory

Description

The log directory for log files of the role Ranger Usersync.

Related Name

ranger.usersync.logdir

Default Value

/var/log/ranger/usersync

API Name

log_dir

Required

false

Ranger Usersync Logging Threshold

Description

The minimum log level for Ranger Usersync logs

Related Name

Default Value

INFO

API Name

log_threshold

Required

false

Ranger Usersync Maximum Log File Backups

Description

The maximum number of rolled log files to keep for Ranger Usersync logs. Typically used by log4j or logback.

Related Name

Default Value

10

API Name

max_log_backup_index

Required

false

Ranger Usersync Max Log Size

Description

The maximum size, in megabytes, per log file for Ranger Usersync logs. Typically used by log4j or logback.

Related Name

Default Value

200 MiB

API Name

max_log_size

Required

false

Enable Health Alerts for this Role

Description

When set, Cloudera Manager will send alerts when the health of this role reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold

Related Name

Default Value

true

API Name

enable_alerts

Required

false

Enable Configuration Change Alerts

Description

When set, Cloudera Manager will send alerts when this entity's configuration changes.

Related Name

Default Value

false

API Name

enable_config_alerts

Required

false

Log Directory Free Space Monitoring Absolute Thresholds

Description

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory.

Related Name

Default Value

Warning: 10 GiB, Critical: 5 GiB

API Name

log_directory_free_space_absolute_thresholds

Required

false

Log Directory Free Space Monitoring Percentage Thresholds

Description

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory. Specified as a percentage of the capacity on that filesystem. This setting is not used if a Log Directory Free Space Monitoring Absolute Thresholds setting is configured.

Related Name

Default Value

Warning: Never, Critical: Never

API Name

log_directory_free_space_percentage_thresholds

Required

false

Metric Filter

Description

Defines a Metric Filter for this role. Cloudera Manager Agents will not send filtered metrics to the Service Monitor. Define the following fields:

• Health Test Metric Set - Select this parameter to collect only metrics required for health tests.
• Default Dashboard Metric Set - Select this parameter to collect only metrics required for the default dashboards. For user-defined charts, you must add the metrics you require for the chart using the Custom Metrics parameter.
• Include/Exclude Custom Metrics - Select Include to specify metrics that should be collected. Select Exclude to specify metrics that should not be collected. Enter the metric names to be included or excluded using the Metric Name parameter.
• Metric Name - The name of a metric that will be included or excluded during metric collection.

If you do not select Health Test Metric Set or Default Dashboard Metric Set, or specify metrics by name, metric filtering will be turned off (this is the default behavior).For example, the following configuration enables the collection of metrics required for Health Tests and the jvm_heap_used_mb metric:

• Include only Health Test Metric Set: Selected.
• Include/Exclude Custom Metrics: Set to Include.
• Metric Name: jvm_heap_used_mb

You can also view the JSON representation for this parameter by clicking View as JSON. In this example, the JSON looks like this:{ "includeHealthTestMetricSet": true, "filterType": "whitelist", "metrics": ["jvm_heap_used_mb"] }

Related Name

Default Value

API Name

monitoring_metric_filter

Required

false

Swap Memory Usage Rate Thresholds

Description

The health test thresholds on the swap memory usage rate of the process. Specified as the change of the used swap memory during the predefined period.

Related Name

Default Value

Warning: Never, Critical: Never

API Name

process_swap_memory_rate_thresholds

Required

false

Swap Memory Usage Rate Window

Description

The period to review when computing unexpected swap memory usage change of the process.

Related Name

common.process.swap_memory_rate_window

Default Value

5 minute(s)

API Name

process_swap_memory_rate_window

Required

false

Process Swap Memory Thresholds

Description

The health test thresholds on the swap memory usage of the process. This takes precedence over the host level threshold.

Related Name

Default Value

Warning: 200 B, Critical: Never

API Name

process_swap_memory_thresholds

Required

false

File Descriptor Monitoring Thresholds

Description

The health test thresholds of the number of file descriptors used. Specified as a percentage of file descriptor limit.

Related Name

Default Value

Warning: 50.0 %, Critical: 70.0 %

API Name

ranger_usersync_fd_thresholds

Required

false

Ranger Usersync Host Health Test

Description

When computing the overall Ranger Usersync health, consider the host's health.

Related Name

Default Value

true

API Name

ranger_usersync_host_health_enabled

Required

false

Ranger Usersync Process Health Test

Description

Enables the health test that the Ranger Usersync's process state is consistent with the role configuration

Related Name

Default Value

true

API Name

ranger_usersync_scm_health_enabled

Required

false

Role Triggers

Description

The configured triggers for this role. This is a JSON-formatted list of triggers. These triggers are evaluated as part as the health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has the following fields:

• triggerName (mandatory) - The name of the trigger. This value must be unique for the specific role.
• triggerExpression (mandatory) - A tsquery expression representing the trigger.
• streamThreshold (optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire.
• enabled (optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.
• expressionEditorConfig (optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger configured for a DataNode fires if the DataNode has more than 1500 file descriptors opened:[{"triggerName": "sample-trigger", "triggerExpression": "IF (SELECT fd_open WHERE roleName=$ROLENAME and last(fd_open) > 1500) DO health:bad", "streamThreshold": 0, "enabled": "true"}]See the trigger rules documentation for more details on how to write triggers using tsquery.The JSON format is evolving and may change and, as a result, backward compatibility is not guaranteed between releases.

Related Name

Default Value

[]

API Name

role_triggers

Required

true

Unexpected Exits Thresholds

Description

The health test thresholds for unexpected exits encountered within a recent period specified by the unexpected_exits_window configuration for the role.

Related Name

Default Value

Warning: Never, Critical: Any

API Name

unexpected_exits_thresholds

Required

false

Unexpected Exits Monitoring Period

Description

The period to review when computing unexpected exits.

Related Name

Default Value

5 minute(s)

API Name

unexpected_exits_window

Required

false

Graceful Shutdown Timeout

Description

The timeout in milliseconds to wait for graceful shutdown to complete.

Related Name

Default Value

18 second(s)

API Name

graceful_stop_timeout

Required

false

Enable Ranger Usersync Cookie Authentication

Description

Enable cookie-based authentication for requests going from Ranger Usersync to Ranger Admin.

Related Name

ranger.usersync.cookie.enabled

Default Value

true

API Name

ranger.usersync.cookie.enabled

Required

false

Enable User Sync

Description

Should users and groups be synchronized to Ranger Database? Required to setup Ranger policies.

Related Name

ranger.usersync.enabled

Default Value

true

API Name

ranger.usersync.enabled

Required

false

Usersync Filesource File Name

Description

Path to the file with the users and groups information. Only used when Usersync Sync Source is set to "org.apache.ranger.unixusersync.process.FileSourceUserGroupBuilder". Example: /tmp/usergroup.json or /tmp/usergroup.csv or /tmp/usergroup.txt

Related Name

ranger.usersync.filesource.file

Default Value

API Name

ranger.usersync.filesource.file

Required

false

Usersync Filesource Delimiter

Description

Delimiter used in file, if File based user sync is used

Related Name

ranger.usersync.filesource.text.delimiter

Default Value

,

API Name

ranger.usersync.filesource.text.delimiter

Required

false

Ranger Usersync Group Based Role Assignment Rules

Description

The parameter is used to assign roles to users and groups synced in Ranger Admin. Based on the given values specified in the above delimiter parameters, Ranger Usersync will parse the value specified in this parameter and sync users and groups along with roles given.

Related Name

ranger.usersync.group.based.role.assignment.rules

Default Value

API Name

ranger.usersync.group.based.role.assignment.rules

Required

false

Usersync Group Member Attribute

Description

LDAP group member attribute name. Example: member

Related Name

ranger.usersync.group.memberattributename

Default Value

API Name

ranger.usersync.group.memberattributename

Required

false

Usersync Group Name Attribute

Description

LDAP group name attribute. Example: cn

Related Name

ranger.usersync.group.nameattribute

Default Value

API Name

ranger.usersync.group.nameattribute

Required

false

Usersync Group Object Class

Description

LDAP Group object class. Example: group

Related Name

ranger.usersync.group.objectclass

Default Value

API Name

ranger.usersync.group.objectclass

Required

false

Usersync Enable Group Search First

Description

Enable Group Search First.

Related Name

ranger.usersync.group.search.first.enabled

Default Value

false

API Name

ranger.usersync.group.search.first.enabled

Required

false

Usersync Group Search Base

Description

Search base for groups. Sample value would be ou=groups,dc=hadoop,dc=apache,dc=org. The parameter overrides value specified in ranger.usersync.ldap.searchBase, ranger.usersync.ldap.user.searchbase. If a value is not specified, takes the value of ranger.usersync.ldap.searchBase. If ranger.usersync.ldap.searchBase is also not specified, takes the value of ranger.usersync.ldap.user.searchbase. Multiple Ous can be configured with ; (semicolon) separated eg: ou=groups,DC=example,DC=com;ou=group1,ou=group2

Related Name

ranger.usersync.group.searchbase

Default Value

API Name

ranger.usersync.group.searchbase

Required

false

Usersync Enable Group Sync

Description

Whether Usersync should use ldapsearch to find groups instead of relying on user entry attributes.

Related Name

ranger.usersync.group.searchenabled

Default Value

true

API Name

ranger.usersync.group.searchenabled

Required

false

Usersync Group Search Filter

Description

Optional additional filter constraining the groups selected for syncing. A sample value would be (dept=eng)

Related Name

ranger.usersync.group.searchfilter

Default Value

API Name

ranger.usersync.group.searchfilter

Required

false

Usersync Group Search Scope

Description

Search scope for the groups. Value "base" indicates that only the entry specified as the search base in ranger.usersync.group.searchbase should be considered. One "indicates" that only the immediate children of the entry specified as the search base in ranger.usersync.group.searchbase should be considered. "Sub" indicates that the entry specified as the search base in ranger.usersync.group.searchbase, and all of its subordinates to any depth, should be considered.

Related Name

ranger.usersync.group.searchscope

Default Value

sub

API Name

ranger.usersync.group.searchscope

Required

false

Usersync Group Usermap Sync

Description

Whether to sync all groups for a user.

Related Name

ranger.usersync.group.usermapsyncenabled

Default Value

true

API Name

ranger.usersync.group.usermapsyncenabled

Required

false

Usersync Bind User

Description

Full distinguished name (DN), including common name (CN), of an LDAP user account that has privileges to search for users. This user is used for searching the users. This could be read-only LDAP user. Example: cn=admin,dc=example,dc=com

Related Name

ranger.usersync.ldap.binddn

Default Value

API Name

ranger.usersync.ldap.binddn

Required

false

Usersync Incremental Sync

Description

Enable Incremental Sync.

Related Name

ranger.usersync.ldap.deltasync

Default Value

true

API Name

ranger.usersync.ldap.deltasync

Required

false

Usersync Group Hierarchy Levels

Description

Levels of LDAP directory tree where the groups need to be searched.

Related Name

ranger.usersync.ldap.grouphierarchylevels

Default Value

0

API Name

ranger.usersync.ldap.grouphierarchylevels

Required

false

Usersync Groupname Case Conversion

Description

Used for converting syncing groups to the selected case conversion.

Related Name

ranger.usersync.ldap.groupname.caseconversion

Default Value

none

API Name

ranger.usersync.ldap.groupname.caseconversion

Required

false

Usersync Referral

Description

Set to follow if multiple LDAP/AD servers are configured to return continuation references for results. Set to ignore if no referrals should be followed. When this parameter is set to throw, all of the normal entries are returned in the enumeration first, before the ReferralException is thrown.

Related Name

ranger.usersync.ldap.referral

Default Value

ignore

API Name

ranger.usersync.ldap.referral

Required

false

Usersync Search Base

Description

Search base for users and groups. Sample value would be dc=hadoop,dc=apache,dc=org.Multiple Ous can be configured with ; (semicolon) separated.

Related Name

ranger.usersync.ldap.searchBase

Default Value

API Name

ranger.usersync.ldap.searchBase

Required

false

Usersync Enable STARTTLS

Description

Enable LDAP STARTTLS.

Related Name

ranger.usersync.ldap.starttls

Default Value

false

API Name

ranger.usersync.ldap.starttls

Required

false

Usersync LDAP/AD URL

Description

LDAP server URL. Example: value = ldap://localhost:389 or ldaps://localhost:636

Related Name

ranger.usersync.ldap.url

Default Value

API Name

ranger.usersync.ldap.url

Required

false

Usersync User Group Name Attribute

Description

LDAP user group name attribute. Generally it is the same as username attribute. Example: sAMAccountName in AD, uid or cn in OpenLDAP

Related Name

ranger.usersync.ldap.user.groupnameattribute

Default Value

API Name

ranger.usersync.ldap.user.groupnameattribute

Required

false

Usersync User Name Attribute

Description

LDAP user name attribute. Example: sAMAccountName in AD, uid or cn in OpenLDAP

Related Name

ranger.usersync.ldap.user.nameattribute

Default Value

API Name

ranger.usersync.ldap.user.nameattribute

Required

false

Usersync User Object Class

Description

LDAP User Object Class. Example: person or user

Related Name

ranger.usersync.ldap.user.objectclass

Default Value

API Name

ranger.usersync.ldap.user.objectclass

Required

false

Usersync User Search Base

Description

Search base for users. Sample value would be ou=users,dc=hadoop,dc=apache,dc=org. Overrides value specified in ranger.usersync.ldap.searchBase. Multiple Ous can be configured with ; (semicolon) separated eg: cn=users,dc=example,dc=com;ou=example1,ou=example2

Related Name

ranger.usersync.ldap.user.searchbase

Default Value

API Name

ranger.usersync.ldap.user.searchbase

Required

false

Usersync User Search Filter

Description

Optional additional filter constraining the users selected for syncing. A sample value would be (dept=eng). Customize the value to suit your deployment.

Related Name

ranger.usersync.ldap.user.searchfilter

Default Value

API Name

ranger.usersync.ldap.user.searchfilter

Required

false

Usersync User Search Scope

Description

Search scope for the users. Value "base" indicates that only the entry specified as the search base in ranger.usersync.ldap.user.searchbase should be considered. "One" indicates that only the immediate children of the entry specified as the search base in ranger.usersync.ldap.user.searchbase should be considered. "Sub" indicates that the entry specified as the search base in ranger.usersync.ldap.user.searchbase, and all of its subordinates to any depth, should be considered.

Related Name

ranger.usersync.ldap.user.searchscope

Default Value

sub

API Name

ranger.usersync.ldap.user.searchscope

Required

false

Usersync Username Case Conversion

Description

Used for converting syncing users to the selected case conversion.

Related Name

ranger.usersync.ldap.username.caseconversion

Default Value

none

API Name

ranger.usersync.ldap.username.caseconversion

Required

false

Enable Results to be Paged for User/Group Request

Description

Whether results can be paged for User/Group requests.

Related Name

ranger.usersync.pagedresultsenabled

Default Value

true

API Name

ranger.usersync.pagedresultsenabled

Required

false

User/Group Request Page size.

Description

Enter Page size for User/Group Request.

Related Name

ranger.usersync.pagedresultssize

Default Value

500

API Name

ranger.usersync.pagedresultssize

Required

false

Maximum Records Per API Call

Description

Maximum number of records to be returned per API call.

Related Name

ranger.usersync.policymanager.maxrecordsperapicall

Default Value

1000

API Name

ranger.usersync.policymanager.maxrecordsperapicall

Required

true

Ranger Usersync Policymgr Username

Description

Ranger Usersync username in Ranger Admin.

Related Name

ranger.usersync.policymgr.username

Default Value

rangerusersync

API Name

ranger.usersync.policymgr.username

Required

false

Ranger Usersync Unix Service Port

Description

Port for Unix authentication service.

Related Name

ranger.usersync.port

Default Value

5151

API Name

ranger.usersync.port

Required

true

Ranger Usersync Role Assignment List Delimiter

Description

The parameter is used to specify delimiter while syncing roles to users and groups in Ranger Admin. It is a delimiter for roles. Example - "ROLE_SYS_ADMIN:u:username1,username2&ROLE_KEY_ADMIN:g:groupname1", where ROLE_SYS_ADMIN and ROLE_KEY_ADMIN are roles in Ranger Admin separated by delimiter &. Note - All the delimiters parameters ranger.usersync.role.assignment.list.delimiter, ranger.usersync.users.groups.assignment.list.delimiter and ranger.usersync.username.groupname.assignment.list.delimiter should have different values. The delimiters should not contain characters that are allowed in username or groupname.

Related Name

ranger.usersync.role.assignment.list.delimiter

Default Value

&

API Name

ranger.usersync.role.assignment.list.delimiter

Required

false

Usersync Sleeptime interval

Description

Sleep time interval between user sync operations in milliseconds.

Related Name

ranger.usersync.sleeptimeinmillisbetweensynccycle

Default Value

1 minute(s) (for non-ldap sync sources)

60 minutes (for ldap sync sources)

API Name

ranger.usersync.sleeptimeinmillisbetweensynccycle

Required

false

Source for Syncing User and Groups

Description

For syncing from Ldap source, use "org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder". For syncing from Unix source, use "org.apache.ranger.unixusersync.process.UnixUserGroupBuilder". For syncing from File source, use "org.apache.ranger.unixusersync.process.FileSourceUserGroupBuilder"

Related Name

ranger.usersync.source.impl.class

Default Value

org.apache.ranger.unixusersync.process.UnixUserGroupBuilder

API Name

ranger.usersync.source.impl.class

Required

true

Ranger Usersync Unix Backend

Description

The backend mechanism to read users and groups from a UNIX system. The value is applicable only on UNIX-based systems.

Related Name

ranger.usersync.unix.backend

Default Value

nss

API Name

ranger.usersync.unix.backend

Required

false

Usersync UNIX Minimum User ID

Description

Minimum User ID to start syncing. This should be set to avoid syncing of UNIX system-level users in the Ranger Admin.

Related Name

ranger.usersync.unix.minUserId

Default Value

500

API Name

ranger.usersync.unix.minUserId

Required

false

Usersync Enable User Search

Description

Enable User Search, when ranger.usersync.group.search.first.enabled is set to true.

Related Name

ranger.usersync.user.searchenabled

Default Value

false

API Name

ranger.usersync.user.searchenabled

Required

false

Ranger Usersync Username Groupname Assignment List Delimiter

Description

The parameter is used to specify a delimiter while syncing users and groups in Ranger Admin. Used as a delimiter to differentiate between two or more users and groups. Example - "ROLE_SYS_ADMIN:u:username1,username2", where username1 and username2 are separated by ,. Note - All the delimiters parameters ranger.usersync.role.assignment.list.delimiter, ranger.usersync.users.groups.assignment.list.delimiter and ranger.usersync.username.groupname.assignment.list.delimiter should have different values. The delimiters should not contain characters that are allowed in username or groupname.

Related Name

ranger.usersync.username.groupname.assignment.list.delimiter

Default Value

,

API Name

ranger.usersync.username.groupname.assignment.list.delimiter

Required

false

Ranger Usersync User Groups Assignment List Delimiter

Description

The parameter is used to specify delimiter while syncing users and groups along with specified roles in Ranger Admin. It is a delimiter to differentiate between users and groups from respective roles. Example - "ROLE_SYS_ADMIN:u:username1,username2&ROLE_SYS_ADMIN:g:groupname1,groupname2", where ROLE_SYS_ADMIN is a role. "u" is used to denote the list of users followed by actual usernames which are username1 and username2. While "g" is used to denote the list of groups followed by actual groupnames which are groupname1 and groupname2. Note - All the delimiters parameters ranger.usersync.role.assignment.list.delimiter, ranger.usersync.users.groups.assignment.list.delimiter and ranger.usersync.username.groupname.assignment.list.delimiter should have different values. The delimiters should not contain characters that are allowed in username or groupname.

Related Name

ranger.usersync.users.groups.assignment.list.delimiter

Default Value

:

API Name

ranger.usersync.users.groups.assignment.list.delimiter

Required

false

Ranger Usersync Conf Path

Description

Staging directory for Ranger Usersync Configuration. This should generally not be changed.

Related Name

ranger_usersync_conf_path

Default Value

/etc/ranger/usersync

API Name

ranger_usersync_conf_path

Required

true

Usersync Bind User Password

Description

Password for the LDAP bind user used for searching users.

Related Name

ranger.usersync.ldap.ldapbindpassword

Default Value

API Name

ranger_usersync_ldap_ldapbindpassword

Required

false

Ranger Usersync Max Heapsize

Description

Maximum size for the Java Process heap. Passed to Java -Xmx. Measured in megabytes.

Related Name

ranger_usersync_max_heap_size

Default Value

1 GiB

API Name

ranger_usersync_max_heap_size

Required

true

Maximum Process File Descriptors

Description

If configured, overrides the process soft and hard rlimits (also called ulimits) for file descriptors to the configured value.

Related Name

Default Value

API Name

rlimit_fds

Required

false

Cgroup CPU Shares

Description

Number of CPU shares to assign to this role. The greater the number of shares, the larger the share of the host's CPUs that will be given to this role when the host experiences CPU contention. Must be between 2 and 262144. Defaults to 1024 for processes not managed by Cloudera Manager.

Related Name

cpu.shares

Default Value

1024

API Name

rm_cpu_shares

Required

true

Custom Control Group Resources (overrides Cgroup settings)

Description

Custom control group resources to assign to this role, which will be enforced by the Linux kernel. These resources should exist on the target hosts, otherwise an error will occur when the process starts. Use the same format as used for arguments to the cgexec command: resource1,resource2:path1 or resource3:path2 For example: 'cpu,memory:my/path blkio:my2/path2' ***These settings override other cgroup settings.***

Related Name

custom.cgroups

Default Value

API Name

rm_custom_resources

Required

false

Cgroup I/O Weight

Description

Weight for the read I/O requests issued by this role. The greater the weight, the higher the priority of the requests when the host experiences I/O contention. Must be between 100 and 1000. Defaults to 1000 for processes not managed by Cloudera Manager.

Related Name

blkio.weight

Default Value

500

API Name

rm_io_weight

Required

true

Cgroup Memory Hard Limit

Description

Hard memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'

Related Name

memory.limit_in_bytes

Default Value

-1 MiB

API Name

rm_memory_hard_limit

Required

true

Cgroup Memory Soft Limit

Description

Soft memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages charged to the process if and only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'

Related Name

memory.soft_limit_in_bytes

Default Value

-1 MiB

API Name

rm_memory_soft_limit

Required

true

Ranger Usersync TLS/SSL Trust Store File

Description

The location on disk of the trust store, in .jks format, used to confirm the authenticity of TLS/SSL servers that Ranger Usersync might connect to. This trust store must contain the certificate(s) used to sign the service(s) connected to. If this parameter is not provided, the default list of well-known certificate authorities is used instead.

Related Name

ranger.usersync.truststore.file

Default Value

API Name

ssl_client_truststore_location

Required

false

Ranger Usersync TLS/SSL Trust Store Password

Description

The password for the Ranger Usersync TLS/SSL Trust Store File. This password is not required to access the trust store; this field can be left blank. This password provides optional integrity checking of the file. The contents of trust stores are certificates, and certificates are public information.

Related Name

ranger.usersync.truststore.password

Default Value

API Name

ssl_client_truststore_password

Required

false

Stacks Collection Data Retention

Description

The amount of stacks data that is retained. After the retention limit is reached, the oldest data is deleted.

Related Name

stacks_collection_data_retention

Default Value

100 MiB

API Name

stacks_collection_data_retention

Required

false

Stacks Collection Directory

Description

The directory in which stacks logs are placed. If not set, stacks are logged into a stacks subdirectory of the role's log directory. If this directory already exists, it will be owned by the current role user with 755 permissions. Sharing the same directory among multiple roles will cause an ownership race.

Related Name

stacks_collection_directory

Default Value

API Name

stacks_collection_directory

Required

false

Stacks Collection Enabled

Description

Whether or not periodic stacks collection is enabled.

Related Name

stacks_collection_enabled

Default Value

false

API Name

stacks_collection_enabled

Required

true

Stacks Collection Frequency

Description

The frequency with which stacks are collected.

Related Name

stacks_collection_frequency

Default Value

5.0 second(s)

API Name

stacks_collection_frequency

Required

false

Stacks Collection Method

Description

The method used to collect stacks. The jstack option involves periodically running the jstack command against the role's daemon process. The servlet method is available for those roles that have an HTTP server endpoint exposing the current stacks traces of all threads. When the servlet method is selected, that HTTP endpoint is periodically scraped.

Related Name

stacks_collection_method

Default Value

jstack

API Name

stacks_collection_method

Required

false

Suppress Configuration Validator: CDH Version Validator

Description

Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_cdh_version_validator

Required

true

Suppress Parameter Validation: Ranger Usersync Advanced Configuration Snippet (Safety Valve) for conf/ranger-ugsync-site.xml

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync Advanced Configuration Snippet (Safety Valve) for conf/ranger-ugsync-site.xml parameter.

Related Name

Default Value

false

API Name

role_config_suppression_conf/ranger-ugsync-site.xml_role_safety_valve

Required

true

Suppress Parameter Validation: Ranger Usersync Logging Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync Logging Advanced Configuration Snippet (Safety Valve) parameter.

Related Name

Default Value

false

API Name

role_config_suppression_log4j_safety_valve

Required

true

Suppress Parameter Validation: Ranger Usersync Log Directory

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync Log Directory parameter.

Related Name

Default Value

false

API Name

role_config_suppression_log_dir

Required

true

Suppress Parameter Validation: Heap Dump Directory

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Heap Dump Directory parameter.

Related Name

Default Value

false

API Name

role_config_suppression_oom_heap_dump_dir

Required

true

Suppress Parameter Validation: Usersync Filesource File Name

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync Filesource File Name parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.filesource.file

Required

true

Suppress Parameter Validation: Usersync Filesource Delimiter

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync Filesource Delimiter parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.filesource.text.delimiter

Required

true

Suppress Parameter Validation: Ranger Usersync Group Based Role Assignment Rules

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync Group Based Role Assignment Rules parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.based.role.assignment.rules

Required

true

Suppress Parameter Validation: Usersync Group Member Attribute

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync Group Member Attribute parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.memberattributename

Required

true

Suppress Parameter Validation: Usersync Group Name Attribute

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync Group Name Attribute parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.nameattribute

Required

true

Suppress Parameter Validation: Usersync Group Object Class

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync Group Object Class parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.objectclass

Required

true

Suppress Parameter Validation: Usersync Group Search Base

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync Group Search Base parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.searchbase

Required

true

Suppress Parameter Validation: Usersync Group Search Filter

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync Group Search Filter parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.searchfilter

Required

true

Suppress Parameter Validation: Usersync Bind User

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync Bind User parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.binddn

Required

true

Suppress Parameter Validation: Usersync Search Base

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync Search Base parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.searchbase

Required

true

Suppress Parameter Validation: Usersync LDAP/AD URL

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync LDAP/AD URL parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.url

Required

true

Suppress Parameter Validation: Usersync User Group Name Attribute

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync User Group Name Attribute parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.user.groupnameattribute

Required

true

Suppress Parameter Validation: Usersync User Name Attribute

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync User Name Attribute parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.user.nameattribute

Required

true

Suppress Parameter Validation: Usersync User Object Class

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync User Object Class parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.user.objectclass

Required

true

Suppress Parameter Validation: Usersync User Search Base

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync User Search Base parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.user.searchbase

Required

true

Suppress Parameter Validation: Usersync User Search Filter

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync User Search Filter parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.user.searchfilter

Required

true

Suppress Parameter Validation: Ranger Usersync Policymgr Username

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync Policymgr Username parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.policymgr.username

Required

true

Suppress Parameter Validation: Ranger Usersync Unix Service Port

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync Unix Service Port parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.port

Required

true

Suppress Parameter Validation: Ranger Usersync Role Assignment List Delimiter

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync Role Assignment List Delimiter parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.role.assignment.list.delimiter

Required

true

Suppress Parameter Validation: Ranger Usersync Username Groupname Assignment List Delimiter

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync Username Groupname Assignment List Delimiter parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.username.groupname.assignment.list.delimiter

Required

true

Suppress Parameter Validation: Ranger Usersync User Groups Assignment List Delimiter

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync User Groups Assignment List Delimiter parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.users.groups.assignment.list.delimiter

Required

true

Suppress Parameter Validation: Ranger Usersync Conf Path

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync Conf Path parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_usersync_conf_path

Required

true

Suppress Parameter Validation: Usersync Bind User Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Usersync Bind User Password parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_usersync_ldap_ldapbindpassword

Required

true

Suppress Parameter Validation: Ranger Usersync Max Heapsize

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync Max Heapsize parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_usersync_max_heap_size

Required

true

Suppress Parameter Validation: Ranger Usersync Environment Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync Environment Advanced Configuration Snippet (Safety Valve) parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_usersync_role_env_safety_valve

Required

true

Suppress Parameter Validation: Custom Control Group Resources (overrides Cgroup settings)

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Control Group Resources (overrides Cgroup settings) parameter.

Related Name

Default Value

false

API Name

role_config_suppression_rm_custom_resources

Required

true

Suppress Parameter Validation: Role Triggers

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Triggers parameter.

Related Name

Default Value

false

API Name

role_config_suppression_role_triggers

Required

true

Suppress Parameter Validation: Ranger Usersync TLS/SSL Trust Store File

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync TLS/SSL Trust Store File parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_client_truststore_location

Required

true

Suppress Parameter Validation: Ranger Usersync TLS/SSL Trust Store Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync TLS/SSL Trust Store Password parameter.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_client_truststore_password

Required

true

Suppress Parameter Validation: Stacks Collection Directory

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Stacks Collection Directory parameter.

Related Name

Default Value

false

API Name

role_config_suppression_stacks_collection_directory

Required

true

Suppress Health Test: Audit Pipeline Test

Description

Whether to suppress the results of the Audit Pipeline Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_usersync_audit_health

Required

true

Suppress Health Test: File Descriptors

Description

Whether to suppress the results of the File Descriptors heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_usersync_file_descriptor

Required

true

Suppress Health Test: Host Health

Description

Whether to suppress the results of the Host Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_usersync_host_health

Required

true

Suppress Health Test: Log Directory Free Space

Description

Whether to suppress the results of the Log Directory Free Space heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_usersync_log_directory_free_space

Required

true

Suppress Health Test: Process Status

Description

Whether to suppress the results of the Process Status heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_usersync_scm_health

Required

true

Suppress Health Test: Swap Memory Usage

Description

Whether to suppress the results of the Swap Memory Usage heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_usersync_swap_memory_usage

Required

true

Suppress Health Test: Swap Memory Usage Rate Beta

Description

Whether to suppress the results of the Swap Memory Usage Rate Beta heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_usersync_swap_memory_usage_rate

Required

true

Suppress Health Test: Unexpected Exits

Description

Whether to suppress the results of the Unexpected Exits heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

role_health_suppression_ranger_ranger_usersync_unexpected_exits

Required

true

System Group

Description

The group that this service's processes should run as.

Related Name

Default Value

ranger

API Name

process_groupname

Required

true

System User

Description

The user that this service's processes should run as.

Related Name

Default Value

ranger

API Name

process_username

Required

true

Ranger Service Environment Advanced Configuration Snippet (Safety Valve)

Description

For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of all roles in this service except client configuration.

Related Name

Default Value

API Name

RANGER_service_env_safety_valve

Required

false

Enable Service Level Health Alerts

Description

When set, Cloudera Manager will send alerts when the health of this service reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold

Related Name

Default Value

true

API Name

enable_alerts

Required

false

Enable Configuration Change Alerts

Description

When set, Cloudera Manager will send alerts when this entity's configuration changes.

Related Name

Default Value

false

API Name

enable_config_alerts

Required

false

Healthy Ranger Admin Monitoring Thresholds

Description

The health test thresholds of the overall Ranger Admin health. The check returns "Concerning" health if the percentage of "Healthy" Ranger Admins falls below the warning threshold. The check is unhealthy if the total percentage of "Healthy" and "Concerning" Ranger Admins falls below the critical threshold.

Related Name

Default Value

Warning: 99.0 %, Critical: 49.0 %

API Name

RANGER_RANGER_ADMIN_healthy_thresholds

Required

false

Ranger Tagsync Role Health Test

Description

When computing the overall RANGER health, consider Ranger Tagsync's health

Related Name

Default Value

true

API Name

RANGER_RANGER_TAGSYNC_health_enabled

Required

false

Ranger Usersync Role Health Test

Description

When computing the overall RANGER health, consider Ranger Usersync's health

Related Name

Default Value

true

API Name

RANGER_RANGER_USERSYNC_health_enabled

Required

false

Service Triggers

Description

The configured triggers for this service. This is a JSON-formatted list of triggers. These triggers are evaluated as part as the health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has the following fields:

• triggerName (mandatory) - The name of the trigger. This value must be unique for the specific service.
• triggerExpression (mandatory) - A tsquery expression representing the trigger.
• streamThreshold (optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire.
• enabled (optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.
• expressionEditorConfig (optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger fires if there are more than 10 DataNodes with more than 500 file descriptors opened:[{"triggerName": "sample-trigger", "triggerExpression": "IF (SELECT fd_open WHERE roleType = DataNode and last(fd_open) > 500) DO health:bad", "streamThreshold": 10, "enabled": "true"}]See the trigger rules documentation for more details on how to write triggers using tsquery.The JSON format is evolving and may change and, as a result, backward compatibility is not guaranteed between releases.

Related Name

Default Value

[]

API Name

service_triggers

Required

true

Service Monitor Derived Configs Advanced Configuration Snippet (Safety Valve)

Description

For advanced use only, a list of derived configuration properties that will be used by the Service Monitor instead of the default ones.

Related Name

Default Value

API Name

smon_derived_configs_safety_valve

Required

false

HDFS Service

Description

Name of the HDFS service that this Ranger service instance depends on

Related Name

Default Value

API Name

hdfs_service

Required

true

Ranger KMS Keyadmin User Initial Password

Description

Password for the Ranger administrator, whose login name is "keyadmin". The password should be minimum 8 characters long, with at least one alphabetic and one numeric character. The following characters are invalid: " ' \ ` ´. Note that this password is only used to setup Ranger in the cluster: any subsequent changes will not be effective. This password can be later changed from the Ranger Admin UI under the user profile page.

Related Name

keyadmin_user_password

Default Value

API Name

keyadmin_user_password

Required

true

Load Balancer Address

Description

Load Balancer Address used by clients to access Ranger Admin. Only required when Ranger Admin is running with High Availability. Example: http://load-balancer-host:load-balancer-port

Related Name

ranger.externalurl

Default Value

API Name

load_balancer_url

Required

false

Ranger Plugin DFS Audit Enabled

Description

Whether DFS audit is enabled.

Related Name

ranger_plugin_hdfs_audit_enabled

Default Value

true

API Name

ranger_plugin_hdfs_audit_enabled

Required

false

Ranger Plugin DFS Audit URL

Description

An absolute URL with no trailing slash should be entered, or leave the value empty. Allows setting up a centralized storage location for Ranger audits. This URL is used as the base for audit directories: all services plugging into Ranger will prepend this URL to their configured path used to store Ranger audits.

Related Name

ranger_plugin_hdfs_audit_url

Default Value

/ranger/audit

API Name

ranger_plugin_hdfs_audit_url

Required

false

Ranger Admin User Initial Password

Description

Password for the Ranger administrator, whose login name is "admin". The password should be minimum 8 characters long, with at least one alphabetic and one numeric character. The following characters are invalid: " ' \ ` ´. Note that this password is only used to setup Ranger in the cluster: any subsequent changes will not be effective. This password can be later changed from the Ranger Admin UI under the user profile page.

Related Name

rangeradmin_user_password

Default Value

API Name

rangeradmin_user_password

Required

true

Ranger Tagsync User Initial Password

Description

Password for the Ranger administrator, whose login name is "rangertagsync". The password should be minimum 8 characters long, with at least one alphabetic and one numeric character. The following characters are invalid: " ' \ ` ´. Note that this password is only used to setup Ranger in the cluster: any subsequent changes will not be effective. This password can be later changed from the Ranger Admin UI under the user profile page.

Related Name

rangertagsync_user_password

Default Value

API Name

rangertagsync_user_password

Required

true

Ranger Usersync User Initial Password

Description

Password for the Ranger administrator, whose login name is "rangerusersync". The password should be minimum 8 characters long, with at least one alphabetic and one numeric character. The following characters are invalid: " ' \ ` ´. Note that this password is only used to setup Ranger in the cluster: any subsequent changes will not be effective. This password can be later changed from the Ranger Admin UI under the user profile page.

Related Name

rangerusersync_user_password

Default Value

API Name

rangerusersync_user_password

Required

true

Solr Service

Description

Name of the Solr service that this Ranger service instance depends on

Related Name

Default Value

API Name

solr_service

Required

true

Admin HTTP Port

Description

HTTP Port for Ranger Admin.

Related Name

ranger.service.http.port

Default Value

6080

API Name

ranger_service_http_port

Required

true

Admin HTTPS port

Description

HTTPS Port for Ranger Admin. Only used when SSL is enabled for Ranger Admin.

Related Name

ranger.service.https.port

Default Value

6182

API Name

ranger_service_https_port

Required

true

Suppress Configuration Validator: Atlas Source: Kafka Consumer Group

Description

Whether to suppress configuration warnings produced by the Atlas Source: Kafka Consumer Group configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_atlas.kafka.entities.group.id

Required

true

Suppress Configuration Validator: CDH Version Validator

Description

Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_cdh_version_validator

Required

true

Suppress Configuration Validator: Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/atlas-application.properties

Description

Whether to suppress configuration warnings produced by the Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/atlas-application.properties configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_conf/atlas-application.properties_role_safety_valve

Required

true

Suppress Configuration Validator: Ranger Admin Advanced Configuration Snippet (Safety Valve) for conf/ranger-admin-site.xml

Description

Whether to suppress configuration warnings produced by the Ranger Admin Advanced Configuration Snippet (Safety Valve) for conf/ranger-admin-site.xml configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_conf/ranger-admin-site.xml_role_safety_valve

Required

true

Suppress Configuration Validator: Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/ranger-tagsync-policymgr-ssl.xml

Description

Whether to suppress configuration warnings produced by the Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/ranger-tagsync-policymgr-ssl.xml configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_conf/ranger-tagsync-policymgr-ssl.xml_role_safety_valve

Required

true

Suppress Configuration Validator: Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/ranger-tagsync-site.xml

Description

Whether to suppress configuration warnings produced by the Ranger Tagsync Advanced Configuration Snippet (Safety Valve) for conf/ranger-tagsync-site.xml configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_conf/ranger-tagsync-site.xml_role_safety_valve

Required

true

Suppress Configuration Validator: Ranger Usersync Advanced Configuration Snippet (Safety Valve) for conf/ranger-ugsync-site.xml

Description

Whether to suppress configuration warnings produced by the Ranger Usersync Advanced Configuration Snippet (Safety Valve) for conf/ranger-ugsync-site.xml configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_conf/ranger-ugsync-site.xml_role_safety_valve

Required

true

Suppress Configuration Validator: Ranger Admin Logging Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the Ranger Admin Logging Advanced Configuration Snippet (Safety Valve) configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_log4j_safety_valve

Required

true

Suppress Configuration Validator: Ranger Admin Log Directory

Description

Whether to suppress configuration warnings produced by the Ranger Admin Log Directory configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_log_dir

Required

true

Suppress Configuration Validator: Heap Dump Directory

Description

Whether to suppress configuration warnings produced by the Heap Dump Directory configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_oom_heap_dump_dir

Required

true

Suppress Configuration Validator: Exclude Users from Audit Access Tab

Description

Whether to suppress configuration warnings produced by the Exclude Users from Audit Access Tab configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.accesslogs.exclude.users.list

Required

true

Suppress Configuration Validator: Kerberos Cookie Path

Description

Whether to suppress configuration warnings produced by the Kerberos Cookie Path configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.admin.kerberos.cookie.path

Required

true

Suppress Configuration Validator: Default Policy Groups

Description

Whether to suppress configuration warnings produced by the Default Policy Groups configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.default.policy.groups

Required

true

Suppress Configuration Validator: Default Policy Users

Description

Whether to suppress configuration warnings produced by the Default Policy Users configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.default.policy.users

Required

true

Suppress Configuration Validator: Admin AD Auth Base DN

Description

Whether to suppress configuration warnings produced by the Admin AD Auth Base DN configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.ad.base.dn

Required

true

Suppress Configuration Validator: Admin AD Auth Bind DN

Description

Whether to suppress configuration warnings produced by the Admin AD Auth Bind DN configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.ad.bind.dn

Required

true

Suppress Configuration Validator: Admin AD Auth Domain Name

Description

Whether to suppress configuration warnings produced by the Admin AD Auth Domain Name configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.ad.domain

Required

true

Suppress Configuration Validator: Admin AD Auth URL

Description

Whether to suppress configuration warnings produced by the Admin AD Auth URL configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.ad.url

Required

true

Suppress Configuration Validator: Admin AD Auth User Search Filter

Description

Whether to suppress configuration warnings produced by the Admin AD Auth User Search Filter configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.ad.user.searchfilter

Required

true

Suppress Configuration Validator: Admin LDAP Auth Base DN

Description

Whether to suppress configuration warnings produced by the Admin LDAP Auth Base DN configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.base.dn

Required

true

Suppress Configuration Validator: Admin LDAP Auth Bind User

Description

Whether to suppress configuration warnings produced by the Admin LDAP Auth Bind User configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.bind.dn

Required

true

Suppress Configuration Validator: Admin LDAP Auth Group Role Attribute

Description

Whether to suppress configuration warnings produced by the Admin LDAP Auth Group Role Attribute configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.group.roleattribute

Required

true

Suppress Configuration Validator: Admin LDAP Auth Group Search Base

Description

Whether to suppress configuration warnings produced by the Admin LDAP Auth Group Search Base configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.group.searchbase

Required

true

Suppress Configuration Validator: Admin LDAP Auth Group Search Filter

Description

Whether to suppress configuration warnings produced by the Admin LDAP Auth Group Search Filter configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.group.searchfilter

Required

true

Suppress Configuration Validator: Admin LDAP Auth URL

Description

Whether to suppress configuration warnings produced by the Admin LDAP Auth URL configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.url

Required

true

Suppress Configuration Validator: Admin LDAP Auth User DN Pattern

Description

Whether to suppress configuration warnings produced by the Admin LDAP Auth User DN Pattern configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.user.dnpattern

Required

true

Suppress Configuration Validator: Admin LDAP Auth User Search Filter

Description

Whether to suppress configuration warnings produced by the Admin LDAP Auth User Search Filter configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.ldap.user.searchfilter

Required

true

Suppress Configuration Validator: SSO Browser Useragent

Description

Whether to suppress configuration warnings produced by the SSO Browser Useragent configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.sso.browser.useragent

Required

true

Suppress Configuration Validator: SSO Provider Url

Description

Whether to suppress configuration warnings produced by the SSO Provider Url configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.sso.providerurl

Required

true

Suppress Configuration Validator: SSO Public Key

Description

Whether to suppress configuration warnings produced by the SSO Public Key configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.sso.publickey

Required

true

Suppress Configuration Validator: Tag Service Name

Description

Whether to suppress configuration warnings produced by the Tag Service Name configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.tagservice.auto.name

Required

true

Suppress Configuration Validator: Capture Cluster name

Description

Whether to suppress configuration warnings produced by the Capture Cluster name configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.tagsync.atlas.default.cluster.name

Required

true

Suppress Configuration Validator: Ranger Tagsync Username

Description

Whether to suppress configuration warnings produced by the Ranger Tagsync Username configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.tagsync.dest.ranger.username

Required

true

Suppress Configuration Validator: File Source: Filename

Description

Whether to suppress configuration warnings produced by the File Source: Filename configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.tagsync.source.file.filename

Required

true

Suppress Configuration Validator: Admin UNIX Auth Service Hostname

Description

Whether to suppress configuration warnings produced by the Admin UNIX Auth Service Hostname configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.unixauth.service.hostname

Required

true

Suppress Configuration Validator: Admin Unix Auth Service Port

Description

Whether to suppress configuration warnings produced by the Admin Unix Auth Service Port configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.unixauth.service.port

Required

true

Suppress Configuration Validator: Usersync Filesource File Name

Description

Whether to suppress configuration warnings produced by the Usersync Filesource File Name configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.filesource.file

Required

true

Suppress Configuration Validator: Usersync Filesource Delimiter

Description

Whether to suppress configuration warnings produced by the Usersync Filesource Delimiter configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.filesource.text.delimiter

Required

true

Suppress Configuration Validator: Ranger Usersync Group Based Role Assignment Rules

Description

Whether to suppress configuration warnings produced by the Ranger Usersync Group Based Role Assignment Rules configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.based.role.assignment.rules

Required

true

Suppress Configuration Validator: Usersync Group Member Attribute

Description

Whether to suppress configuration warnings produced by the Usersync Group Member Attribute configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.memberattributename

Required

true

Suppress Configuration Validator: Usersync Group Name Attribute

Description

Whether to suppress configuration warnings produced by the Usersync Group Name Attribute configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.nameattribute

Required

true

Suppress Configuration Validator: Usersync Group Object Class

Description

Whether to suppress configuration warnings produced by the Usersync Group Object Class configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.objectclass

Required

true

Suppress Configuration Validator: Usersync Group Search Base

Description

Whether to suppress configuration warnings produced by the Usersync Group Search Base configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.searchbase

Required

true

Suppress Configuration Validator: Usersync Group Search Filter

Description

Whether to suppress configuration warnings produced by the Usersync Group Search Filter configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.group.searchfilter

Required

true

Suppress Configuration Validator: Usersync Bind User

Description

Whether to suppress configuration warnings produced by the Usersync Bind User configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.binddn

Required

true

Suppress Configuration Validator: Usersync Search Base

Description

Whether to suppress configuration warnings produced by the Usersync Search Base configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.searchbase

Required

true

Suppress Configuration Validator: Usersync LDAP/AD URL

Description

Whether to suppress configuration warnings produced by the Usersync LDAP/AD URL configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.url

Required

true

Suppress Configuration Validator: Usersync User Group Name Attribute

Description

Whether to suppress configuration warnings produced by the Usersync User Group Name Attribute configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.user.groupnameattribute

Required

true

Suppress Configuration Validator: Usersync User Name Attribute

Description

Whether to suppress configuration warnings produced by the Usersync User Name Attribute configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.user.nameattribute

Required

true

Suppress Configuration Validator: Usersync User Object Class

Description

Whether to suppress configuration warnings produced by the Usersync User Object Class configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.user.objectclass

Required

true

Suppress Configuration Validator: Usersync User Search Base

Description

Whether to suppress configuration warnings produced by the Usersync User Search Base configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.user.searchbase

Required

true

Suppress Configuration Validator: Usersync User Search Filter

Description

Whether to suppress configuration warnings produced by the Usersync User Search Filter configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.ldap.user.searchfilter

Required

true

Suppress Configuration Validator: Ranger Usersync Policymgr Username

Description

Whether to suppress configuration warnings produced by the Ranger Usersync Policymgr Username configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.policymgr.username

Required

true

Suppress Configuration Validator: Ranger Usersync Unix Service Port

Description

Whether to suppress configuration warnings produced by the Ranger Usersync Unix Service Port configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.port

Required

true

Suppress Configuration Validator: Ranger Usersync Role Assignment List Delimiter

Description

Whether to suppress configuration warnings produced by the Ranger Usersync Role Assignment List Delimiter configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.role.assignment.list.delimiter

Required

true

Suppress Configuration Validator: Ranger Usersync Username Groupname Assignment List Delimiter

Description

Whether to suppress configuration warnings produced by the Ranger Usersync Username Groupname Assignment List Delimiter configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.username.groupname.assignment.list.delimiter

Required

true

Suppress Configuration Validator: Ranger Usersync User Groups Assignment List Delimiter

Description

Whether to suppress configuration warnings produced by the Ranger Usersync User Groups Assignment List Delimiter configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger.usersync.users.groups.assignment.list.delimiter

Required

true

Suppress Configuration Validator: Ranger Admin Conf Path

Description

Whether to suppress configuration warnings produced by the Ranger Admin Conf Path configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_admin_conf_path

Required

true

Suppress Configuration Validator: Ranger Admin Max Heapsize

Description

Whether to suppress configuration warnings produced by the Ranger Admin Max Heapsize configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_admin_max_heap_size

Required

true

Suppress Configuration Validator: Ranger Admin Environment Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the Ranger Admin Environment Advanced Configuration Snippet (Safety Valve) configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_admin_role_env_safety_valve

Required

true

Suppress Configuration Validator: Ranger Database Host

Description

Whether to suppress configuration warnings produced by the Ranger Database Host configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_database_host

Required

true

Suppress Configuration Validator: Ranger Database Name

Description

Whether to suppress configuration warnings produced by the Ranger Database Name configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_database_name

Required

true

Suppress Configuration Validator: Ranger Database User Password

Description

Whether to suppress configuration warnings produced by the Ranger Database User Password configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_database_password

Required

true

Suppress Configuration Validator: Ranger Database User

Description

Whether to suppress configuration warnings produced by the Ranger Database User configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_database_user

Required

true

Suppress Configuration Validator: Admin AD Auth Bind Password

Description

Whether to suppress configuration warnings produced by the Admin AD Auth Bind Password configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_ldap_ad_bind_password

Required

true

Suppress Configuration Validator: Admin LDAP Auth Bind User Password

Description

Whether to suppress configuration warnings produced by the Admin LDAP Auth Bind User Password configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_ldap_bind_password

Required

true

Suppress Configuration Validator: Knox Proxy User Groups

Description

Whether to suppress configuration warnings produced by the Knox Proxy User Groups configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_proxyuser_knox_groups

Required

true

Suppress Configuration Validator: Knox Proxy User Hosts

Description

Whether to suppress configuration warnings produced by the Knox Proxy User Hosts configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_proxyuser_knox_hosts

Required

true

Suppress Configuration Validator: Knox Proxy User Users

Description

Whether to suppress configuration warnings produced by the Knox Proxy User Users configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_proxyuser_knox_users

Required

true

Suppress Configuration Validator: Ranger Tagsync Conf Path

Description

Whether to suppress configuration warnings produced by the Ranger Tagsync Conf Path configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_tagsync_conf_path

Required

true

Suppress Configuration Validator: Ranger Tagsync Max Heapsize

Description

Whether to suppress configuration warnings produced by the Ranger Tagsync Max Heapsize configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_tagsync_max_heap_size

Required

true

Suppress Configuration Validator: Ranger Tagsync Environment Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the Ranger Tagsync Environment Advanced Configuration Snippet (Safety Valve) configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_tagsync_role_env_safety_valve

Required

true

Suppress Configuration Validator: Ranger Tomcat Work Dir

Description

Whether to suppress configuration warnings produced by the Ranger Tomcat Work Dir configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_tomcat_work_dir

Required

true

Suppress Configuration Validator: Ranger Usersync Conf Path

Description

Whether to suppress configuration warnings produced by the Ranger Usersync Conf Path configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_usersync_conf_path

Required

true

Suppress Configuration Validator: Usersync Bind User Password

Description

Whether to suppress configuration warnings produced by the Usersync Bind User Password configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_usersync_ldap_ldapbindpassword

Required

true

Suppress Configuration Validator: Ranger Usersync Max Heapsize

Description

Whether to suppress configuration warnings produced by the Ranger Usersync Max Heapsize configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_usersync_max_heap_size

Required

true

Suppress Configuration Validator: Ranger Usersync Environment Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the Ranger Usersync Environment Advanced Configuration Snippet (Safety Valve) configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ranger_usersync_role_env_safety_valve

Required

true

Suppress Configuration Validator: Custom Control Group Resources (overrides Cgroup settings)

Description

Whether to suppress configuration warnings produced by the Custom Control Group Resources (overrides Cgroup settings) configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_rm_custom_resources

Required

true

Suppress Configuration Validator: Role Triggers

Description

Whether to suppress configuration warnings produced by the Role Triggers configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_role_triggers

Required

true

Suppress Configuration Validator: Ranger Admin TLS/SSL Trust Store File

Description

Whether to suppress configuration warnings produced by the Ranger Admin TLS/SSL Trust Store File configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_client_truststore_location

Required

true

Suppress Configuration Validator: Ranger Admin TLS/SSL Trust Store Password

Description

Whether to suppress configuration warnings produced by the Ranger Admin TLS/SSL Trust Store Password configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_client_truststore_password

Required

true

Suppress Configuration Validator: Ranger Admin TLS/SSL Server Keystore File Location

Description

Whether to suppress configuration warnings produced by the Ranger Admin TLS/SSL Server Keystore File Location configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_server_keystore_location

Required

true

Suppress Configuration Validator: Ranger Admin TLS/SSL Server Keystore File Password

Description

Whether to suppress configuration warnings produced by the Ranger Admin TLS/SSL Server Keystore File Password configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_ssl_server_keystore_password

Required

true

Suppress Configuration Validator: Stacks Collection Directory

Description

Whether to suppress configuration warnings produced by the Stacks Collection Directory configuration validator.

Related Name

Default Value

false

API Name

role_config_suppression_stacks_collection_directory

Required

true

Suppress Parameter Validation: Ranger KMS Keyadmin User Initial Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger KMS Keyadmin User Initial Password parameter.

Related Name

Default Value

false

API Name

service_config_suppression_keyadmin_user_password

Required

true

Suppress Parameter Validation: Load Balancer Address

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Load Balancer Address parameter.

Related Name

Default Value

false

API Name

service_config_suppression_load_balancer_url

Required

true

Suppress Parameter Validation: System Group

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the System Group parameter.

Related Name

Default Value

false

API Name

service_config_suppression_process_groupname

Required

true

Suppress Parameter Validation: System User

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the System User parameter.

Related Name

Default Value

false

API Name

service_config_suppression_process_username

Required

true

Suppress Configuration Validator: Ranger Admin Count Validator

Description

Whether to suppress configuration warnings produced by the Ranger Admin Count Validator configuration validator.

Related Name

Default Value

false

API Name

service_config_suppression_ranger_admin_count_validator

Required

true

Suppress Parameter Validation: Ranger Plugin DFS Audit URL

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Plugin DFS Audit URL parameter.

Related Name

Default Value

false

API Name

service_config_suppression_ranger_plugin_hdfs_audit_url

Required

true

Suppress Parameter Validation: Ranger Service Environment Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Service Environment Advanced Configuration Snippet (Safety Valve) parameter.

Related Name

Default Value

false

API Name

service_config_suppression_ranger_service_env_safety_valve

Required

true

Suppress Parameter Validation: Admin HTTP Port

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin HTTP Port parameter.

Related Name

Default Value

false

API Name

service_config_suppression_ranger_service_http_port

Required

true

Suppress Parameter Validation: Admin HTTPS port

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Admin HTTPS port parameter.

Related Name

Default Value

false

API Name

service_config_suppression_ranger_service_https_port

Required

true

Suppress Configuration Validator: Ranger Tagsync Count Validator

Description

Whether to suppress configuration warnings produced by the Ranger Tagsync Count Validator configuration validator.

Related Name

Default Value

false

API Name

service_config_suppression_ranger_tagsync_count_validator

Required

true

Suppress Configuration Validator: Ranger Usersync Count Validator

Description

Whether to suppress configuration warnings produced by the Ranger Usersync Count Validator configuration validator.

Related Name

Default Value

false

API Name

service_config_suppression_ranger_usersync_count_validator

Required

true

Suppress Parameter Validation: Ranger Admin User Initial Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Admin User Initial Password parameter.

Related Name

Default Value

false

API Name

service_config_suppression_rangeradmin_user_password

Required

true

Suppress Parameter Validation: Ranger Tagsync User Initial Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Tagsync User Initial Password parameter.

Related Name

Default Value

false

API Name

service_config_suppression_rangertagsync_user_password

Required

true

Suppress Parameter Validation: Ranger Usersync User Initial Password

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Usersync User Initial Password parameter.

Related Name

Default Value

false

API Name

service_config_suppression_rangerusersync_user_password

Required

true

Suppress Parameter Validation: Service Triggers

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Service Triggers parameter.

Related Name

Default Value

false

API Name

service_config_suppression_service_triggers

Required

true

Suppress Parameter Validation: Service Monitor Derived Configs Advanced Configuration Snippet (Safety Valve)

Description

Whether to suppress configuration warnings produced by the built-in parameter validation for the Service Monitor Derived Configs Advanced Configuration Snippet (Safety Valve) parameter.

Related Name

Default Value

false

API Name

service_config_suppression_smon_derived_configs_safety_valve

Required

true

Suppress Health Test: Ranger Admin Health

Description

Whether to suppress the results of the Ranger Admin Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

service_health_suppression_ranger_ranger_admin_healthy

Required

true

Suppress Health Test: Ranger Tagsync Health

Description

Whether to suppress the results of the Ranger Tagsync Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

service_health_suppression_ranger_ranger_ranger_tagsync_health

Required

true

Suppress Health Test: Ranger Usersync Health

Description

Whether to suppress the results of the Ranger Usersync Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

Related Name

Default Value

false

API Name

service_health_suppression_ranger_ranger_ranger_usersync_health

Required

true