Kafka Properties in Cloudera Runtime 7.3.1

Role groups:

Gateway

Advanced

Deploy Directory

Description: The directory where the client configs will be deployed
Related Name
Default Value: /etc/kafka
API Name: client_config_root_dir
Required: true

Kafka Client Advanced Configuration Snippet (Safety Valve) for kafka-conf/kafka-client.conf

Description: For advanced use only, a string to be inserted into the client configuration for kafka-conf/kafka-client.conf.
Related Name
Default Value
API Name: kafka-conf/kafka-client.conf_client_config_safety_valve
Required: false

Kafka Client Advanced Configuration Snippet (Safety Valve) for kafka-conf/kafka-ranger-repo.properties

Description: For advanced use only, a string to be inserted into the client configuration for kafka-conf/kafka-ranger-repo.properties.
Related Name
Default Value
API Name: kafka-conf/kafka-ranger-repo.properties_client_config_safety_valve
Required: false

Gateway Logging Advanced Configuration Snippet (Safety Valve)

Description: For advanced use only, a string to be inserted into log4j2.properties for this role only.
Related Name
Default Value
API Name: log4j_safety_valve
Required: false

Logs

Gateway Logging Threshold

Description: The minimum log level for Gateway logs
Related Name
Default Value: INFO
API Name: log_threshold
Required: false

Monitoring

Enable Configuration Change Alerts

Description: When set, Cloudera Manager will send alerts when this entity's configuration changes.
Related Name
Default Value: false
API Name: enable_config_alerts
Required: false

Other

Alternatives Priority

Description: The priority level that the client configuration will have in the Alternatives system on the hosts. Higher priority levels will cause Alternatives to prefer this configuration over any others.
Related Name
Default Value: 50
API Name: client_config_priority
Required: true

Suppressions

Suppress Configuration Validator: CDH Version Validator

Description: Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_cdh_version_validator
Required: true

Suppress Parameter Validation: Deploy Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Deploy Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_client_config_root_dir
Required: true

Suppress Parameter Validation: Kafka Client Advanced Configuration Snippet (Safety Valve) for kafka-conf/kafka-client.conf

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Client Advanced Configuration Snippet (Safety Valve) for kafka-conf/kafka-client.conf parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka-conf/kafka-client.conf_client_config_safety_valve
Required: true

Suppress Parameter Validation: Kafka Client Advanced Configuration Snippet (Safety Valve) for kafka-conf/kafka-ranger-repo.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Client Advanced Configuration Snippet (Safety Valve) for kafka-conf/kafka-ranger-repo.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka-conf/kafka-ranger-repo.properties_client_config_safety_valve
Required: true

Suppress Parameter Validation: Gateway Logging Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Gateway Logging Advanced Configuration Snippet (Safety Valve) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_log4j_safety_valve
Required: true

Kafka Broker

Advanced

Kafka Broker Advanced Configuration Snippet (Safety Valve) for atlas-application.properties

Description: For advanced use only. A string to be inserted into atlas-application.properties for this role only.
Related Name
Default Value
API Name: atlas-application.properties_role_safety_valve
Required: false

Kafka Broker Advanced Configuration Snippet (Safety Valve) for kafka-monitoring.properties

Description: For advanced use only. A string to be inserted into kafka-monitoring.properties for this role only.
Related Name
Default Value
API Name: kafka-monitoring.properties_role_safety_valve
Required: false

Kafka Broker Advanced Configuration Snippet (Safety Valve) for kafka.properties

Description: For advanced use only. A string to be inserted into kafka.properties for this role only.
Related Name
Default Value
API Name: kafka.properties_role_safety_valve
Required: false

Kafka Broker Environment Advanced Configuration Snippet (Safety Valve)

Description: For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of this role except client configuration.
Related Name
Default Value
API Name: KAFKA_BROKER_role_env_safety_valve
Required: false

Kafka Broker Logging Advanced Configuration Snippet (Safety Valve)

Description: For advanced use only, a string to be inserted into log4j2.properties for this role only.
Related Name
Default Value
API Name: log4j_safety_valve
Required: false

Enable auto refresh for metric configurations

Description: When true, Enable Metric Collection and Metric Filter parameters will be set automatically if they're changed. Otherwise, a refresh by hand is required.
Related Name
Default Value: false
API Name: metric_config_auto_refresh
Required: false

Kafka Broker Advanced Configuration Snippet (Safety Valve) for oauth_jwks.json

Description: For advanced use only. A string to be inserted into oauth_jwks.json for this role only.
Related Name
Default Value
API Name: oauth_jwks.json_role_safety_valve
Required: false

Heap Dump Directory

Description: Path to directory where heap dumps are generated when java.lang.OutOfMemoryError error is thrown. This directory is automatically created if it does not exist. If this directory already exists, it will be owned by the current role user with 1777 permissions. Sharing the same directory among multiple roles will cause an ownership race. The heap dump files are created with 600 permissions and are owned by the role user. The amount of free space in this directory should be greater than the maximum Java Process heap size configured for this role.
Related Name: oom_heap_dump_dir
Default Value: /tmp
API Name: oom_heap_dump_dir
Required: false

Dump Heap When Out of Memory

Description: When set, generates a heap dump file when when an out-of-memory error occurs.
Related Name
Default Value: false
API Name: oom_heap_dump_enabled
Required: true

Kill When Out of Memory

Description: When set, a SIGKILL signal is sent to the role process when java.lang.OutOfMemoryError is thrown.
Related Name
Default Value: true
API Name: oom_sigkill_enabled
Required: true

Automatically Restart Process

Description: When set, this role's process is automatically (and transparently) restarted in the event of an unexpected failure. This configuration applies in the time after the Start Wait Timeout period.
Related Name
Default Value: false
API Name: process_auto_restart
Required: true

Enable Metric Collection

Description: Cloudera Manager agent monitors each service and each of its role by publishing metrics to the Cloudera Manager Service Monitor. Setting it to false will stop Cloudera Manager agent from publishing any metric for corresponding service/roles. This is usually helpful for services that generate large amount of metrics which Service Monitor is not able to process.
Related Name
Default Value: true
API Name: process_should_monitor
Required: true

Process Start Retry Attempts

Description: Number of times to try starting a role's process when the process exits before the Start Wait Timeout period. After a process is running beyond the Start Wait Timeout, the retry count is reset. Setting this configuration to zero will prevent restart of the process during the Start Wait Timeout period.
Related Name
Default Value: 3
API Name: process_start_retries
Required: false

Process Start Wait Timeout

Description: The time in seconds to wait for a role's process to start successfully on a host. Processes which exit/crash before this time will be restarted until reaching the limit specified by the Start Retry Attempts count parameter. Setting this configuration to zero will turn off this feature.
Related Name
Default Value: 20
API Name: process_start_secs
Required: false

Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-audit.xml

Description: For advanced use only. A string to be inserted into ranger-kafka-audit.xml for this role only.
Related Name
Default Value
API Name: ranger-kafka-audit.xml_role_safety_valve
Required: false

Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-policymgr-ssl.xml

Description: For advanced use only. A string to be inserted into ranger-kafka-policymgr-ssl.xml for this role only.
Related Name
Default Value
API Name: ranger-kafka-policymgr-ssl.xml_role_safety_valve
Required: false

Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-security.xml

Description: For advanced use only. A string to be inserted into ranger-kafka-security.xml for this role only.
Related Name
Default Value
API Name: ranger-kafka-security.xml_role_safety_valve
Required: false

Kafka Broker Advanced Configuration Snippet (Safety Valve) for rolling_restart_check_after_start_admin_client_configs.properties

Description: For advanced use only. A string to be inserted into rolling_restart_check_after_start_admin_client_configs.properties for this role only.
Related Name
Default Value
API Name: rolling_restart_check_after_start_admin_client_configs.properties_role_safety_valve
Required: false

Kafka Broker Advanced Configuration Snippet (Safety Valve) for rolling_restart_check_before_stop_admin_client_configs.properties

Description: For advanced use only. A string to be inserted into rolling_restart_check_before_stop_admin_client_configs.properties for this role only.
Related Name
Default Value
API Name: rolling_restart_check_before_stop_admin_client_configs.properties_role_safety_valve
Required: false

Kafka Broker Advanced Configuration Snippet (Safety Valve) for ssl.properties

Description: For advanced use only. A string to be inserted into ssl.properties for this role only.
Related Name
Default Value
API Name: ssl.properties_role_safety_valve
Required: false

Kafka Broker Advanced Configuration Snippet (Safety Valve) for zookeeper-ssl.properties

Description: For advanced use only. A string to be inserted into zookeeper-ssl.properties for this role only.
Related Name
Default Value
API Name: zookeeper-ssl.properties_role_safety_valve
Required: false

Logs

Kafka Broker Log Directory

Description: The log directory for log files of the role Kafka Broker.
Related Name: kafka.log4j.dir
Default Value: /var/log/kafka
API Name: log_dir
Required: false

Kafka Broker Logging Threshold

Description: The minimum log level for Kafka Broker logs
Related Name
Default Value: INFO
API Name: log_threshold
Required: false

Kafka Broker Maximum Log File Backups

Description: The maximum number of rolled log files to keep for Kafka Broker logs. Typically used by log4j or logback.
Related Name
Default Value: 10
API Name: max_log_backup_index
Required: false

Kafka Broker Max Log Size

Description: The maximum size, in megabytes, per log file for Kafka Broker logs. Typically used by log4j or logback.
Related Name
Default Value: 200 MiB
API Name: max_log_size
Required: false

Monitoring

Enable Health Alerts for this Role

Description: When set, Cloudera Manager will send alerts when the health of this role reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold
Related Name
Default Value: true
API Name: enable_alerts
Required: false

Enable Configuration Change Alerts

Description: When set, Cloudera Manager will send alerts when this entity's configuration changes.
Related Name
Default Value: false
API Name: enable_config_alerts
Required: false

Enable JMX Exporter (beta)

Description: JMX Exporter support is a beta feature. If enabled, CM configures the role to run JMX Exporter in agent mode with the provided port and YAML configuration. This exporter then can be used with the OpenTelemetry Collector feature. See the JMX Exporter documentation.
Related Name
Default Value: true
API Name: jmx_exporter_enabled
Required: true

JMX Exporter configuration YAML

Description: This configuration is passed to JMX Exporter as it is. See the JMX Exporter documentation.
Related Name
Default Value
API Name: jmx_exporter_yaml
Required: false

Enable Lagging Replicas Test

Description: Enables or disables the health test. When disabled, the test does not run at all, nor generate health history.
Related Name
Default Value: true
API Name: KAFKA-KAFKA_BROKER-7.2.19-LAGGING_REPLICAS_test_enable
Required: false

Enable Network Processor Capacity Test

Description: Enables or disables the health test. When disabled, the test does not run at all, nor generate health history.
Related Name
Default Value: true
API Name: KAFKA-KAFKA_BROKER-7.2.19-NETWORK_PROCESSOR_CAPACITY_test_enable
Required: false

Enable Offline Directory Test

Description: Enables or disables the health test. When disabled, the test does not run at all, nor generate health history.
Related Name
Default Value: true
API Name: KAFKA-KAFKA_BROKER-7.2.19-OFFLINE_DIRECTORIES_test_enable
Required: false

Enable Offline Partitions Test

Description: Enables or disables the health test. When disabled, the test does not run at all, nor generate health history.
Related Name
Default Value: true
API Name: KAFKA-KAFKA_BROKER-7.2.19-OFFLINE_PARTITIONS_test_enable
Required: false

Enable Request Handler Capacity Test

Description: Enables or disables the health test. When disabled, the test does not run at all, nor generate health history.
Related Name
Default Value: true
API Name: KAFKA-KAFKA_BROKER-7.2.19-REQUEST_HANDLER_CAPACITY_test_enable
Required: false

File Descriptor Monitoring Thresholds

Description: The health test thresholds of the number of file descriptors used. Specified as a percentage of file descriptor limit.
Related Name
Default Value: Warning: 50.0 %, Critical: 70.0 %
API Name: kafka_broker_fd_thresholds
Required: false

Kafka Broker Host Health Test

Description: When computing the overall Kafka Broker health, consider the host's health.
Related Name
Default Value: true
API Name: kafka_broker_host_health_enabled
Required: false

Kafka Broker Process Health Test

Description: Enables the health test that the Kafka Broker's process state is consistent with the role configuration
Related Name
Default Value: true
API Name: kafka_broker_scm_health_enabled
Required: false

Log Directory Free Space Monitoring Absolute Thresholds

Description: The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory.
Related Name
Default Value: Warning: 10 GiB, Critical: 5 GiB
API Name: log_directory_free_space_absolute_thresholds
Required: false

Log Directory Free Space Monitoring Percentage Thresholds

Description: The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory. Specified as a percentage of the capacity on that filesystem. This setting is not used if a Log Directory Free Space Monitoring Absolute Thresholds setting is configured.
Related Name
Default Value: Warning: Never, Critical: Never
API Name: log_directory_free_space_percentage_thresholds
Required: false

Metric Filter

Description

Defines a Metric Filter for this role. Cloudera Manager Agents will not send filtered metrics to the Service Monitor. Define the following fields:

Health Test Metric Set - Select this parameter to collect only metrics required for health tests.
Default Dashboard Metric Set - Select this parameter to collect only metrics required for the default dashboards. For user-defined charts, you must add the metrics you require for the chart using the Custom Metrics parameter.
Include/Exclude Custom Metrics - Select Include to specify metrics that should be collected. Select Exclude to specify metrics that should not be collected. Enter the metric names to be included or excluded using the Metric Name parameter.
Metric Name - The name of a metric that will be included or excluded during metric collection.

If you do not select Health Test Metric Set or Default Dashboard Metric Set, or specify metrics by name, metric filtering will be turned off (this is the default behavior).For example, the following configuration enables the collection of metrics required for Health Tests and the jvm_heap_used_mb metric:

Include only Health Test Metric Set: Selected.
Include/Exclude Custom Metrics: Set to Include.
Metric Name: jvm_heap_used_mb

You can also view the JSON representation for this parameter by clicking View as JSON. In this example, the JSON looks like this:

{
  "includeHealthTestMetricSet": true, 
  "filterType": "whitelist",
  "metrics": ["jvm_heap_used_mb"]
}

Related Name

Default Value

API Name

monitoring_metric_filter

Required

false

OpenTelemetry Collector Exporters Section

Description: Define the exporters settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value: exporters: prometheusremotewrite/$ROLE_NAME: endpoint: $ROLE_PARAM(otelcol_remote_write_url) auth: authenticator: basicauth/$ROLE_NAME tls: insecure_skip_verify: true retry_on_failure: enabled: true initial_interval: 10s max_interval: 40s max_elapsed_time: 300s
API Name: otelcol_exporters
Required: false

OpenTelemetry Collector Extensions Section

Description: Define the extensions settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value: extensions: basicauth/$ROLE_NAME: client_auth: username: $ROLE_PARAM(otelcol_remote_write_user) password: '$ROLE_PARAM(otelcol_remote_write_password)'
API Name: otelcol_extensions
Required: false

OpenTelemetry Collector Helper Port

Description: This port can be used for JMX Exporter to implement a Prometheus exporter or for other OpenTelemetry Collector related purposes
Related Name
Default Value
API Name: otelcol_helper_port
Required: false

OpenTelemetry Collector Processors Section

Description: Define the processors settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_processors
Required: false

OpenTelemetry Collector Receivers Section

Description: Define the receivers settings as a yaml snippet according to the OpenTelemetry Collector standards. A number of variables can help to use the same config everywhere. The follow strings or expressions will be substituted: $HOST_NAME, $CLUSTER_NAME, $CLUSTER_ID, $SERVICE_TYPE, $SERVICE_NAME, $ROLE_NAME, $ROLE_TYPE, $ROLE_PARAM(my_parameter_name) - e.g.: a port parameter for the role's metrics, $DECODE_B64(...) and $DECODE_URL(...) to decode encoded parameters, $ENV_PARAM(name) to fetch params from the process' environment, $SYS_PARAM(name) to fetch java system properties.
Related Name
Default Value
API Name: otelcol_receivers
Required: false

OpenTelemetry Collector Remote Write Password

Description: Remote write password for the OpenTelemetry Collector. This param is for convenience and intended to be used at the extensions section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_password) expression. Specify $INFRA(cdp_request_signer_password) when forwarding to Cloudera Observability central monitoring. (This is the default.)
Related Name
Default Value: ******
API Name: otelcol_remote_write_password
Required: false

OpenTelemetry Collector Remote Write URL

Description: Remote write URL for the OpenTelemetry Collector. This param is for convenience and intended to be used at the exporters section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_url) expression. Specify $INFRA(cdp_request_signer_url) when forwarding to Cloudera Observability central monitoring.
Related Name
Default Value: $INFRA(cdp_request_signer_url)
API Name: otelcol_remote_write_url
Required: false

OpenTelemetry Collector Remote Write Username

Description: Remote write username for the OpenTelemetry Collector. This param is for convenience and intended to be used at the extensions section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_user) expression. Specify $INFRA(cdp_request_signer_username) when forwarding to Cloudera Observability central monitoring.
Related Name
Default Value: $INFRA(cdp_request_signer_username)
API Name: otelcol_remote_write_user
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section

Description: Define the exporters settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_exporters
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section

Description: Define the extensions settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_extensions
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section

Description: Define the processors settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_processors
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section

Description: Define the receivers settings as a yaml snippet according to the OpenTelemetry Collector standards. A number of variables can help to use the same config everywhere. The follow strings or expressions will be substituted: $HOST_NAME, $CLUSTER_NAME, $CLUSTER_ID, $SERVICE_TYPE, $SERVICE_NAME, $ROLE_NAME, $ROLE_TYPE, $ROLE_PARAM(my_parameter_name) - e.g.: a port parameter for the role's metrics, $DECODE_B64(...) and $DECODE_URL(...) to decode encoded parameters, $ENV_PARAM(name) to fetch params from the process' environment, $SYS_PARAM(name) to fetch java system properties.
Related Name
Default Value
API Name: otelcol_rtm_logs_receivers
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section

Description: Define the service settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_service
Required: false

OpenTelemetry Collector Service Section

Description: Define the service settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_service
Required: false

Enable OpenTelemetry Collector (beta)

Description: OpenTelemetry Collector support is a new beta feature (will change without notice) which can run OpenTelemetry Collector as an agent together with the CM Agent to forward metrics to a Prometheus like storage.
Related Name
Default Value: false
API Name: otelcol_should_collect
Required: true

Enable Real-Time Monitoring for Jobs / Queries with OpenTelemetry

Description: This enables OpenTelemetry Collector as an agent together with the CM Agent to forward real-time monitoring data about jobs / queries to Observability backend. The configuration of the subsections shouldn't be modified manually.
Related Name
Default Value: false
API Name: otelcol_should_collect_rtm_logs
Required: true

Swap Memory Usage Rate Thresholds

Description: The health test thresholds on the swap memory usage rate of the process. Specified as the change of the used swap memory during the predefined period.
Related Name
Default Value: Warning: Never, Critical: Never
API Name: process_swap_memory_rate_thresholds
Required: false

Swap Memory Usage Rate Window

Description: The period to review when computing unexpected swap memory usage change of the process.
Related Name: common.process.swap_memory_rate_window
Default Value: 5 minute(s)
API Name: process_swap_memory_rate_window
Required: false

Process Swap Memory Thresholds

Description: The health test thresholds on the swap memory usage of the process. This takes precedence over the host level threshold.
Related Name
Default Value: Warning: 200 B, Critical: Never
API Name: process_swap_memory_thresholds
Required: false

Role Triggers

Description

The configured triggers for this role. This is a JSON-formatted list of triggers. These triggers are evaluated as part as the health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has the following fields:

triggerName (mandatory) - The name of the trigger. This value must be unique for the specific role.
triggerExpression (mandatory) - A tsquery expression representing the trigger.
streamThreshold (optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire.
enabled (optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.
expressionEditorConfig (optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger configured for a DataNode fires if the DataNode has more than 1500 file descriptors opened:

[{"triggerName": "sample-trigger",
  "triggerExpression": "IF (SELECT fd_open WHERE roleName=$ROLENAME and last(fd_open) > 1500) DO health:bad",
  "streamThreshold": 0, "enabled": "true"}]

See the trigger rules documentation for more details on how to write triggers using tsquery.The JSON format is evolving and may change and, as a result, backward compatibility is not guaranteed between releases.

Related Name

Default Value

[]

API Name

role_triggers

Required

true

Enable Spool Directory Metric Usage for Kafka Broker

Description: Enables the health test for monitoring the Ranger Plugin Spool directory usage.
Related Name
Default Value: true
API Name: spool_directory_usage_enabled
Required: false

Ranger Plugin Spool Directory Usage Thresholds for Kafka Broker

Description: The health test thresholds for monitoring the the Ranger Plugin Spool directory usage.
Related Name
Default Value: 1 GiB
API Name: spool_directory_usage_threshold
Required: false

Unexpected Exits Thresholds

Description: The health test thresholds for unexpected exits encountered within a recent period specified by the unexpected_exits_window configuration for the role.
Related Name
Default Value: Warning: Never, Critical: Any
API Name: unexpected_exits_thresholds
Required: false

Unexpected Exits Monitoring Period

Description: The period to review when computing unexpected exits.
Related Name
Default Value: 5 minute(s)
API Name: unexpected_exits_window
Required: false

Other

Enable Auditing to Atlas

Description: When enabled, Kafka will audit Kafka Topics, Producers and Consumers to Atlas
Related Name: atlas.audit.enabled
Default Value: false
API Name: atlas.audit.enabled
Required: false

Authenticate Zookeeper Connection

Description: Enables authentication of SASL connections with zookeeper, if Kerberos authentication is enabled. It also allows a broker to set SASL ACL on zookeeper nodes, which locks these nodes down so that only a Kafka broker can modify it.
Related Name: authenticate.zookeeper.connection
Default Value: true
API Name: authenticate.zookeeper.connection
Required: false

Broker Heartbeat Interval

Description: The length of time in milliseconds between broker heartbeats. Used when running in KRaft mode.
Related Name: broker.heartbeat.interval.ms
Default Value: 2 second(s)
API Name: broker.heartbeat.interval.ms
Required: false

Broker ID

Description: ID uniquely identifying each broker. Never set this property at the group level; it should always be overridden on instance level.
Related Name: broker.id
Default Value
API Name: broker.id
Required: false

Broker Rack ID

Description: Specifies a user defined ID that represents the rack and/or data center that this broker is located in. For example: `Rack1`. If rack IDs are specified, the broker becomes rack aware. This means that partition replicas will be assigned among the specified racks in a fault tolerant manner. The rack IDs specified in this property override the IDs configured by the Enable Rack Awareness property. Specifying multiple levels of racks is possible. This is done by starting and separating the rack IDs with slashes. For example: `/DataCenter1/Rack1`. If you specify multi-level rack IDs, ensure that you also select the Enable multi-level rack awareness property. All Kafka brokers must have the same level of racks. Deployments that have differing rack levels per broker are not supported.
Related Name: broker.rack
Default Value
API Name: broker.rack
Required: false

Broker Session Timeout

Description: The length of time in milliseconds that a broker lease lasts if no heartbeats are made. Used when running in KRaft mode.
Related Name: broker.session.timeout.ms
Default Value: 9 second(s)
API Name: broker.session.timeout.ms
Required: false

Additional Broker Java Options

Description: These arguments are passed as part of the Java command line. Commonly, garbage collection flags or extra debugging flags are passed here.
Related Name: broker_java_opts
Default Value: -server -XX:+UseG1GC -XX:MaxGCPauseMillis=20 -XX:InitiatingHeapOccupancyPercent=35 -XX:G1HeapRegionSize=16M -XX:MinMetaspaceFreeRatio=50 -XX:MaxMetaspaceFreeRatio=80 -XX:+DisableExplicitGC -Djava.awt.headless=true -Djava.net.preferIPv4Stack=true -Dcom.sun.management.jmxremote.host=127.0.0.1 -Dcom.sun.management.jmxremote.local.only=true -Djava.rmi.server.hostname=127.0.0.1
API Name: broker_java_opts
Required: false

Java Heap Size of Broker

Description: Maximum size for the Java process heap memory. Passed to Java -Xmx. Measured in megabytes. Kafka does not generally require setting large heap sizes. It is better to let the file system cache utilize the available memory.
Related Name: broker_max_heap_size
Default Value: 1 GiB
API Name: broker_max_heap_size
Required: false

Default API Timeout For Kafka Topics Client Used In Kafka Broker Rolling Restart Check

Description: Specifies the timeout (in milliseconds) for kafka-topics client APIs.
Related Name: default.api.timeout.ms
Default Value: 1 minute(s)
API Name: broker_rolling_restart_check_kafka_topics_default_api_timeout_ms
Required: false

Cluster Health Guarantee During Rolling Restart

Description: Defines what type of checks are performed during a Rolling Restart on the restarted broker.. Each setting guarantees a different level of cluster health during Rolling Restarts. "none" no checks are performed. This setting does not guarantee any level of cluster health. "ready for requests" ensures that the restarted broker is accepting requests on its service port before restarting the next broker. "healthy partitions stay healthy" ensures that no partitions go into an under-min-isr state when a broker is stopped. This is achieved by waiting before each broker is stopped so that all other brokers can catch up with all replicas that are in an at-min-isr state. Additionally, ensures that the restarted broker is accepting requests on its service port before restarting the next broker. This setting ignores partitions which are already in an under-min-isr state. "all partitions stay healthy" ensures that no partitions are in an under-min-isr or at-min-isr state when a broker is stopped. This is achieved by waiting before each broker is stopped so that all other brokers can catch up with all replicas that are in an at-min-isr or under-min-isr state. Additionally, ensures that the restarted broker is accepting requests on its service port before the next broker is restarted. "all partitions fully replicated" ensures that all partitions are in a fully synchronized state when a broker is stopped. This is achieved by waiting before each broker is stopped so that all other brokers can catch up with all replicas that are out of sync. Additionally, ensures that the restarted broker is accepting requests on its service port before the next broker is restarted.
Related Name: broker_rolling_restart_check_option
Default Value: healthy partitions stay healthy
API Name: broker_rolling_restart_check_option
Required: false

Retry Interval For Kafka Broker Rolling Restart Check

Description: Specifies the interval (in seconds) at which the Kafka Broker Rolling Restart Check polls topic and replica information. If replicas are not caught up after a poll is made, the Kafka Broker Rolling Restart Check will wait for the amount specified in this property before initiating another poll.
Related Name: broker_rolling_restart_check_retry_interval_sec
Default Value: 30 second(s)
API Name: broker_rolling_restart_check_retry_interval_sec
Required: false

Maximum Allowed Runtime For Kafka Broker Rolling Restart Check

Description: Specifies the maximum amount of time (in seconds) that a Kafka Broker Rolling Restart Check can take. When "Cluster Health Guarantee During Rolling Restart" is enabled (not set to "none"), configuring this property can shorten or lengthen the time required to complete a Rolling Restart.
Related Name: broker_rolling_restart_check_time_limit_sec
Default Value: 15 minute(s)
API Name: broker_rolling_restart_check_time_limit_sec
Required: false

Enable multi-level rack awareness

Description: Enables support for multi-level racks. When enabled, Kafka performs partition assignment in a multi-level rack-aware mode and uses a multi-level rack-aware ReplicaSelector implementation. This mode of rack awareness respects nested racks and ensures that racks are spread evenly across data centers, racks, and/or subracks.
Related Name: cloudera.enable.multi.level.rack.awareness
Default Value: false
API Name: cloudera.enable.multi.level.rack.awareness
Required: false

Kafka Broker Diagnostics Collection Timeout

Description: The timeout in milliseconds to wait for diagnostics collection to complete.
Related Name
Default Value: 5 minute(s)
API Name: csd_role_diagnostics_timeout
Required: false

Enable Rack Awareness

Description: Enables rack awareness. If this property is selected, the 'broker.rack' property is set for each broker based on the rack assignment configured for the hosts in Cloudera Manager. This property is ignored if rack IDs are specified in the Broker Rack ID property.
Related Name: enable.rack.awareness
Default Value: false
API Name: enable.rack.awareness
Required: false

Graceful Shutdown Timeout

Description: The timeout in milliseconds to wait for graceful shutdown to complete.
Related Name
Default Value: 2 minute(s)
API Name: graceful_stop_timeout
Required: false

Enable Authenticated Communication with the JMX Agent

Description: Enables Authenticated Communication with the JMX Agent.
Related Name: jmx.auth.enabled
Default Value: true
API Name: jmx.auth.enabled
Required: false

Name of User with Read-Write Access to the JMX Agent

Description: Specifies the name of the user that has read-write privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.control.user
Default Value: controlRole
API Name: jmx.control.user
Required: false

Password of user with read-write access to the JMX agent

Description: Specifies the password of the user that has read-write privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.control.user.passwd
Default Value: ******
API Name: jmx.control.user.passwd
Required: false

Name of User with read-only access to the JMX Agent

Description: Specifies the name of the user that has read-only privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.monitor.user
Default Value: monitorRole
API Name: jmx.monitor.user
Required: false

Password of User with read-only Access to the JMX agent

Description: Specifies the password of the user that has read-only privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.monitor.user.passwd
Default Value: ******
API Name: jmx.monitor.user.passwd
Required: false

Enable TLS client authentication for JMX port

Description: If enabled, a valid client certificate must be presented by the JMX client in order to connect to the JMX port. Ensure that the trusted CA certificates are present in either the Kafka JMX TLS/SSL Server Trust Store file or the global trust store.
Related Name: jmx.ssl.client.auth.enabled
Default Value: false
API Name: jmx.ssl.client.auth.enabled
Required: false

Enable TLS/SSL for Kafka JMX

Description: Encrypt communication between clients and Kafka JMX using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)).
Related Name: jmx.ssl.enabled
Default Value: false
API Name: jmx.ssl.enabled
Required: false

Enable HTTP Metric Report Basic Authentication

Description: Enable Basic Authentication for Kafka Metric HTTP Endpoint.
Related Name: kafka.http.metrics.authentication.enabled
Default Value: false
API Name: kafka.http.metrics.authentication.enabled
Required: false

HTTP Metric Report Host

Description: The host that the HTTP metric reporter binds to.
Related Name: kafka.http.metrics.host
Default Value: 0.0.0.0
API Name: kafka.http.metrics.host
Required: false

HTTP Metric Report Password

Description: The password used for Basic Authentication.
Related Name: kafka.http.metrics.password
Default Value
API Name: kafka.http.metrics.password
Required: false

Http Metrics Report Exclude Filter

Description: Regex of MetricNames that will not be reported by the HttpMetricsReporter. Use upstream JMX-based MetricNames.
Related Name: http.metrics.exclude
Default Value
API Name: kafka.http.metrics.reporter.exclude.filter
Required: false

SSL Encryption For HTTP Metric Reporter

Description: Enable SSL Encryption for HTTP Metrics Endpoint. IMPORTANT: SSL encryption will be enabled if ssl_enabled config is enabled as well!
Related Name: kafka.http.metrics.ssl.enabled
Default Value: false
API Name: kafka.http.metrics.ssl.enabled
Required: false

HTTP Metric Report User

Description: The username used for Basic Authentication.
Related Name: kafka.http.metrics.user
Default Value
API Name: kafka.http.metrics.user
Required: false

Kafka Broker Load Balancer Host

Description: The host of the load balancer that is used to balance connection bootstraps between multiple brokers. If you set this value, a listener will be automatically configured that can accept forwarded connections from a load balancer in a kerberized environment. You can change the default listener port by setting another value for kafka_broker_load_balancer_listener_port.
Related Name: kafka_broker_load_balancer_host
Default Value
API Name: kafka_broker_load_balancer_host
Required: false

Data Directories

Description: A list of one or more directories in which Kafka data is stored.. Each new partition created is placed in the directory that currently has the least amount of partitions.. Each directory should be on its own separate drive.
Related Name: log.dirs
Default Value: /var/local/kafka/data
API Name: log.dirs
Required: true

Data Retention Size

Description: The amount of data to retain in the log for each topic-partition. This is the limit per partition. Multiply it by the number of partitions to get the total amount of data retained for the topic. This property can take -1 as a value, which is interpreted as unlimited. If both log.retention.ms and log.retention.bytes are set, a segment is deleted when either limit is exceeded.
Related Name: log.retention.bytes
Default Value: -1 B
API Name: log.retention.bytes
Required: false

Data Retention Check Interval

Description: The frequency, in milliseconds, that the log cleaner checks whether any log segment is eligible for deletion, per retention policies.
Related Name: log.retention.check.interval.ms
Default Value: 5 minute(s)
API Name: log.retention.check.interval.ms
Required: false

Data Retention Time

Description: The maximum time before a new log segment is rolled out. If both log.retention.ms and log.retention.bytes are set, a segment is deleted when either limit is exceeded. This property can take -1 as a value, which is interpreted as unlimited.
Related Name: log.retention.ms
Default Value: 7 day(s)
API Name: log.retention.ms
Required: true

Data Log Roll Time

Description: The maximum time before a new log segment is rolled out.
Related Name: log.roll.ms
Default Value
API Name: log.roll.ms
Required: false

Segment File Size

Description: The log for a topic partition is stored as a directory of segment files. This setting controls the size to which a segment file can grow before a new segment is rolled over in the log. This value has to be larger than message.max.bytes.
Related Name: log.segment.bytes
Default Value: 1 GiB
API Name: log.segment.bytes
Required: false

Maximum Connections per IP Address

Description: Maximum number of connections allowed from each IP address.
Related Name: max.connections.per.ip
Default Value
API Name: max.connections.per.ip
Required: false

Kafka Metadata Store Service

Description: Metadata service to use. Can be either Zookeeper or KRaft.
Related Name: metadata.store
Default Value: Zookeeper
API Name: metadata.store
Required: false

Number of I/O Threads

Description: The number of I/O threads that the server uses for executing requests. You should have at least as many threads as you have disks.
Related Name: num.io.threads
Default Value: 8
API Name: num.io.threads
Required: false

Number of Network Threads

Description: Number of threads that the server uses to handle incoming requests and outgoing responses.
Related Name: num.network.threads
Default Value: 8
API Name: num.network.threads
Required: false

Number of Recovery Threads per data directory

Description: Number of threads per data directory that the server uses for log recovery during startup and log flushing during shutdown. Increasing this value may improve broker startup performance if you have a high number of segments. The total number of recovery threads (number of threads per data dir * number of data dirs) should not exceed the number of CPU cores. The default value is 1.
Related Name: num.recovery.threads.per.data.dir
Default Value: 1
API Name: num.recovery.threads.per.data.dir
Required: false

Number of Alter Log Dir Threads

Description: Number of threads that the server uses to move data between log directories. The default value of this property is the same as the number of log directories.
Related Name: num.replica.alter.log.dirs.threads
Default Value
API Name: num.replica.alter.log.dirs.threads
Required: false

Ranger Kafka Plugin Audit Hdfs Spool Directory Path

Description: Spool directory for Ranger audits being written to DFS.
Related Name: xasecure.audit.destination.hdfs.batch.filespool.dir
Default Value: /var/log/kafka/audit/hdfs/spool
API Name: ranger_audit_hdfs_spool_dir
Required: true

Ranger Kafka Plugin Audit Solr Spool Directory Path

Description: Spool directory for Ranger audits being written to Solr.
Related Name: xasecure.audit.destination.solr.batch.filespool.dir
Default Value: /var/log/kafka/audit/solr/spool
API Name: ranger_audit_solr_spool_dir
Required: true

Ranger Kafka Plugin Conf Path

Description: Staging directory for Ranger Kafka Plugin Configuration. This should generally not be changed.
Related Name: ranger_kafka_plugin_conf_path
Default Value: /etc/ranger/kafka-plugin
API Name: ranger_kafka_plugin_conf_path
Required: true

Ranger Kafka Plugin Policy Cache Directory Path

Description: The directory where Ranger security policies are cached locally.
Related Name: ranger.plugin.kafka.policy.cache.dir
Default Value: /var/lib/ranger/kafka/policy-cache
API Name: ranger_kafka_plugin_policy_cache_directory
Required: true

Ranger Plugin Trusted Proxy IP Address

Description: Accepts a list of IP addresses of proxy servers for trusting.
Related Name: ranger.plugin.kafka.trusted.proxy.ipaddress
Default Value
API Name: ranger_plugin_trusted_proxy_ipaddress
Required: false

Ranger Plugin Use X-Forwarded For IP Address

Description: The parameter is used for identifying the originating IP address of a user connecting to a component through proxy for audit logs.
Related Name: ranger.plugin.kafka.use.x-forwarded-for.ipaddress
Default Value: false
API Name: ranger_plugin_use_x_forwarded_for_ipaddress
Required: false

Inter Broker Protocol

Description: Protocol to be used for inter-broker communication. INFERRED uses the same protocol that is configured for external clients.
Related Name: security.inter.broker.protocol
Default Value: INFERRED
API Name: security.inter.broker.protocol
Required: false

Service Safe Stop timeout

Description: Maximum time allowed for safe-stopping the role. Safe-stop will ensure the service maintains cluster integrity and consistency.
Related Name
Default Value: 17 minute(s)
API Name: service_safe_stop_timeout
Required: false

Socket receive buffer size.

Description: The SO_RCVBUF buffer of the socket server sockets. If the value is -1, the OS default will be used.
Related Name: socket.receive.buffer.bytes
Default Value: 100 KiB
API Name: socket.receive.buffer.bytes
Required: false

Socket receive buffer size.

Description: The maximum number of bytes in a socket request
Related Name: socket.request.max.bytes
Default Value: 100 MiB
API Name: socket.request.max.bytes
Required: false

Socket send buffer size.

Description: The SO_SNDBUF buffer of the socket server sockets. If the value is -1, the OS default will be used.
Related Name: socket.send.buffer.bytes
Default Value: 100 KiB
API Name: socket.send.buffer.bytes
Required: false

SSL Client Authentication

Description: Client authentication mode for SSL connections. This configuration has three valid values, "required", "requested" and "none". If set to "required", client authentication is required. If set to "requested", client authentication is requested and clients without certificates can still connect. If set to "none", which is the default value, no client authentication is required.
Related Name: ssl.client.auth
Default Value: none
API Name: ssl.client.auth
Required: false

Enable Zookeeper ACL

Description: Enables brokers to set SASL ACL on zookeeper nodes if authenticate.zookeeper.connection is enabled.
Related Name: zookeeper.set.acl
Default Value: true
API Name: zookeeper.set.acl
Required: false

Performance

Maximum Process File Descriptors

Description: If configured, overrides the process soft and hard rlimits (also called ulimits) for file descriptors to the configured value.
Related Name
Default Value
API Name: rlimit_fds
Required: false

Ports and Addresses

JMX Port

Description: Port for JMX.
Related Name: jmx_port
Default Value: 9393
API Name: jmx_port
Required: false

HTTP Metric Report Port

Description: The port that the HTTP metric reporter listens on.
Related Name: kafka.http.metrics.port
Default Value: 24042
API Name: kafka.http.metrics.port
Required: false

Kafka Broker Load Balancer Listener Port

Description: Port for the load balancer listener of the kafka brokers.
Related Name: kafka_broker_load_balancer_listener_port
Default Value: 9094
API Name: kafka_broker_load_balancer_listener_port
Required: false

TCP Port

Description: Kafka broker port.
Related Name: port
Default Value: 9092
API Name: port
Required: false

TLS/SSL Port

Description: Kafka broker secure port.
Related Name: ssl_port
Default Value: 9093
API Name: ssl_port
Required: false

Resource Management

Cgroup V1 BLKIO Weight

Description: Weight for the read I/O requests issued by this role, enforced by the Linux kernel under cgroup v1. The greater the weight, the higher the priority of the requests when the host experiences I/O contention. Must be between 100 and 1000. Defaults to 1000 for processes not managed by Cloudera Manager.
Related Name: blkio.weight
Default Value: 500
API Name: rm_blkio_weight
Required: true

Cgroup V1 CPU Shares

Description: Number of CPU shares to assign to this role, enforced by the Linux kernel under cgroup v1. The greater the number of shares, the larger the share of the host's CPUs that will be given to this role when the host experiences CPU contention. Must be between 2 and 262144. Defaults to 1024 for processes not managed by Cloudera Manager.
Related Name: cpu.shares
Default Value: 1024
API Name: rm_cpu_shares
Required: true

Cgroup V2 CPU Weight

Description: Weight of CPU resources to assign to this role, enforced by the Linux kernel under cgroup v2. The greater the weight, the larger the share of the host's CPUs that will be given to this role when the host experiences CPU contention. Must be between 1 and 10000. Defaults to 100.
Related Name: cpu.weight
Default Value: 100
API Name: rm_cpu_weight
Required: true

Custom Control Group Resources (overrides Cgroup settings)

Description: Custom control group resources to assign to this role, which will be enforced by the Linux kernel. These resources should exist on the target hosts, otherwise an error will occur when the process starts. Use the same format as used for arguments to the cgexec command: resource1,resource2:path1 or resource3:path2 For example: 'cpu,memory:my/path blkio:my2/path2' ***These settings override other cgroup settings.***
Related Name: custom.cgroups
Default Value
API Name: rm_custom_resources
Required: false

Cgroup V2 I/O Weight

Description: Weight for the I/O requests issued by this role, enforced by the Linux kernel under cgroup v2. The greater the weight, the higher the priority of the requests when the host experiences I/O contention. Must be between 1 and 10000. Defaults to 100.
Related Name: io.weight
Default Value: 100
API Name: rm_io_weight
Required: true

Cgroup V1 Memory Hard Limit

Description: Hard memory limit to assign to this role, enforced by the Linux kernel under cgroup v1. When the limit is reached, the kernel will reclaim pages charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'
Related Name: memory.limit_in_bytes
Default Value: -1 MiB
API Name: rm_memory_hard_limit_v1
Required: true

Cgroup V2 Memory Hard Limit

Description: Hard memory limit to assign to this role, enforced by the Linux kernel under cgroup v2. When the limit is reached, the kernel will reclaim pages charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous and page cache pages contribute to the limit. Use a value of 'max' to specify no limit. By default, processes not managed by Cloudera Manager will have no limit. If the value is 'max', Cloudera Manager will not monitor Cgroup memory usage, and some charts will show 'No Data'.
Related Name: memory.max
Default Value: -1 MiB
API Name: rm_memory_hard_limit_v2
Required: true

Cgroup V1 Memory Soft Limit

Description: Soft memory limit to assign to this role, enforced by the Linux kernel under cgroup v1. When the limit is reached, the kernel will reclaim pages charged to the process if and only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'
Related Name: memory.soft_limit_in_bytes
Default Value: -1 MiB
API Name: rm_memory_soft_limit_v1
Required: true

Cgroup V2 Memory Soft Limit

Description: Soft memory limit to assign to this role, enforced by the Linux kernel under cgroup v2. When the limit is reached, the kernel will reclaim pages charged to the process only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous and page cache pages contribute to the limit. Use a value of 'max' to specify no limit. By default, processes not managed by Cloudera Manager will have no limit. If the value is 'max', Cloudera Manager will not monitor Cgroup memory usage, and some charts will show 'No Data'.
Related Name: memory.high
Default Value: -1 MiB
API Name: rm_memory_soft_limit_v2
Required: true

Security

Kafka Broker TLS/SSL Trust Store File

Description: The location on disk of the trust store, in .jks format, used to confirm the authenticity of TLS/SSL servers that Kafka Broker might connect to. This trust store must contain the certificate(s) used to sign the service(s) connected to. If this parameter is not provided, the default list of well-known certificate authorities is used instead.
Related Name: ssl.truststore.location
Default Value
API Name: ssl_client_truststore_location
Required: false

Kafka Broker TLS/SSL Trust Store Password

Description: The password for the Kafka Broker TLS/SSL Trust Store File. This password is not required to access the trust store; this field can be left blank. This password provides optional integrity checking of the file. The contents of trust stores are certificates, and certificates are public information.
Related Name: ssl.truststore.password.generator
Default Value
API Name: ssl_client_truststore_password
Required: false

Enable TLS/SSL for Kafka Broker

Description: Encrypt communication between clients and Kafka Broker using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)).
Related Name: ssl_enabled
Default Value: false
API Name: ssl_enabled
Required: false

Kafka Broker TLS/SSL Server Keystore Key Password

Description: The password that protects the private key contained in the keystore used when Kafka Broker is acting as a TLS/SSL server.
Related Name: ssl.key.password.generator
Default Value
API Name: ssl_server_keystore_keypassword
Required: false

Kafka Broker TLS/SSL Server Keystore File Location

Description: The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when Kafka Broker is acting as a TLS/SSL server. The keystore must be in the format specified in Administration > Settings > Java Keystore Type.
Related Name: ssl.keystore.location
Default Value
API Name: ssl_server_keystore_location
Required: false

Kafka Broker TLS/SSL Server Keystore File Password

Description: The password for the Kafka Broker keystore file.
Related Name: ssl.keystore.password.generator
Default Value
API Name: ssl_server_keystore_password
Required: false

Stacks Collection

Stacks Collection Data Retention

Description: The amount of stacks data that is retained. After the retention limit is reached, the oldest data is deleted.
Related Name: stacks_collection_data_retention
Default Value: 100 MiB
API Name: stacks_collection_data_retention
Required: false

Stacks Collection Directory

Description: The directory in which stacks logs are placed. If not set, stacks are logged into a stacks subdirectory of the role's log directory. If this directory already exists, it will be owned by the current role user with 755 permissions. Sharing the same directory among multiple roles will cause an ownership race.
Related Name: stacks_collection_directory
Default Value
API Name: stacks_collection_directory
Required: false

Stacks Collection Enabled

Description: Whether or not periodic stacks collection is enabled.
Related Name: stacks_collection_enabled
Default Value: false
API Name: stacks_collection_enabled
Required: true

Stacks Collection Frequency

Description: The frequency with which stacks are collected.
Related Name: stacks_collection_frequency
Default Value: 5.0 second(s)
API Name: stacks_collection_frequency
Required: false

Stacks Collection Method

Description: The method used to collect stacks. The jstack option involves periodically running the jstack command against the role's daemon process. The servlet method is available for those roles that have an HTTP server endpoint exposing the current stacks traces of all threads. When the servlet method is selected, that HTTP endpoint is periodically scraped.
Related Name: stacks_collection_method
Default Value: jstack
API Name: stacks_collection_method
Required: false

Suppressions

Suppress Parameter Validation: Kafka Broker Advanced Configuration Snippet (Safety Valve) for atlas-application.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Advanced Configuration Snippet (Safety Valve) for atlas-application.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_atlas-application.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Broker ID

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Broker ID parameter.
Related Name
Default Value: false
API Name: role_config_suppression_broker.id
Required: true

Suppress Parameter Validation: Broker Rack ID

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Broker Rack ID parameter.
Related Name
Default Value: false
API Name: role_config_suppression_broker.rack
Required: true

Suppress Parameter Validation: Additional Broker Java Options

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Additional Broker Java Options parameter.
Related Name
Default Value: false
API Name: role_config_suppression_broker_java_opts
Required: true

Suppress Parameter Validation: Java Heap Size of Broker

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Java Heap Size of Broker parameter.
Related Name
Default Value: false
API Name: role_config_suppression_broker_max_heap_size
Required: true

Suppress Configuration Validator: CDH Version Validator

Description: Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_cdh_version_validator
Required: true

Suppress Parameter Validation: Name of User with Read-Write Access to the JMX Agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Name of User with Read-Write Access to the JMX Agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.control.user
Required: true

Suppress Parameter Validation: Password of user with read-write access to the JMX agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Password of user with read-write access to the JMX agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.control.user.passwd
Required: true

Suppress Parameter Validation: Name of User with read-only access to the JMX Agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Name of User with read-only access to the JMX Agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.monitor.user
Required: true

Suppress Parameter Validation: Password of User with read-only Access to the JMX agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Password of User with read-only Access to the JMX agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.monitor.user.passwd
Required: true

Suppress Parameter Validation: JMX Exporter configuration YAML

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JMX Exporter configuration YAML parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx_exporter_yaml
Required: true

Suppress Parameter Validation: JMX Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JMX Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx_port
Required: true

Suppress Parameter Validation: Kafka Broker Advanced Configuration Snippet (Safety Valve) for kafka-monitoring.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Advanced Configuration Snippet (Safety Valve) for kafka-monitoring.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka-monitoring.properties_role_safety_valve
Required: true

Suppress Parameter Validation: HTTP Metric Report Host

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTP Metric Report Host parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.host
Required: true

Suppress Parameter Validation: HTTP Metric Report Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTP Metric Report Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.password
Required: true

Suppress Parameter Validation: HTTP Metric Report Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTP Metric Report Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.port
Required: true

Suppress Parameter Validation: Http Metrics Report Exclude Filter

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Http Metrics Report Exclude Filter parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.reporter.exclude.filter
Required: true

Suppress Parameter Validation: HTTP Metric Report User

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTP Metric Report User parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.user
Required: true

Suppress Parameter Validation: Kafka Broker Advanced Configuration Snippet (Safety Valve) for kafka.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Advanced Configuration Snippet (Safety Valve) for kafka.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Kafka Broker Load Balancer Host

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Load Balancer Host parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_broker_load_balancer_host
Required: true

Suppress Parameter Validation: Kafka Broker Load Balancer Listener Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Load Balancer Listener Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_broker_load_balancer_listener_port
Required: true

Suppress Parameter Validation: Kafka Broker Environment Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Environment Advanced Configuration Snippet (Safety Valve) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_broker_role_env_safety_valve
Required: true

Suppress Parameter Validation: Data Directories

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Data Directories parameter.
Related Name
Default Value: false
API Name: role_config_suppression_log.dirs
Required: true

Suppress Parameter Validation: Segment File Size

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Segment File Size parameter.
Related Name
Default Value: false
API Name: role_config_suppression_log.segment.bytes
Required: true

Suppress Parameter Validation: Kafka Broker Logging Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Logging Advanced Configuration Snippet (Safety Valve) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_log4j_safety_valve
Required: true

Suppress Parameter Validation: Kafka Broker Log Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Log Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_log_dir
Required: true

Suppress Parameter Validation: Number of I/O Threads

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Number of I/O Threads parameter.
Related Name
Default Value: false
API Name: role_config_suppression_num.io.threads
Required: true

Suppress Parameter Validation: Number of Network Threads

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Number of Network Threads parameter.
Related Name
Default Value: false
API Name: role_config_suppression_num.network.threads
Required: true

Suppress Parameter Validation: Number of Recovery Threads per data directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Number of Recovery Threads per data directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_num.recovery.threads.per.data.dir
Required: true

Suppress Parameter Validation: Number of Alter Log Dir Threads

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Number of Alter Log Dir Threads parameter.
Related Name
Default Value: false
API Name: role_config_suppression_num.replica.alter.log.dirs.threads
Required: true

Suppress Parameter Validation: Kafka Broker Advanced Configuration Snippet (Safety Valve) for oauth_jwks.json

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Advanced Configuration Snippet (Safety Valve) for oauth_jwks.json parameter.
Related Name
Default Value: false
API Name: role_config_suppression_oauth_jwks.json_role_safety_valve
Required: true

Suppress Parameter Validation: Heap Dump Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Heap Dump Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_oom_heap_dump_dir
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Exporters Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Exporters Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_exporters
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Extensions Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Extensions Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_extensions
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Helper Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Helper Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_helper_port
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Processors Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Processors Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_processors
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Receivers Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Receivers Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_receivers
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_password
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write URL

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write URL parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_url
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write Username

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write Username parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_user
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_exporters
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_extensions
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_processors
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_receivers
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_service
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Service Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Service Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_service
Required: true

Suppress Parameter Validation: TCP Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the TCP Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_port
Required: true

Suppress Parameter Validation: Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-audit.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-audit.xml parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-audit.xml_role_safety_valve
Required: true

Suppress Parameter Validation: Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-policymgr-ssl.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-policymgr-ssl.xml parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-policymgr-ssl.xml_role_safety_valve
Required: true

Suppress Parameter Validation: Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-security.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-security.xml parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-security.xml_role_safety_valve
Required: true

Suppress Parameter Validation: Ranger Kafka Plugin Audit Hdfs Spool Directory Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Kafka Plugin Audit Hdfs Spool Directory Path parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_audit_hdfs_spool_dir
Required: true

Suppress Parameter Validation: Ranger Kafka Plugin Audit Solr Spool Directory Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Kafka Plugin Audit Solr Spool Directory Path parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_audit_solr_spool_dir
Required: true

Suppress Parameter Validation: Ranger Kafka Plugin Conf Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Kafka Plugin Conf Path parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kafka_plugin_conf_path
Required: true

Suppress Parameter Validation: Ranger Kafka Plugin Policy Cache Directory Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Kafka Plugin Policy Cache Directory Path parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kafka_plugin_policy_cache_directory
Required: true

Suppress Parameter Validation: Ranger Plugin Trusted Proxy IP Address

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Plugin Trusted Proxy IP Address parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_plugin_trusted_proxy_ipaddress
Required: true

Suppress Parameter Validation: Custom Control Group Resources (overrides Cgroup settings)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Control Group Resources (overrides Cgroup settings) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_rm_custom_resources
Required: true

Suppress Parameter Validation: Role Triggers

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Triggers parameter.
Related Name
Default Value: false
API Name: role_config_suppression_role_triggers
Required: true

Suppress Parameter Validation: Kafka Broker Advanced Configuration Snippet (Safety Valve) for rolling_restart_check_after_start_admin_client_configs.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Advanced Configuration Snippet (Safety Valve) for rolling_restart_check_after_start_admin_client_configs.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_rolling_restart_check_after_start_admin_client_configs.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Kafka Broker Advanced Configuration Snippet (Safety Valve) for rolling_restart_check_before_stop_admin_client_configs.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Advanced Configuration Snippet (Safety Valve) for rolling_restart_check_before_stop_admin_client_configs.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_rolling_restart_check_before_stop_admin_client_configs.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Kafka Broker Advanced Configuration Snippet (Safety Valve) for ssl.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Advanced Configuration Snippet (Safety Valve) for ssl.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Kafka Broker TLS/SSL Trust Store File

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker TLS/SSL Trust Store File parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client_truststore_location
Required: true

Suppress Parameter Validation: Kafka Broker TLS/SSL Trust Store Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker TLS/SSL Trust Store Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client_truststore_password
Required: true

Suppress Parameter Validation: TLS/SSL Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the TLS/SSL Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_port
Required: true

Suppress Parameter Validation: Kafka Broker TLS/SSL Server Keystore Key Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker TLS/SSL Server Keystore Key Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_keypassword
Required: true

Suppress Parameter Validation: Kafka Broker TLS/SSL Server Keystore File Location

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker TLS/SSL Server Keystore File Location parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_location
Required: true

Suppress Parameter Validation: Kafka Broker TLS/SSL Server Keystore File Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker TLS/SSL Server Keystore File Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_password
Required: true

Suppress Parameter Validation: Stacks Collection Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Stacks Collection Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_stacks_collection_directory
Required: true

Suppress Parameter Validation: Kafka Broker Advanced Configuration Snippet (Safety Valve) for zookeeper-ssl.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Broker Advanced Configuration Snippet (Safety Valve) for zookeeper-ssl.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_zookeeper-ssl.properties_role_safety_valve
Required: true

Suppress Health Test: Lagging Replicas Test

Description: Whether to suppress the results of the Lagging Replicas Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka-kafka_broker-7.2.19-lagging_replicas
Required: true

Suppress Health Test: Network Processor Capacity Test

Description: Whether to suppress the results of the Network Processor Capacity Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka-kafka_broker-7.2.19-network_processor_capacity
Required: true

Suppress Health Test: Offline Directory Test

Description: Whether to suppress the results of the Offline Directory Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka-kafka_broker-7.2.19-offline_directories
Required: true

Suppress Health Test: Offline Partitions Test

Description: Whether to suppress the results of the Offline Partitions Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka-kafka_broker-7.2.19-offline_partitions
Required: true

Suppress Health Test: Request Handler Capacity Test

Description: Whether to suppress the results of the Request Handler Capacity Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka-kafka_broker-7.2.19-request_handler_capacity
Required: true

Suppress Health Test: Audit Pipeline Test

Description: Whether to suppress the results of the Audit Pipeline Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_broker_audit_health
Required: true

Suppress Health Test: File Descriptors

Description: Whether to suppress the results of the File Descriptors heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_broker_file_descriptor
Required: true

Suppress Health Test: Host Health

Description: Whether to suppress the results of the Host Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_broker_host_health
Required: true

Suppress Health Test: Log Directory Free Space

Description: Whether to suppress the results of the Log Directory Free Space heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_broker_log_directory_free_space
Required: true

Suppress Health Test: Otelcol Health

Description: Whether to suppress the results of the Otelcol Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_broker_otelcol_health
Required: true

Suppress Health Test: Ranger Plugin Hdfs Spool Directory Size

Description: Whether to suppress the results of the Ranger Plugin Hdfs Spool Directory Size heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_broker_ranger_plugin_hdfs_spool_directory_size_health
Required: true

Suppress Health Test: Ranger Plugin Solr Spool Directory Size

Description: Whether to suppress the results of the Ranger Plugin Solr Spool Directory Size heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_broker_ranger_plugin_solr_spool_directory_size_health
Required: true

Suppress Health Test: Process Status

Description: Whether to suppress the results of the Process Status heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_broker_scm_health
Required: true

Suppress Health Test: Swap Memory Usage

Description: Whether to suppress the results of the Swap Memory Usage heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_broker_swap_memory_usage
Required: true

Suppress Health Test: Swap Memory Usage Rate Beta

Description: Whether to suppress the results of the Swap Memory Usage Rate Beta heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_broker_swap_memory_usage_rate
Required: true

Suppress Health Test: Unexpected Exits

Description: Whether to suppress the results of the Unexpected Exits heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_broker_unexpected_exits
Required: true

Kafka Connect

Advanced

Kafka Connect Advanced Configuration Snippet (Safety Valve) for connect-distributed.properties

Description: For advanced use only. A string to be inserted into connect-distributed.properties for this role only.
Related Name
Default Value
API Name: connect-distributed.properties_role_safety_valve
Required: false

Kafka Connect Environment Advanced Configuration Snippet (Safety Valve)

Description: For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of this role except client configuration.
Related Name
Default Value
API Name: KAFKA_CONNECT_role_env_safety_valve
Required: false

Kafka Connect Logging Advanced Configuration Snippet (Safety Valve)

Description: For advanced use only, a string to be inserted into log4j2.properties for this role only.
Related Name
Default Value
API Name: log4j_safety_valve
Required: false

Enable auto refresh for metric configurations

Description: When true, Enable Metric Collection and Metric Filter parameters will be set automatically if they're changed. Otherwise, a refresh by hand is required.
Related Name
Default Value: false
API Name: metric_config_auto_refresh
Required: false

Heap Dump Directory

Description: Path to directory where heap dumps are generated when java.lang.OutOfMemoryError error is thrown. This directory is automatically created if it does not exist. If this directory already exists, it will be owned by the current role user with 1777 permissions. Sharing the same directory among multiple roles will cause an ownership race. The heap dump files are created with 600 permissions and are owned by the role user. The amount of free space in this directory should be greater than the maximum Java Process heap size configured for this role.
Related Name: oom_heap_dump_dir
Default Value: /tmp
API Name: oom_heap_dump_dir
Required: false

Dump Heap When Out of Memory

Description: When set, generates a heap dump file when when an out-of-memory error occurs.
Related Name
Default Value: false
API Name: oom_heap_dump_enabled
Required: true

Kill When Out of Memory

Description: When set, a SIGKILL signal is sent to the role process when java.lang.OutOfMemoryError is thrown.
Related Name
Default Value: true
API Name: oom_sigkill_enabled
Required: true

Automatically Restart Process

Description: When set, this role's process is automatically (and transparently) restarted in the event of an unexpected failure. This configuration applies in the time after the Start Wait Timeout period.
Related Name
Default Value: false
API Name: process_auto_restart
Required: true

Enable Metric Collection

Description: Cloudera Manager agent monitors each service and each of its role by publishing metrics to the Cloudera Manager Service Monitor. Setting it to false will stop Cloudera Manager agent from publishing any metric for corresponding service/roles. This is usually helpful for services that generate large amount of metrics which Service Monitor is not able to process.
Related Name
Default Value: true
API Name: process_should_monitor
Required: true

Process Start Retry Attempts

Description: Number of times to try starting a role's process when the process exits before the Start Wait Timeout period. After a process is running beyond the Start Wait Timeout, the retry count is reset. Setting this configuration to zero will prevent restart of the process during the Start Wait Timeout period.
Related Name
Default Value: 3
API Name: process_start_retries
Required: false

Process Start Wait Timeout

Description: The time in seconds to wait for a role's process to start successfully on a host. Processes which exit/crash before this time will be restarted until reaching the limit specified by the Start Retry Attempts count parameter. Setting this configuration to zero will turn off this feature.
Related Name
Default Value: 20
API Name: process_start_secs
Required: false

Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-audit.xml

Description: For advanced use only. A string to be inserted into ranger-kafka-connect-audit.xml for this role only.
Related Name
Default Value
API Name: ranger-kafka-connect-audit.xml_role_safety_valve
Required: false

Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-policymgr-ssl.xml

Description: For advanced use only. A string to be inserted into ranger-kafka-connect-policymgr-ssl.xml for this role only.
Related Name
Default Value
API Name: ranger-kafka-connect-policymgr-ssl.xml_role_safety_valve
Required: false

Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-security.xml

Description: For advanced use only. A string to be inserted into ranger-kafka-connect-security.xml for this role only.
Related Name
Default Value
API Name: ranger-kafka-connect-security.xml_role_safety_valve
Required: false

Logs

Kafka Connect Log Directory

Description: The log directory for log files of the role Kafka Connect.
Related Name: kafka_connect.log4j.dir
Default Value: /var/log/kafka
API Name: log_dir
Required: false

Kafka Connect Logging Threshold

Description: The minimum log level for Kafka Connect logs
Related Name
Default Value: INFO
API Name: log_threshold
Required: false

Kafka Connect Maximum Log File Backups

Description: The maximum number of rolled log files to keep for Kafka Connect logs. Typically used by log4j or logback.
Related Name
Default Value: 10
API Name: max_log_backup_index
Required: false

Kafka Connect Max Log Size

Description: The maximum size, in megabytes, per log file for Kafka Connect logs. Typically used by log4j or logback.
Related Name
Default Value: 200 MiB
API Name: max_log_size
Required: false

Monitoring

Enable Health Alerts for this Role

Description: When set, Cloudera Manager will send alerts when the health of this role reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold
Related Name
Default Value: true
API Name: enable_alerts
Required: false

Enable Configuration Change Alerts

Description: When set, Cloudera Manager will send alerts when this entity's configuration changes.
Related Name
Default Value: false
API Name: enable_config_alerts
Required: false

Enable JMX Exporter (beta)

Description: JMX Exporter support is a beta feature. If enabled, CM configures the role to run JMX Exporter in agent mode with the provided port and YAML configuration. This exporter then can be used with the OpenTelemetry Collector feature. See the JMX Exporter documentation.
Related Name
Default Value: true
API Name: jmx_exporter_enabled
Required: true

JMX Exporter configuration YAML

Description: This configuration is passed to JMX Exporter as it is. See the JMX Exporter documentation.
Related Name
Default Value
API Name: jmx_exporter_yaml
Required: false

File Descriptor Monitoring Thresholds

Description: The health test thresholds of the number of file descriptors used. Specified as a percentage of file descriptor limit.
Related Name
Default Value: Warning: 50.0 %, Critical: 70.0 %
API Name: kafka_connect_fd_thresholds
Required: false

Kafka Connect Host Health Test

Description: When computing the overall Kafka Connect health, consider the host's health.
Related Name
Default Value: true
API Name: kafka_connect_host_health_enabled
Required: false

Kafka Connect Process Health Test

Description: Enables the health test that the Kafka Connect's process state is consistent with the role configuration
Related Name
Default Value: true
API Name: kafka_connect_scm_health_enabled
Required: false

Log Directory Free Space Monitoring Absolute Thresholds

Description: The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory.
Related Name
Default Value: Warning: 10 GiB, Critical: 5 GiB
API Name: log_directory_free_space_absolute_thresholds
Required: false

Log Directory Free Space Monitoring Percentage Thresholds

Description: The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory. Specified as a percentage of the capacity on that filesystem. This setting is not used if a Log Directory Free Space Monitoring Absolute Thresholds setting is configured.
Related Name
Default Value: Warning: Never, Critical: Never
API Name: log_directory_free_space_percentage_thresholds
Required: false

Metric Filter

Description

Defines a Metric Filter for this role. Cloudera Manager Agents will not send filtered metrics to the Service Monitor. Define the following fields:

Health Test Metric Set - Select this parameter to collect only metrics required for health tests.
Default Dashboard Metric Set - Select this parameter to collect only metrics required for the default dashboards. For user-defined charts, you must add the metrics you require for the chart using the Custom Metrics parameter.
Include/Exclude Custom Metrics - Select Include to specify metrics that should be collected. Select Exclude to specify metrics that should not be collected. Enter the metric names to be included or excluded using the Metric Name parameter.
Metric Name - The name of a metric that will be included or excluded during metric collection.

Include only Health Test Metric Set: Selected.
Include/Exclude Custom Metrics: Set to Include.
Metric Name: jvm_heap_used_mb

You can also view the JSON representation for this parameter by clicking View as JSON. In this example, the JSON looks like this:

{
  "includeHealthTestMetricSet": true, 
  "filterType": "whitelist",
  "metrics": ["jvm_heap_used_mb"]
}

Related Name

Default Value

API Name

monitoring_metric_filter

Required

false

OpenTelemetry Collector Exporters Section

Description: Define the exporters settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value: exporters: prometheusremotewrite/$ROLE_NAME: endpoint: $ROLE_PARAM(otelcol_remote_write_url) auth: authenticator: basicauth/$ROLE_NAME tls: insecure_skip_verify: true retry_on_failure: enabled: true initial_interval: 10s max_interval: 40s max_elapsed_time: 300s
API Name: otelcol_exporters
Required: false

OpenTelemetry Collector Extensions Section

Description: Define the extensions settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value: extensions: basicauth/$ROLE_NAME: client_auth: username: $ROLE_PARAM(otelcol_remote_write_user) password: '$ROLE_PARAM(otelcol_remote_write_password)'
API Name: otelcol_extensions
Required: false

OpenTelemetry Collector Helper Port

Description: This port can be used for JMX Exporter to implement a Prometheus exporter or for other OpenTelemetry Collector related purposes
Related Name
Default Value
API Name: otelcol_helper_port
Required: false

OpenTelemetry Collector Processors Section

Description: Define the processors settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_processors
Required: false

OpenTelemetry Collector Receivers Section

Description: Define the receivers settings as a yaml snippet according to the OpenTelemetry Collector standards. A number of variables can help to use the same config everywhere. The follow strings or expressions will be substituted: $HOST_NAME, $CLUSTER_NAME, $CLUSTER_ID, $SERVICE_TYPE, $SERVICE_NAME, $ROLE_NAME, $ROLE_TYPE, $ROLE_PARAM(my_parameter_name) - e.g.: a port parameter for the role's metrics, $DECODE_B64(...) and $DECODE_URL(...) to decode encoded parameters, $ENV_PARAM(name) to fetch params from the process' environment, $SYS_PARAM(name) to fetch java system properties.
Related Name
Default Value
API Name: otelcol_receivers
Required: false

OpenTelemetry Collector Remote Write Password

Description: Remote write password for the OpenTelemetry Collector. This param is for convenience and intended to be used at the extensions section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_password) expression. Specify $INFRA(cdp_request_signer_password) when forwarding to Cloudera Observability central monitoring. (This is the default.)
Related Name
Default Value: ******
API Name: otelcol_remote_write_password
Required: false

OpenTelemetry Collector Remote Write URL

Description: Remote write URL for the OpenTelemetry Collector. This param is for convenience and intended to be used at the exporters section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_url) expression. Specify $INFRA(cdp_request_signer_url) when forwarding to Cloudera Observability central monitoring.
Related Name
Default Value: $INFRA(cdp_request_signer_url)
API Name: otelcol_remote_write_url
Required: false

OpenTelemetry Collector Remote Write Username

Description: Remote write username for the OpenTelemetry Collector. This param is for convenience and intended to be used at the extensions section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_user) expression. Specify $INFRA(cdp_request_signer_username) when forwarding to Cloudera Observability central monitoring.
Related Name
Default Value: $INFRA(cdp_request_signer_username)
API Name: otelcol_remote_write_user
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section

Description: Define the exporters settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_exporters
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section

Description: Define the extensions settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_extensions
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section

Description: Define the processors settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_processors
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section

Description: Define the receivers settings as a yaml snippet according to the OpenTelemetry Collector standards. A number of variables can help to use the same config everywhere. The follow strings or expressions will be substituted: $HOST_NAME, $CLUSTER_NAME, $CLUSTER_ID, $SERVICE_TYPE, $SERVICE_NAME, $ROLE_NAME, $ROLE_TYPE, $ROLE_PARAM(my_parameter_name) - e.g.: a port parameter for the role's metrics, $DECODE_B64(...) and $DECODE_URL(...) to decode encoded parameters, $ENV_PARAM(name) to fetch params from the process' environment, $SYS_PARAM(name) to fetch java system properties.
Related Name
Default Value
API Name: otelcol_rtm_logs_receivers
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section

Description: Define the service settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_service
Required: false

OpenTelemetry Collector Service Section

Description: Define the service settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_service
Required: false

Enable OpenTelemetry Collector (beta)

Description: OpenTelemetry Collector support is a new beta feature (will change without notice) which can run OpenTelemetry Collector as an agent together with the CM Agent to forward metrics to a Prometheus like storage.
Related Name
Default Value: false
API Name: otelcol_should_collect
Required: true

Enable Real-Time Monitoring for Jobs / Queries with OpenTelemetry

Description: This enables OpenTelemetry Collector as an agent together with the CM Agent to forward real-time monitoring data about jobs / queries to Observability backend. The configuration of the subsections shouldn't be modified manually.
Related Name
Default Value: false
API Name: otelcol_should_collect_rtm_logs
Required: true

Swap Memory Usage Rate Thresholds

Description: The health test thresholds on the swap memory usage rate of the process. Specified as the change of the used swap memory during the predefined period.
Related Name
Default Value: Warning: Never, Critical: Never
API Name: process_swap_memory_rate_thresholds
Required: false

Swap Memory Usage Rate Window

Description: The period to review when computing unexpected swap memory usage change of the process.
Related Name: common.process.swap_memory_rate_window
Default Value: 5 minute(s)
API Name: process_swap_memory_rate_window
Required: false

Process Swap Memory Thresholds

Description: The health test thresholds on the swap memory usage of the process. This takes precedence over the host level threshold.
Related Name
Default Value: Warning: 200 B, Critical: Never
API Name: process_swap_memory_thresholds
Required: false

Role Triggers

Description

triggerName (mandatory) - The name of the trigger. This value must be unique for the specific role.
triggerExpression (mandatory) - A tsquery expression representing the trigger.
streamThreshold (optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire.
enabled (optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.
expressionEditorConfig (optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger configured for a DataNode fires if the DataNode has more than 1500 file descriptors opened:

[{"triggerName": "sample-trigger",
  "triggerExpression": "IF (SELECT fd_open WHERE roleName=$ROLENAME and last(fd_open) > 1500) DO health:bad",
  "streamThreshold": 0, "enabled": "true"}]

Related Name

Default Value

[]

API Name

role_triggers

Required

true

Unexpected Exits Thresholds

Description: The health test thresholds for unexpected exits encountered within a recent period specified by the unexpected_exits_window configuration for the role.
Related Name
Default Value: Warning: Never, Critical: Any
API Name: unexpected_exits_thresholds
Required: false

Unexpected Exits Monitoring Period

Description: The period to review when computing unexpected exits.
Related Name
Default Value: 5 minute(s)
API Name: unexpected_exits_window
Required: false

Other

Bootstrap Servers

Description: A comma-separated list of IP:port or hostname:port pairs of the brokers that Kafka Connect should connect to. If this config is left empty, Kafka Connect will connect to co-located Kafka Brokers.
Related Name: bootstrap.servers
Default Value
API Name: bootstrap.servers
Required: false

Configuration Storage Topic Replication Factor

Description: Replication factor used when creating the configuration storage topic.
Related Name: config.storage.replication.factor
Default Value: 3
API Name: config.storage.replication.factor
Required: true

Configuration Storage Topic Name

Description: The name of the Kafka topic which stores connector and task configurations.
Related Name: config.storage.topic
Default Value: connect-configs
API Name: config.storage.topic
Required: true

Retry Interval For Kafka Connect Rolling Restart Check

Description: Specifies the interval (in seconds) at which the Kafka Connect Rolling Restart Check tests the Kafka Connect instance's availability.
Related Name: connect_rolling_restart_check_retry_interval_sec
Default Value: 5 second(s)
API Name: connect_rolling_restart_check_retry_interval_sec
Required: false

Maximum Allowed Runtime For Kafka Connect Rolling Restart Check

Description: Specifies the maximum amount of time (in seconds) that a Kafka Connect Rolling Restart Check can take.
Related Name: connect_rolling_restart_check_time_limit_sec
Default Value: 2 minute(s)
API Name: connect_rolling_restart_check_time_limit_sec
Required: false

Connector Kafka Client Configuration Override Policy

Description: The class name or alias of the ConnectorClientConfigOverridePolicy implementation. Defines what client configurations can be overridden by the connector. The default implementation is `None`. The other possible policies in the framework include `All` and `Principal`. 'None' forbids any kind of overrides for the Connect-managed consumers, producers or admins, 'Principal' allows overriding the sasl configurations, 'All' allows overriding any configurations. After changing this property, existing Connectors that violate the new policy will fail to start.
Related Name: connector.client.config.override.policy
Default Value: None
API Name: connector.client.config.override.policy
Required: false

Kafka Connect Diagnostics Collection Timeout

Description: The timeout in milliseconds to wait for diagnostics collection to complete.
Related Name
Default Value: 5 minute(s)
API Name: csd_role_diagnostics_timeout
Required: false

JDBC Driver Jars Path For Debezium

Description: Path to directory containing JDBC driver jars for Debezium connectors (required jar names: mysql-connector-java.jar, postgresql-connector-java.jar, oracle-connector-java.jar, xstreams.jar, mssql-connector-java.jar, db2-connector-java.jar).
Related Name: debezium.jdbc.jars.path
Default Value: /var/lib/kafka_connect_jdbc
API Name: debezium.jdbc.jars.path
Required: false

Non-Modifiable directory of Kafka Connect

Description: Do not modify the default value: /etc/kafka_connect_ext
Related Name: etc.kafka_connect_ext.dir
Default Value: /etc/kafka_connect_ext
API Name: etc.kafka_connect_ext.dir
Required: false

Exactly-once support for source connectors in the cluster

Description: Whether to enable exactly-once support for source connectors in the cluster by writing source records and their offsets in a Kafka transaction, and by proactively fencing out old task generations before bringing up new ones. Permitted values are 'disabled', 'preparing', and 'enabled'. In order to safely enable exactly-once support for source connectors, all workers in the cluster must first be updated to use the 'preparing' value for this property. Once this has been done, a second update of all of the workers in the cluster should be performed to change the value of this property to 'enabled'. Note that some source connectors may still not be able to provide exactly-once delivery guarantees even with this support enabled.
Related Name: exactly.once.source.support
Default Value: disabled
API Name: exactly.once.source.support
Required: false

Cluster Group Id

Description: A unique name used to identify the Connect cluster group. The name specified here cannot conflict with consumer group IDs.
Related Name: group.id
Default Value: connect-cluster
API Name: group.id
Required: true

Include Connector Context In Logs

Description: If this is enabled, the log layout includes connector-specific and task-specific information in the log message, where appropriate. This makes it easier to identify those log messages that apply to a specific connector.
Related Name: include.connector.context
Default Value: true
API Name: include.connector.context
Required: false

List Of Allowed Nexus Repository Urls

Description: Defines a list of allowed nexus repository urls for Stateless Nifi connectors. The nexus.url set for the connector will be validated against this list.
Related Name: kafka.connect.allowed.nexus.urls
Default Value
API Name: kafka.connect.allowed.nexus.urls
Required: false

Require Connectors To Override Kafka Client JAAS Configuration

Description: Specifies whether Connector configurations should override the sasl.jaas.config property of the Kafka clients used by the Connector. If set to true, Connector configurations must override the client's sasl.jaas.config property. The override must also not match the Kerberos credentials of the Connect Worker. Additionally, if set to true, a 'UnionComposite' policy is installed under the 'connector.client.config.override.policy' configuration. If the existing policy configuration is 'None', it is upgraded to 'Principal'. Otherwise, the existing policy is also applied by the composite policy. After enabling this property, existing Connectors that violate the new policy will fail to start. Enabling this property will only take effect in secured clusters. Enabling this property will randomize the keytab file name and will make all ${cm-agent:keytab} references in the Connector configurations invalid. Enabling this policy will omit the producer.sasl.* and consumer.sasl.* prefixed authentication configs.
Related Name: kafka.connect.jaas.policy.restrict.connector.jaas
Default Value: true
API Name: kafka.connect.jaas.policy.restrict.connector.jaas
Required: false

Java Home Path Override

Description: Java Home Path Override for Kafka Connect.
Related Name: kafka.connect.jdk.home
Default Value
API Name: kafka.connect.jdk.home
Required: false

Enable Kafka Connect Secrets Storage

Description: Enables the Kafka Connect Secrets Storage feature. If this property is enabled, Kafka Connect Connector configurations will be able to store and reference sensitive information (secrets) in a secure manner.
Related Name: kafka.connect.secret.enabled
Default Value: true
API Name: kafka.connect.secret.enabled
Required: false

Kafka Connect Secrets Storage Global Key Local Location

Description: The local path where the global key is saved.
Related Name: kafka.connect.secret.global.key.location
Default Value: /var/local/kafka-connect/global-keys
API Name: kafka.connect.secret.global.key.location
Required: false

Kafka Connect Secrets Storage Global Password

Description: The global password for the Kafka Connect secrets storage. The default password is randomly generated. The password can be changed at any time to re-wrap the encryption key with the new global key.
Related Name: kafka.connect.secret.global.password
Default Value: ******
API Name: kafka.connect.secret.global.password
Required: false

Kafka Connect Secrets Storage PBE Salt

Description: The salt value used during password based global key derivation. The default salt value is randomly generated. The salt can be changed at any time to re-wrap the encryption key with the new global key. Must be at least 20 characters long.
Related Name: kafka.connect.secret.pbe.salt
Default Value: SECRET_STORAGE_DEFAULT_PBE_SALT
API Name: kafka.connect.secret.pbe.salt
Required: false

Kafka Connect Secrets Storage Topic Name

Description: The name of the Kafka topic that the Kafka Connect Secrets Storage feature uses to store sensitive information (secrets). Changing the topic after the feature has been set up and enabled results in a creation of new topic which is empty. Existing secrets are not automatically migrated to the new topic.
Related Name: kafka.connect.secret.storage.topic
Default Value: connect-secrets
API Name: kafka.connect.secret.storage.topic
Required: false

Kafka Connect Secrets Storage Topic Minimum In-Sync Replicas

Description: The minimum in-sync replicas (ISR) of the topic specified in the 'Kafka Connect Secrets Storage Topic Name' property. Cloudera recommends that you set this property to 'replication factor divided by 2 (rounded down to the nearest whole number) + 1'. For example, if the replication factor of the secrets storage topic is 7, the recommended minimum ISR is 4. This configuration is applied when the topic is created. The topic configuration is not updated if you change this value after the topic was created.
Related Name: kafka.connect.secret.storage.topic.configs.min.insync.replicas
Default Value: 2
API Name: kafka.connect.secret.storage.topic.configs.min.insync.replicas
Required: false

Kafka Connect Secrets Storage Topic Replication Factor

Description: The replication factor of the topic specified in the 'Kafka Connect Secrets Storage Topic Name' property. This configuration is applied when the topic is created. The topic configuration is not updated if you change this value after the topic was created.
Related Name: kafka.connect.secret.storage.topic.replication.factor
Default Value: 3
API Name: kafka.connect.secret.storage.topic.replication.factor
Required: false

Enable SPNEGO Authentication For Kafka Connect

Description: If this is enabled, Kafka Connect Rest Server will use SPNEGO to authenticate clients. This requires Kerberos to be enabled.
Related Name: kafka.connect.spnego.enabled
Default Value: true
API Name: kafka.connect.spnego.enabled
Required: false

Kafka Connect SPNEGO Auth To Local Rules

Description: SPNEGO name rules for Kafka Connect to transform full Kerberos principal names to usernames. If left empty, the cluster wide rules will be applied.
Related Name: kafka.connect.spnego.kerberos.principal.to.local.rules
Default Value
API Name: kafka.connect.spnego.kerberos.principal.to.local.rules
Required: false

List Of Trusted Proxy Services

Description: Defines a list of trusted proxy services for Kafka Connect SPNEGO authentication. These services are identified by their kerberos short principal name. If left empty, the Knox and the Streams Messaging Manager principal will be automatically added.
Related Name: kafka.connect.spnego.trusted.proxies
Default Value
API Name: kafka.connect.spnego.trusted.proxies
Required: false

Kafka Connect Heap Java Options

Description: Memory heap params while using Kafka Connect.
Related Name: KAFKA_HEAP_OPTS
Default Value: -Xms256M -Xmx2G
API Name: KAFKA_HEAP_OPTS
Required: false

Key Converter

Description: The key converter class used to convert between the Kafka Connect format and the serialized form that is written to Kafka. The key converter controls the format of the keys in the messages written to or read from Kafka. Since the key converter is independent of the connectors, it allows any connector to work with any serialization format. Examples of common formats include JSON and Avro.
Related Name: key.converter
Default Value: org.apache.kafka.connect.json.JsonConverter
API Name: key.converter
Required: true

Enable Key Converter Schema

Description: Enables the key converter to include schemas within each of the serialized keys.
Related Name: key.converter.schemas.enable
Default Value: true
API Name: key.converter.schemas.enable
Required: true

Jetty Metrics Password

Description: Password used for the authentication on HTTP(S) metrics reporter endpoint.
Related Name: metrics.jetty.server.auth.password
Default Value
API Name: metrics.jetty.server.auth.password
Required: false

Jetty Metrics User Name

Description: User name used for the authentication on HTTP(S) metrics reporter endpoint.
Related Name: metrics.jetty.server.auth.username
Default Value
API Name: metrics.jetty.server.auth.username
Required: false

Enable Basic Authentication for Metrics Reporter

Description: Enable HTTP basic authentication for Kafka Connect's metrics reporter HTTP(S) endpoint.
Related Name: metrics.jetty.server.authentication.enabled
Default Value: false
API Name: metrics.jetty.server.authentication.enabled
Required: false

Offset Flush Interval

Description: The interval, in milliseconds, at which Kafka Connect attempts to commit task offsets.
Related Name: offset.flush.interval.ms
Default Value: 1 minute(s)
API Name: offset.flush.interval.ms
Required: true

Offset Storage Topic Replication Factor

Description: Replication factor used when creating the offset storage topic.
Related Name: offset.storage.replication.factor
Default Value: 3
API Name: offset.storage.replication.factor
Required: true

Offset Storage Topic Name

Description: The name of the Kafka topic which stores connector offsets. If this topic does not exist, Kafka Connect will attempt to create it. Alternatively, you can also choose to create the topic manually before starting Kafka Connect.
Related Name: offset.storage.topic
Default Value: connect-offsets
API Name: offset.storage.topic
Required: true

Plugin Path

Description: Path to directories immediately containing jars with plugins and their dependencies, uber-jars with plugins and their dependencies and classes of plugins and their dependencies.
Related Name: plugin.path
Default Value: /var/lib/kafka
API Name: plugin.path
Required: false

Ranger Kafka Connect Plugin Hdfs Audit Directory

Description: The DFS path on which Ranger audits are written.
Related Name: ranger_kafka_connect_plugin_hdfs_audit_directory
Default Value: $ranger_base_audit_url/kafka
API Name: ranger_kafka_connect_plugin_hdfs_audit_directory
Required: false

Ranger Kafka Connect Plugin Audit Hdfs Spool Directory Path

Description: Spool directory for Ranger audits being written to DFS.
Related Name: xasecure.audit.destination.hdfs.batch.filespool.dir
Default Value: /var/log/kafka/audit/hdfs/spool
API Name: ranger_kafka_connect_plugin_hdfs_audit_spool_directory
Required: true

Ranger Kafka Connect Plugin Audit Solr Spool Directory Path

Description: Spool directory for Ranger audits being written to Solr.
Related Name: xasecure.audit.destination.solr.batch.filespool.dir
Default Value: /var/log/kafka/audit/solr/spool
API Name: ranger_kafka_connect_plugin_solr_audit_spool_directory
Required: true

Ranger Kafka Plugin Policy Cache Directory Path

Description: The directory where Ranger security policies are cached locally.
Related Name: ranger.plugin.kafka-connect.policy.cache.dir
Default Value: /var/lib/ranger/kafka-connect/policy-cache
API Name: ranger_plugin_kafka_connect_policy_cache_directory
Required: true

Ranger Kafka Connect Plugin Policy Rest Client Max Retry Attempts

Description: Kafka Connect Ranger Plugin Rest client max retry attempts count.
Related Name: ranger.plugin.kafka-connect.policy.rest.client.max.retry.attempts
Default Value: 12
API Name: ranger_plugin_kafka_connect_policy_rest_client_max_retry_attempts
Required: false

Ranger Kafka Connect Plugin Policy Rest Client Retry Interval Ms

Description: Kafka Connect Ranger Plugin Rest client retry wait interval in milliseconds.
Related Name: ranger.plugin.kafka-connect.policy.rest.client.retry.interval.ms
Default Value: 10 second(s)
API Name: ranger_plugin_kafka_connect_policy_rest_client_retry_interval_ms
Required: false

'Ranger service' name for the Kafka Connect service

Description: Name of the 'Ranger service', that is used for authorization by this Kafka Connect service. If this parameter is set to the placeholder value '{{GENERATED_RANGER_SERVICE_NAME}}', a generated service name will be used, and if necessary, created. The generated service name will refer to the name of the cluster and the name of this Kafka Connect service. The name can consist of alphanumeric and '_' characters.
Related Name: ranger.plugin.kafka-connect.service.name
Default Value: cm_kafka_connect
API Name: ranger_plugin_kafka_connect_service_name
Required: false

Ranger Plugin Trusted Proxy IP Address

Description: Accepts a list of IP addresses of proxy servers for trusting.
Related Name: ranger.plugin.kafka-connect.trusted.proxy.ipaddress
Default Value
API Name: ranger_plugin_kafka_connect_trusted_proxy_ipaddress
Required: false

Ranger Plugin Use X-Forwarded For IP Address

Description: The parameter is used for identifying the originating IP address of a user connecting to a component through proxy for audit logs.
Related Name: ranger.plugin.kafka-connect.use.x-forwarded-for.ipaddress
Default Value: false
API Name: ranger_plugin_kafka_connect_use_x_forwarded_for_ipaddress
Required: false

Rest Extension Classes

Description: Comma-separated names of ConnectRestExtension classes, loaded and called in the order specified. Typically used to add custom capability like logging, security, etc.
Related Name: rest.extension.classes
Default Value: com.cloudera.dim.kafka.metrics.JmxJsonMetricsRestExtension
API Name: rest.extension.classes
Required: true

Kafka Connect Rest Port

Description: The port that the REST API listens on for connection requests. This port is used by Kafka Connect if TLS/SSL is disabled.
Related Name: rest.port
Default Value: 28083
API Name: rest.port
Required: true

Secure Kafka Connect Rest Port

Description: The secure port that the REST API listens on for connection requests. This port is used by Kafka Connect if TLS/SSL is enabled.
Related Name: secure.rest.port
Default Value: 28085
API Name: secure.rest.port
Required: true

SSL Client Authentication

Description: Client authentication mode for SSL connections. If set to "required", client authentication is required. If set to "requested", client authentication is requested and clients without certificates can still connect. If set to "none", which is the default value, no client authentication is required.
Related Name: ssl.client.auth
Default Value: none
API Name: ssl.client.auth
Required: false

Status Storage Topic Replication Factor

Description: Replication factor used when creating the offset storage topic.
Related Name: status.storage.replication.factor
Default Value: 3
API Name: status.storage.replication.factor
Required: true

Status Storage Topic Name

Description: The name of the Kafka topic which stores connector and task status.
Related Name: status.storage.topic
Default Value: connect-status
API Name: status.storage.topic
Required: true

Add Use Subject Credentials Only JVM Option With True Value

Description: Enable -Djavax.security.auth.useSubjectCredsOnly=true JVM flag or leave it as cluster default (in this case, the flag will be not added to the JVM options).
Related Name: use.subject.creds.only
Default Value: true
API Name: use.subject.creds.only
Required: false

Value Converter

Description: The value converter class used to convert between the Kafka Connect format and the serialized form that is written to Kafka. The value converter controls the format of the values in the messages written to or read from Kafka. Since the value converter is independent of the connectors, it allows any connector to work with any serialization format. Examples of common formats include JSON and Avro.
Related Name: value.converter
Default Value: org.apache.kafka.connect.json.JsonConverter
API Name: value.converter
Required: true

Enable Value Converter Schema

Description: Enables the value converter to include schemas within each of the serialized values.
Related Name: value.converter.schemas.enable
Default Value: true
API Name: value.converter.schemas.enable
Required: true

Performance

Maximum Process File Descriptors

Description: If configured, overrides the process soft and hard rlimits (also called ulimits) for file descriptors to the configured value.
Related Name
Default Value
API Name: rlimit_fds
Required: false

Ports and Addresses

Jetty Metrics Port

Description: Jetty Metrics port to expose JMX Json.
Related Name: metrics.jetty.server.port
Default Value: 28084
API Name: metrics.jetty.server.port
Required: true

Secure Jetty Metrics Port

Description: Secure Jetty Metrics port to expose JMX Json.
Related Name: metrics.jetty.server.secureport
Default Value: 28087
API Name: metrics.jetty.server.secureport
Required: true

Resource Management

Cgroup V1 BLKIO Weight

Description: Weight for the read I/O requests issued by this role, enforced by the Linux kernel under cgroup v1. The greater the weight, the higher the priority of the requests when the host experiences I/O contention. Must be between 100 and 1000. Defaults to 1000 for processes not managed by Cloudera Manager.
Related Name: blkio.weight
Default Value: 500
API Name: rm_blkio_weight
Required: true

Cgroup V1 CPU Shares

Description: Number of CPU shares to assign to this role, enforced by the Linux kernel under cgroup v1. The greater the number of shares, the larger the share of the host's CPUs that will be given to this role when the host experiences CPU contention. Must be between 2 and 262144. Defaults to 1024 for processes not managed by Cloudera Manager.
Related Name: cpu.shares
Default Value: 1024
API Name: rm_cpu_shares
Required: true

Cgroup V2 CPU Weight

Description: Weight of CPU resources to assign to this role, enforced by the Linux kernel under cgroup v2. The greater the weight, the larger the share of the host's CPUs that will be given to this role when the host experiences CPU contention. Must be between 1 and 10000. Defaults to 100.
Related Name: cpu.weight
Default Value: 100
API Name: rm_cpu_weight
Required: true

Custom Control Group Resources (overrides Cgroup settings)

Description: Custom control group resources to assign to this role, which will be enforced by the Linux kernel. These resources should exist on the target hosts, otherwise an error will occur when the process starts. Use the same format as used for arguments to the cgexec command: resource1,resource2:path1 or resource3:path2 For example: 'cpu,memory:my/path blkio:my2/path2' ***These settings override other cgroup settings.***
Related Name: custom.cgroups
Default Value
API Name: rm_custom_resources
Required: false

Cgroup V2 I/O Weight

Description: Weight for the I/O requests issued by this role, enforced by the Linux kernel under cgroup v2. The greater the weight, the higher the priority of the requests when the host experiences I/O contention. Must be between 1 and 10000. Defaults to 100.
Related Name: io.weight
Default Value: 100
API Name: rm_io_weight
Required: true

Cgroup V1 Memory Hard Limit

Description: Hard memory limit to assign to this role, enforced by the Linux kernel under cgroup v1. When the limit is reached, the kernel will reclaim pages charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'
Related Name: memory.limit_in_bytes
Default Value: -1 MiB
API Name: rm_memory_hard_limit_v1
Required: true

Cgroup V2 Memory Hard Limit

Description: Hard memory limit to assign to this role, enforced by the Linux kernel under cgroup v2. When the limit is reached, the kernel will reclaim pages charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous and page cache pages contribute to the limit. Use a value of 'max' to specify no limit. By default, processes not managed by Cloudera Manager will have no limit. If the value is 'max', Cloudera Manager will not monitor Cgroup memory usage, and some charts will show 'No Data'.
Related Name: memory.max
Default Value: -1 MiB
API Name: rm_memory_hard_limit_v2
Required: true

Cgroup V1 Memory Soft Limit

Description: Soft memory limit to assign to this role, enforced by the Linux kernel under cgroup v1. When the limit is reached, the kernel will reclaim pages charged to the process if and only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'
Related Name: memory.soft_limit_in_bytes
Default Value: -1 MiB
API Name: rm_memory_soft_limit_v1
Required: true

Cgroup V2 Memory Soft Limit

Description: Soft memory limit to assign to this role, enforced by the Linux kernel under cgroup v2. When the limit is reached, the kernel will reclaim pages charged to the process only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous and page cache pages contribute to the limit. Use a value of 'max' to specify no limit. By default, processes not managed by Cloudera Manager will have no limit. If the value is 'max', Cloudera Manager will not monitor Cgroup memory usage, and some charts will show 'No Data'.
Related Name: memory.high
Default Value: -1 MiB
API Name: rm_memory_soft_limit_v2
Required: true

Security

Kafka Connect TLS/SSL Trust Store File

Description: The location on disk of the trust store, in .jks format, used to confirm the authenticity of TLS/SSL servers that Kafka Connect might connect to. This trust store must contain the certificate(s) used to sign the service(s) connected to. If this parameter is not provided, the default list of well-known certificate authorities is used instead.
Related Name: ssl.truststore.location
Default Value
API Name: ssl_client_truststore_location
Required: false

Kafka Connect TLS/SSL Trust Store Password

Description: The password for the Kafka Connect TLS/SSL Trust Store File. This password is not required to access the trust store; this field can be left blank. This password provides optional integrity checking of the file. The contents of trust stores are certificates, and certificates are public information.
Related Name: ssl.truststore.password.generator
Default Value
API Name: ssl_client_truststore_password
Required: false

Enable TLS/SSL for Kafka Connect

Description: Encrypt communication between clients and Kafka Connect using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)).
Related Name: ssl_enabled
Default Value: false
API Name: ssl_enabled
Required: false

Kafka Connect TLS/SSL Server Keystore Key Password

Description: The password that protects the private key contained in the keystore used when Kafka Connect is acting as a TLS/SSL server.
Related Name: ssl.key.password.generator
Default Value
API Name: ssl_server_keystore_keypassword
Required: false

Kafka Connect TLS/SSL Server Keystore File Location

Description: The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when Kafka Connect is acting as a TLS/SSL server. The keystore must be in the format specified in Administration > Settings > Java Keystore Type.
Related Name: ssl.keystore.location
Default Value
API Name: ssl_server_keystore_location
Required: false

Kafka Connect TLS/SSL Server Keystore File Password

Description: The password for the Kafka Connect keystore file.
Related Name: ssl.keystore.password.generator
Default Value
API Name: ssl_server_keystore_password
Required: false

Stacks Collection

Stacks Collection Data Retention

Description: The amount of stacks data that is retained. After the retention limit is reached, the oldest data is deleted.
Related Name: stacks_collection_data_retention
Default Value: 100 MiB
API Name: stacks_collection_data_retention
Required: false

Stacks Collection Directory

Description: The directory in which stacks logs are placed. If not set, stacks are logged into a stacks subdirectory of the role's log directory. If this directory already exists, it will be owned by the current role user with 755 permissions. Sharing the same directory among multiple roles will cause an ownership race.
Related Name: stacks_collection_directory
Default Value
API Name: stacks_collection_directory
Required: false

Stacks Collection Enabled

Description: Whether or not periodic stacks collection is enabled.
Related Name: stacks_collection_enabled
Default Value: false
API Name: stacks_collection_enabled
Required: true

Stacks Collection Frequency

Description: The frequency with which stacks are collected.
Related Name: stacks_collection_frequency
Default Value: 5.0 second(s)
API Name: stacks_collection_frequency
Required: false

Stacks Collection Method

Description: The method used to collect stacks. The jstack option involves periodically running the jstack command against the role's daemon process. The servlet method is available for those roles that have an HTTP server endpoint exposing the current stacks traces of all threads. When the servlet method is selected, that HTTP endpoint is periodically scraped.
Related Name: stacks_collection_method
Default Value: jstack
API Name: stacks_collection_method
Required: false

Suppressions

Suppress Parameter Validation: Bootstrap Servers

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Bootstrap Servers parameter.
Related Name
Default Value: false
API Name: role_config_suppression_bootstrap.servers
Required: true

Suppress Configuration Validator: CDH Version Validator

Description: Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_cdh_version_validator
Required: true

Suppress Parameter Validation: Configuration Storage Topic Replication Factor

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Configuration Storage Topic Replication Factor parameter.
Related Name
Default Value: false
API Name: role_config_suppression_config.storage.replication.factor
Required: true

Suppress Parameter Validation: Configuration Storage Topic Name

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Configuration Storage Topic Name parameter.
Related Name
Default Value: false
API Name: role_config_suppression_config.storage.topic
Required: true

Suppress Parameter Validation: Kafka Connect Advanced Configuration Snippet (Safety Valve) for connect-distributed.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Advanced Configuration Snippet (Safety Valve) for connect-distributed.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_connect-distributed.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Connector Kafka Client Configuration Override Policy

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Connector Kafka Client Configuration Override Policy parameter.
Related Name
Default Value: false
API Name: role_config_suppression_connector.client.config.override.policy
Required: true

Suppress Parameter Validation: JDBC Driver Jars Path For Debezium

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JDBC Driver Jars Path For Debezium parameter.
Related Name
Default Value: false
API Name: role_config_suppression_debezium.jdbc.jars.path
Required: true

Suppress Parameter Validation: Non-Modifiable directory of Kafka Connect

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Non-Modifiable directory of Kafka Connect parameter.
Related Name
Default Value: false
API Name: role_config_suppression_etc.kafka_connect_ext.dir
Required: true

Suppress Parameter Validation: Cluster Group Id

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Cluster Group Id parameter.
Related Name
Default Value: false
API Name: role_config_suppression_group.id
Required: true

Suppress Parameter Validation: JMX Exporter configuration YAML

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JMX Exporter configuration YAML parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx_exporter_yaml
Required: true

Suppress Parameter Validation: List Of Allowed Nexus Repository Urls

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the List Of Allowed Nexus Repository Urls parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.allowed.nexus.urls
Required: true

Suppress Parameter Validation: Java Home Path Override

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Java Home Path Override parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.jdk.home
Required: true

Suppress Parameter Validation: Kafka Connect Secrets Storage Global Key Local Location

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Secrets Storage Global Key Local Location parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.secret.global.key.location
Required: true

Suppress Parameter Validation: Kafka Connect Secrets Storage Global Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Secrets Storage Global Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.secret.global.password
Required: true

Suppress Parameter Validation: Kafka Connect Secrets Storage PBE Salt

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Secrets Storage PBE Salt parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.secret.pbe.salt
Required: true

Suppress Parameter Validation: Kafka Connect Secrets Storage Topic Name

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Secrets Storage Topic Name parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.secret.storage.topic
Required: true

Suppress Parameter Validation: Kafka Connect SPNEGO Auth To Local Rules

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect SPNEGO Auth To Local Rules parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.spnego.kerberos.principal.to.local.rules
Required: true

Suppress Parameter Validation: List Of Trusted Proxy Services

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the List Of Trusted Proxy Services parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.spnego.trusted.proxies
Required: true

Suppress Parameter Validation: Kafka Connect Environment Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Environment Advanced Configuration Snippet (Safety Valve) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_connect_role_env_safety_valve
Required: true

Suppress Parameter Validation: Kafka Connect Heap Java Options

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Heap Java Options parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_heap_opts
Required: true

Suppress Parameter Validation: Key Converter

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Key Converter parameter.
Related Name
Default Value: false
API Name: role_config_suppression_key.converter
Required: true

Suppress Parameter Validation: Kafka Connect Logging Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Logging Advanced Configuration Snippet (Safety Valve) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_log4j_safety_valve
Required: true

Suppress Parameter Validation: Kafka Connect Log Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Log Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_log_dir
Required: true

Suppress Parameter Validation: Jetty Metrics Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Jetty Metrics Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_metrics.jetty.server.auth.password
Required: true

Suppress Parameter Validation: Jetty Metrics User Name

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Jetty Metrics User Name parameter.
Related Name
Default Value: false
API Name: role_config_suppression_metrics.jetty.server.auth.username
Required: true

Suppress Parameter Validation: Jetty Metrics Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Jetty Metrics Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_metrics.jetty.server.port
Required: true

Suppress Parameter Validation: Secure Jetty Metrics Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Secure Jetty Metrics Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_metrics.jetty.server.secureport
Required: true

Suppress Parameter Validation: Offset Storage Topic Replication Factor

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Offset Storage Topic Replication Factor parameter.
Related Name
Default Value: false
API Name: role_config_suppression_offset.storage.replication.factor
Required: true

Suppress Parameter Validation: Offset Storage Topic Name

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Offset Storage Topic Name parameter.
Related Name
Default Value: false
API Name: role_config_suppression_offset.storage.topic
Required: true

Suppress Parameter Validation: Heap Dump Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Heap Dump Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_oom_heap_dump_dir
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Exporters Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Exporters Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_exporters
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Extensions Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Extensions Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_extensions
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Helper Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Helper Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_helper_port
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Processors Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Processors Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_processors
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Receivers Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Receivers Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_receivers
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_password
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write URL

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write URL parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_url
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write Username

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write Username parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_user
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_exporters
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_extensions
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_processors
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_receivers
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_service
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Service Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Service Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_service
Required: true

Suppress Parameter Validation: Plugin Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Plugin Path parameter.
Related Name
Default Value: false
API Name: role_config_suppression_plugin.path
Required: true

Suppress Parameter Validation: Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-audit.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-audit.xml parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-connect-audit.xml_role_safety_valve
Required: true

Suppress Parameter Validation: Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-policymgr-ssl.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-policymgr-ssl.xml parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-connect-policymgr-ssl.xml_role_safety_valve
Required: true

Suppress Parameter Validation: Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-security.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-security.xml parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-connect-security.xml_role_safety_valve
Required: true

Suppress Parameter Validation: Ranger Kafka Connect Plugin Hdfs Audit Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Kafka Connect Plugin Hdfs Audit Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kafka_connect_plugin_hdfs_audit_directory
Required: true

Suppress Parameter Validation: Ranger Kafka Connect Plugin Audit Hdfs Spool Directory Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Kafka Connect Plugin Audit Hdfs Spool Directory Path parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kafka_connect_plugin_hdfs_audit_spool_directory
Required: true

Suppress Parameter Validation: Ranger Kafka Connect Plugin Audit Solr Spool Directory Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Kafka Connect Plugin Audit Solr Spool Directory Path parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kafka_connect_plugin_solr_audit_spool_directory
Required: true

Suppress Parameter Validation: Ranger Kafka Plugin Policy Cache Directory Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Kafka Plugin Policy Cache Directory Path parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_plugin_kafka_connect_policy_cache_directory
Required: true

Suppress Parameter Validation: 'Ranger service' name for the Kafka Connect service

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the 'Ranger service' name for the Kafka Connect service parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_plugin_kafka_connect_service_name
Required: true

Suppress Parameter Validation: Ranger Plugin Trusted Proxy IP Address

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Plugin Trusted Proxy IP Address parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_plugin_kafka_connect_trusted_proxy_ipaddress
Required: true

Suppress Parameter Validation: Rest Extension Classes

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Rest Extension Classes parameter.
Related Name
Default Value: false
API Name: role_config_suppression_rest.extension.classes
Required: true

Suppress Parameter Validation: Kafka Connect Rest Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect Rest Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_rest.port
Required: true

Suppress Parameter Validation: Custom Control Group Resources (overrides Cgroup settings)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Control Group Resources (overrides Cgroup settings) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_rm_custom_resources
Required: true

Suppress Parameter Validation: Role Triggers

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Triggers parameter.
Related Name
Default Value: false
API Name: role_config_suppression_role_triggers
Required: true

Suppress Parameter Validation: Secure Kafka Connect Rest Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Secure Kafka Connect Rest Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_secure.rest.port
Required: true

Suppress Parameter Validation: Kafka Connect TLS/SSL Trust Store File

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect TLS/SSL Trust Store File parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client_truststore_location
Required: true

Suppress Parameter Validation: Kafka Connect TLS/SSL Trust Store Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect TLS/SSL Trust Store Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client_truststore_password
Required: true

Suppress Parameter Validation: Kafka Connect TLS/SSL Server Keystore Key Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect TLS/SSL Server Keystore Key Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_keypassword
Required: true

Suppress Parameter Validation: Kafka Connect TLS/SSL Server Keystore File Location

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect TLS/SSL Server Keystore File Location parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_location
Required: true

Suppress Parameter Validation: Kafka Connect TLS/SSL Server Keystore File Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Connect TLS/SSL Server Keystore File Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_password
Required: true

Suppress Parameter Validation: Stacks Collection Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Stacks Collection Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_stacks_collection_directory
Required: true

Suppress Parameter Validation: Status Storage Topic Replication Factor

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Status Storage Topic Replication Factor parameter.
Related Name
Default Value: false
API Name: role_config_suppression_status.storage.replication.factor
Required: true

Suppress Parameter Validation: Status Storage Topic Name

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Status Storage Topic Name parameter.
Related Name
Default Value: false
API Name: role_config_suppression_status.storage.topic
Required: true

Suppress Parameter Validation: Value Converter

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Value Converter parameter.
Related Name
Default Value: false
API Name: role_config_suppression_value.converter
Required: true

Suppress Health Test: Audit Pipeline Test

Description: Whether to suppress the results of the Audit Pipeline Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_connect_audit_health
Required: true

Suppress Health Test: File Descriptors

Description: Whether to suppress the results of the File Descriptors heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_connect_file_descriptor
Required: true

Suppress Health Test: Host Health

Description: Whether to suppress the results of the Host Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_connect_host_health
Required: true

Suppress Health Test: Log Directory Free Space

Description: Whether to suppress the results of the Log Directory Free Space heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_connect_log_directory_free_space
Required: true

Suppress Health Test: Otelcol Health

Description: Whether to suppress the results of the Otelcol Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_connect_otelcol_health
Required: true

Suppress Health Test: Process Status

Description: Whether to suppress the results of the Process Status heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_connect_scm_health
Required: true

Suppress Health Test: Swap Memory Usage

Description: Whether to suppress the results of the Swap Memory Usage heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_connect_swap_memory_usage
Required: true

Suppress Health Test: Swap Memory Usage Rate Beta

Description: Whether to suppress the results of the Swap Memory Usage Rate Beta heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_connect_swap_memory_usage_rate
Required: true

Suppress Health Test: Unexpected Exits

Description: Whether to suppress the results of the Unexpected Exits heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_connect_unexpected_exits
Required: true

Kafka MirrorMaker

Advanced

Kafka MirrorMaker Environment Advanced Configuration Snippet (Safety Valve)

Description: For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of this role except client configuration.
Related Name
Default Value
API Name: KAFKA_MIRROR_MAKER_role_env_safety_valve
Required: false

Kafka MirrorMaker Logging Advanced Configuration Snippet (Safety Valve)

Description: For advanced use only, a string to be inserted into log4j2.properties for this role only.
Related Name
Default Value
API Name: log4j_safety_valve
Required: false

Enable auto refresh for metric configurations

Description: When true, Enable Metric Collection and Metric Filter parameters will be set automatically if they're changed. Otherwise, a refresh by hand is required.
Related Name
Default Value: false
API Name: metric_config_auto_refresh
Required: false

Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for mirror_maker_consumers.properties

Description: For advanced use only. A string to be inserted into mirror_maker_consumers.properties for this role only.
Related Name
Default Value
API Name: mirror_maker_consumers.properties_role_safety_valve
Required: false

Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for mirror_maker_producers.properties

Description: For advanced use only. A string to be inserted into mirror_maker_producers.properties for this role only.
Related Name
Default Value
API Name: mirror_maker_producers.properties_role_safety_valve
Required: false

Heap Dump Directory

Description: Path to directory where heap dumps are generated when java.lang.OutOfMemoryError error is thrown. This directory is automatically created if it does not exist. If this directory already exists, it will be owned by the current role user with 1777 permissions. Sharing the same directory among multiple roles will cause an ownership race. The heap dump files are created with 600 permissions and are owned by the role user. The amount of free space in this directory should be greater than the maximum Java Process heap size configured for this role.
Related Name: oom_heap_dump_dir
Default Value: /tmp
API Name: oom_heap_dump_dir
Required: false

Dump Heap When Out of Memory

Description: When set, generates a heap dump file when when an out-of-memory error occurs.
Related Name
Default Value: false
API Name: oom_heap_dump_enabled
Required: true

Kill When Out of Memory

Description: When set, a SIGKILL signal is sent to the role process when java.lang.OutOfMemoryError is thrown.
Related Name
Default Value: true
API Name: oom_sigkill_enabled
Required: true

Automatically Restart Process

Description: When set, this role's process is automatically (and transparently) restarted in the event of an unexpected failure. This configuration applies in the time after the Start Wait Timeout period.
Related Name
Default Value: false
API Name: process_auto_restart
Required: true

Role Specific System Group

Description: The group that this role's processes should run as.
Related Name
Default Value: kafka
API Name: process_groupname
Required: true

Enable Metric Collection

Description: Cloudera Manager agent monitors each service and each of its role by publishing metrics to the Cloudera Manager Service Monitor. Setting it to false will stop Cloudera Manager agent from publishing any metric for corresponding service/roles. This is usually helpful for services that generate large amount of metrics which Service Monitor is not able to process.
Related Name
Default Value: true
API Name: process_should_monitor
Required: true

Process Start Retry Attempts

Description: Number of times to try starting a role's process when the process exits before the Start Wait Timeout period. After a process is running beyond the Start Wait Timeout, the retry count is reset. Setting this configuration to zero will prevent restart of the process during the Start Wait Timeout period.
Related Name
Default Value: 3
API Name: process_start_retries
Required: false

Process Start Wait Timeout

Description: The time in seconds to wait for a role's process to start successfully on a host. Processes which exit/crash before this time will be restarted until reaching the limit specified by the Start Retry Attempts count parameter. Setting this configuration to zero will turn off this feature.
Related Name
Default Value: 20
API Name: process_start_secs
Required: false

Role Specific System User

Description: The user that this role's processes should run as.
Related Name
Default Value: kafka
API Name: process_username
Required: true

Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for ssl_client.properties

Description: For advanced use only. A string to be inserted into ssl_client.properties for this role only.
Related Name
Default Value
API Name: ssl_client.properties_role_safety_valve
Required: false

Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for ssl_server.properties

Description: For advanced use only. A string to be inserted into ssl_server.properties for this role only.
Related Name
Default Value
API Name: ssl_server.properties_role_safety_valve
Required: false

Logs

Kafka MirrorMaker Log Directory

Description: The log directory for log files of the role Kafka MirrorMaker.
Related Name: kafka_mirrormaker.log4j.dir
Default Value: /var/log/kafka
API Name: log_dir
Required: false

Kafka MirrorMaker Logging Threshold

Description: The minimum log level for Kafka MirrorMaker logs
Related Name
Default Value: INFO
API Name: log_threshold
Required: false

Kafka MirrorMaker Maximum Log File Backups

Description: The maximum number of rolled log files to keep for Kafka MirrorMaker logs. Typically used by log4j or logback.
Related Name
Default Value: 10
API Name: max_log_backup_index
Required: false

Kafka MirrorMaker Max Log Size

Description: The maximum size, in megabytes, per log file for Kafka MirrorMaker logs. Typically used by log4j or logback.
Related Name
Default Value: 200 MiB
API Name: max_log_size
Required: false

Monitoring

Enable Health Alerts for this Role

Description: When set, Cloudera Manager will send alerts when the health of this role reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold
Related Name
Default Value: true
API Name: enable_alerts
Required: false

Enable Configuration Change Alerts

Description: When set, Cloudera Manager will send alerts when this entity's configuration changes.
Related Name
Default Value: false
API Name: enable_config_alerts
Required: false

Enable JMX Exporter (beta)

Description: JMX Exporter support is a beta feature. If enabled, CM configures the role to run JMX Exporter in agent mode with the provided port and YAML configuration. This exporter then can be used with the OpenTelemetry Collector feature. See the JMX Exporter documentation.
Related Name
Default Value: true
API Name: jmx_exporter_enabled
Required: true

JMX Exporter configuration YAML

Description: This configuration is passed to JMX Exporter as it is. See the JMX Exporter documentation.
Related Name
Default Value
API Name: jmx_exporter_yaml
Required: false

File Descriptor Monitoring Thresholds

Description: The health test thresholds of the number of file descriptors used. Specified as a percentage of file descriptor limit.
Related Name
Default Value: Warning: 50.0 %, Critical: 70.0 %
API Name: kafka_mirror_maker_fd_thresholds
Required: false

Kafka MirrorMaker Host Health Test

Description: When computing the overall Kafka MirrorMaker health, consider the host's health.
Related Name
Default Value: true
API Name: kafka_mirror_maker_host_health_enabled
Required: false

Kafka MirrorMaker Process Health Test

Description: Enables the health test that the Kafka MirrorMaker's process state is consistent with the role configuration
Related Name
Default Value: true
API Name: kafka_mirror_maker_scm_health_enabled
Required: false

Log Directory Free Space Monitoring Absolute Thresholds

Description: The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory.
Related Name
Default Value: Warning: 10 GiB, Critical: 5 GiB
API Name: log_directory_free_space_absolute_thresholds
Required: false

Log Directory Free Space Monitoring Percentage Thresholds

Description: The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory. Specified as a percentage of the capacity on that filesystem. This setting is not used if a Log Directory Free Space Monitoring Absolute Thresholds setting is configured.
Related Name
Default Value: Warning: Never, Critical: Never
API Name: log_directory_free_space_percentage_thresholds
Required: false

Metric Filter

Description

Defines a Metric Filter for this role. Cloudera Manager Agents will not send filtered metrics to the Service Monitor. Define the following fields:

Health Test Metric Set - Select this parameter to collect only metrics required for health tests.
Default Dashboard Metric Set - Select this parameter to collect only metrics required for the default dashboards. For user-defined charts, you must add the metrics you require for the chart using the Custom Metrics parameter.
Include/Exclude Custom Metrics - Select Include to specify metrics that should be collected. Select Exclude to specify metrics that should not be collected. Enter the metric names to be included or excluded using the Metric Name parameter.
Metric Name - The name of a metric that will be included or excluded during metric collection.

Include only Health Test Metric Set: Selected.
Include/Exclude Custom Metrics: Set to Include.
Metric Name: jvm_heap_used_mb

You can also view the JSON representation for this parameter by clicking View as JSON. In this example, the JSON looks like this:

{
  "includeHealthTestMetricSet": true, 
  "filterType": "whitelist",
  "metrics": ["jvm_heap_used_mb"]
}

Related Name

Default Value

API Name

monitoring_metric_filter

Required

false

OpenTelemetry Collector Exporters Section

Description: Define the exporters settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value: exporters: prometheusremotewrite/$ROLE_NAME: endpoint: $ROLE_PARAM(otelcol_remote_write_url) auth: authenticator: basicauth/$ROLE_NAME tls: insecure_skip_verify: true retry_on_failure: enabled: true initial_interval: 10s max_interval: 40s max_elapsed_time: 300s
API Name: otelcol_exporters
Required: false

OpenTelemetry Collector Extensions Section

Description: Define the extensions settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value: extensions: basicauth/$ROLE_NAME: client_auth: username: $ROLE_PARAM(otelcol_remote_write_user) password: '$ROLE_PARAM(otelcol_remote_write_password)'
API Name: otelcol_extensions
Required: false

OpenTelemetry Collector Helper Port

Description: This port can be used for JMX Exporter to implement a Prometheus exporter or for other OpenTelemetry Collector related purposes
Related Name
Default Value
API Name: otelcol_helper_port
Required: false

OpenTelemetry Collector Processors Section

Description: Define the processors settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_processors
Required: false

OpenTelemetry Collector Receivers Section

Description: Define the receivers settings as a yaml snippet according to the OpenTelemetry Collector standards. A number of variables can help to use the same config everywhere. The follow strings or expressions will be substituted: $HOST_NAME, $CLUSTER_NAME, $CLUSTER_ID, $SERVICE_TYPE, $SERVICE_NAME, $ROLE_NAME, $ROLE_TYPE, $ROLE_PARAM(my_parameter_name) - e.g.: a port parameter for the role's metrics, $DECODE_B64(...) and $DECODE_URL(...) to decode encoded parameters, $ENV_PARAM(name) to fetch params from the process' environment, $SYS_PARAM(name) to fetch java system properties.
Related Name
Default Value
API Name: otelcol_receivers
Required: false

OpenTelemetry Collector Remote Write Password

Description: Remote write password for the OpenTelemetry Collector. This param is for convenience and intended to be used at the extensions section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_password) expression. Specify $INFRA(cdp_request_signer_password) when forwarding to Cloudera Observability central monitoring. (This is the default.)
Related Name
Default Value: ******
API Name: otelcol_remote_write_password
Required: false

OpenTelemetry Collector Remote Write URL

Description: Remote write URL for the OpenTelemetry Collector. This param is for convenience and intended to be used at the exporters section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_url) expression. Specify $INFRA(cdp_request_signer_url) when forwarding to Cloudera Observability central monitoring.
Related Name
Default Value: $INFRA(cdp_request_signer_url)
API Name: otelcol_remote_write_url
Required: false

OpenTelemetry Collector Remote Write Username

Description: Remote write username for the OpenTelemetry Collector. This param is for convenience and intended to be used at the extensions section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_user) expression. Specify $INFRA(cdp_request_signer_username) when forwarding to Cloudera Observability central monitoring.
Related Name
Default Value: $INFRA(cdp_request_signer_username)
API Name: otelcol_remote_write_user
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section

Description: Define the exporters settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_exporters
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section

Description: Define the extensions settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_extensions
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section

Description: Define the processors settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_processors
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section

Description: Define the receivers settings as a yaml snippet according to the OpenTelemetry Collector standards. A number of variables can help to use the same config everywhere. The follow strings or expressions will be substituted: $HOST_NAME, $CLUSTER_NAME, $CLUSTER_ID, $SERVICE_TYPE, $SERVICE_NAME, $ROLE_NAME, $ROLE_TYPE, $ROLE_PARAM(my_parameter_name) - e.g.: a port parameter for the role's metrics, $DECODE_B64(...) and $DECODE_URL(...) to decode encoded parameters, $ENV_PARAM(name) to fetch params from the process' environment, $SYS_PARAM(name) to fetch java system properties.
Related Name
Default Value
API Name: otelcol_rtm_logs_receivers
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section

Description: Define the service settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_service
Required: false

OpenTelemetry Collector Service Section

Description: Define the service settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_service
Required: false

Enable OpenTelemetry Collector (beta)

Description: OpenTelemetry Collector support is a new beta feature (will change without notice) which can run OpenTelemetry Collector as an agent together with the CM Agent to forward metrics to a Prometheus like storage.
Related Name
Default Value: false
API Name: otelcol_should_collect
Required: true

Enable Real-Time Monitoring for Jobs / Queries with OpenTelemetry

Description: This enables OpenTelemetry Collector as an agent together with the CM Agent to forward real-time monitoring data about jobs / queries to Observability backend. The configuration of the subsections shouldn't be modified manually.
Related Name
Default Value: false
API Name: otelcol_should_collect_rtm_logs
Required: true

Swap Memory Usage Rate Thresholds

Description: The health test thresholds on the swap memory usage rate of the process. Specified as the change of the used swap memory during the predefined period.
Related Name
Default Value: Warning: Never, Critical: Never
API Name: process_swap_memory_rate_thresholds
Required: false

Swap Memory Usage Rate Window

Description: The period to review when computing unexpected swap memory usage change of the process.
Related Name: common.process.swap_memory_rate_window
Default Value: 5 minute(s)
API Name: process_swap_memory_rate_window
Required: false

Process Swap Memory Thresholds

Description: The health test thresholds on the swap memory usage of the process. This takes precedence over the host level threshold.
Related Name
Default Value: Warning: 200 B, Critical: Never
API Name: process_swap_memory_thresholds
Required: false

Role Triggers

Description

triggerName (mandatory) - The name of the trigger. This value must be unique for the specific role.
triggerExpression (mandatory) - A tsquery expression representing the trigger.
streamThreshold (optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire.
enabled (optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.
expressionEditorConfig (optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger configured for a DataNode fires if the DataNode has more than 1500 file descriptors opened:

[{"triggerName": "sample-trigger",
  "triggerExpression": "IF (SELECT fd_open WHERE roleName=$ROLENAME and last(fd_open) > 1500) DO health:bad",
  "streamThreshold": 0, "enabled": "true"}]

Related Name

Default Value

[]

API Name

role_triggers

Required

true

Unexpected Exits Thresholds

Description: The health test thresholds for unexpected exits encountered within a recent period specified by the unexpected_exits_window configuration for the role.
Related Name
Default Value: Warning: Never, Critical: Any
API Name: unexpected_exits_thresholds
Required: false

Unexpected Exits Monitoring Period

Description: The period to review when computing unexpected exits.
Related Name
Default Value: 5 minute(s)
API Name: unexpected_exits_window
Required: false

Other

Abort on Send Failure

Description: Stop the entire mirror maker when a send failure occurs.
Related Name: abort.on.send.failure
Default Value: true
API Name: abort.on.send.failure
Required: false

Producer Batch Size

Description: This configuration controls the batch size in bytes. The producer will attempt to batch records together into fewer requests whenever multiple records are being sent to the same partition. This helps performance on both the client and the server.
Related Name: batch.size
Default Value: 16 KiB
API Name: batch.size
Required: false

Destination Broker List

Description: Comma-separated list of IP:port (or hostname:port) pairs of brokers on destination cluster. This should be more than one, for high availability, but there's no need to list all brokers.
Related Name: bootstrap.servers
Default Value
API Name: bootstrap.servers
Required: true

Producer Buffer Memory

Description: The total bytes of memory the producer can use to buffer records waiting to be sent to the server.
Related Name: buffer.memory
Default Value: 32 MiB
API Name: buffer.memory
Required: false

Producer Compression Type

Description: The compression type for all data generated by the producer.
Related Name: compression.type
Default Value: none
API Name: compression.type
Required: false

MirrorMaker Consumer Rebalance Listener

Description: A consumer rebalance listener of the ConsumerRebalanceListener type. Invoked when MirrorMaker's consumer rebalances.
Related Name: consumer.rebalance.listener
Default Value
API Name: consumer.rebalance.listener
Required: false

MirrorMaker Consumer Rebalance Listener Arguments

Description: Arguments used by MirrorMaker consumer rebalance listener.
Related Name: consumer.rebalance.listener.args
Default Value
API Name: consumer.rebalance.listener.args
Required: false

Consumer Request Timeout

Description: The maximum amount of time the consumer will wait for the response of a request. If the response is not received before the timeout elapses, the consumer will resend the request if necessary or fail the request if retries are exhausted.
Related Name: consumer.request.timeout.ms
Default Value: 40 second(s)
API Name: consumer.request.timeout.ms
Required: false

Destination Kafka Cluster's Security Protocol

Description: Protocol used for communication with destination Kafka cluster.
Related Name: destination.security.protocol
Default Value: PLAINTEXT
API Name: destination.security.protocol
Required: false

Destination Kafka Cluster's Client Auth

Description: Only required if destination Kafka cluster requires client authentication.
Related Name: destination.ssl.client.auth
Default Value: false
API Name: destination.ssl.client.auth
Required: false

Consumer Minimum Fetch Size

Description: The minimum amount of data the server should return for a fetch request. If insufficient data is available, the request will wait for that much data to accumulate before answering the request. Setting this property to something greater than 1 will cause the server to wait for larger amounts of data to accumulate which can improve server throughput a bit at the cost of some additional latency.
Related Name: fetch.min.bytes
Default Value: 1 B
API Name: fetch.min.bytes
Required: false

Consumer Group ID

Description: Name of the consumer group used by MirrorMaker. When multiple role instances are configured with the same topics and same group ID, the role instances load-balance replication for the topics. When multiple role instances are configured with the same topics but different group ID, each role instance replicates all the events for those topics - this can be used to replicate the source cluster into multiple destination clusters.
Related Name: group.id
Default Value: cloudera_mirrormaker
API Name: group.id
Required: false

Enable Authenticated Communication with the JMX Agent

Description: Enables Authenticated Communication with the JMX Agent.
Related Name: jmx.auth.enabled
Default Value: false
API Name: jmx.auth.enabled
Required: false

Name of User with Read-Write Access to the JMX Agent

Description: Specifies the name of the user that has read-write privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.control.user
Default Value: controlRole
API Name: jmx.control.user
Required: false

Password of user with read-write access to the JMX agent

Description: Specifies the password of the user that has read-write privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.control.user.passwd
Default Value
API Name: jmx.control.user.passwd
Required: false

Name of User with read-only access to the JMX Agent

Description: Specifies the name of the user that has read-only privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.monitor.user
Default Value: monitorRole
API Name: jmx.monitor.user
Required: false

Password of User with read-only Access to the JMX agent

Description: Specifies the password of the user that has read-only privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.monitor.user.passwd
Default Value
API Name: jmx.monitor.user.passwd
Required: false

Enable TLS client authentication for JMX port

Description: If enabled, a valid client certificate must be presented by the JMX client in order to connect to the JMX port. Ensure that the trusted CA certificates are present in either the ZooKeeper JMX TLS/SSL Server Trust Store file or the global trust store.
Related Name: jmx.ssl.client.auth.enabled
Default Value: false
API Name: jmx.ssl.client.auth.enabled
Required: false

Enable TLS/SSL for Kafka JMX

Description: Encrypt communication between clients and Kafka JMX using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)).
Related Name: jmx.ssl.enabled
Default Value: false
API Name: jmx.ssl.enabled
Required: false

Producer Linger Time

Description: The upper bound on the delay for batching. Once the producer gets a batch.size worth of records for a partition it will be sent immediately regardless of this setting. However, if fewer than this many bytes accumulated for this partition the producer will 'linger' for the specified time waiting for more records to show up.
Related Name: linger.ms
Default Value: 0 second(s)
API Name: linger.ms
Required: false

MirrorMaker Message Handler

Description: A MirrorMaker message handler of the MirrorMakerMessageHandler type that will process every record in-between producer and consumer.
Related Name: message.handler
Default Value
API Name: message.handler
Required: false

MirrorMaker Message Handler Arguments

Description: Arguments used by MirrorMaker message handler.
Related Name: message.handler.args
Default Value
API Name: message.handler.args
Required: false

Additional MirrorMaker Java Options

Description: These arguments are passed as part of the Java command line. Commonly, garbage collection flags or extra debugging flags are passed here.
Related Name: mirror_maker_java_opts
Default Value: -server -XX:+UseG1GC -XX:MaxGCPauseMillis=20 -XX:InitiatingHeapOccupancyPercent=35 -XX:G1HeapRegionSize=16M -XX:MinMetaspaceFreeRatio=50 -XX:MaxMetaspaceFreeRatio=80 -XX:+DisableExplicitGC -Djava.awt.headless=true -Djava.net.preferIPv4Stack=true -Dcom.sun.management.jmxremote.host=127.0.0.1 -Dcom.sun.management.jmxremote.local.only=true -Djava.rmi.server.hostname=127.0.0.1
API Name: mirror_maker_java_opts
Required: false

Java Heap Size of MirrorMaker

Description: Maximum size for the Java process heap memory. Passed to Java -Xmx. Measured in megabytes.
Related Name: mirror_maker_max_heap_size
Default Value: 1 GiB
API Name: mirror_maker_max_heap_size
Required: false

Number of Consumer Threads

Description: Number of consumer threads.
Related Name: num.streams
Default Value: 1
API Name: num.streams
Required: false

Offset Commit Interval

Description: Offset commit interval in milliseconds.
Related Name: offset.commit.interval.ms
Default Value: 60000
API Name: offset.commit.interval.ms
Required: false

Producer Request Timeout

Description: The maximum amount of time the producer will wait for the response of a request. If the response is not received before the timeout elapses, the producer will resend the request if necessary or fail the request if retries are exhausted.
Related Name: producer.request.timeout.ms
Default Value: 30 second(s)
API Name: producer.request.timeout.ms
Required: false

Consumer Session Timeout

Description: The timeout used to detect failures when using the group management facilities of Kafka. When the heartbeat of a consumer is not received within the session timeout, the broker will mark the consumer as failed and rebalance the group. Note that the value must be in the allowable range as configured in the broker by group.min.session.timeout.ms and group.max.session.timeout.ms.
Related Name: session.timeout.ms
Default Value: 30 second(s)
API Name: session.timeout.ms
Required: false

Source Broker List

Description: Comma-separated list of IP:port (or hostname:port) pairs of brokers on source cluster. This should be more than one, for high availability, but there's no need to list all brokers.
Related Name: source.bootstrap.servers
Default Value
API Name: source.bootstrap.servers
Required: true

Source Kafka Cluster's Security Protocol

Description: Protocol used for communication with source Kafka cluster.
Related Name: source.security.protocol
Default Value: PLAINTEXT
API Name: source.security.protocol
Required: false

Source Kafka Cluster's Client Auth

Description: Only required if the source Kafka cluster requires client authentication.
Related Name: source.ssl.client.auth
Default Value: false
API Name: source.ssl.client.auth
Required: false

Topic Whitelist

Description: Regular expression that represents a set of topics to mirror.
Related Name: whitelist
Default Value
API Name: whitelist
Required: true

Performance

Maximum Process File Descriptors

Description: If configured, overrides the process soft and hard rlimits (also called ulimits) for file descriptors to the configured value.
Related Name
Default Value
API Name: rlimit_fds
Required: false

Ports and Addresses

JMX Port

Description: Port for JMX.
Related Name: jmx_port
Default Value: 9394
API Name: jmx_port
Required: false

Resource Management

Cgroup V1 BLKIO Weight

Description: Weight for the read I/O requests issued by this role, enforced by the Linux kernel under cgroup v1. The greater the weight, the higher the priority of the requests when the host experiences I/O contention. Must be between 100 and 1000. Defaults to 1000 for processes not managed by Cloudera Manager.
Related Name: blkio.weight
Default Value: 500
API Name: rm_blkio_weight
Required: true

Cgroup V1 CPU Shares

Description: Number of CPU shares to assign to this role, enforced by the Linux kernel under cgroup v1. The greater the number of shares, the larger the share of the host's CPUs that will be given to this role when the host experiences CPU contention. Must be between 2 and 262144. Defaults to 1024 for processes not managed by Cloudera Manager.
Related Name: cpu.shares
Default Value: 1024
API Name: rm_cpu_shares
Required: true

Cgroup V2 CPU Weight

Description: Weight of CPU resources to assign to this role, enforced by the Linux kernel under cgroup v2. The greater the weight, the larger the share of the host's CPUs that will be given to this role when the host experiences CPU contention. Must be between 1 and 10000. Defaults to 100.
Related Name: cpu.weight
Default Value: 100
API Name: rm_cpu_weight
Required: true

Custom Control Group Resources (overrides Cgroup settings)

Description: Custom control group resources to assign to this role, which will be enforced by the Linux kernel. These resources should exist on the target hosts, otherwise an error will occur when the process starts. Use the same format as used for arguments to the cgexec command: resource1,resource2:path1 or resource3:path2 For example: 'cpu,memory:my/path blkio:my2/path2' ***These settings override other cgroup settings.***
Related Name: custom.cgroups
Default Value
API Name: rm_custom_resources
Required: false

Cgroup V2 I/O Weight

Description: Weight for the I/O requests issued by this role, enforced by the Linux kernel under cgroup v2. The greater the weight, the higher the priority of the requests when the host experiences I/O contention. Must be between 1 and 10000. Defaults to 100.
Related Name: io.weight
Default Value: 100
API Name: rm_io_weight
Required: true

Cgroup V1 Memory Hard Limit

Description: Hard memory limit to assign to this role, enforced by the Linux kernel under cgroup v1. When the limit is reached, the kernel will reclaim pages charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'
Related Name: memory.limit_in_bytes
Default Value: -1 MiB
API Name: rm_memory_hard_limit_v1
Required: true

Cgroup V2 Memory Hard Limit

Description: Hard memory limit to assign to this role, enforced by the Linux kernel under cgroup v2. When the limit is reached, the kernel will reclaim pages charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous and page cache pages contribute to the limit. Use a value of 'max' to specify no limit. By default, processes not managed by Cloudera Manager will have no limit. If the value is 'max', Cloudera Manager will not monitor Cgroup memory usage, and some charts will show 'No Data'.
Related Name: memory.max
Default Value: -1 MiB
API Name: rm_memory_hard_limit_v2
Required: true

Cgroup V1 Memory Soft Limit

Description: Soft memory limit to assign to this role, enforced by the Linux kernel under cgroup v1. When the limit is reached, the kernel will reclaim pages charged to the process if and only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'
Related Name: memory.soft_limit_in_bytes
Default Value: -1 MiB
API Name: rm_memory_soft_limit_v1
Required: true

Cgroup V2 Memory Soft Limit

Description: Soft memory limit to assign to this role, enforced by the Linux kernel under cgroup v2. When the limit is reached, the kernel will reclaim pages charged to the process only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous and page cache pages contribute to the limit. Use a value of 'max' to specify no limit. By default, processes not managed by Cloudera Manager will have no limit. If the value is 'max', Cloudera Manager will not monitor Cgroup memory usage, and some charts will show 'No Data'.
Related Name: memory.high
Default Value: -1 MiB
API Name: rm_memory_soft_limit_v2
Required: true

Security

Role-Specific Kerberos Principal

Description: Kerberos principal used by the Kafka MirrorMaker roles.
Related Name
Default Value: kafka_mirror_maker
API Name: kerberos_role_princ_name
Required: true

Kafka MirrorMaker TLS/SSL Trust Store File

Description: The location on disk of the trust store, in .jks format, used to confirm the authenticity of TLS/SSL servers that Kafka MirrorMaker might connect to. This trust store must contain the certificate(s) used to sign the service(s) connected to. If this parameter is not provided, the default list of well-known certificate authorities is used instead.
Related Name: ssl.truststore.location
Default Value
API Name: ssl_client_truststore_location
Required: false

Kafka MirrorMaker TLS/SSL Trust Store Password

Description: The password for the Kafka MirrorMaker TLS/SSL Trust Store File. This password is not required to access the trust store; this field can be left blank. This password provides optional integrity checking of the file. The contents of trust stores are certificates, and certificates are public information.
Related Name: ssl.truststore.password.generator
Default Value
API Name: ssl_client_truststore_password
Required: false

Enable TLS/SSL for Kafka MirrorMaker

Description: Encrypt communication between clients and Kafka MirrorMaker using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)).
Related Name: ssl_enabled
Default Value: false
API Name: ssl_enabled
Required: false

Kafka MirrorMaker TLS/SSL Server Keystore Key Password

Description: The password that protects the private key contained in the keystore used when Kafka MirrorMaker is acting as a TLS/SSL server.
Related Name: ssl.key.password.generator
Default Value
API Name: ssl_server_keystore_keypassword
Required: false

Kafka MirrorMaker TLS/SSL Server Keystore File Location

Description: The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when Kafka MirrorMaker is acting as a TLS/SSL server. The keystore must be in the format specified in Administration > Settings > Java Keystore Type.
Related Name: ssl.keystore.location
Default Value
API Name: ssl_server_keystore_location
Required: false

Kafka MirrorMaker TLS/SSL Server Keystore File Password

Description: The password for the Kafka MirrorMaker keystore file.
Related Name: ssl.keystore.password.generator
Default Value
API Name: ssl_server_keystore_password
Required: false

Stacks Collection

Stacks Collection Data Retention

Description: The amount of stacks data that is retained. After the retention limit is reached, the oldest data is deleted.
Related Name: stacks_collection_data_retention
Default Value: 100 MiB
API Name: stacks_collection_data_retention
Required: false

Stacks Collection Directory

Description: The directory in which stacks logs are placed. If not set, stacks are logged into a stacks subdirectory of the role's log directory. If this directory already exists, it will be owned by the current role user with 755 permissions. Sharing the same directory among multiple roles will cause an ownership race.
Related Name: stacks_collection_directory
Default Value
API Name: stacks_collection_directory
Required: false

Stacks Collection Enabled

Description: Whether or not periodic stacks collection is enabled.
Related Name: stacks_collection_enabled
Default Value: false
API Name: stacks_collection_enabled
Required: true

Stacks Collection Frequency

Description: The frequency with which stacks are collected.
Related Name: stacks_collection_frequency
Default Value: 5.0 second(s)
API Name: stacks_collection_frequency
Required: false

Stacks Collection Method

Description: The method used to collect stacks. The jstack option involves periodically running the jstack command against the role's daemon process. The servlet method is available for those roles that have an HTTP server endpoint exposing the current stacks traces of all threads. When the servlet method is selected, that HTTP endpoint is periodically scraped.
Related Name: stacks_collection_method
Default Value: jstack
API Name: stacks_collection_method
Required: false

Suppressions

Suppress Parameter Validation: Destination Broker List

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Destination Broker List parameter.
Related Name
Default Value: false
API Name: role_config_suppression_bootstrap.servers
Required: true

Suppress Configuration Validator: CDH Version Validator

Description: Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_cdh_version_validator
Required: true

Suppress Parameter Validation: MirrorMaker Consumer Rebalance Listener

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the MirrorMaker Consumer Rebalance Listener parameter.
Related Name
Default Value: false
API Name: role_config_suppression_consumer.rebalance.listener
Required: true

Suppress Parameter Validation: MirrorMaker Consumer Rebalance Listener Arguments

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the MirrorMaker Consumer Rebalance Listener Arguments parameter.
Related Name
Default Value: false
API Name: role_config_suppression_consumer.rebalance.listener.args
Required: true

Suppress Parameter Validation: Consumer Group ID

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Consumer Group ID parameter.
Related Name
Default Value: false
API Name: role_config_suppression_group.id
Required: true

Suppress Parameter Validation: Name of User with Read-Write Access to the JMX Agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Name of User with Read-Write Access to the JMX Agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.control.user
Required: true

Suppress Parameter Validation: Password of user with read-write access to the JMX agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Password of user with read-write access to the JMX agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.control.user.passwd
Required: true

Suppress Parameter Validation: Name of User with read-only access to the JMX Agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Name of User with read-only access to the JMX Agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.monitor.user
Required: true

Suppress Parameter Validation: Password of User with read-only Access to the JMX agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Password of User with read-only Access to the JMX agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.monitor.user.passwd
Required: true

Suppress Parameter Validation: JMX Exporter configuration YAML

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JMX Exporter configuration YAML parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx_exporter_yaml
Required: true

Suppress Parameter Validation: JMX Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JMX Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx_port
Required: true

Suppress Parameter Validation: Kafka MirrorMaker Environment Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker Environment Advanced Configuration Snippet (Safety Valve) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_mirror_maker_role_env_safety_valve
Required: true

Suppress Parameter Validation: Role-Specific Kerberos Principal

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Role-Specific Kerberos Principal parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kerberos_role_princ_name
Required: true

Suppress Parameter Validation: Kafka MirrorMaker Logging Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker Logging Advanced Configuration Snippet (Safety Valve) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_log4j_safety_valve
Required: true

Suppress Parameter Validation: Kafka MirrorMaker Log Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker Log Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_log_dir
Required: true

Suppress Parameter Validation: MirrorMaker Message Handler

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the MirrorMaker Message Handler parameter.
Related Name
Default Value: false
API Name: role_config_suppression_message.handler
Required: true

Suppress Parameter Validation: MirrorMaker Message Handler Arguments

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the MirrorMaker Message Handler Arguments parameter.
Related Name
Default Value: false
API Name: role_config_suppression_message.handler.args
Required: true

Suppress Parameter Validation: Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for mirror_maker_consumers.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for mirror_maker_consumers.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_mirror_maker_consumers.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Additional MirrorMaker Java Options

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Additional MirrorMaker Java Options parameter.
Related Name
Default Value: false
API Name: role_config_suppression_mirror_maker_java_opts
Required: true

Suppress Parameter Validation: Java Heap Size of MirrorMaker

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Java Heap Size of MirrorMaker parameter.
Related Name
Default Value: false
API Name: role_config_suppression_mirror_maker_max_heap_size
Required: true

Suppress Parameter Validation: Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for mirror_maker_producers.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for mirror_maker_producers.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_mirror_maker_producers.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Heap Dump Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Heap Dump Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_oom_heap_dump_dir
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Exporters Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Exporters Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_exporters
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Extensions Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Extensions Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_extensions
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Helper Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Helper Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_helper_port
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Processors Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Processors Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_processors
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Receivers Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Receivers Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_receivers
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_password
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write URL

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write URL parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_url
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write Username

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write Username parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_user
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_exporters
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_extensions
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_processors
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_receivers
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_service
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Service Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Service Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_service
Required: true

Suppress Parameter Validation: Role Specific System Group

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Specific System Group parameter.
Related Name
Default Value: false
API Name: role_config_suppression_process_groupname
Required: true

Suppress Parameter Validation: Role Specific System User

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Specific System User parameter.
Related Name
Default Value: false
API Name: role_config_suppression_process_username
Required: true

Suppress Parameter Validation: Custom Control Group Resources (overrides Cgroup settings)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Control Group Resources (overrides Cgroup settings) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_rm_custom_resources
Required: true

Suppress Parameter Validation: Role Triggers

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Triggers parameter.
Related Name
Default Value: false
API Name: role_config_suppression_role_triggers
Required: true

Suppress Parameter Validation: Source Broker List

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Source Broker List parameter.
Related Name
Default Value: false
API Name: role_config_suppression_source.bootstrap.servers
Required: true

Suppress Parameter Validation: Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for ssl_client.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for ssl_client.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Kafka MirrorMaker TLS/SSL Trust Store File

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker TLS/SSL Trust Store File parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client_truststore_location
Required: true

Suppress Parameter Validation: Kafka MirrorMaker TLS/SSL Trust Store Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker TLS/SSL Trust Store Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client_truststore_password
Required: true

Suppress Parameter Validation: Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for ssl_server.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for ssl_server.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Kafka MirrorMaker TLS/SSL Server Keystore Key Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker TLS/SSL Server Keystore Key Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_keypassword
Required: true

Suppress Parameter Validation: Kafka MirrorMaker TLS/SSL Server Keystore File Location

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker TLS/SSL Server Keystore File Location parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_location
Required: true

Suppress Parameter Validation: Kafka MirrorMaker TLS/SSL Server Keystore File Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka MirrorMaker TLS/SSL Server Keystore File Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_password
Required: true

Suppress Parameter Validation: Stacks Collection Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Stacks Collection Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_stacks_collection_directory
Required: true

Suppress Parameter Validation: Topic Whitelist

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Topic Whitelist parameter.
Related Name
Default Value: false
API Name: role_config_suppression_whitelist
Required: true

Suppress Health Test: Audit Pipeline Test

Description: Whether to suppress the results of the Audit Pipeline Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_mirror_maker_audit_health
Required: true

Suppress Health Test: File Descriptors

Description: Whether to suppress the results of the File Descriptors heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_mirror_maker_file_descriptor
Required: true

Suppress Health Test: Host Health

Description: Whether to suppress the results of the Host Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_mirror_maker_host_health
Required: true

Suppress Health Test: Log Directory Free Space

Description: Whether to suppress the results of the Log Directory Free Space heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_mirror_maker_log_directory_free_space
Required: true

Suppress Health Test: Otelcol Health

Description: Whether to suppress the results of the Otelcol Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_mirror_maker_otelcol_health
Required: true

Suppress Health Test: Process Status

Description: Whether to suppress the results of the Process Status heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_mirror_maker_scm_health
Required: true

Suppress Health Test: Swap Memory Usage

Description: Whether to suppress the results of the Swap Memory Usage heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_mirror_maker_swap_memory_usage
Required: true

Suppress Health Test: Swap Memory Usage Rate Beta

Description: Whether to suppress the results of the Swap Memory Usage Rate Beta heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_mirror_maker_swap_memory_usage_rate
Required: true

Suppress Health Test: Unexpected Exits

Description: Whether to suppress the results of the Unexpected Exits heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kafka_mirror_maker_unexpected_exits
Required: true

KRaft Controller

Advanced

KRaft Controller Advanced Configuration Snippet (Safety Valve) for kafka-monitoring.properties

Description: For advanced use only. A string to be inserted into kafka-monitoring.properties for this role only.
Related Name
Default Value
API Name: kafka-monitoring.properties_role_safety_valve
Required: false

KRaft Controller Advanced Configuration Snippet (Safety Valve) for kraft.properties

Description: For advanced use only. A string to be inserted into kraft.properties for this role only.
Related Name
Default Value
API Name: kraft.properties_role_safety_valve
Required: false

KRaft Controller Environment Advanced Configuration Snippet (Safety Valve)

Description: For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of this role except client configuration.
Related Name
Default Value
API Name: KRAFT_role_env_safety_valve
Required: false

KRaft Controller Logging Advanced Configuration Snippet (Safety Valve)

Description: For advanced use only, a string to be inserted into log4j2.properties for this role only.
Related Name
Default Value
API Name: log4j_safety_valve
Required: false

Enable auto refresh for metric configurations

Description: When true, Enable Metric Collection and Metric Filter parameters will be set automatically if they're changed. Otherwise, a refresh by hand is required.
Related Name
Default Value: false
API Name: metric_config_auto_refresh
Required: false

Heap Dump Directory

Description: Path to directory where heap dumps are generated when java.lang.OutOfMemoryError error is thrown. This directory is automatically created if it does not exist. If this directory already exists, it will be owned by the current role user with 1777 permissions. Sharing the same directory among multiple roles will cause an ownership race. The heap dump files are created with 600 permissions and are owned by the role user. The amount of free space in this directory should be greater than the maximum Java Process heap size configured for this role.
Related Name: oom_heap_dump_dir
Default Value: /tmp
API Name: oom_heap_dump_dir
Required: false

Dump Heap When Out of Memory

Description: When set, generates a heap dump file when when an out-of-memory error occurs.
Related Name
Default Value: false
API Name: oom_heap_dump_enabled
Required: true

Kill When Out of Memory

Description: When set, a SIGKILL signal is sent to the role process when java.lang.OutOfMemoryError is thrown.
Related Name
Default Value: true
API Name: oom_sigkill_enabled
Required: true

Automatically Restart Process

Description: When set, this role's process is automatically (and transparently) restarted in the event of an unexpected failure. This configuration applies in the time after the Start Wait Timeout period.
Related Name
Default Value: false
API Name: process_auto_restart
Required: true

Role Specific System Group

Description: The group that this role's processes should run as.
Related Name
Default Value: kraft
API Name: process_groupname
Required: true

Enable Metric Collection

Description: Cloudera Manager agent monitors each service and each of its role by publishing metrics to the Cloudera Manager Service Monitor. Setting it to false will stop Cloudera Manager agent from publishing any metric for corresponding service/roles. This is usually helpful for services that generate large amount of metrics which Service Monitor is not able to process.
Related Name
Default Value: true
API Name: process_should_monitor
Required: true

Process Start Retry Attempts

Description: Number of times to try starting a role's process when the process exits before the Start Wait Timeout period. After a process is running beyond the Start Wait Timeout, the retry count is reset. Setting this configuration to zero will prevent restart of the process during the Start Wait Timeout period.
Related Name
Default Value: 3
API Name: process_start_retries
Required: false

Process Start Wait Timeout

Description: The time in seconds to wait for a role's process to start successfully on a host. Processes which exit/crash before this time will be restarted until reaching the limit specified by the Start Retry Attempts count parameter. Setting this configuration to zero will turn off this feature.
Related Name
Default Value: 20
API Name: process_start_secs
Required: false

Role Specific System User

Description: The user that this role's processes should run as.
Related Name
Default Value: kraft
API Name: process_username
Required: true

KRaft Controller Advanced Configuration Snippet (Safety Valve) for ranger-kafka-audit.xml

Description: For advanced use only. A string to be inserted into ranger-kafka-audit.xml for this role only.
Related Name
Default Value
API Name: ranger-kafka-audit.xml_role_safety_valve
Required: false

KRaft Controller Advanced Configuration Snippet (Safety Valve) for ranger-kafka-policymgr-ssl.xml

Description: For advanced use only. A string to be inserted into ranger-kafka-policymgr-ssl.xml for this role only.
Related Name
Default Value
API Name: ranger-kafka-policymgr-ssl.xml_role_safety_valve
Required: false

KRaft Controller Advanced Configuration Snippet (Safety Valve) for ranger-kafka-security.xml

Description: For advanced use only. A string to be inserted into ranger-kafka-security.xml for this role only.
Related Name
Default Value
API Name: ranger-kafka-security.xml_role_safety_valve
Required: false

KRaft Controller Advanced Configuration Snippet (Safety Valve) for ssl.properties

Description: For advanced use only. A string to be inserted into ssl.properties for this role only.
Related Name
Default Value
API Name: ssl.properties_role_safety_valve
Required: false

Logs

KRaft Controller Log Directory

Description: The log directory for log files of the role KRaft Controller.
Related Name: kafka.log4j.dir
Default Value: /var/log/kraft
API Name: log_dir
Required: false

KRaft Controller Logging Threshold

Description: The minimum log level for KRaft Controller logs
Related Name
Default Value: INFO
API Name: log_threshold
Required: false

KRaft Controller Maximum Log File Backups

Description: The maximum number of rolled log files to keep for KRaft Controller logs. Typically used by log4j or logback.
Related Name
Default Value: 10
API Name: max_log_backup_index
Required: false

KRaft Controller Max Log Size

Description: The maximum size, in megabytes, per log file for KRaft Controller logs. Typically used by log4j or logback.
Related Name
Default Value: 200 MiB
API Name: max_log_size
Required: false

Monitoring

Enable Health Alerts for this Role

Description: When set, Cloudera Manager will send alerts when the health of this role reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold
Related Name
Default Value: true
API Name: enable_alerts
Required: false

Enable Configuration Change Alerts

Description: When set, Cloudera Manager will send alerts when this entity's configuration changes.
Related Name
Default Value: false
API Name: enable_config_alerts
Required: false

Enable JMX Exporter (beta)

Description: JMX Exporter support is a beta feature. If enabled, CM configures the role to run JMX Exporter in agent mode with the provided port and YAML configuration. This exporter then can be used with the OpenTelemetry Collector feature. See the JMX Exporter documentation.
Related Name
Default Value: true
API Name: jmx_exporter_enabled
Required: true

JMX Exporter configuration YAML

Description: This configuration is passed to JMX Exporter as it is. See the JMX Exporter documentation.
Related Name
Default Value
API Name: jmx_exporter_yaml
Required: false

File Descriptor Monitoring Thresholds

Description: The health test thresholds of the number of file descriptors used. Specified as a percentage of file descriptor limit.
Related Name
Default Value: Warning: 50.0 %, Critical: 70.0 %
API Name: kraft_fd_thresholds
Required: false

KRaft Controller Host Health Test

Description: When computing the overall KRaft Controller health, consider the host's health.
Related Name
Default Value: true
API Name: kraft_host_health_enabled
Required: false

KRaft Controller Process Health Test

Description: Enables the health test that the KRaft Controller's process state is consistent with the role configuration
Related Name
Default Value: true
API Name: kraft_scm_health_enabled
Required: false

Log Directory Free Space Monitoring Absolute Thresholds

Description: The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory.
Related Name
Default Value: Warning: 10 GiB, Critical: 5 GiB
API Name: log_directory_free_space_absolute_thresholds
Required: false

Log Directory Free Space Monitoring Percentage Thresholds

Description: The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory. Specified as a percentage of the capacity on that filesystem. This setting is not used if a Log Directory Free Space Monitoring Absolute Thresholds setting is configured.
Related Name
Default Value: Warning: Never, Critical: Never
API Name: log_directory_free_space_percentage_thresholds
Required: false

Metric Filter

Description

Defines a Metric Filter for this role. Cloudera Manager Agents will not send filtered metrics to the Service Monitor. Define the following fields:

Health Test Metric Set - Select this parameter to collect only metrics required for health tests.
Default Dashboard Metric Set - Select this parameter to collect only metrics required for the default dashboards. For user-defined charts, you must add the metrics you require for the chart using the Custom Metrics parameter.
Include/Exclude Custom Metrics - Select Include to specify metrics that should be collected. Select Exclude to specify metrics that should not be collected. Enter the metric names to be included or excluded using the Metric Name parameter.
Metric Name - The name of a metric that will be included or excluded during metric collection.

Include only Health Test Metric Set: Selected.
Include/Exclude Custom Metrics: Set to Include.
Metric Name: jvm_heap_used_mb

You can also view the JSON representation for this parameter by clicking View as JSON. In this example, the JSON looks like this:

{
  "includeHealthTestMetricSet": true, 
  "filterType": "whitelist",
  "metrics": ["jvm_heap_used_mb"]
}

Related Name

Default Value

API Name

monitoring_metric_filter

Required

false

OpenTelemetry Collector Exporters Section

Description: Define the exporters settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value: exporters: prometheusremotewrite/$ROLE_NAME: endpoint: $ROLE_PARAM(otelcol_remote_write_url) auth: authenticator: basicauth/$ROLE_NAME tls: insecure_skip_verify: true retry_on_failure: enabled: true initial_interval: 10s max_interval: 40s max_elapsed_time: 300s
API Name: otelcol_exporters
Required: false

OpenTelemetry Collector Extensions Section

Description: Define the extensions settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value: extensions: basicauth/$ROLE_NAME: client_auth: username: $ROLE_PARAM(otelcol_remote_write_user) password: '$ROLE_PARAM(otelcol_remote_write_password)'
API Name: otelcol_extensions
Required: false

OpenTelemetry Collector Helper Port

Description: This port can be used for JMX Exporter to implement a Prometheus exporter or for other OpenTelemetry Collector related purposes
Related Name
Default Value
API Name: otelcol_helper_port
Required: false

OpenTelemetry Collector Processors Section

Description: Define the processors settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_processors
Required: false

OpenTelemetry Collector Receivers Section

Description: Define the receivers settings as a yaml snippet according to the OpenTelemetry Collector standards. A number of variables can help to use the same config everywhere. The follow strings or expressions will be substituted: $HOST_NAME, $CLUSTER_NAME, $CLUSTER_ID, $SERVICE_TYPE, $SERVICE_NAME, $ROLE_NAME, $ROLE_TYPE, $ROLE_PARAM(my_parameter_name) - e.g.: a port parameter for the role's metrics, $DECODE_B64(...) and $DECODE_URL(...) to decode encoded parameters, $ENV_PARAM(name) to fetch params from the process' environment, $SYS_PARAM(name) to fetch java system properties.
Related Name
Default Value
API Name: otelcol_receivers
Required: false

OpenTelemetry Collector Remote Write Password

Description: Remote write password for the OpenTelemetry Collector. This param is for convenience and intended to be used at the extensions section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_password) expression. Specify $INFRA(cdp_request_signer_password) when forwarding to Cloudera Observability central monitoring. (This is the default.)
Related Name
Default Value: ******
API Name: otelcol_remote_write_password
Required: false

OpenTelemetry Collector Remote Write URL

Description: Remote write URL for the OpenTelemetry Collector. This param is for convenience and intended to be used at the exporters section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_url) expression. Specify $INFRA(cdp_request_signer_url) when forwarding to Cloudera Observability central monitoring.
Related Name
Default Value: $INFRA(cdp_request_signer_url)
API Name: otelcol_remote_write_url
Required: false

OpenTelemetry Collector Remote Write Username

Description: Remote write username for the OpenTelemetry Collector. This param is for convenience and intended to be used at the extensions section of Otelcol settings using the $ROLE_PARAM(otelcol_remote_write_user) expression. Specify $INFRA(cdp_request_signer_username) when forwarding to Cloudera Observability central monitoring.
Related Name
Default Value: $INFRA(cdp_request_signer_username)
API Name: otelcol_remote_write_user
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section

Description: Define the exporters settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_exporters
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section

Description: Define the extensions settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_extensions
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section

Description: Define the processors settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_processors
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section

Description: Define the receivers settings as a yaml snippet according to the OpenTelemetry Collector standards. A number of variables can help to use the same config everywhere. The follow strings or expressions will be substituted: $HOST_NAME, $CLUSTER_NAME, $CLUSTER_ID, $SERVICE_TYPE, $SERVICE_NAME, $ROLE_NAME, $ROLE_TYPE, $ROLE_PARAM(my_parameter_name) - e.g.: a port parameter for the role's metrics, $DECODE_B64(...) and $DECODE_URL(...) to decode encoded parameters, $ENV_PARAM(name) to fetch params from the process' environment, $SYS_PARAM(name) to fetch java system properties.
Related Name
Default Value
API Name: otelcol_rtm_logs_receivers
Required: false

Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section

Description: Define the service settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_rtm_logs_service
Required: false

OpenTelemetry Collector Service Section

Description: Define the service settings as a yaml snippet according to the OpenTelemetry Collector standards. Variable substitution available, see the receivers' help.
Related Name
Default Value
API Name: otelcol_service
Required: false

Enable OpenTelemetry Collector (beta)

Description: OpenTelemetry Collector support is a new beta feature (will change without notice) which can run OpenTelemetry Collector as an agent together with the CM Agent to forward metrics to a Prometheus like storage.
Related Name
Default Value: false
API Name: otelcol_should_collect
Required: true

Enable Real-Time Monitoring for Jobs / Queries with OpenTelemetry

Description: This enables OpenTelemetry Collector as an agent together with the CM Agent to forward real-time monitoring data about jobs / queries to Observability backend. The configuration of the subsections shouldn't be modified manually.
Related Name
Default Value: false
API Name: otelcol_should_collect_rtm_logs
Required: true

Swap Memory Usage Rate Thresholds

Description: The health test thresholds on the swap memory usage rate of the process. Specified as the change of the used swap memory during the predefined period.
Related Name
Default Value: Warning: Never, Critical: Never
API Name: process_swap_memory_rate_thresholds
Required: false

Swap Memory Usage Rate Window

Description: The period to review when computing unexpected swap memory usage change of the process.
Related Name: common.process.swap_memory_rate_window
Default Value: 5 minute(s)
API Name: process_swap_memory_rate_window
Required: false

Process Swap Memory Thresholds

Description: The health test thresholds on the swap memory usage of the process. This takes precedence over the host level threshold.
Related Name
Default Value: Warning: 200 B, Critical: Never
API Name: process_swap_memory_thresholds
Required: false

Role Triggers

Description

triggerName (mandatory) - The name of the trigger. This value must be unique for the specific role.
triggerExpression (mandatory) - A tsquery expression representing the trigger.
streamThreshold (optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire.
enabled (optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.
expressionEditorConfig (optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger configured for a DataNode fires if the DataNode has more than 1500 file descriptors opened:

[{"triggerName": "sample-trigger",
  "triggerExpression": "IF (SELECT fd_open WHERE roleName=$ROLENAME and last(fd_open) > 1500) DO health:bad",
  "streamThreshold": 0, "enabled": "true"}]

Related Name

Default Value

[]

API Name

role_triggers

Required

true

Unexpected Exits Thresholds

Description: The health test thresholds for unexpected exits encountered within a recent period specified by the unexpected_exits_window configuration for the role.
Related Name
Default Value: Warning: Never, Critical: Any
API Name: unexpected_exits_thresholds
Required: false

Unexpected Exits Monitoring Period

Description: The period to review when computing unexpected exits.
Related Name
Default Value: 5 minute(s)
API Name: unexpected_exits_window
Required: false

Other

Graceful Shutdown Timeout

Description: The timeout in milliseconds to wait for graceful shutdown to complete.
Related Name
Default Value: 2 minute(s)
API Name: graceful_stop_timeout
Required: false

Enable Authenticated Communication with the JMX Agent

Description: Enables Authenticated Communication with the JMX Agent.
Related Name: jmx.auth.enabled
Default Value: true
API Name: jmx.auth.enabled
Required: false

Name of User with Read-Write Access to the JMX Agent

Description: Specifies the name of the user that has read-write privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.control.user
Default Value: controlRole
API Name: jmx.control.user
Required: false

Password of user with read-write access to the JMX agent

Description: Specifies the password of the user that has read-write privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.control.user.passwd
Default Value: ******
API Name: jmx.control.user.passwd
Required: false

Name of User with read-only access to the JMX Agent

Description: Specifies the name of the user that has read-only privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.monitor.user
Default Value: monitorRole
API Name: jmx.monitor.user
Required: false

Password of User with read-only Access to the JMX agent

Description: Specifies the password of the user that has read-only privileges when using password file-based authentication for JMX access. JMX authentication must be enabled for this setting to take effect.
Related Name: jmx.monitor.user.passwd
Default Value: ******
API Name: jmx.monitor.user.passwd
Required: false

Enable TLS client authentication for JMX port

Description: If enabled, a valid client certificate must be presented by the JMX client in order to connect to the JMX port. Ensure that the trusted CA certificates are present in either the KRaft JMX TLS/SSL Server Trust Store file or the global trust store.
Related Name: jmx.ssl.client.auth.enabled
Default Value: false
API Name: jmx.ssl.client.auth.enabled
Required: false

Enable TLS/SSL for KRaft JMX

Description: Encrypt communication between clients and KRaft JMX using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)).
Related Name: jmx.ssl.enabled
Default Value: false
API Name: jmx.ssl.enabled
Required: false

Enable HTTP Metric Report Basic Authentication

Description: Enable Basic Authentication for Kafka Metric HTTP Endpoint.
Related Name: kafka.http.metrics.authentication.enabled
Default Value: false
API Name: kafka.http.metrics.authentication.enabled
Required: false

HTTP Metric Report Host

Description: The host that the HTTP metric reporter binds to.
Related Name: kafka.http.metrics.host
Default Value: 0.0.0.0
API Name: kafka.http.metrics.host
Required: false

HTTP Metric Report Password

Description: The password used for Basic Authentication.
Related Name: kafka.http.metrics.password
Default Value
API Name: kafka.http.metrics.password
Required: false

Http Metrics Report Exclude Filter

Description: Regex of MetricNames that will not be reported by the HttpMetricsReporter. Use upstream JMX-based MetricNames.
Related Name: http.metrics.exclude
Default Value
API Name: kafka.http.metrics.reporter.exclude.filter
Required: false

SSL Encryption For HTTP Metric Reporter

Description: Enable SSL Encryption for HTTP Metrics Endpoint. IMPORTANT: SSL encryption will be enabled if ssl_enabled config is enabled as well!
Related Name: kafka.http.metrics.ssl.enabled
Default Value: false
API Name: kafka.http.metrics.ssl.enabled
Required: false

HTTP Metric Report User

Description: The username used for Basic Authentication.
Related Name: kafka.http.metrics.user
Default Value
API Name: kafka.http.metrics.user
Required: false

Additional KRaft Controller Java Options

Description: These arguments are passed as part of the Java command line. Commonly, garbage collection flags or extra debugging flags are passed here.
Related Name: kraft_java_opts
Default Value: -server -XX:+UseG1GC -XX:MaxGCPauseMillis=20 -XX:InitiatingHeapOccupancyPercent=35 -XX:G1HeapRegionSize=16M -XX:MinMetaspaceFreeRatio=50 -XX:MaxMetaspaceFreeRatio=80 -XX:+DisableExplicitGC -Djava.awt.headless=true -Djava.net.preferIPv4Stack=true -Dcom.sun.management.jmxremote.host=127.0.0.1 -Dcom.sun.management.jmxremote.local.only=true -Djava.rmi.server.hostname=127.0.0.1
API Name: kraft_java_opts
Required: false

Metadata Log Directory

Description: A single directory that stores the logs of KRaft's metadata.
Related Name: metadata.log.dir
Default Value: /var/local/kraft/data
API Name: metadata.log.dir
Required: true

Node ID

Description: ID uniquely identifying each broker or controller. Never set this property at the group level; it should always be overridden on instance level.
Related Name: node.id
Default Value
API Name: node.id
Required: false

Ranger KRaft Plugin Audit Hdfs Spool Directory Path

Description: Spool directory for Ranger audits being written to DFS.
Related Name: xasecure.audit.destination.hdfs.batch.filespool.dir
Default Value: /var/log/kraft/audit/hdfs/spool
API Name: ranger_kraft_plugin_hdfs_audit_spool_directory
Required: true

Ranger KRaft Plugin Policy Cache Directory Path

Description: The directory where Ranger security policies are cached locally.
Related Name: ranger.plugin.kraft.policy.cache.dir
Default Value: /var/lib/ranger/kraft/policy-cache
API Name: ranger_kraft_plugin_policy_cache_directory
Required: true

Ranger KRaft Plugin Audit Solr Spool Directory Path

Description: Spool directory for Ranger audits being written to Solr.
Related Name: xasecure.audit.destination.solr.batch.filespool.dir
Default Value: /var/log/kraft/audit/solr/spool
API Name: ranger_kraft_plugin_solr_audit_spool_directory
Required: true

Ranger Plugin Trusted Proxy IP Address

Description: Accepts a list of IP addresses of proxy servers for trusting.
Related Name: ranger.plugin.kafka.trusted.proxy.ipaddress
Default Value
API Name: ranger_plugin_kraft_trusted_proxy_ipaddress
Required: false

Ranger Plugin Use X-Forwarded For IP Address

Description: The parameter is used for identifying the originating IP address of a user connecting to a component through proxy for audit logs.
Related Name: ranger.plugin.kafka.use.x-forwarded-for.ipaddress
Default Value: false
API Name: ranger_plugin_kraft_use_x_forwarded_for_ipaddress
Required: false

Inter Broker Protocol

Description: Protocol to be used for inter-broker communication. INFERRED uses the same protocol that is configured for external clients.
Related Name: security.inter.broker.protocol
Default Value: INFERRED
API Name: security.inter.broker.protocol
Required: false

SSL Client Authentication

Description: Client authentication mode for SSL connections. This configuration has three valid values, "required", "requested" and "none". If set to "required", client authentication is required. If set to "requested", client authentication is requested and clients without certificates can still connect. If set to "none", which is the default value, no client authentication is required.
Related Name: ssl.client.auth
Default Value: none
API Name: ssl.client.auth
Required: false

Performance

Maximum Process File Descriptors

Description: If configured, overrides the process soft and hard rlimits (also called ulimits) for file descriptors to the configured value.
Related Name
Default Value
API Name: rlimit_fds
Required: false

Ports and Addresses

JMX Port

Description: Port for JMX.
Related Name: jmx_port
Default Value: 9395
API Name: jmx_port
Required: false

HTTP Metric Report Port

Description: The port that the HTTP metric reporter listens on.
Related Name: kafka.http.metrics.port
Default Value: 24043
API Name: kafka.http.metrics.port
Required: false

TCP Port

Description: KRaft server port.
Related Name: port
Default Value: 9192
API Name: port
Required: false

TLS/SSL Port

Description: KRaft server secure port.
Related Name: ssl_port
Default Value: 9193
API Name: ssl_port
Required: false

Resource Management

Cgroup V1 BLKIO Weight

Description: Weight for the read I/O requests issued by this role, enforced by the Linux kernel under cgroup v1. The greater the weight, the higher the priority of the requests when the host experiences I/O contention. Must be between 100 and 1000. Defaults to 1000 for processes not managed by Cloudera Manager.
Related Name: blkio.weight
Default Value: 500
API Name: rm_blkio_weight
Required: true

Cgroup V1 CPU Shares

Description: Number of CPU shares to assign to this role, enforced by the Linux kernel under cgroup v1. The greater the number of shares, the larger the share of the host's CPUs that will be given to this role when the host experiences CPU contention. Must be between 2 and 262144. Defaults to 1024 for processes not managed by Cloudera Manager.
Related Name: cpu.shares
Default Value: 1024
API Name: rm_cpu_shares
Required: true

Cgroup V2 CPU Weight

Description: Weight of CPU resources to assign to this role, enforced by the Linux kernel under cgroup v2. The greater the weight, the larger the share of the host's CPUs that will be given to this role when the host experiences CPU contention. Must be between 1 and 10000. Defaults to 100.
Related Name: cpu.weight
Default Value: 100
API Name: rm_cpu_weight
Required: true

Custom Control Group Resources (overrides Cgroup settings)

Description: Custom control group resources to assign to this role, which will be enforced by the Linux kernel. These resources should exist on the target hosts, otherwise an error will occur when the process starts. Use the same format as used for arguments to the cgexec command: resource1,resource2:path1 or resource3:path2 For example: 'cpu,memory:my/path blkio:my2/path2' ***These settings override other cgroup settings.***
Related Name: custom.cgroups
Default Value
API Name: rm_custom_resources
Required: false

Cgroup V2 I/O Weight

Description: Weight for the I/O requests issued by this role, enforced by the Linux kernel under cgroup v2. The greater the weight, the higher the priority of the requests when the host experiences I/O contention. Must be between 1 and 10000. Defaults to 100.
Related Name: io.weight
Default Value: 100
API Name: rm_io_weight
Required: true

Cgroup V1 Memory Hard Limit

Description: Hard memory limit to assign to this role, enforced by the Linux kernel under cgroup v1. When the limit is reached, the kernel will reclaim pages charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'
Related Name: memory.limit_in_bytes
Default Value: -1 MiB
API Name: rm_memory_hard_limit_v1
Required: true

Cgroup V2 Memory Hard Limit

Description: Hard memory limit to assign to this role, enforced by the Linux kernel under cgroup v2. When the limit is reached, the kernel will reclaim pages charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous and page cache pages contribute to the limit. Use a value of 'max' to specify no limit. By default, processes not managed by Cloudera Manager will have no limit. If the value is 'max', Cloudera Manager will not monitor Cgroup memory usage, and some charts will show 'No Data'.
Related Name: memory.max
Default Value: -1 MiB
API Name: rm_memory_hard_limit_v2
Required: true

Cgroup V1 Memory Soft Limit

Description: Soft memory limit to assign to this role, enforced by the Linux kernel under cgroup v1. When the limit is reached, the kernel will reclaim pages charged to the process if and only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 to specify no limit. By default processes not managed by Cloudera Manager will have no limit. If the value is -1, Cloudera Manager will not monitor Cgroup memory usage therefore some of the charts will show 'No Data'
Related Name: memory.soft_limit_in_bytes
Default Value: -1 MiB
API Name: rm_memory_soft_limit_v1
Required: true

Cgroup V2 Memory Soft Limit

Description: Soft memory limit to assign to this role, enforced by the Linux kernel under cgroup v2. When the limit is reached, the kernel will reclaim pages charged to the process only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous and page cache pages contribute to the limit. Use a value of 'max' to specify no limit. By default, processes not managed by Cloudera Manager will have no limit. If the value is 'max', Cloudera Manager will not monitor Cgroup memory usage, and some charts will show 'No Data'.
Related Name: memory.high
Default Value: -1 MiB
API Name: rm_memory_soft_limit_v2
Required: true

Security

Role-Specific Kerberos Principal

Description: Kerberos principal used by the KRaft Controller roles.
Related Name
Default Value: kraft
API Name: kerberos_role_princ_name
Required: true

KRaft Controller TLS/SSL Trust Store File

Description: The location on disk of the trust store, in .jks format, used to confirm the authenticity of TLS/SSL servers that KRaft Controller might connect to. This trust store must contain the certificate(s) used to sign the service(s) connected to. If this parameter is not provided, the default list of well-known certificate authorities is used instead.
Related Name: ssl.truststore.location
Default Value
API Name: ssl_client_truststore_location
Required: false

KRaft Controller TLS/SSL Trust Store Password

Description: The password for the KRaft Controller TLS/SSL Trust Store File. This password is not required to access the trust store; this field can be left blank. This password provides optional integrity checking of the file. The contents of trust stores are certificates, and certificates are public information.
Related Name: ssl.truststore.password.generator
Default Value
API Name: ssl_client_truststore_password
Required: false

Enable TLS/SSL for KRaft Controller

Description: Encrypt communication between clients and KRaft Controller using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)).
Related Name: ssl_enabled
Default Value: false
API Name: ssl_enabled
Required: false

KRaft Controller TLS/SSL Server Keystore Key Password

Description: The password that protects the private key contained in the keystore used when KRaft Controller is acting as a TLS/SSL server.
Related Name: ssl.key.password.generator
Default Value
API Name: ssl_server_keystore_keypassword
Required: false

KRaft Controller TLS/SSL Server Keystore File Location

Description: The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when KRaft Controller is acting as a TLS/SSL server. The keystore must be in the format specified in Administration > Settings > Java Keystore Type.
Related Name: ssl.keystore.location
Default Value
API Name: ssl_server_keystore_location
Required: false

KRaft Controller TLS/SSL Server Keystore File Password

Description: The password for the KRaft Controller keystore file.
Related Name: ssl.keystore.password.generator
Default Value
API Name: ssl_server_keystore_password
Required: false

Stacks Collection

Stacks Collection Data Retention

Description: The amount of stacks data that is retained. After the retention limit is reached, the oldest data is deleted.
Related Name: stacks_collection_data_retention
Default Value: 100 MiB
API Name: stacks_collection_data_retention
Required: false

Stacks Collection Directory

Description: The directory in which stacks logs are placed. If not set, stacks are logged into a stacks subdirectory of the role's log directory. If this directory already exists, it will be owned by the current role user with 755 permissions. Sharing the same directory among multiple roles will cause an ownership race.
Related Name: stacks_collection_directory
Default Value
API Name: stacks_collection_directory
Required: false

Stacks Collection Enabled

Description: Whether or not periodic stacks collection is enabled.
Related Name: stacks_collection_enabled
Default Value: false
API Name: stacks_collection_enabled
Required: true

Stacks Collection Frequency

Description: The frequency with which stacks are collected.
Related Name: stacks_collection_frequency
Default Value: 5.0 second(s)
API Name: stacks_collection_frequency
Required: false

Stacks Collection Method

Description: The method used to collect stacks. The jstack option involves periodically running the jstack command against the role's daemon process. The servlet method is available for those roles that have an HTTP server endpoint exposing the current stacks traces of all threads. When the servlet method is selected, that HTTP endpoint is periodically scraped.
Related Name: stacks_collection_method
Default Value: jstack
API Name: stacks_collection_method
Required: false

Suppressions

Suppress Configuration Validator: CDH Version Validator

Description: Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_cdh_version_validator
Required: true

Suppress Parameter Validation: Name of User with Read-Write Access to the JMX Agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Name of User with Read-Write Access to the JMX Agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.control.user
Required: true

Suppress Parameter Validation: Password of user with read-write access to the JMX agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Password of user with read-write access to the JMX agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.control.user.passwd
Required: true

Suppress Parameter Validation: Name of User with read-only access to the JMX Agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Name of User with read-only access to the JMX Agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.monitor.user
Required: true

Suppress Parameter Validation: Password of User with read-only Access to the JMX agent

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Password of User with read-only Access to the JMX agent parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.monitor.user.passwd
Required: true

Suppress Parameter Validation: JMX Exporter configuration YAML

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JMX Exporter configuration YAML parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx_exporter_yaml
Required: true

Suppress Parameter Validation: JMX Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JMX Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_jmx_port
Required: true

Suppress Parameter Validation: KRaft Controller Advanced Configuration Snippet (Safety Valve) for kafka-monitoring.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller Advanced Configuration Snippet (Safety Valve) for kafka-monitoring.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka-monitoring.properties_role_safety_valve
Required: true

Suppress Parameter Validation: HTTP Metric Report Host

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTP Metric Report Host parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.host
Required: true

Suppress Parameter Validation: HTTP Metric Report Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTP Metric Report Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.password
Required: true

Suppress Parameter Validation: HTTP Metric Report Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTP Metric Report Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.port
Required: true

Suppress Parameter Validation: Http Metrics Report Exclude Filter

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Http Metrics Report Exclude Filter parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.reporter.exclude.filter
Required: true

Suppress Parameter Validation: HTTP Metric Report User

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the HTTP Metric Report User parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.user
Required: true

Suppress Parameter Validation: Role-Specific Kerberos Principal

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Role-Specific Kerberos Principal parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kerberos_role_princ_name
Required: true

Suppress Parameter Validation: KRaft Controller Advanced Configuration Snippet (Safety Valve) for kraft.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller Advanced Configuration Snippet (Safety Valve) for kraft.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kraft.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Additional KRaft Controller Java Options

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Additional KRaft Controller Java Options parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kraft_java_opts
Required: true

Suppress Parameter Validation: KRaft Controller Environment Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller Environment Advanced Configuration Snippet (Safety Valve) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_kraft_role_env_safety_valve
Required: true

Suppress Parameter Validation: KRaft Controller Logging Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller Logging Advanced Configuration Snippet (Safety Valve) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_log4j_safety_valve
Required: true

Suppress Parameter Validation: KRaft Controller Log Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller Log Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_log_dir
Required: true

Suppress Parameter Validation: Metadata Log Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Metadata Log Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_metadata.log.dir
Required: true

Suppress Parameter Validation: Node ID

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Node ID parameter.
Related Name
Default Value: false
API Name: role_config_suppression_node.id
Required: true

Suppress Parameter Validation: Heap Dump Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Heap Dump Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_oom_heap_dump_dir
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Exporters Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Exporters Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_exporters
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Extensions Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Extensions Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_extensions
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Helper Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Helper Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_helper_port
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Processors Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Processors Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_processors
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Receivers Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Receivers Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_receivers
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_password
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write URL

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write URL parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_url
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Remote Write Username

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Remote Write Username parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_user
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_exporters
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_extensions
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_processors
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_receivers
Required: true

Suppress Parameter Validation: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_service
Required: true

Suppress Parameter Validation: OpenTelemetry Collector Service Section

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the OpenTelemetry Collector Service Section parameter.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_service
Required: true

Suppress Parameter Validation: TCP Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the TCP Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_port
Required: true

Suppress Parameter Validation: Role Specific System Group

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Specific System Group parameter.
Related Name
Default Value: false
API Name: role_config_suppression_process_groupname
Required: true

Suppress Parameter Validation: Role Specific System User

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Specific System User parameter.
Related Name
Default Value: false
API Name: role_config_suppression_process_username
Required: true

Suppress Parameter Validation: KRaft Controller Advanced Configuration Snippet (Safety Valve) for ranger-kafka-audit.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller Advanced Configuration Snippet (Safety Valve) for ranger-kafka-audit.xml parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-audit.xml_role_safety_valve
Required: true

Suppress Parameter Validation: KRaft Controller Advanced Configuration Snippet (Safety Valve) for ranger-kafka-policymgr-ssl.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller Advanced Configuration Snippet (Safety Valve) for ranger-kafka-policymgr-ssl.xml parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-policymgr-ssl.xml_role_safety_valve
Required: true

Suppress Parameter Validation: KRaft Controller Advanced Configuration Snippet (Safety Valve) for ranger-kafka-security.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller Advanced Configuration Snippet (Safety Valve) for ranger-kafka-security.xml parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-security.xml_role_safety_valve
Required: true

Suppress Parameter Validation: Ranger KRaft Plugin Audit Hdfs Spool Directory Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger KRaft Plugin Audit Hdfs Spool Directory Path parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kraft_plugin_hdfs_audit_spool_directory
Required: true

Suppress Parameter Validation: Ranger KRaft Plugin Policy Cache Directory Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger KRaft Plugin Policy Cache Directory Path parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kraft_plugin_policy_cache_directory
Required: true

Suppress Parameter Validation: Ranger KRaft Plugin Audit Solr Spool Directory Path

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger KRaft Plugin Audit Solr Spool Directory Path parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kraft_plugin_solr_audit_spool_directory
Required: true

Suppress Parameter Validation: Ranger Plugin Trusted Proxy IP Address

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Plugin Trusted Proxy IP Address parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_plugin_kraft_trusted_proxy_ipaddress
Required: true

Suppress Parameter Validation: Custom Control Group Resources (overrides Cgroup settings)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Custom Control Group Resources (overrides Cgroup settings) parameter.
Related Name
Default Value: false
API Name: role_config_suppression_rm_custom_resources
Required: true

Suppress Parameter Validation: Role Triggers

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Triggers parameter.
Related Name
Default Value: false
API Name: role_config_suppression_role_triggers
Required: true

Suppress Parameter Validation: KRaft Controller Advanced Configuration Snippet (Safety Valve) for ssl.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller Advanced Configuration Snippet (Safety Valve) for ssl.properties parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl.properties_role_safety_valve
Required: true

Suppress Parameter Validation: KRaft Controller TLS/SSL Trust Store File

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller TLS/SSL Trust Store File parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client_truststore_location
Required: true

Suppress Parameter Validation: KRaft Controller TLS/SSL Trust Store Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller TLS/SSL Trust Store Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client_truststore_password
Required: true

Suppress Parameter Validation: TLS/SSL Port

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the TLS/SSL Port parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_port
Required: true

Suppress Parameter Validation: KRaft Controller TLS/SSL Server Keystore Key Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller TLS/SSL Server Keystore Key Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_keypassword
Required: true

Suppress Parameter Validation: KRaft Controller TLS/SSL Server Keystore File Location

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller TLS/SSL Server Keystore File Location parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_location
Required: true

Suppress Parameter Validation: KRaft Controller TLS/SSL Server Keystore File Password

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the KRaft Controller TLS/SSL Server Keystore File Password parameter.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_password
Required: true

Suppress Parameter Validation: Stacks Collection Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Stacks Collection Directory parameter.
Related Name
Default Value: false
API Name: role_config_suppression_stacks_collection_directory
Required: true

Suppress Health Test: Audit Pipeline Test

Description: Whether to suppress the results of the Audit Pipeline Test heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kraft_audit_health
Required: true

Suppress Health Test: File Descriptors

Description: Whether to suppress the results of the File Descriptors heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kraft_file_descriptor
Required: true

Suppress Health Test: Host Health

Description: Whether to suppress the results of the Host Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kraft_host_health
Required: true

Suppress Health Test: Log Directory Free Space

Description: Whether to suppress the results of the Log Directory Free Space heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kraft_log_directory_free_space
Required: true

Suppress Health Test: Otelcol Health

Description: Whether to suppress the results of the Otelcol Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kraft_otelcol_health
Required: true

Suppress Health Test: Process Status

Description: Whether to suppress the results of the Process Status heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kraft_scm_health
Required: true

Suppress Health Test: Swap Memory Usage

Description: Whether to suppress the results of the Swap Memory Usage heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kraft_swap_memory_usage
Required: true

Suppress Health Test: Swap Memory Usage Rate Beta

Description: Whether to suppress the results of the Swap Memory Usage Rate Beta heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kraft_swap_memory_usage_rate
Required: true

Suppress Health Test: Unexpected Exits

Description: Whether to suppress the results of the Unexpected Exits heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: role_health_suppression_kafka_kraft_unexpected_exits
Required: true

Service-Wide

Advanced

Kafka Service Advanced Configuration Snippet (Safety Valve) for kafka-monitoring.properties

Description: For advanced use only, a string to be inserted into kafka-monitoring.properties. Applies to configurations of all roles in this service except client configuration.
Related Name
Default Value
API Name: kafka-monitoring.properties_service_safety_valve
Required: false

Kafka Service Environment Advanced Configuration Snippet (Safety Valve)

Description: For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of all roles in this service except client configuration.
Related Name
Default Value
API Name: KAFKA_service_env_safety_valve
Required: false

System Group

Description: The group that this service's processes should run as.
Related Name
Default Value: kafka
API Name: process_groupname
Required: true

System User

Description: The user that this service's processes should run as.
Related Name
Default Value: kafka
API Name: process_username
Required: true

Kafka Service Advanced Configuration Snippet (Safety Valve) for ranger-kafka-audit.xml

Description: For advanced use only, a string to be inserted into ranger-kafka-audit.xml. Applies to configurations of all roles in this service except client configuration.
Related Name
Default Value
API Name: ranger-kafka-audit.xml_service_safety_valve
Required: false

Kafka Service Advanced Configuration Snippet (Safety Valve) for ranger-kafka-policymgr-ssl.xml

Description: For advanced use only, a string to be inserted into ranger-kafka-policymgr-ssl.xml. Applies to configurations of all roles in this service except client configuration.
Related Name
Default Value
API Name: ranger-kafka-policymgr-ssl.xml_service_safety_valve
Required: false

Kafka Service Advanced Configuration Snippet (Safety Valve) for ranger-kafka-security.xml

Description: For advanced use only, a string to be inserted into ranger-kafka-security.xml. Applies to configurations of all roles in this service except client configuration.
Related Name
Default Value
API Name: ranger-kafka-security.xml_service_safety_valve
Required: false

Kafka Service Advanced Configuration Snippet (Safety Valve) for ssl.properties

Description: For advanced use only, a string to be inserted into ssl.properties. Applies to configurations of all roles in this service except client configuration.
Related Name
Default Value
API Name: ssl.properties_service_safety_valve
Required: false

Monitoring

Enable Service Level Health Alerts

Description: When set, Cloudera Manager will send alerts when the health of this service reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold
Related Name
Default Value: true
API Name: enable_alerts
Required: false

Enable Configuration Change Alerts

Description: When set, Cloudera Manager will send alerts when this entity's configuration changes.
Related Name
Default Value: false
API Name: enable_config_alerts
Required: false

Healthy Kafka Broker Monitoring Thresholds

Description: The health test thresholds of the overall Kafka Broker health. The check returns "Concerning" health if the percentage of "Healthy" Kafka Brokers falls below the warning threshold. The check is unhealthy if the total percentage of "Healthy" and "Concerning" Kafka Brokers falls below the critical threshold.
Related Name
Default Value: Warning: 94.99 %, Critical: 49.99 %
API Name: KAFKA_KAFKA_BROKER_healthy_thresholds
Required: false

Healthy Kafka Connect Monitoring Thresholds

Description: The health test thresholds of the overall Kafka Connect health. The check returns "Concerning" health if the percentage of "Healthy" Kafka Connects falls below the warning threshold. The check is unhealthy if the total percentage of "Healthy" and "Concerning" Kafka Connects falls below the critical threshold.
Related Name
Default Value: Warning: 94.99 %, Critical: 49.99 %
API Name: KAFKA_KAFKA_CONNECT_healthy_thresholds
Required: false

Healthy KRaft Controller Monitoring Thresholds

Description: The health test thresholds of the overall KRaft Controller health. The check returns "Concerning" health if the percentage of "Healthy" KRaft Controllers falls below the warning threshold. The check is unhealthy if the total percentage of "Healthy" and "Concerning" KRaft Controllers falls below the critical threshold.
Related Name
Default Value: Warning: 94.99 %, Critical: 50.0 %
API Name: KAFKA_KRAFT_healthy_thresholds
Required: false

Service Triggers

Description

The configured triggers for this service. This is a JSON-formatted list of triggers. These triggers are evaluated as part as the health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has the following fields:

triggerName (mandatory) - The name of the trigger. This value must be unique for the specific service.
triggerExpression (mandatory) - A tsquery expression representing the trigger.
streamThreshold (optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire.
enabled (optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.
expressionEditorConfig (optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger fires if there are more than 10 DataNodes with more than 500 file descriptors opened:

[{"triggerName": "sample-trigger",
  "triggerExpression": "IF (SELECT fd_open WHERE roleType = DataNode and last(fd_open) > 500) DO health:bad",
  "streamThreshold": 10, "enabled": "true"}]

Related Name

Default Value

[]

API Name

service_triggers

Required

true

Service Monitor Derived Configs Advanced Configuration Snippet (Safety Valve)

Description: For advanced use only, a list of derived configuration properties that will be used by the Service Monitor instead of the default ones.
Related Name
Default Value
API Name: smon_derived_configs_safety_valve
Required: false

Other

Atlas metadata namespace for Kafka Clients

Description: Metadata Namespace used in Atlas for Kafka clients (Producers, Consumers). It may be different from the topic namespace when clients used across clusters.
Related Name: atlas.metadata.namespace.client
Default Value: cm
API Name: atlas.metadata.namespace.client
Required: false

Atlas metadata namespace for Kafka Topics

Description: Metadata Namespace used in Atlas for Kafka topics.
Related Name: atlas.metadata.namespace.topic
Default Value: cm
API Name: atlas.metadata.namespace.topic
Required: false

Topic Auto Creation

Description: Enables auto creation of topics on the server. If set to true, it attempts to produce, consume, or fetch metadata for a non-existent topic automatically create the topic with the default replication factor and number of partitions.
Related Name: auto.create.topics.enable
Default Value: true
API Name: auto.create.topics.enable
Required: false

Enable Automatic Leader Rebalancing

Description: If automatic leader rebalancing is enabled, the controller tries to balance leadership for partitions among the brokers by periodically returning leadership for each partition to the preferred replica, if that replica is available.
Related Name: auto.leader.rebalance.enable
Default Value: true
API Name: auto.leader.rebalance.enable
Required: false

Enable Controlled Shutdown

Description: Enables controlled shutdown of the broker. If enabled, the broker moves all leaders on it to other brokers before shutting itself down. This reduces the unavailability window during shutdown.
Related Name: controlled.shutdown.enable
Default Value: true
API Name: controlled.shutdown.enable
Required: false

Controlled Shutdown Maximum Attempts

Description: Number of unsuccessful controlled shutdown attempts before executing an unclean shutdown. For example, the default value of 3 means that the system will attempt a controlled shutdown 3 times before executing an unclean shutdown.
Related Name: controlled.shutdown.max.retries
Default Value: 3
API Name: controlled.shutdown.max.retries
Required: false

Default Replication Factor

Description: The default replication factor for automatically created topics.
Related Name: default.replication.factor
Default Value: 1
API Name: default.replication.factor
Required: false

Enable Delegation Tokens

Description: Enables authentication with delegation tokens for this Kafka service. When enabled, a secure password is automatically generated and used as the "delegation.token.secret.key" property for Kafka Brokers. Only allowed if Kerberos authentication is enabled.
Related Name: delegation.token.enable
Default Value: true
API Name: delegation.token.enable
Required: false

Delegation Token Expiry Time

Description: The expiry time of a delegation token. A delegation token can be renewed before its expiry time to extend its validity up to its maximum lifetime. If it is not renewed, it will expire even if it has time remaining from its maximum lifetime.
Related Name: delegation.token.expiry.time.ms
Default Value: 1 day(s)
API Name: delegation.token.expiry.time.ms
Required: false

Delegation Token Maximum Lifetime

Description: The maximum amount of time that a delegation token can be valid for.
Related Name: delegation.token.max.lifetime.ms
Default Value: 7 day(s)
API Name: delegation.token.max.lifetime.ms
Required: false

Enable Delete Topic

Description: Enables topic deletion using admin tools. When delete topic is disabled, deleting topics through the admin tools has no effect.
Related Name: delete.topic.enable
Default Value: true
API Name: delete.topic.enable
Required: false

Consumer Group Maximum Session Timeout

Description: The minimum allowed session timeout for registered consumers. Shorter timeouts result in quicker failure detection at the cost of more frequent consumer heartbeating, which can overwhelm broker resources.
Related Name: group.max.session.timeout.ms
Default Value: 30 minute(s)
API Name: group.max.session.timeout.ms
Required: false

Consumer Group Minimum Session Timeout

Description: The minimum allowed session timeout for registered consumers. Shorter timeouts result in quicker failure detection at the cost of more frequent consumer heartbeating, which can overwhelm broker resources.
Related Name: group.min.session.timeout.ms
Default Value: 6 second(s)
API Name: group.min.session.timeout.ms
Required: false

HDFS Service

Description: Name of the HDFS service that this Kafka service instance depends on
Related Name
Default Value
API Name: hdfs_service
Required: false

Enable Kafka Decommission

Description: Kafka decommission flag only takes affect when there is no Cruise Control. In other case the decommission will be always enabled.
Related Name: kafka.decommission.hook.enabled
Default Value: false
API Name: kafka.decommission.hook.enabled
Required: false

List of Metric Reporters

Description: List of metric reporter class names. HTTP reporter is included by default.
Related Name: kafka.metrics.reporters
Default Value: nl.techop.kafka.KafkaHttpMetricsReporter
API Name: kafka.metrics.reporters
Required: false

Enable Kerberos Authentication

Description: Enables Kerberos authentication for this Kafka service.
Related Name: kerberos.auth.enable
Default Value: false
API Name: kerberos.auth.enable
Required: false

LDAP URL

Description: The URL of LDAP for authenticating Kafka clients.
Related Name: ldap.auth.url
Default Value
API Name: ldap.auth.url
Required: false

LDAP User DN Template

Description: The LDAP user DN template for authenticating Kafka clients.
Related Name: ldap.auth.user.dn.template
Default Value
API Name: ldap.auth.user.dn.template
Required: false

Leader Imbalance Check Interval

Description: Defines the frequency of leader imbalance checks.
Related Name: leader.imbalance.check.interval.seconds
Default Value: 5 minute(s)
API Name: leader.imbalance.check.interval.seconds
Required: false

Leader Imbalance Allowed Per Broker

Description: The percentage of leader imbalance allowed per broker. The controller rebalances leadership if the leader imbalance ratio goes above the configured value per broker.
Related Name: leader.imbalance.per.broker.percentage
Default Value: 10 %
API Name: leader.imbalance.per.broker.percentage
Required: false

Log Cleaner Deduplication Buffer Size

Description: The total memory used for log deduplication across all cleaner threads. This memory is statically allocated and will not cause GC problems.
Related Name: log.cleaner.dedupe.buffer.size
Default Value: 128 MiB
API Name: log.cleaner.dedupe.buffer.size
Required: false

Log Compaction Delete Record Retention Time

Description: The amount of time to retain delete messages for log compacted topics. Once a consumer has seen an original message, it has to be ensured that it also sees the delete message. If the delete message is removed too quickly, this might not happen. The configurable delete retention time helps to circumvent this issue.
Related Name: log.cleaner.delete.retention.ms
Default Value: 7 day(s)
API Name: log.cleaner.delete.retention.ms
Required: false

Enable Log Compaction

Description: Enables the log cleaner to compact topics with cleanup.policy=compact on this cluster.
Related Name: log.cleaner.enable
Default Value: true
API Name: log.cleaner.enable
Required: false

Log Cleaner Clean Ratio

Description: Controls how frequently the log cleaner will attempt to clean the log. This ratio restricts the maximum space wasted by duplicates in the log. For example, if set to 0.5, then at most 50% of the log can be populated by duplicates. A higher ratio results in fewer, more efficient cleaning processes, but more wasted space in the log.
Related Name: log.cleaner.min.cleanable.ratio
Default Value: 0.5
API Name: log.cleaner.min.cleanable.ratio
Required: false

Number of Log Cleaner Threads

Description: The number of background threads used for log cleaning.
Related Name: log.cleaner.threads
Default Value: 1
API Name: log.cleaner.threads
Required: false

Log Flush Message Interval

Description: The number of messages written to a log partition before triggering an fsync on the log. Setting this property to a low value results in more frequent data to disk synchronization, but also has major impact on performance. For durability, Cloudera recommends the use of replication rather than depending on a single-server fsync. However, this setting can be used as an extra safety measure. If used in conjunction with log.flush.interval.ms, the log is flushed when either criteria is met.
Related Name: log.flush.interval.messages
Default Value
API Name: log.flush.interval.messages
Required: false

Log Flush Time Interval

Description: The maximum time between fsync calls on the log. If used in conjunction with log.flush.interval.messages, the log is flushed when either criteria is met.
Related Name: log.flush.interval.ms
Default Value
API Name: log.flush.interval.ms
Required: false

Log Flush Scheduler Interval

Description: The frequency, in milliseconds, with which the log flusher checks whether any log is eligible to be flushed to disk.
Related Name: log.flush.scheduler.interval.ms
Default Value
API Name: log.flush.scheduler.interval.ms
Required: false

Maximum Message Size

Description: The maximum size of a message that the server can receive. This property has to be in sync with the maximum fetch size the consumers use. Otherwise, an unruly producer could publish messages that are too large for consumption.
Related Name: message.max.bytes
Default Value: 1000000 B
API Name: message.max.bytes
Required: false

Cruise Control Metric Reporter Principal Name

Description: Principal name of the Cruise Control metric reporter to authenticate with the Kafka cluster.
Related Name: metric.reporter.principal.name
Default Value: cc_metric_reporter
API Name: metric.reporter.principal.name
Required: true

Minimum Number of Replicas in ISR

Description: The minimum number of replicas in the in-sync replica needed to satisfy a produce request where required.acks=-1 (that is, all).
Related Name: min.insync.replicas
Default Value: 1
API Name: min.insync.replicas
Required: false

Enable Kafka Monitoring

Description: Enables Kafka monitoring.
Related Name: monitoring.enabled
Default Value: true
API Name: monitoring.enabled
Required: false

Default Number of Partitions

Description: The default number of partitions for automatically created topics.
Related Name: num.partitions
Default Value: 1
API Name: num.partitions
Required: false

Number of Replica Fetchers

Description: Number of threads used to replicate messages from leaders. Increasing this value increases the degree of I/O parallelism in the follower broker.
Related Name: num.replica.fetchers
Default Value: 4
API Name: num.replica.fetchers
Required: false

Enable OAuth Authentication

Description: Enables authentication using the SASL OAUTHBEARER mechanism for this Kafka service. Clients must present a signed JSON Web Token (JWT) when authenticating with OAuth2. This feature requires Kerberos to be enabled as well.
Related Name: oauth.enabled
Default Value: false
API Name: oauth.enabled
Required: false

JWT Expected Audience For OAuth2

Description: The JWT token can optionally contain an audience aud claim. When this claim is present then the same audience value needs to be expected on the server side, otherwise the token will be considered invalid.
Related Name: oauth.expected.audience
Default Value
API Name: oauth.expected.audience
Required: false

JWT Expected Issuer For OAuth2

Description: The JWT token can optionally contain an issuer iss claim. We can configure the broker to only accept tokens issued by a specific issuer.
Related Name: oauth.expected.issuer
Default Value
API Name: oauth.expected.issuer
Required: false

JWKS URL For OAuth2

Description: The endpoint URL that returns the authorization server's public keys in JSON Web Key Set format. The public keys are used to verify the JSON Web Tokens issued by the authorization server. Note that this can also be a local file if the URL starts with file://.
Related Name: oauth.jwks.url
Default Value
API Name: oauth.jwks.url
Required: false

JWT Principal Claim Name For OAuth2

Description: A JSON Web Token (JWT) must contain a user ID (principal) that can be used for Ranger authorization. This property specifies the name (or key) of the claim in the JWT that contains the user ID. The 'sub' claim is used if this property is left empty.
Related Name: oauth.principal.claim.name
Default Value
API Name: oauth.principal.claim.name
Required: false

Offset Retention Time

Description: After a consumer group loses all its consumers (i.e. becomes empty) its offsets will be kept for this retention period before getting discarded. For standalone consumers (using manual assignment), offsets will be expired after the time of last commit plus this retention period.
Related Name: offsets.retention.minutes
Default Value: 7 day(s)
API Name: offsets.retention.minutes
Required: false

Offset Commit Topic Number of Partitions

Description: The number of partitions for the offset commit topic. Changing this value after deployment is currently unsupported, therefore, Cloudera recommends using a higher number of partitions (for example, 100-200) for production.
Related Name: offsets.topic.num.partitions
Default Value: 50
API Name: offsets.topic.num.partitions
Required: false

Offset Commit Topic Replication Factor

Description: The replication factor for the offset commit topic. A higher setting (for example, 3 or 4) is recommended in order to ensure higher availability. If the offsets topic is created when there are fewer brokers than the replication factor, then the offsets topic is created with fewer replicas.
Related Name: offsets.topic.replication.factor
Default Value: 3
API Name: offsets.topic.replication.factor
Required: false

PAM Service

Description: The PAM service name for authenticating Kafka clients. This corresponds to the service name in the PAM configuration.
Related Name: pam.auth.service
Default Value: login
API Name: pam.auth.service
Required: false

Enable Producer Metrics

Description: Enables producer metrics
Related Name: producer.metrics.enable
Default Value: true
API Name: producer.metrics.enable
Required: false

Ranger Kafka Plugin Hdfs Audit Directory

Description: The DFS path on which Ranger audits are written.
Related Name: ranger_kafka_plugin_hdfs_audit_directory
Default Value: $ranger_base_audit_url/kafka
API Name: ranger_kafka_plugin_hdfs_audit_directory
Required: false

Ranger Kafka Plugin Policy Rest Client Max Retry Attempts

Description: Kafka Ranger Plugin Rest client max retry attempts count.
Related Name: ranger.plugin.kafka.policy.rest.client.max.retry.attempts
Default Value: 12
API Name: ranger_plugin_kafka_policy_rest_client_max_retry_attempts
Required: false

Ranger Kafka Plugin Policy Rest Client Retry Interval Ms

Description: Kafka Ranger Plugin Rest client retry wait interval in milliseconds.
Related Name: ranger.plugin.kafka.policy.rest.client.retry.interval.ms
Default Value: 10 second(s)
API Name: ranger_plugin_kafka_policy_rest_client_retry_interval_ms
Required: false

'Ranger service' name for this Kafka service

Description: Name of the 'Ranger service', that is used for authorization by this Kafka service. If this parameter is set to the placeholder value '{{GENERATED_RANGER_SERVICE_NAME}}', a generated service name will be used, and if necessary, created. The generated service name will refer to the name of the cluster and the name of this Kafka service. The name can consist of alphanumeric and '_' characters.
Related Name: ranger.plugin.kafka.service.name
Default Value: cm_kafka
API Name: ranger_plugin_kafka_service_name
Required: false

RANGER Service

Description: Name of the RANGER service that this Kafka service instance depends on
Related Name
Default Value
API Name: ranger_service
Required: false

Replica Maximum Fetch Size

Description: The maximum number of bytes to fetch for each partition in fetch requests that replicas send to the leader. This value should be larger than message.max.bytes.
Related Name: replica.fetch.max.bytes
Default Value: 1 MiB
API Name: replica.fetch.max.bytes
Required: false

Allowed Replica Time Lag

Description: If a follower has not sent any fetch requests, nor has it consumed up to the leader's log end offset during this time, the leader removes the follower from the ISR set.
Related Name: replica.lag.time.max.ms
Default Value: 30 second(s)
API Name: replica.lag.time.max.ms
Required: false

SASL/PLAIN Authentication

Description: Authentication method that the SASL/PLAIN mechanism uses to authenticate clients.
Related Name: sasl.plain.auth
Default Value: none
API Name: sasl.plain.auth
Required: false

Minimum Number of Replicas in ISR for Transaction State Log

Description: Overridden min.insync.replicas config for the transaction topic.
Related Name: transaction.state.log.min.isr
Default Value: 2
API Name: transaction.state.log.min.isr
Required: false

Transaction State Log Replication Factor

Description: The replication factor for the transaction topic (set higher to ensure availability). Internal topic creation will fail until the cluster size meets this replication factor requirement.
Related Name: transaction.state.log.replication.factor
Default Value: 3
API Name: transaction.state.log.replication.factor
Required: false

Enable Unclean Leader Election

Description: Enables replicas not in the ISR set to be elected as leader as a last resort, even though doing so might result in data loss.
Related Name: unclean.leader.election.enable
Default Value: false
API Name: unclean.leader.election.enable
Required: false

ZooKeeper Root

Description: The znode in ZooKeeper used as a root for this Kafka cluster. WARNING: Do not change this property following the initial launch of the Kafka service. Only configure this property during the initial setup phase, before starting the Kafka service for the first time. Updating the root znode on a Kafka service that has already been started does not copy over the original znodes to the new root. This causes Kafka to lose its operational metadata.
Related Name: zookeeper.chroot
Default Value: /kafka
API Name: zookeeper.chroot
Required: false

Enable Secure Connection to ZooKeeper

Description: Enables SSL/TLS for all connections to ZooKeeper. This applies only if 'Enable TLS/SSL for ZooKeeper' is enabled on the ZooKeeper service.
Related Name: zookeeper.secure.connection.enable
Default Value: true
API Name: zookeeper.secure.connection.enable
Required: false

ZooKeeper Session Timeout

Description: If the server fails to send a heartbeat to ZooKeeper within this period of time, it is considered dead. If set to a too low value, ZooKeeper might falsely consider a server dead. If set to a too high value, ZooKeeper might take too long to recognize a dead server.
Related Name: zookeeper.session.timeout.ms
Default Value: 18 second(s)
API Name: zookeeper.session.timeout.ms
Required: false

ZooKeeper Service

Description: Name of the ZooKeeper service that this Kafka service instance depends on
Related Name
Default Value
API Name: zookeeper_service
Required: false

Security

Kerberos Principal

Description: Kerberos principal short name used by all roles of this service.
Related Name
Default Value: kafka
API Name: kerberos_princ_name
Required: true

Suppressions

Suppress Configuration Validator: Kafka Broker Advanced Configuration Snippet (Safety Valve) for atlas-application.properties

Description: Whether to suppress configuration warnings produced by the Kafka Broker Advanced Configuration Snippet (Safety Valve) for atlas-application.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_atlas-application.properties_role_safety_valve
Required: true

Suppress Configuration Validator: Destination Broker List

Description: Whether to suppress configuration warnings produced by the Destination Broker List configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_bootstrap.servers
Required: true

Suppress Configuration Validator: Broker ID

Description: Whether to suppress configuration warnings produced by the Broker ID configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_broker.id
Required: true

Suppress Configuration Validator: Broker Rack ID

Description: Whether to suppress configuration warnings produced by the Broker Rack ID configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_broker.rack
Required: true

Suppress Configuration Validator: Additional Broker Java Options

Description: Whether to suppress configuration warnings produced by the Additional Broker Java Options configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_broker_java_opts
Required: true

Suppress Configuration Validator: Java Heap Size of Broker

Description: Whether to suppress configuration warnings produced by the Java Heap Size of Broker configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_broker_max_heap_size
Required: true

Suppress Configuration Validator: CDH Version Validator

Description: Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_cdh_version_validator
Required: true

Suppress Configuration Validator: Deploy Directory

Description: Whether to suppress configuration warnings produced by the Deploy Directory configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_client_config_root_dir
Required: true

Suppress Configuration Validator: Configuration Storage Topic Replication Factor

Description: Whether to suppress configuration warnings produced by the Configuration Storage Topic Replication Factor configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_config.storage.replication.factor
Required: true

Suppress Configuration Validator: Configuration Storage Topic Name

Description: Whether to suppress configuration warnings produced by the Configuration Storage Topic Name configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_config.storage.topic
Required: true

Suppress Configuration Validator: Kafka Connect Advanced Configuration Snippet (Safety Valve) for connect-distributed.properties

Description: Whether to suppress configuration warnings produced by the Kafka Connect Advanced Configuration Snippet (Safety Valve) for connect-distributed.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_connect-distributed.properties_role_safety_valve
Required: true

Suppress Configuration Validator: Connector Kafka Client Configuration Override Policy

Description: Whether to suppress configuration warnings produced by the Connector Kafka Client Configuration Override Policy configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_connector.client.config.override.policy
Required: true

Suppress Configuration Validator: MirrorMaker Consumer Rebalance Listener

Description: Whether to suppress configuration warnings produced by the MirrorMaker Consumer Rebalance Listener configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_consumer.rebalance.listener
Required: true

Suppress Configuration Validator: MirrorMaker Consumer Rebalance Listener Arguments

Description: Whether to suppress configuration warnings produced by the MirrorMaker Consumer Rebalance Listener Arguments configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_consumer.rebalance.listener.args
Required: true

Suppress Configuration Validator: JDBC Driver Jars Path For Debezium

Description: Whether to suppress configuration warnings produced by the JDBC Driver Jars Path For Debezium configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_debezium.jdbc.jars.path
Required: true

Suppress Configuration Validator: Non-Modifiable directory of Kafka Connect

Description: Whether to suppress configuration warnings produced by the Non-Modifiable directory of Kafka Connect configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_etc.kafka_connect_ext.dir
Required: true

Suppress Configuration Validator: Consumer Group ID

Description: Whether to suppress configuration warnings produced by the Consumer Group ID configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_group.id
Required: true

Suppress Configuration Validator: Name of User with Read-Write Access to the JMX Agent

Description: Whether to suppress configuration warnings produced by the Name of User with Read-Write Access to the JMX Agent configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.control.user
Required: true

Suppress Configuration Validator: Password of user with read-write access to the JMX agent

Description: Whether to suppress configuration warnings produced by the Password of user with read-write access to the JMX agent configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.control.user.passwd
Required: true

Suppress Configuration Validator: Name of User with read-only access to the JMX Agent

Description: Whether to suppress configuration warnings produced by the Name of User with read-only access to the JMX Agent configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.monitor.user
Required: true

Suppress Configuration Validator: Password of User with read-only Access to the JMX agent

Description: Whether to suppress configuration warnings produced by the Password of User with read-only Access to the JMX agent configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_jmx.monitor.user.passwd
Required: true

Suppress Configuration Validator: JMX Exporter configuration YAML

Description: Whether to suppress configuration warnings produced by the JMX Exporter configuration YAML configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_jmx_exporter_yaml
Required: true

Suppress Configuration Validator: JMX Port

Description: Whether to suppress configuration warnings produced by the JMX Port configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_jmx_port
Required: true

Suppress Configuration Validator: Kafka Client Advanced Configuration Snippet (Safety Valve) for kafka-conf/kafka-client.conf

Description: Whether to suppress configuration warnings produced by the Kafka Client Advanced Configuration Snippet (Safety Valve) for kafka-conf/kafka-client.conf configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka-conf/kafka-client.conf_client_config_safety_valve
Required: true

Suppress Configuration Validator: Kafka Client Advanced Configuration Snippet (Safety Valve) for kafka-conf/kafka-ranger-repo.properties

Description: Whether to suppress configuration warnings produced by the Kafka Client Advanced Configuration Snippet (Safety Valve) for kafka-conf/kafka-ranger-repo.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka-conf/kafka-ranger-repo.properties_client_config_safety_valve
Required: true

Suppress Configuration Validator: Kafka Broker Advanced Configuration Snippet (Safety Valve) for kafka-monitoring.properties

Description: Whether to suppress configuration warnings produced by the Kafka Broker Advanced Configuration Snippet (Safety Valve) for kafka-monitoring.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka-monitoring.properties_role_safety_valve
Required: true

Suppress Configuration Validator: List Of Allowed Nexus Repository Urls

Description: Whether to suppress configuration warnings produced by the List Of Allowed Nexus Repository Urls configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.allowed.nexus.urls
Required: true

Suppress Configuration Validator: Java Home Path Override

Description: Whether to suppress configuration warnings produced by the Java Home Path Override configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.jdk.home
Required: true

Suppress Configuration Validator: Kafka Connect Secrets Storage Global Key Local Location

Description: Whether to suppress configuration warnings produced by the Kafka Connect Secrets Storage Global Key Local Location configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.secret.global.key.location
Required: true

Suppress Configuration Validator: Kafka Connect Secrets Storage Global Password

Description: Whether to suppress configuration warnings produced by the Kafka Connect Secrets Storage Global Password configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.secret.global.password
Required: true

Suppress Configuration Validator: Kafka Connect Secrets Storage PBE Salt

Description: Whether to suppress configuration warnings produced by the Kafka Connect Secrets Storage PBE Salt configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.secret.pbe.salt
Required: true

Suppress Configuration Validator: Kafka Connect Secrets Storage Topic Name

Description: Whether to suppress configuration warnings produced by the Kafka Connect Secrets Storage Topic Name configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.secret.storage.topic
Required: true

Suppress Configuration Validator: Kafka Connect SPNEGO Auth To Local Rules

Description: Whether to suppress configuration warnings produced by the Kafka Connect SPNEGO Auth To Local Rules configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.spnego.kerberos.principal.to.local.rules
Required: true

Suppress Configuration Validator: List Of Trusted Proxy Services

Description: Whether to suppress configuration warnings produced by the List Of Trusted Proxy Services configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.connect.spnego.trusted.proxies
Required: true

Suppress Configuration Validator: HTTP Metric Report Host

Description: Whether to suppress configuration warnings produced by the HTTP Metric Report Host configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.host
Required: true

Suppress Configuration Validator: HTTP Metric Report Password

Description: Whether to suppress configuration warnings produced by the HTTP Metric Report Password configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.password
Required: true

Suppress Configuration Validator: HTTP Metric Report Port

Description: Whether to suppress configuration warnings produced by the HTTP Metric Report Port configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.port
Required: true

Suppress Configuration Validator: Http Metrics Report Exclude Filter

Description: Whether to suppress configuration warnings produced by the Http Metrics Report Exclude Filter configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.reporter.exclude.filter
Required: true

Suppress Configuration Validator: HTTP Metric Report User

Description: Whether to suppress configuration warnings produced by the HTTP Metric Report User configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.http.metrics.user
Required: true

Suppress Configuration Validator: Kafka Broker Advanced Configuration Snippet (Safety Valve) for kafka.properties

Description: Whether to suppress configuration warnings produced by the Kafka Broker Advanced Configuration Snippet (Safety Valve) for kafka.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka.properties_role_safety_valve
Required: true

Suppress Configuration Validator: Kafka Broker Load Balancer Host

Description: Whether to suppress configuration warnings produced by the Kafka Broker Load Balancer Host configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_broker_load_balancer_host
Required: true

Suppress Configuration Validator: Kafka Broker Load Balancer Listener Port

Description: Whether to suppress configuration warnings produced by the Kafka Broker Load Balancer Listener Port configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_broker_load_balancer_listener_port
Required: true

Suppress Configuration Validator: Kafka Broker Environment Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the Kafka Broker Environment Advanced Configuration Snippet (Safety Valve) configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_broker_role_env_safety_valve
Required: true

Suppress Configuration Validator: Kafka Connect Environment Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the Kafka Connect Environment Advanced Configuration Snippet (Safety Valve) configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_connect_role_env_safety_valve
Required: true

Suppress Configuration Validator: Kafka Connect Heap Java Options

Description: Whether to suppress configuration warnings produced by the Kafka Connect Heap Java Options configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_heap_opts
Required: true

Suppress Configuration Validator: Kafka MirrorMaker Environment Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the Kafka MirrorMaker Environment Advanced Configuration Snippet (Safety Valve) configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kafka_mirror_maker_role_env_safety_valve
Required: true

Suppress Configuration Validator: Role-Specific Kerberos Principal

Description: Whether to suppress configuration warnings produced by the Role-Specific Kerberos Principal configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kerberos_role_princ_name
Required: true

Suppress Configuration Validator: Key Converter

Description: Whether to suppress configuration warnings produced by the Key Converter configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_key.converter
Required: true

Suppress Configuration Validator: KRaft Controller Advanced Configuration Snippet (Safety Valve) for kraft.properties

Description: Whether to suppress configuration warnings produced by the KRaft Controller Advanced Configuration Snippet (Safety Valve) for kraft.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kraft.properties_role_safety_valve
Required: true

Suppress Configuration Validator: Additional KRaft Controller Java Options

Description: Whether to suppress configuration warnings produced by the Additional KRaft Controller Java Options configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kraft_java_opts
Required: true

Suppress Configuration Validator: KRaft Controller Environment Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the KRaft Controller Environment Advanced Configuration Snippet (Safety Valve) configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_kraft_role_env_safety_valve
Required: true

Suppress Configuration Validator: Data Directories

Description: Whether to suppress configuration warnings produced by the Data Directories configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_log.dirs
Required: true

Suppress Configuration Validator: Segment File Size

Description: Whether to suppress configuration warnings produced by the Segment File Size configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_log.segment.bytes
Required: true

Suppress Configuration Validator: Kafka Broker Logging Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the Kafka Broker Logging Advanced Configuration Snippet (Safety Valve) configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_log4j_safety_valve
Required: true

Suppress Configuration Validator: Kafka Broker Log Directory

Description: Whether to suppress configuration warnings produced by the Kafka Broker Log Directory configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_log_dir
Required: true

Suppress Configuration Validator: MirrorMaker Message Handler

Description: Whether to suppress configuration warnings produced by the MirrorMaker Message Handler configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_message.handler
Required: true

Suppress Configuration Validator: MirrorMaker Message Handler Arguments

Description: Whether to suppress configuration warnings produced by the MirrorMaker Message Handler Arguments configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_message.handler.args
Required: true

Suppress Configuration Validator: Metadata Log Directory

Description: Whether to suppress configuration warnings produced by the Metadata Log Directory configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_metadata.log.dir
Required: true

Suppress Configuration Validator: Jetty Metrics Password

Description: Whether to suppress configuration warnings produced by the Jetty Metrics Password configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_metrics.jetty.server.auth.password
Required: true

Suppress Configuration Validator: Jetty Metrics User Name

Description: Whether to suppress configuration warnings produced by the Jetty Metrics User Name configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_metrics.jetty.server.auth.username
Required: true

Suppress Configuration Validator: Jetty Metrics Port

Description: Whether to suppress configuration warnings produced by the Jetty Metrics Port configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_metrics.jetty.server.port
Required: true

Suppress Configuration Validator: Secure Jetty Metrics Port

Description: Whether to suppress configuration warnings produced by the Secure Jetty Metrics Port configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_metrics.jetty.server.secureport
Required: true

Suppress Configuration Validator: Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for mirror_maker_consumers.properties

Description: Whether to suppress configuration warnings produced by the Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for mirror_maker_consumers.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_mirror_maker_consumers.properties_role_safety_valve
Required: true

Suppress Configuration Validator: Additional MirrorMaker Java Options

Description: Whether to suppress configuration warnings produced by the Additional MirrorMaker Java Options configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_mirror_maker_java_opts
Required: true

Suppress Configuration Validator: Java Heap Size of MirrorMaker

Description: Whether to suppress configuration warnings produced by the Java Heap Size of MirrorMaker configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_mirror_maker_max_heap_size
Required: true

Suppress Configuration Validator: Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for mirror_maker_producers.properties

Description: Whether to suppress configuration warnings produced by the Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for mirror_maker_producers.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_mirror_maker_producers.properties_role_safety_valve
Required: true

Suppress Configuration Validator: Node ID

Description: Whether to suppress configuration warnings produced by the Node ID configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_node.id
Required: true

Suppress Configuration Validator: Number of I/O Threads

Description: Whether to suppress configuration warnings produced by the Number of I/O Threads configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_num.io.threads
Required: true

Suppress Configuration Validator: Number of Network Threads

Description: Whether to suppress configuration warnings produced by the Number of Network Threads configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_num.network.threads
Required: true

Suppress Configuration Validator: Number of Recovery Threads per data directory

Description: Whether to suppress configuration warnings produced by the Number of Recovery Threads per data directory configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_num.recovery.threads.per.data.dir
Required: true

Suppress Configuration Validator: Number of Alter Log Dir Threads

Description: Whether to suppress configuration warnings produced by the Number of Alter Log Dir Threads configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_num.replica.alter.log.dirs.threads
Required: true

Suppress Configuration Validator: Kafka Broker Advanced Configuration Snippet (Safety Valve) for oauth_jwks.json

Description: Whether to suppress configuration warnings produced by the Kafka Broker Advanced Configuration Snippet (Safety Valve) for oauth_jwks.json configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_oauth_jwks.json_role_safety_valve
Required: true

Suppress Configuration Validator: Offset Storage Topic Replication Factor

Description: Whether to suppress configuration warnings produced by the Offset Storage Topic Replication Factor configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_offset.storage.replication.factor
Required: true

Suppress Configuration Validator: Offset Storage Topic Name

Description: Whether to suppress configuration warnings produced by the Offset Storage Topic Name configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_offset.storage.topic
Required: true

Suppress Configuration Validator: Heap Dump Directory

Description: Whether to suppress configuration warnings produced by the Heap Dump Directory configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_oom_heap_dump_dir
Required: true

Suppress Configuration Validator: OpenTelemetry Collector Exporters Section

Description: Whether to suppress configuration warnings produced by the OpenTelemetry Collector Exporters Section configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_exporters
Required: true

Suppress Configuration Validator: OpenTelemetry Collector Extensions Section

Description: Whether to suppress configuration warnings produced by the OpenTelemetry Collector Extensions Section configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_extensions
Required: true

Suppress Configuration Validator: OpenTelemetry Collector Helper Port

Description: Whether to suppress configuration warnings produced by the OpenTelemetry Collector Helper Port configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_helper_port
Required: true

Suppress Configuration Validator: OpenTelemetry Collector Processors Section

Description: Whether to suppress configuration warnings produced by the OpenTelemetry Collector Processors Section configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_processors
Required: true

Suppress Configuration Validator: OpenTelemetry Collector Receivers Section

Description: Whether to suppress configuration warnings produced by the OpenTelemetry Collector Receivers Section configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_receivers
Required: true

Suppress Configuration Validator: OpenTelemetry Collector Remote Write Password

Description: Whether to suppress configuration warnings produced by the OpenTelemetry Collector Remote Write Password configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_password
Required: true

Suppress Configuration Validator: OpenTelemetry Collector Remote Write URL

Description: Whether to suppress configuration warnings produced by the OpenTelemetry Collector Remote Write URL configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_url
Required: true

Suppress Configuration Validator: OpenTelemetry Collector Remote Write Username

Description: Whether to suppress configuration warnings produced by the OpenTelemetry Collector Remote Write Username configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_remote_write_user
Required: true

Suppress Configuration Validator: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section

Description: Whether to suppress configuration warnings produced by the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Exporters Section configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_exporters
Required: true

Suppress Configuration Validator: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section

Description: Whether to suppress configuration warnings produced by the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Extensions Section configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_extensions
Required: true

Suppress Configuration Validator: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section

Description: Whether to suppress configuration warnings produced by the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Processors Section configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_processors
Required: true

Suppress Configuration Validator: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section

Description: Whether to suppress configuration warnings produced by the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Receivers Section configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_receivers
Required: true

Suppress Configuration Validator: Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section

Description: Whether to suppress configuration warnings produced by the Real-Time Monitoring for Jobs / Queries with OpenTelemetry - Service Section configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_rtm_logs_service
Required: true

Suppress Configuration Validator: OpenTelemetry Collector Service Section

Description: Whether to suppress configuration warnings produced by the OpenTelemetry Collector Service Section configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_otelcol_service
Required: true

Suppress Configuration Validator: Plugin Path

Description: Whether to suppress configuration warnings produced by the Plugin Path configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_plugin.path
Required: true

Suppress Configuration Validator: TCP Port

Description: Whether to suppress configuration warnings produced by the TCP Port configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_port
Required: true

Suppress Configuration Validator: Role Specific System Group

Description: Whether to suppress configuration warnings produced by the Role Specific System Group configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_process_groupname
Required: true

Suppress Configuration Validator: Role Specific System User

Description: Whether to suppress configuration warnings produced by the Role Specific System User configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_process_username
Required: true

Suppress Configuration Validator: Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-audit.xml

Description: Whether to suppress configuration warnings produced by the Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-audit.xml configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-audit.xml_role_safety_valve
Required: true

Suppress Configuration Validator: Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-audit.xml

Description: Whether to suppress configuration warnings produced by the Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-audit.xml configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-connect-audit.xml_role_safety_valve
Required: true

Suppress Configuration Validator: Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-policymgr-ssl.xml

Description: Whether to suppress configuration warnings produced by the Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-policymgr-ssl.xml configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-connect-policymgr-ssl.xml_role_safety_valve
Required: true

Suppress Configuration Validator: Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-security.xml

Description: Whether to suppress configuration warnings produced by the Kafka Connect Advanced Configuration Snippet (Safety Valve) for ranger-kafka-connect-security.xml configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-connect-security.xml_role_safety_valve
Required: true

Suppress Configuration Validator: Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-policymgr-ssl.xml

Description: Whether to suppress configuration warnings produced by the Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-policymgr-ssl.xml configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-policymgr-ssl.xml_role_safety_valve
Required: true

Suppress Configuration Validator: Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-security.xml

Description: Whether to suppress configuration warnings produced by the Kafka Broker Advanced Configuration Snippet (Safety Valve) for ranger-kafka-security.xml configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger-kafka-security.xml_role_safety_valve
Required: true

Suppress Configuration Validator: Ranger Kafka Plugin Audit Hdfs Spool Directory Path

Description: Whether to suppress configuration warnings produced by the Ranger Kafka Plugin Audit Hdfs Spool Directory Path configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_audit_hdfs_spool_dir
Required: true

Suppress Configuration Validator: Ranger Kafka Plugin Audit Solr Spool Directory Path

Description: Whether to suppress configuration warnings produced by the Ranger Kafka Plugin Audit Solr Spool Directory Path configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_audit_solr_spool_dir
Required: true

Suppress Configuration Validator: Ranger Kafka Connect Plugin Hdfs Audit Directory

Description: Whether to suppress configuration warnings produced by the Ranger Kafka Connect Plugin Hdfs Audit Directory configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kafka_connect_plugin_hdfs_audit_directory
Required: true

Suppress Configuration Validator: Ranger Kafka Connect Plugin Audit Hdfs Spool Directory Path

Description: Whether to suppress configuration warnings produced by the Ranger Kafka Connect Plugin Audit Hdfs Spool Directory Path configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kafka_connect_plugin_hdfs_audit_spool_directory
Required: true

Suppress Configuration Validator: Ranger Kafka Connect Plugin Audit Solr Spool Directory Path

Description: Whether to suppress configuration warnings produced by the Ranger Kafka Connect Plugin Audit Solr Spool Directory Path configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kafka_connect_plugin_solr_audit_spool_directory
Required: true

Suppress Configuration Validator: Ranger Kafka Plugin Conf Path

Description: Whether to suppress configuration warnings produced by the Ranger Kafka Plugin Conf Path configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kafka_plugin_conf_path
Required: true

Suppress Configuration Validator: Ranger Kafka Plugin Policy Cache Directory Path

Description: Whether to suppress configuration warnings produced by the Ranger Kafka Plugin Policy Cache Directory Path configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kafka_plugin_policy_cache_directory
Required: true

Suppress Configuration Validator: Ranger KRaft Plugin Audit Hdfs Spool Directory Path

Description: Whether to suppress configuration warnings produced by the Ranger KRaft Plugin Audit Hdfs Spool Directory Path configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kraft_plugin_hdfs_audit_spool_directory
Required: true

Suppress Configuration Validator: Ranger KRaft Plugin Policy Cache Directory Path

Description: Whether to suppress configuration warnings produced by the Ranger KRaft Plugin Policy Cache Directory Path configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kraft_plugin_policy_cache_directory
Required: true

Suppress Configuration Validator: Ranger KRaft Plugin Audit Solr Spool Directory Path

Description: Whether to suppress configuration warnings produced by the Ranger KRaft Plugin Audit Solr Spool Directory Path configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_kraft_plugin_solr_audit_spool_directory
Required: true

Suppress Configuration Validator: Ranger Kafka Plugin Policy Cache Directory Path

Description: Whether to suppress configuration warnings produced by the Ranger Kafka Plugin Policy Cache Directory Path configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_plugin_kafka_connect_policy_cache_directory
Required: true

Suppress Configuration Validator: 'Ranger service' name for the Kafka Connect service

Description: Whether to suppress configuration warnings produced by the 'Ranger service' name for the Kafka Connect service configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_plugin_kafka_connect_service_name
Required: true

Suppress Configuration Validator: Ranger Plugin Trusted Proxy IP Address

Description: Whether to suppress configuration warnings produced by the Ranger Plugin Trusted Proxy IP Address configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_plugin_kafka_connect_trusted_proxy_ipaddress
Required: true

Suppress Configuration Validator: Ranger Plugin Trusted Proxy IP Address

Description: Whether to suppress configuration warnings produced by the Ranger Plugin Trusted Proxy IP Address configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_plugin_kraft_trusted_proxy_ipaddress
Required: true

Suppress Configuration Validator: Ranger Plugin Trusted Proxy IP Address

Description: Whether to suppress configuration warnings produced by the Ranger Plugin Trusted Proxy IP Address configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ranger_plugin_trusted_proxy_ipaddress
Required: true

Suppress Configuration Validator: Rest Extension Classes

Description: Whether to suppress configuration warnings produced by the Rest Extension Classes configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_rest.extension.classes
Required: true

Suppress Configuration Validator: Kafka Connect Rest Port

Description: Whether to suppress configuration warnings produced by the Kafka Connect Rest Port configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_rest.port
Required: true

Suppress Configuration Validator: Custom Control Group Resources (overrides Cgroup settings)

Description: Whether to suppress configuration warnings produced by the Custom Control Group Resources (overrides Cgroup settings) configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_rm_custom_resources
Required: true

Suppress Configuration Validator: Role Triggers

Description: Whether to suppress configuration warnings produced by the Role Triggers configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_role_triggers
Required: true

Suppress Configuration Validator: Kafka Broker Advanced Configuration Snippet (Safety Valve) for rolling_restart_check_after_start_admin_client_configs.properties

Description: Whether to suppress configuration warnings produced by the Kafka Broker Advanced Configuration Snippet (Safety Valve) for rolling_restart_check_after_start_admin_client_configs.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_rolling_restart_check_after_start_admin_client_configs.properties_role_safety_valve
Required: true

Suppress Configuration Validator: Kafka Broker Advanced Configuration Snippet (Safety Valve) for rolling_restart_check_before_stop_admin_client_configs.properties

Description: Whether to suppress configuration warnings produced by the Kafka Broker Advanced Configuration Snippet (Safety Valve) for rolling_restart_check_before_stop_admin_client_configs.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_rolling_restart_check_before_stop_admin_client_configs.properties_role_safety_valve
Required: true

Suppress Configuration Validator: Secure Kafka Connect Rest Port

Description: Whether to suppress configuration warnings produced by the Secure Kafka Connect Rest Port configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_secure.rest.port
Required: true

Suppress Configuration Validator: Source Broker List

Description: Whether to suppress configuration warnings produced by the Source Broker List configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_source.bootstrap.servers
Required: true

Suppress Configuration Validator: Kafka Broker Advanced Configuration Snippet (Safety Valve) for ssl.properties

Description: Whether to suppress configuration warnings produced by the Kafka Broker Advanced Configuration Snippet (Safety Valve) for ssl.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ssl.properties_role_safety_valve
Required: true

Suppress Configuration Validator: Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for ssl_client.properties

Description: Whether to suppress configuration warnings produced by the Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for ssl_client.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client.properties_role_safety_valve
Required: true

Suppress Configuration Validator: Kafka Broker TLS/SSL Trust Store File

Description: Whether to suppress configuration warnings produced by the Kafka Broker TLS/SSL Trust Store File configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client_truststore_location
Required: true

Suppress Configuration Validator: Kafka Broker TLS/SSL Trust Store Password

Description: Whether to suppress configuration warnings produced by the Kafka Broker TLS/SSL Trust Store Password configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_client_truststore_password
Required: true

Suppress Configuration Validator: TLS/SSL Port

Description: Whether to suppress configuration warnings produced by the TLS/SSL Port configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_port
Required: true

Suppress Configuration Validator: Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for ssl_server.properties

Description: Whether to suppress configuration warnings produced by the Kafka MirrorMaker Advanced Configuration Snippet (Safety Valve) for ssl_server.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server.properties_role_safety_valve
Required: true

Suppress Configuration Validator: Kafka Broker TLS/SSL Server Keystore Key Password

Description: Whether to suppress configuration warnings produced by the Kafka Broker TLS/SSL Server Keystore Key Password configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_keypassword
Required: true

Suppress Configuration Validator: Kafka Broker TLS/SSL Server Keystore File Location

Description: Whether to suppress configuration warnings produced by the Kafka Broker TLS/SSL Server Keystore File Location configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_location
Required: true

Suppress Configuration Validator: Kafka Broker TLS/SSL Server Keystore File Password

Description: Whether to suppress configuration warnings produced by the Kafka Broker TLS/SSL Server Keystore File Password configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_ssl_server_keystore_password
Required: true

Suppress Configuration Validator: Stacks Collection Directory

Description: Whether to suppress configuration warnings produced by the Stacks Collection Directory configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_stacks_collection_directory
Required: true

Suppress Configuration Validator: Status Storage Topic Replication Factor

Description: Whether to suppress configuration warnings produced by the Status Storage Topic Replication Factor configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_status.storage.replication.factor
Required: true

Suppress Configuration Validator: Status Storage Topic Name

Description: Whether to suppress configuration warnings produced by the Status Storage Topic Name configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_status.storage.topic
Required: true

Suppress Configuration Validator: Value Converter

Description: Whether to suppress configuration warnings produced by the Value Converter configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_value.converter
Required: true

Suppress Configuration Validator: Topic Whitelist

Description: Whether to suppress configuration warnings produced by the Topic Whitelist configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_whitelist
Required: true

Suppress Configuration Validator: Kafka Broker Advanced Configuration Snippet (Safety Valve) for zookeeper-ssl.properties

Description: Whether to suppress configuration warnings produced by the Kafka Broker Advanced Configuration Snippet (Safety Valve) for zookeeper-ssl.properties configuration validator.
Related Name
Default Value: false
API Name: role_config_suppression_zookeeper-ssl.properties_role_safety_valve
Required: true

Suppress Parameter Validation: Atlas metadata namespace for Kafka Clients

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Atlas metadata namespace for Kafka Clients parameter.
Related Name
Default Value: false
API Name: service_config_suppression_atlas.metadata.namespace.client
Required: true

Suppress Parameter Validation: Atlas metadata namespace for Kafka Topics

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Atlas metadata namespace for Kafka Topics parameter.
Related Name
Default Value: false
API Name: service_config_suppression_atlas.metadata.namespace.topic
Required: true

Suppress Parameter Validation: Controlled Shutdown Maximum Attempts

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Controlled Shutdown Maximum Attempts parameter.
Related Name
Default Value: false
API Name: service_config_suppression_controlled.shutdown.max.retries
Required: true

Suppress Parameter Validation: Default Replication Factor

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Default Replication Factor parameter.
Related Name
Default Value: false
API Name: service_config_suppression_default.replication.factor
Required: true

Suppress Configuration Validator: Gateway Count Validator

Description: Whether to suppress configuration warnings produced by the Gateway Count Validator configuration validator.
Related Name
Default Value: false
API Name: service_config_suppression_gateway_count_validator
Required: true

Suppress Parameter Validation: Kafka Service Advanced Configuration Snippet (Safety Valve) for kafka-monitoring.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Service Advanced Configuration Snippet (Safety Valve) for kafka-monitoring.properties parameter.
Related Name
Default Value: false
API Name: service_config_suppression_kafka-monitoring.properties_service_safety_valve
Required: true

Suppress Parameter Validation: List of Metric Reporters

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the List of Metric Reporters parameter.
Related Name
Default Value: false
API Name: service_config_suppression_kafka.metrics.reporters
Required: true

Suppress Configuration Validator: Kafka Broker Count Validator

Description: Whether to suppress configuration warnings produced by the Kafka Broker Count Validator configuration validator.
Related Name
Default Value: false
API Name: service_config_suppression_kafka_broker_count_validator
Required: true

Suppress Configuration Validator: Kafka Connect Count Validator

Description: Whether to suppress configuration warnings produced by the Kafka Connect Count Validator configuration validator.
Related Name
Default Value: false
API Name: service_config_suppression_kafka_connect_count_validator
Required: true

Suppress Configuration Validator: Kafka MirrorMaker Count Validator

Description: Whether to suppress configuration warnings produced by the Kafka MirrorMaker Count Validator configuration validator.
Related Name
Default Value: false
API Name: service_config_suppression_kafka_mirror_maker_count_validator
Required: true

Suppress Parameter Validation: Kafka Service Environment Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Service Environment Advanced Configuration Snippet (Safety Valve) parameter.
Related Name
Default Value: false
API Name: service_config_suppression_kafka_service_env_safety_valve
Required: true

Suppress Parameter Validation: Kerberos Principal

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kerberos Principal parameter.
Related Name
Default Value: false
API Name: service_config_suppression_kerberos_princ_name
Required: true

Suppress Configuration Validator: KRaft Controller Count Validator

Description: Whether to suppress configuration warnings produced by the KRaft Controller Count Validator configuration validator.
Related Name
Default Value: false
API Name: service_config_suppression_kraft_count_validator
Required: true

Suppress Parameter Validation: LDAP URL

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the LDAP URL parameter.
Related Name
Default Value: false
API Name: service_config_suppression_ldap.auth.url
Required: true

Suppress Parameter Validation: LDAP User DN Template

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the LDAP User DN Template parameter.
Related Name
Default Value: false
API Name: service_config_suppression_ldap.auth.user.dn.template
Required: true

Suppress Parameter Validation: Leader Imbalance Check Interval

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Leader Imbalance Check Interval parameter.
Related Name
Default Value: false
API Name: service_config_suppression_leader.imbalance.check.interval.seconds
Required: true

Suppress Parameter Validation: Leader Imbalance Allowed Per Broker

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Leader Imbalance Allowed Per Broker parameter.
Related Name
Default Value: false
API Name: service_config_suppression_leader.imbalance.per.broker.percentage
Required: true

Suppress Parameter Validation: Maximum Message Size

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Maximum Message Size parameter.
Related Name
Default Value: false
API Name: service_config_suppression_message.max.bytes
Required: true

Suppress Parameter Validation: Cruise Control Metric Reporter Principal Name

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Cruise Control Metric Reporter Principal Name parameter.
Related Name
Default Value: false
API Name: service_config_suppression_metric.reporter.principal.name
Required: true

Suppress Parameter Validation: Minimum Number of Replicas in ISR

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Minimum Number of Replicas in ISR parameter.
Related Name
Default Value: false
API Name: service_config_suppression_min.insync.replicas
Required: true

Suppress Parameter Validation: Default Number of Partitions

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Default Number of Partitions parameter.
Related Name
Default Value: false
API Name: service_config_suppression_num.partitions
Required: true

Suppress Parameter Validation: Number of Replica Fetchers

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Number of Replica Fetchers parameter.
Related Name
Default Value: false
API Name: service_config_suppression_num.replica.fetchers
Required: true

Suppress Parameter Validation: JWT Expected Audience For OAuth2

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JWT Expected Audience For OAuth2 parameter.
Related Name
Default Value: false
API Name: service_config_suppression_oauth.expected.audience
Required: true

Suppress Parameter Validation: JWT Expected Issuer For OAuth2

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JWT Expected Issuer For OAuth2 parameter.
Related Name
Default Value: false
API Name: service_config_suppression_oauth.expected.issuer
Required: true

Suppress Parameter Validation: JWKS URL For OAuth2

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JWKS URL For OAuth2 parameter.
Related Name
Default Value: false
API Name: service_config_suppression_oauth.jwks.url
Required: true

Suppress Parameter Validation: JWT Principal Claim Name For OAuth2

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the JWT Principal Claim Name For OAuth2 parameter.
Related Name
Default Value: false
API Name: service_config_suppression_oauth.principal.claim.name
Required: true

Suppress Parameter Validation: Offset Commit Topic Number of Partitions

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Offset Commit Topic Number of Partitions parameter.
Related Name
Default Value: false
API Name: service_config_suppression_offsets.topic.num.partitions
Required: true

Suppress Parameter Validation: Offset Commit Topic Replication Factor

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Offset Commit Topic Replication Factor parameter.
Related Name
Default Value: false
API Name: service_config_suppression_offsets.topic.replication.factor
Required: true

Suppress Parameter Validation: PAM Service

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the PAM Service parameter.
Related Name
Default Value: false
API Name: service_config_suppression_pam.auth.service
Required: true

Suppress Parameter Validation: System Group

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the System Group parameter.
Related Name
Default Value: false
API Name: service_config_suppression_process_groupname
Required: true

Suppress Parameter Validation: System User

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the System User parameter.
Related Name
Default Value: false
API Name: service_config_suppression_process_username
Required: true

Suppress Parameter Validation: Kafka Service Advanced Configuration Snippet (Safety Valve) for ranger-kafka-audit.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Service Advanced Configuration Snippet (Safety Valve) for ranger-kafka-audit.xml parameter.
Related Name
Default Value: false
API Name: service_config_suppression_ranger-kafka-audit.xml_service_safety_valve
Required: true

Suppress Parameter Validation: Kafka Service Advanced Configuration Snippet (Safety Valve) for ranger-kafka-policymgr-ssl.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Service Advanced Configuration Snippet (Safety Valve) for ranger-kafka-policymgr-ssl.xml parameter.
Related Name
Default Value: false
API Name: service_config_suppression_ranger-kafka-policymgr-ssl.xml_service_safety_valve
Required: true

Suppress Parameter Validation: Kafka Service Advanced Configuration Snippet (Safety Valve) for ranger-kafka-security.xml

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Service Advanced Configuration Snippet (Safety Valve) for ranger-kafka-security.xml parameter.
Related Name
Default Value: false
API Name: service_config_suppression_ranger-kafka-security.xml_service_safety_valve
Required: true

Suppress Parameter Validation: Ranger Kafka Plugin Hdfs Audit Directory

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Ranger Kafka Plugin Hdfs Audit Directory parameter.
Related Name
Default Value: false
API Name: service_config_suppression_ranger_kafka_plugin_hdfs_audit_directory
Required: true

Suppress Parameter Validation: 'Ranger service' name for this Kafka service

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the 'Ranger service' name for this Kafka service parameter.
Related Name
Default Value: false
API Name: service_config_suppression_ranger_plugin_kafka_service_name
Required: true

Suppress Parameter Validation: Replica Maximum Fetch Size

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Replica Maximum Fetch Size parameter.
Related Name
Default Value: false
API Name: service_config_suppression_replica.fetch.max.bytes
Required: true

Suppress Parameter Validation: Service Triggers

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Service Triggers parameter.
Related Name
Default Value: false
API Name: service_config_suppression_service_triggers
Required: true

Suppress Parameter Validation: Service Monitor Derived Configs Advanced Configuration Snippet (Safety Valve)

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Service Monitor Derived Configs Advanced Configuration Snippet (Safety Valve) parameter.
Related Name
Default Value: false
API Name: service_config_suppression_smon_derived_configs_safety_valve
Required: true

Suppress Parameter Validation: Kafka Service Advanced Configuration Snippet (Safety Valve) for ssl.properties

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Kafka Service Advanced Configuration Snippet (Safety Valve) for ssl.properties parameter.
Related Name
Default Value: false
API Name: service_config_suppression_ssl.properties_service_safety_valve
Required: true

Suppress Parameter Validation: Transaction State Log Replication Factor

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the Transaction State Log Replication Factor parameter.
Related Name
Default Value: false
API Name: service_config_suppression_transaction.state.log.replication.factor
Required: true

Suppress Parameter Validation: ZooKeeper Root

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the ZooKeeper Root parameter.
Related Name
Default Value: false
API Name: service_config_suppression_zookeeper.chroot
Required: true

Suppress Parameter Validation: ZooKeeper Session Timeout

Description: Whether to suppress configuration warnings produced by the built-in parameter validation for the ZooKeeper Session Timeout parameter.
Related Name
Default Value: false
API Name: service_config_suppression_zookeeper.session.timeout.ms
Required: true

Suppress Health Test: Kafka Broker Health

Description: Whether to suppress the results of the Kafka Broker Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: service_health_suppression_kafka_kafka_broker_healthy
Required: true

Suppress Health Test: Kafka Connect Health

Description: Whether to suppress the results of the Kafka Connect Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: service_health_suppression_kafka_kafka_connect_healthy
Required: true

Suppress Health Test: KRaft Controller Health

Description: Whether to suppress the results of the KRaft Controller Health heath test. The results of suppressed health tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.
Related Name
Default Value: false
API Name: service_health_suppression_kafka_kraft_healthy
Required: true