Isilon Properties in CDH 5.1.0
Role groups:
gatewaydefaultgroup
Advanced
Display Name | Description | Related Name | Default Value | API Name | Required |
---|---|---|---|---|---|
Deploy Directory | The directory where the client configs will be deployed | /etc/hadoop | client_config_root_dir | true | |
Client Java Configuration Options | These are Java command line arguments. Commonly, garbage collection flags or extra debugging flags would be passed here. | -Djava.net.preferIPv4Stack=true | hbase_client_java_opts | false | |
HDFS Client Advanced Configuration Snippet (Safety Valve) for hdfs-site.xml | For advanced use only, a string to be inserted into the client configuration for hdfs-site.xml. | hdfs_client_config_safety_valve | false | ||
HDFS Client Environment Advanced Configuration Snippet for hadoop-env.sh (Safety Valve) | For advanced use only, key-value pairs (one on each line) to be inserted into the client configuration for hadoop-env.sh | hdfs_client_env_safety_valve | false |
Monitoring
Display Name | Description | Related Name | Default Value | API Name | Required |
---|---|---|---|---|---|
Enable Configuration Change Alerts | When set, Cloudera Manager will send alerts when this entity's configuration changes. | false | enable_config_alerts | false |
Other
Display Name | Description | Related Name | Default Value | API Name | Required |
---|---|---|---|---|---|
Alternatives Priority | The priority level that the client configuration will have in the Alternatives system on the hosts. Higher priority levels will cause Alternatives to prefer this configuration over any others. | 90 | client_config_priority | true | |
Use Trash | Move deleted files to the trash so that they can be recovered if necessary. This client side configuration takes effect only if the HDFS service-wide trash is disabled (NameNode Filesystem Trash Interval set to 0) and is ignored otherwise. The trash is not automatically emptied when enabled with this configuration. | false | dfs_client_use_trash | false |
Performance
Display Name | Description | Related Name | Default Value | API Name | Required |
---|---|---|---|---|---|
Enable HDFS Short Circuit Read | Enable HDFS short circuit read. This allows a client co-located with the DataNode to read HDFS file blocks directly. This gives a performance boost to distributed clients that are aware of locality. | dfs.client.read.shortcircuit | false | dfs_client_read_shortcircuit | false |
service_wide
Advanced
Display Name | Description | Related Name | Default Value | API Name | Required |
---|---|---|---|---|---|
Isilon Service Environment Advanced Configuration Snippet (Safety Valve) | For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of all roles in this service except client configuration. | ISILON_service_env_safety_valve | false | ||
Cluster-wide Advanced Configuration Snippet (Safety Valve) for core-site.xml | For advanced use only, a string to be inserted into core-site.xml. Applies to all roles and client configurations in this HDFS service as well as all its dependent services. Any configs added here will be overridden by their default values in HDFS (which can be found in hdfs-default.xml). | core_site_safety_valve | false | ||
Enable HDFS Block Metadata API | Enables DataNode support for the experimental DistributedFileSystem.getFileVBlockStorageLocations API. Applicable to CDH 4.1 and onwards. | dfs.datanode.hdfs-blocks-metadata.enabled | true | dfs_datanode_hdfs_blocks_metadata_enabled | false |
HDFS Client Advanced Configuration Snippet (Safety Valve) for hdfs-site.xml | For advanced use only, a string to be inserted into the client configuration for hdfs-site.xml. | hdfs_client_config_safety_valve | false | ||
System Group | The group that this service's processes should run as. | isilon | process_groupname | true | |
System User | The user that this service's processes should run as. | isilon | process_username | true |
Monitoring
Display Name | Description | Related Name | Default Value | API Name | Required |
---|---|---|---|---|---|
Enable Service Level Health Alerts | When set, Cloudera Manager will send alerts when the health of this service reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold | true | enable_alerts | false | |
Enable Configuration Change Alerts | When set, Cloudera Manager will send alerts when this entity's configuration changes. | false | enable_config_alerts | false | |
Service Triggers | The configured triggers for this service. This is a JSON formatted list of triggers. These triggers are evaluated as part as the
health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has all of the following
fields:
|
[] | service_triggers | true | |
Service Monitor Client Config Overrides | For advanced use only, a list of configuration properties that will be used by the Service Monitor instead of the current client configuration for the service. | <property><name>dfs.socket.timeout</name><value>3000</value></property><property><name>dfs.datanode.socket.write.timeout</name><value>3000</value></property><property><name>ipc.client.connect.max.retries</name><value>1</value></property><property><name>fs.permissions.umask-mode</name><value>000</value></property> | smon_client_config_overrides | false | |
Service Monitor Derived Configs Advanced Configuration Snippet (Safety Valve) | For advanced use only, a list of derived configuration properties that will be used by the Service Monitor instead of the default ones. | smon_derived_configs_safety_valve | false |
Other
Display Name | Description | Related Name | Default Value | API Name | Required |
---|---|---|---|---|---|
Default File System URI | The full file system URI, to be emitted as 'fs.default.name' | default_fs_name | default_fs_name | true | |
HDFS Block Size | The default block size in bytes for new HDFS files. Note that this value is also used as the HBase Region Server HLog block size. | dfs.blocksize | 128 MiB | dfs_block_size | false |
Default Umask | Default umask for file and directory creation, specified in an octal value (with a leading 0) | fs.permissions.umask-mode | 022 | dfs_umaskmode | false |
Compression Codecs | Comma-separated list of compression codecs that can be used in job or map compression. | io.compression.codecs | org.apache.hadoop.io.compress.DefaultCodec, org.apache.hadoop.io.compress.GzipCodec, org.apache.hadoop.io.compress.BZip2Codec, org.apache.hadoop.io.compress.DeflateCodec, org.apache.hadoop.io.compress.SnappyCodec, org.apache.hadoop.io.compress.Lz4Codec | io_compression_codecs | false |
Kerberos Authentication | Whether Kerberos is enabled for authentication | kerberos_authentication | false | kerberos_authentication | true |
WebHDFS URL | Full URL for the Web Interface of Isilon service. | webhdfs_url | webhdfs_url | false |
Performance
Display Name | Description | Related Name | Default Value | API Name | Required |
---|---|---|---|---|---|
UNIX Domain Socket path | Path on the DataNode's local file system to a UNIX domain socket used for communication between the DataNode and local HDFS clients. This socket is used for Short Circuit Reads. Only the HDFS System User and "root" should have write access to the parent directory and all of its ancestors. This property is supported in CDH 4.2 or later deployments. | dfs.domain.socket.path | /var/run/hdfs-sockets/dn | dfs_domain_socket_path | false |
Proxy
Display Name | Description | Related Name | Default Value | API Name | Required |
---|---|---|---|---|---|
HTTP Proxy User Groups | Comma-delimited list of groups that you want to allow the HTTP user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. This is used by WebHCat. | hadoop.proxyuser.HTTP.groups | * | HTTP_proxy_user_groups_list | false |
HTTP Proxy User Hosts | Comma-delimited list of hosts where you want to allow the HTTP user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. This is used by WebHCat. | hadoop.proxyuser.HTTP.hosts | * | HTTP_proxy_user_hosts_list | false |
Flume Proxy User Groups | Allows the flume user to impersonate any members of a comma-delimited list of groups. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. | hadoop.proxyuser.flume.groups | * | flume_proxy_user_groups_list | false |
Flume Proxy User Hosts | Comma-delimited list of hosts where you want to allow the flume user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. | hadoop.proxyuser.flume.hosts | * | flume_proxy_user_hosts_list | false |
HDFS Proxy User Groups | Comma-delimited list of groups to allow the HDFS user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. | hadoop.proxyuser.hdfs.groups | * | hdfs_proxy_user_groups_list | false |
HDFS Proxy User Hosts | Comma-delimited list of hosts where you want to allow the HDFS user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. | hadoop.proxyuser.hdfs.hosts | * | hdfs_proxy_user_hosts_list | false |
Hive Proxy User Groups | Comma-delimited list of groups that you want to allow the Hive user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. | hadoop.proxyuser.hive.groups | * | hive_proxy_user_groups_list | false |
Hive Proxy User Hosts | Comma-delimited list of hosts where you want to allow the Hive user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. | hadoop.proxyuser.hive.hosts | * | hive_proxy_user_hosts_list | false |
HttpFS Proxy User Groups | Comma-delimited list of groups to allow the HttpFS user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. | hadoop.proxyuser.httpfs.groups | * | httpfs_proxy_user_groups_list | false |
HttpFS Proxy User Hosts | Comma-delimited list of hosts where you want to allow the HttpFS user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. | hadoop.proxyuser.httpfs.hosts | * | httpfs_proxy_user_hosts_list | false |
Hue Proxy User Groups | Comma-delimited list of groups that you want to allow the Hue user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. | hadoop.proxyuser.hue.groups | * | hue_proxy_user_groups_list | false |
Hue Proxy User Hosts | Comma-delimited list of hosts where you want to allow the Hue user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. | hadoop.proxyuser.hue.hosts | * | hue_proxy_user_hosts_list | false |
Mapred Proxy User Groups | Comma-delimited list of groups that you want to allow the mapred user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. | hadoop.proxyuser.mapred.groups | * | mapred_proxy_user_groups_list | false |
Mapred Proxy User Hosts | Comma-delimited list of hosts where you want to allow the mapred user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. | hadoop.proxyuser.mapred.hosts | * | mapred_proxy_user_hosts_list | false |
Oozie Proxy User Groups | Allows the oozie superuser to impersonate any members of a comma-delimited list of groups. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. | hadoop.proxyuser.oozie.groups | * | oozie_proxy_user_groups_list | false |
Oozie Proxy User Hosts | Comma-delimited list of hosts where you want to allow the oozie user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. | hadoop.proxyuser.oozie.hosts | * | oozie_proxy_user_hosts_list | false |
Replication
Display Name | Description | Related Name | Default Value | API Name | Required |
---|---|---|---|---|---|
Replication Factor | Default block replication. The number of replications to make when the file is created. The default value is used if a replication number is not specified. | dfs.replication | 3 | dfs_replication | false |
Security
Display Name | Description | Related Name | Default Value | API Name | Required |
---|---|---|---|---|---|
Enable Access Control Lists | ACLs (Access Control Lists) enhance the existing HDFS permission model to support controlling file access for arbitrary combinations of users and groups instead of a single owner, single group, and all other users. When ACLs are disabled, the NameNode rejects all attempts to set an ACL. | dfs.namenode.acls.enabled | false | dfs_namenode_acls_enabled | false |
Additional Rules to Map Kerberos Principals to Short Names | Additional mapping rules that will be inserted before rules generated from the list of trusted realms and before the default rule. After changing this value and restarting the service, any services depending on this one must be restarted as well. The hadoop.security.auth_to_local property is configured using this information. | extra_auth_to_local_rules | false | ||
Authorized Admin Groups | Comma-separated list of groups authorized to perform admin operations on Hadoop. This is emitted only if authorization is enabled. | hadoop_authorized_admin_groups | false | ||
Authorized Admin Users | Comma-separated list of users authorized to perform admin operations on Hadoop. This is emitted only if authorization is enabled. | * | hadoop_authorized_admin_users | false | |
Authorized Groups | Comma-separated list of groups authorized to used Hadoop. This is emitted only if authorization is enabled. | hadoop_authorized_groups | false | ||
Authorized Users | Comma-separated list of users authorized to used Hadoop. This is emitted only if authorization is enabled. | * | hadoop_authorized_users | false | |
Hadoop RPC Protection | Quality of protection for secured RPC connections between NameNode and HDFS clients. For effective RPC protection, enable Kerberos authentication. | hadoop.rpc.protection | authentication | hadoop_rpc_protection | false |
Hadoop Secure Authorization | Enable authorization | hadoop.security.authorization | false | hadoop_security_authorization | false |
Cluster-Wide Default SSL Client Truststore Location | Path to the SSL client truststore file. Defines a cluster-wide default that can be overridden by individual services. This truststore must be in JKS format. The truststore contains certificates of trusted servers, or of Certificate Authorities trusted to identify servers. The contents of the truststore can be modified without restarting any roles. By default, changes to its contents are picked up within ten seconds. If not set, the default Java truststore is used to verify certificates. | ssl.client.truststore.location | ssl_client_truststore_location | false | |
Cluster-Wide Default SSL Client Truststore Password | Password for the SSL client truststore. Defines a cluster-wide default that can be overridden by individual services. | ssl.client.truststore.password | ssl_client_truststore_password | false | |
Trusted Kerberos Realms | List of Kerberos realms that Hadoop services should trust. If empty, defaults to the default_realm property configured in the krb5.conf file. After changing this value and restarting the service, all services depending on this service must also be restarted. Adds mapping rules for each domain to the hadoop.security.auth_to_local property in core-site.xml. | trusted_realms | false |