Isilon Properties in CDH 5.1.0

gatewaydefaultgroup

Advanced

Display Name Description Related Name Default Value API Name Required
Deploy Directory The directory where the client configs will be deployed /etc/hadoop client_config_root_dir true
Client Java Configuration Options These are Java command line arguments. Commonly, garbage collection flags or extra debugging flags would be passed here. -Djava.net.preferIPv4Stack=true hbase_client_java_opts false
HDFS Client Advanced Configuration Snippet (Safety Valve) for hdfs-site.xml For advanced use only, a string to be inserted into the client configuration for hdfs-site.xml. hdfs_client_config_safety_valve false
HDFS Client Environment Advanced Configuration Snippet for hadoop-env.sh (Safety Valve) For advanced use only, key-value pairs (one on each line) to be inserted into the client configuration for hadoop-env.sh hdfs_client_env_safety_valve false

Monitoring

Display Name Description Related Name Default Value API Name Required
Enable Configuration Change Alerts When set, Cloudera Manager will send alerts when this entity's configuration changes. false enable_config_alerts false

Other

Display Name Description Related Name Default Value API Name Required
Alternatives Priority The priority level that the client configuration will have in the Alternatives system on the hosts. Higher priority levels will cause Alternatives to prefer this configuration over any others. 90 client_config_priority true
Use Trash Move deleted files to the trash so that they can be recovered if necessary. This client side configuration takes effect only if the HDFS service-wide trash is disabled (NameNode Filesystem Trash Interval set to 0) and is ignored otherwise. The trash is not automatically emptied when enabled with this configuration. false dfs_client_use_trash false

Performance

Display Name Description Related Name Default Value API Name Required
Enable HDFS Short Circuit Read Enable HDFS short circuit read. This allows a client co-located with the DataNode to read HDFS file blocks directly. This gives a performance boost to distributed clients that are aware of locality. dfs.client.read.shortcircuit false dfs_client_read_shortcircuit false

Resource Management

Display Name Description Related Name Default Value API Name Required
Client Java Heap Size in Bytes Maximum size in bytes for the Java process heap memory. Passed to Java -Xmx. 256 MiB hdfs_client_java_heapsize false

service_wide

Advanced

Display Name Description Related Name Default Value API Name Required
Isilon Service Environment Advanced Configuration Snippet (Safety Valve) For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of all roles in this service except client configuration. ISILON_service_env_safety_valve false
Cluster-wide Advanced Configuration Snippet (Safety Valve) for core-site.xml For advanced use only, a string to be inserted into core-site.xml. Applies to all roles and client configurations in this HDFS service as well as all its dependent services. Any configs added here will be overridden by their default values in HDFS (which can be found in hdfs-default.xml). core_site_safety_valve false
Enable HDFS Block Metadata API Enables DataNode support for the experimental DistributedFileSystem.getFileVBlockStorageLocations API. Applicable to CDH 4.1 and onwards. dfs.datanode.hdfs-blocks-metadata.enabled true dfs_datanode_hdfs_blocks_metadata_enabled false
HDFS Client Advanced Configuration Snippet (Safety Valve) for hdfs-site.xml For advanced use only, a string to be inserted into the client configuration for hdfs-site.xml. hdfs_client_config_safety_valve false
System Group The group that this service's processes should run as. isilon process_groupname true
System User The user that this service's processes should run as. isilon process_username true

Monitoring

Display Name Description Related Name Default Value API Name Required
Enable Service Level Health Alerts When set, Cloudera Manager will send alerts when the health of this service reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold true enable_alerts false
Enable Configuration Change Alerts When set, Cloudera Manager will send alerts when this entity's configuration changes. false enable_config_alerts false
Service Triggers The configured triggers for this service. This is a JSON formatted list of triggers. These triggers are evaluated as part as the health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has all of the following fields:
  • triggerName (mandatory) - the name of the trigger. This value must be unique for the specific service.
  • triggerExpression (mandatory) - a tsquery expression representing the trigger.
  • streamThreshold (optional) - the maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire.
  • enabled (optional) - by default set to 'true'. If set to 'false' the trigger will not be evaluated.
For example, here is a JSON formatted trigger that fires if there are more than 10 DataNodes with more than 500 file-descriptors opened:[{"triggerName": "sample-trigger", "triggerExpression": "IF (SELECT fd_open WHERE roleType = DataNode and last(fd_open) > 500) DO health:bad", "streamThreshold": 10, "enabled": "true"}]Consult the trigger rules documentation for more details on how to write triggers using tsquery.The JSON format is evolving and may change in the future and as a result backward compatibility is not guaranteed between releases at this time.
[] service_triggers true
Service Monitor Client Config Overrides For advanced use only, a list of configuration properties that will be used by the Service Monitor instead of the current client configuration for the service. <property><name>dfs.socket.timeout</name><value>3000</value></property><property><name>dfs.datanode.socket.write.timeout</name><value>3000</value></property><property><name>ipc.client.connect.max.retries</name><value>1</value></property><property><name>fs.permissions.umask-mode</name><value>000</value></property> smon_client_config_overrides false
Service Monitor Derived Configs Advanced Configuration Snippet (Safety Valve) For advanced use only, a list of derived configuration properties that will be used by the Service Monitor instead of the default ones. smon_derived_configs_safety_valve false

Other

Display Name Description Related Name Default Value API Name Required
Default File System URI The full file system URI, to be emitted as 'fs.default.name' default_fs_name default_fs_name true
HDFS Block Size The default block size in bytes for new HDFS files. Note that this value is also used as the HBase Region Server HLog block size. dfs.blocksize 128 MiB dfs_block_size false
Default Umask Default umask for file and directory creation, specified in an octal value (with a leading 0) fs.permissions.umask-mode 022 dfs_umaskmode false
Compression Codecs Comma-separated list of compression codecs that can be used in job or map compression. io.compression.codecs org.apache.hadoop.io.compress.DefaultCodec, org.apache.hadoop.io.compress.GzipCodec, org.apache.hadoop.io.compress.BZip2Codec, org.apache.hadoop.io.compress.DeflateCodec, org.apache.hadoop.io.compress.SnappyCodec, org.apache.hadoop.io.compress.Lz4Codec io_compression_codecs false
Kerberos Authentication Whether Kerberos is enabled for authentication kerberos_authentication false kerberos_authentication true
WebHDFS URL Full URL for the Web Interface of Isilon service. webhdfs_url webhdfs_url false

Performance

Display Name Description Related Name Default Value API Name Required
UNIX Domain Socket path Path on the DataNode's local file system to a UNIX domain socket used for communication between the DataNode and local HDFS clients. This socket is used for Short Circuit Reads. Only the HDFS System User and "root" should have write access to the parent directory and all of its ancestors. This property is supported in CDH 4.2 or later deployments. dfs.domain.socket.path /var/run/hdfs-sockets/dn dfs_domain_socket_path false

Proxy

Display Name Description Related Name Default Value API Name Required
HTTP Proxy User Groups Comma-delimited list of groups that you want to allow the HTTP user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. This is used by WebHCat. hadoop.proxyuser.HTTP.groups * HTTP_proxy_user_groups_list false
HTTP Proxy User Hosts Comma-delimited list of hosts where you want to allow the HTTP user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. This is used by WebHCat. hadoop.proxyuser.HTTP.hosts * HTTP_proxy_user_hosts_list false
Flume Proxy User Groups Allows the flume user to impersonate any members of a comma-delimited list of groups. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. hadoop.proxyuser.flume.groups * flume_proxy_user_groups_list false
Flume Proxy User Hosts Comma-delimited list of hosts where you want to allow the flume user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. hadoop.proxyuser.flume.hosts * flume_proxy_user_hosts_list false
HDFS Proxy User Groups Comma-delimited list of groups to allow the HDFS user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. hadoop.proxyuser.hdfs.groups * hdfs_proxy_user_groups_list false
HDFS Proxy User Hosts Comma-delimited list of hosts where you want to allow the HDFS user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. hadoop.proxyuser.hdfs.hosts * hdfs_proxy_user_hosts_list false
Hive Proxy User Groups Comma-delimited list of groups that you want to allow the Hive user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. hadoop.proxyuser.hive.groups * hive_proxy_user_groups_list false
Hive Proxy User Hosts Comma-delimited list of hosts where you want to allow the Hive user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. hadoop.proxyuser.hive.hosts * hive_proxy_user_hosts_list false
HttpFS Proxy User Groups Comma-delimited list of groups to allow the HttpFS user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. hadoop.proxyuser.httpfs.groups * httpfs_proxy_user_groups_list false
HttpFS Proxy User Hosts Comma-delimited list of hosts where you want to allow the HttpFS user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. hadoop.proxyuser.httpfs.hosts * httpfs_proxy_user_hosts_list false
Hue Proxy User Groups Comma-delimited list of groups that you want to allow the Hue user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. hadoop.proxyuser.hue.groups * hue_proxy_user_groups_list false
Hue Proxy User Hosts Comma-delimited list of hosts where you want to allow the Hue user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. hadoop.proxyuser.hue.hosts * hue_proxy_user_hosts_list false
Mapred Proxy User Groups Comma-delimited list of groups that you want to allow the mapred user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. hadoop.proxyuser.mapred.groups * mapred_proxy_user_groups_list false
Mapred Proxy User Hosts Comma-delimited list of hosts where you want to allow the mapred user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. hadoop.proxyuser.mapred.hosts * mapred_proxy_user_hosts_list false
Oozie Proxy User Groups Allows the oozie superuser to impersonate any members of a comma-delimited list of groups. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'. hadoop.proxyuser.oozie.groups * oozie_proxy_user_groups_list false
Oozie Proxy User Hosts Comma-delimited list of hosts where you want to allow the oozie user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that doesn't correspond to a host name, such as '_no_host'. hadoop.proxyuser.oozie.hosts * oozie_proxy_user_hosts_list false

Replication

Display Name Description Related Name Default Value API Name Required
Replication Factor Default block replication. The number of replications to make when the file is created. The default value is used if a replication number is not specified. dfs.replication 3 dfs_replication false

Security

Display Name Description Related Name Default Value API Name Required
Enable Access Control Lists ACLs (Access Control Lists) enhance the existing HDFS permission model to support controlling file access for arbitrary combinations of users and groups instead of a single owner, single group, and all other users. When ACLs are disabled, the NameNode rejects all attempts to set an ACL. dfs.namenode.acls.enabled false dfs_namenode_acls_enabled false
Additional Rules to Map Kerberos Principals to Short Names Additional mapping rules that will be inserted before rules generated from the list of trusted realms and before the default rule. After changing this value and restarting the service, any services depending on this one must be restarted as well. The hadoop.security.auth_to_local property is configured using this information. extra_auth_to_local_rules false
Authorized Admin Groups Comma-separated list of groups authorized to perform admin operations on Hadoop. This is emitted only if authorization is enabled. hadoop_authorized_admin_groups false
Authorized Admin Users Comma-separated list of users authorized to perform admin operations on Hadoop. This is emitted only if authorization is enabled. * hadoop_authorized_admin_users false
Authorized Groups Comma-separated list of groups authorized to used Hadoop. This is emitted only if authorization is enabled. hadoop_authorized_groups false
Authorized Users Comma-separated list of users authorized to used Hadoop. This is emitted only if authorization is enabled. * hadoop_authorized_users false
Hadoop RPC Protection Quality of protection for secured RPC connections between NameNode and HDFS clients. For effective RPC protection, enable Kerberos authentication. hadoop.rpc.protection authentication hadoop_rpc_protection false
Hadoop Secure Authorization Enable authorization hadoop.security.authorization false hadoop_security_authorization false
Cluster-Wide Default SSL Client Truststore Location Path to the SSL client truststore file. Defines a cluster-wide default that can be overridden by individual services. This truststore must be in JKS format. The truststore contains certificates of trusted servers, or of Certificate Authorities trusted to identify servers. The contents of the truststore can be modified without restarting any roles. By default, changes to its contents are picked up within ten seconds. If not set, the default Java truststore is used to verify certificates. ssl.client.truststore.location ssl_client_truststore_location false
Cluster-Wide Default SSL Client Truststore Password Password for the SSL client truststore. Defines a cluster-wide default that can be overridden by individual services. ssl.client.truststore.password ssl_client_truststore_password false
Trusted Kerberos Realms List of Kerberos realms that Hadoop services should trust. If empty, defaults to the default_realm property configured in the krb5.conf file. After changing this value and restarting the service, all services depending on this service must also be restarted. Adds mapping rules for each domain to the hadoop.security.auth_to_local property in core-site.xml. trusted_realms false