diff options
Diffstat (limited to 'aarch64/share/hadoop/httpfs/tomcat/webapps/webhdfs/WEB-INF/classes/httpfs-default.xml')
| -rw-r--r-- | aarch64/share/hadoop/httpfs/tomcat/webapps/webhdfs/WEB-INF/classes/httpfs-default.xml | 237 |
1 files changed, 237 insertions, 0 deletions
diff --git a/aarch64/share/hadoop/httpfs/tomcat/webapps/webhdfs/WEB-INF/classes/httpfs-default.xml b/aarch64/share/hadoop/httpfs/tomcat/webapps/webhdfs/WEB-INF/classes/httpfs-default.xml new file mode 100644 index 0000000..87cd730 --- /dev/null +++ b/aarch64/share/hadoop/httpfs/tomcat/webapps/webhdfs/WEB-INF/classes/httpfs-default.xml @@ -0,0 +1,237 @@ +<?xml version="1.0" encoding="UTF-8"?> +<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> +<!-- + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<configuration> + + <!-- HttpFSServer Server --> + + <property> + <name>httpfs.buffer.size</name> + <value>4096</value> + <description> + The buffer size used by a read/write request when streaming data from/to + HDFS. + </description> + </property> + + <!-- HttpFSServer Services --> + + <property> + <name>httpfs.services</name> + <value> + org.apache.hadoop.lib.service.instrumentation.InstrumentationService, + org.apache.hadoop.lib.service.scheduler.SchedulerService, + org.apache.hadoop.lib.service.security.GroupsService, + org.apache.hadoop.lib.service.security.ProxyUserService, + org.apache.hadoop.lib.service.security.DelegationTokenManagerService, + org.apache.hadoop.lib.service.hadoop.FileSystemAccessService + </value> + <description> + Services used by the httpfs server. + </description> + </property> + + <!-- Kerberos Configuration --> + + <property> + <name>kerberos.realm</name> + <value>LOCALHOST</value> + <description> + Kerberos realm, used only if Kerberos authentication is used between + the clients and httpfs or between HttpFS and HDFS. + + This property is only used to resolve other properties within this + configuration file. + </description> + </property> + + <!-- HttpFSServer Security Configuration --> + + <property> + <name>httpfs.hostname</name> + <value>${httpfs.http.hostname}</value> + <description> + Property used to synthetize the HTTP Kerberos principal used by httpfs. + + This property is only used to resolve other properties within this + configuration file. + </description> + </property> + + <property> + <name>httpfs.authentication.signature.secret.file</name> + <value>${httpfs.config.dir}/httpfs-signature.secret</value> + <description> + File containing the secret to sign HttpFS hadoop-auth cookies. + + This file should be readable only by the system user running HttpFS service. + + If multiple HttpFS servers are used in a load-balancer/round-robin fashion, + they should share the secret file. + </description> + </property> + + <property> + <name>httpfs.authentication.type</name> + <value>simple</value> + <description> + Defines the authentication mechanism used by httpfs for its HTTP clients. + + Valid values are 'simple' or 'kerberos'. + + If using 'simple' HTTP clients must specify the username with the + 'user.name' query string parameter. + + If using 'kerberos' HTTP clients must use HTTP SPNEGO or delegation tokens. + </description> + </property> + + <property> + <name>httpfs.authentication.kerberos.principal</name> + <value>HTTP/${httpfs.hostname}@${kerberos.realm}</value> + <description> + The HTTP Kerberos principal used by HttpFS in the HTTP endpoint. + + The HTTP Kerberos principal MUST start with 'HTTP/' per Kerberos + HTTP SPNEGO specification. + </description> + </property> + + <property> + <name>httpfs.authentication.kerberos.keytab</name> + <value>${user.home}/httpfs.keytab</value> + <description> + The Kerberos keytab file with the credentials for the + HTTP Kerberos principal used by httpfs in the HTTP endpoint. + </description> + </property> + + <!-- HttpFSServer proxy user Configuration --> + + <property> + <name>httpfs.proxyuser.#USER#.hosts</name> + <value>*</value> + <description> + List of hosts the '#USER#' user is allowed to perform 'doAs' + operations. + + The '#USER#' must be replaced with the username o the user who is + allowed to perform 'doAs' operations. + + The value can be the '*' wildcard or a list of hostnames. + + For multiple users copy this property and replace the user name + in the property name. + </description> + </property> + + <property> + <name>httpfs.proxyuser.#USER#.groups</name> + <value>*</value> + <description> + List of groups the '#USER#' user is allowed to impersonate users + from to perform 'doAs' operations. + + The '#USER#' must be replaced with the username o the user who is + allowed to perform 'doAs' operations. + + The value can be the '*' wildcard or a list of groups. + + For multiple users copy this property and replace the user name + in the property name. + </description> + </property> + + <!-- HttpFS Delegation Token configuration --> + + <property> + <name>httpfs.delegation.token.manager.update.interval</name> + <value>86400</value> + <description> + HttpFS delegation token update interval, default 1 day, in seconds. + </description> + </property> + + <property> + <name>httpfs.delegation.token.manager.max.lifetime</name> + <value>604800</value> + <description> + HttpFS delegation token maximum lifetime, default 7 days, in seconds + </description> + </property> + + <property> + <name>httpfs.delegation.token.manager.renewal.interval</name> + <value>86400</value> + <description> + HttpFS delegation token update interval, default 1 day, in seconds. + </description> + </property> + + <!-- FileSystemAccess Namenode Security Configuration --> + + <property> + <name>httpfs.hadoop.authentication.type</name> + <value>simple</value> + <description> + Defines the authentication mechanism used by httpfs to connect to + the HDFS Namenode. + + Valid values are 'simple' and 'kerberos'. + </description> + </property> + + <property> + <name>httpfs.hadoop.authentication.kerberos.keytab</name> + <value>${user.home}/httpfs.keytab</value> + <description> + The Kerberos keytab file with the credentials for the + Kerberos principal used by httpfs to connect to the HDFS Namenode. + </description> + </property> + + <property> + <name>httpfs.hadoop.authentication.kerberos.principal</name> + <value>${user.name}/${httpfs.hostname}@${kerberos.realm}</value> + <description> + The Kerberos principal used by httpfs to connect to the HDFS Namenode. + </description> + </property> + + <property> + <name>httpfs.hadoop.filesystem.cache.purge.frequency</name> + <value>60</value> + <description> + Frequency, in seconds, for the idle filesystem purging daemon runs. + </description> + </property> + + <property> + <name>httpfs.hadoop.filesystem.cache.purge.timeout</name> + <value>60</value> + <description> + Timeout, in seconds, for an idle filesystem to be purged. + </description> + </property> + + <property> + <name>httpfs.user.provider.user.pattern</name> + <value>^[A-Za-z_][A-Za-z0-9._-]*[$]?$</value> + <description> + Valid pattern for user and group names, it must be a valid java regex. + </description> + </property> + +</configuration> |