-
Notifications
You must be signed in to change notification settings - Fork 4
/
c5-secure-cluster.conf
83 lines (72 loc) · 2.48 KB
/
c5-secure-cluster.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
include file("c5-base-cluster.conf")
name: c5-secure-cluster
cloudera-manager {
instance: ${common-instance-properties} {
bootstrapScriptsPaths: ${cloudera-manager.instance.bootstrapScriptsPaths} [
"scripts/secure-cluster/bootstrap-cm-open-port7.sh",
"scripts/secure-cluster/bootstrap-common-configure-network.sh",
"scripts/secure-cluster/bootstrap-cm-configure_krb5.sh"
]
}
# Secure Cluster
# Autoconfiguration by bootstrap-cm-configure_krb5.sh
krbAdminUsername: "cloudera-scm/admin@HADOOP"
krbAdminPassword: "cloudera"
unlimitedJce: true
configs {
CLOUDERA_MANAGER {
# Secure Cluster
# Autoconfiguration by bootstrap-cm-configure_krb5.sh
KDC_TYPE: "MIT KDC"
KDC_HOST: "kerberos" # see also bootstrap-configure-network.sh
SECURITY_REALM: "HADOOP"
KRB_MANAGE_KRB5_CONF: true
#KRB_ENC_TYPES: "aes256-cts aes128-cts des3-hmac-sha1 arcfour-hmac des-hmac-sha1 des-cbc-md5 des-cbc-crc"
KRB_ENC_TYPES: "arcfour-hmac"
}
}
postCreateScriptsPaths: [
"scripts/secure-cluster/postcreate-cm-close-port7.sh",
"scripts/secure-cluster/postcreate-common-addusers-and-principals.sh"
]
}
cluster {
services: ${cluster.services} [
SENTRY
]
master {
instance: ${common-instance-properties} {
bootstrapScriptsPaths: ${cluster.master.instance.bootstrapScriptsPaths} [
"scripts/secure-cluster/bootstrap-common-configure-network.sh"
]
}
roles {
SENTRY: [SENTRY_SERVER]
}
configs {
HIVE {
HIVEMETASTORE {
hive_enable_db_notification: true
}
}
}
}
worker {
instance: ${common-instance-properties} {
bootstrapScriptsPaths: ${cluster.worker.instance.bootstrapScriptsPaths} [
"scripts/secure-cluster/bootstrap-common-configure-network.sh"
]
}
}
kafka {
instance: ${common-instance-properties} {
bootstrapScriptsPaths: ${cluster.kafka.instance.bootstrapScriptsPaths} [
"scripts/secure-cluster/bootstrap-common-configure-network.sh"
]
}
}
# override postcreate-common-addusers.sh
instancePostCreateScriptsPaths: [
"scripts/secure-cluster/postcreate-common-addusers-and-principals.sh"
]
}