[
{
"desc": "The health test thresholds for assignment locality. Specified as a percentage of total assignments.",
"display_name": "Assignment Locality Ratio Thresholds",
"name": "impala_assignment_locality_thresholds",
"value": "{\"critical\":\"5.0\",\"warning\":\"80.0\"}"
},
{
"desc": "Name of the HBase service that this Impala service instance depends on",
"display_name": "HBase Service",
"name": "hbase_service",
"value": null
},
{
"desc": "The user that this Impala's processes should run as (except Llama, which has its own user).",
"display_name": "Impala System User (except Llama)",
"name": "process_username",
"value": "impala"
},
{
"desc": "JSON representation of all the configurations that the Fair Scheduler can take on across all schedules. Typically edited using the Pools configuration UI. This configuration only has effect on Impala versions 1.3 or greater.",
"display_name": "Fair Scheduler Allocations",
"name": "impala_scheduled_allocations",
"value": "{\"defaultMinSharePreemptionTimeout\":null,\"defaultQueueSchedulingPolicy\":null,\"fairSharePreemptionTimeout\":null,\"queueMaxAppsDefault\":null,\"queuePlacementRules\":null,\"queues\":[{\"aclAdministerApps\":null,\"aclSubmitApps\":null,\"minSharePreemptionTimeout\":null,\"name\":\"root\",\"queues\":[{\"aclAdministerApps\":null,\"aclSubmitApps\":null,\"minSharePreemptionTimeout\":null,\"name\":\"default\",\"queues\":[],\"schedulablePropertiesList\":[{\"impalaMaxMemory\":null,\"impalaMaxQueuedQueries\":null,\"impalaMaxRunningQueries\":null,\"maxResources\":null,\"maxRunningApps\":null,\"minResources\":null,\"scheduleName\":\"default\",\"weight\":null}],\"schedulingPolicy\":null}],\"schedulablePropertiesList\":[{\"impalaMaxMemory\":null,\"impalaMaxQueuedQueries\":null,\"impalaMaxRunningQueries\":null,\"maxResources\":null,\"maxRunningApps\":null,\"minResources\":null,\"scheduleName\":\"default\",\"weight\":null}],\"schedulingPolicy\":null}],\"userMaxAppsDefault\":null,\"users\":[]}"
},
{
"desc": "Name of the Sentry service that this Impala service instance depends on. If selected, Impala uses this Sentry service to look up authorization privileges. Before enabling Sentry, read the requirements and configuration steps in Setting Up The Sentry Service.",
"display_name": "Sentry Service",
"name": "sentry_service",
"value": null
},
{
"desc": "
\nConfigures the rules for event tracking and coalescing. This feature is\nused to define equivalency between different audit events. When\nevents match, according to a set of configurable parameters, only one\nentry in the audit list is generated for all the matching events.\n
\n\n\nTracking works by keeping a reference to events when they first appear,\nand comparing other incoming events against the \"tracked\" events according\nto the rules defined here.\n
\n\nEvent trackers are defined in a JSON object like the following:
\n\n\n{\n \"timeToLive\" : [integer],\n \"fields\" : [\n {\n \"type\" : [string],\n \"name\" : [string]\n }\n ]\n}\n
\n\n\nWhere:\n
\n\n\n - timeToLive: maximum amount of time an event will be tracked, in\n milliseconds. Must be provided. This defines how long, since it's\n first seen, an event will be tracked. A value of 0 disables tracking.
\n\n - fields: list of fields to compare when matching events against\n tracked events.
\n
\n\n\nEach field has an evaluator type associated with it. The evaluator defines\nhow the field data is to be compared. The following evaluators are\navailable:\n
\n\n\n - value: uses the field value for comparison.
\n\n - userName: treats the field value as a userName, and ignores any\n host-specific data. This is useful for environment using Kerberos,\n so that only the principal name and realm are compared.
\n
\n\n\nThe following is the list of fields that can be used to compare Impala events:\n
\n\n\n - username: the user performing the action.
\n - ipAddress: the IP from where the request originated.
\n - operation: the Impala operation being performed.
\n - databaseName: the database affected by the operation.
\n - tableName: the table affected by the operation.
\n
\n\n",
"display_name": "Event Tracker",
"name": "navigator_event_tracker",
"value": null
},
{
"desc": "For advanced use only, a string to be inserted into sentry-site.xml. Applies to configurations of all roles in this service except client configuration.",
"display_name": "Impala Service Advanced Configuration Snippet (Safety Valve) for sentry-site.xml",
"name": "impalad_sentry_safety_valve",
"value": null
},
{
"desc": "Use Impala Admission Control to throttle Impala requests. Unless 'Enable Dynamic Resource Pools' is enabled, Impala uses a single, default pool that is configured using the Single Pool configurations below. These features are only supported in Impala 1.3 or later deployments.",
"display_name": "Enable Impala Admission Control",
"name": "all_admission_control_enabled",
"value": "false"
},
{
"desc": "For advanced use only, a string to be inserted into the client configuration for navigator.client.properties.",
"display_name": "Impala Client Advanced Configuration Snippet (Safety Valve) for navigator.client.properties",
"name": "navigator_client_config_safety_valve",
"value": null
},
{
"desc": "Configures the maximum number of queued queries for admission control when using a single pool. -1 or 0 disables queuing, i.e. incoming requests are rejected if they can not be executed immediately. Ignored when Dynamic Resource Pools for Admission Control is enabled.",
"display_name": "Single Pool Max Queued Queries",
"name": "admission_control_single_pool_max_queued",
"value": "200"
},
{
"desc": "Event filters are defined in a JSON object like the following:
\n\n\n{\n \"defaultAction\" : (\"accept\", \"discard\"),\n \"rules\" : [\n {\n \"action\" : (\"accept\", \"discard\"),\n \"fields\" : [\n {\n \"name\" : \"fieldName\",\n \"match\" : \"regex\"\n }\n ]\n }\n ]\n}\n
\n\n\nA filter has a default action and a list of rules, in order of precedence.\nEach rule defines an action, and a list of fields to match against the\naudit event.\n
\n\n\nA rule is \"accepted\" if all the listed field entries match the audit\nevent. At that point, the action declared by the rule is taken.\n
\n\n\nIf no rules match the event, the default action is taken. Actions\ndefault to \"accept\" if not defined in the JSON object.\n
\n\n\nThe following is the list of fields that can be filtered for Impala events:\n
\n\n\n - userName: the user performing the action.
\n - ipAddress: the IP from where the request originated.
\n - operation: the Impala operation being performed.
\n - databaseName: the databaseName for the operation.
\n - tableName: the tableName for the operation.
\n
\n",
"display_name": "Event Filter",
"name": "navigator_audit_event_filter",
"value": null
},
{
"desc": "When set, Cloudera Manager will send alerts when this entity's configuration changes.",
"display_name": "Enable Configuration Change Alerts",
"name": "enable_config_alerts",
"value": "false"
},
{
"desc": "The health test thresholds of the overall Impala Daemon health. The check returns \"Concerning\" health if the percentage of \"Healthy\" Impala Daemons falls below the warning threshold. The check is unhealthy if the total percentage of \"Healthy\" and \"Concerning\" Impala Daemons falls below the critical threshold.",
"display_name": "Healthy Impala Daemon Monitoring Thresholds",
"name": "impala_impalads_healthy_thresholds",
"value": "{\"critical\":\"90.0\",\"warning\":\"95.0\"}"
},
{
"desc": "Name of the HDFS service that this Impala service instance depends on",
"display_name": "HDFS Service",
"name": "hdfs_service",
"value": null
},
{
"desc": "For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of all roles in this service except client configuration.",
"display_name": "Impala Service Environment Advanced Configuration Snippet (Safety Valve)",
"name": "impala_service_env_safety_valve",
"value": null
},
{
"desc": "The health test thresholds of the overall Impala Llama ApplicationMaster health. The check returns \"Concerning\" health if the percentage of \"Healthy\" Impala Llama ApplicationMasters falls below the warning threshold. The check is unhealthy if the total percentage of \"Healthy\" and \"Concerning\" Impala Llama ApplicationMasters falls below the critical threshold.",
"display_name": "Healthy Impala Llama ApplicationMaster Monitoring Thresholds",
"name": "impala_llamas_healthy_thresholds",
"value": "{\"critical\":\"51.0\",\"warning\":\"99.0\"}"
},
{
"desc": "Maximum amount of time (in milliseconds) that a request waits to be admitted before timing out. Must be a positive integer.",
"display_name": "Admission Control Queue Timeout",
"name": "admission_control_queue_timeout",
"value": "60000"
},
{
"desc": "Use Dynamic Resource Pools to configure Impala admission control or RM for this Impala service. These features are only supported in Impala 1.3 or later deployments.",
"display_name": "Enable Dynamic Resource Pools",
"name": "admission_control_enabled",
"value": "false"
},
{
"desc": "Name of the Zookeeper service to use for leader election and fencing when Llama is configured for High Availability. This service dependency is required when more than one Llama role is present.",
"display_name": "Zookeeper Service for Llama HA",
"name": "zookeeper_service",
"value": null
},
{
"desc": "Number of minutes between reestablishing our ticket with the Kerberos server.",
"display_name": "Kerberos Re-init Interval",
"name": "kerberos_reinit_interval",
"value": "60"
},
{
"desc": "Time in seconds before Impala Daemon or Catalog Server times out with the StateStore.",
"display_name": "StateStoreSubscriber Timeout",
"name": "statestore_subscriber_timeout",
"value": "30"
},
{
"desc": "The time period over which to compute the assignment locality ratio. Specified in minutes.",
"display_name": "Assignment Locality Monitoring Period",
"name": "impala_assignment_locality_window",
"value": "15"
},
{
"desc": "Configures the max memory of running queries for admission control when using a single pool. -1 or 0 indicates no limit. Ignored when Dynamic Resource Pools for Admission Control is enabled.",
"display_name": "Single Pool Mem Limit",
"name": "admission_control_single_pool_mem_limit",
"value": "-1"
},
{
"desc": "Use Sentry to enable role-based, fine-grained authorization. This configuration enables Sentry using policy files. To enable Sentry using Sentry service instead, add Sentry service as a dependency to Impala service. Sentry service provides concurrent and secure access to authorization policy metadata and is the recommended option for enabling Sentry. Sentry is supported only on Impala 1.1 or later deployments.",
"display_name": "Enable Sentry Authorization using Policy Files",
"name": "sentry_enabled",
"value": "false"
},
{
"desc": "The URI of the LDAP server to use if LDAP is enabled. Typically, the URI should be prefixed with ldap:// or ldaps://. The URI can optionally specify the port, for example: ldap://ldap_server.example.com:389. ldaps is only supported in Impala 1.4 or CDH 5.1 or higher, and usually requires that you specify a port.",
"display_name": "LDAP URI",
"name": "impala_ldap_uri",
"value": "ldap://ldap_server.example.com"
},
{
"desc": "Maximum number of HBase client retries for Impala. Used as a maximum for all operations such as fetching of the root region from the root RegionServer, getting a cell's value, and starting a row update. Overrides configuration in the HBase service.",
"display_name": "Maximum HBase Client Retries",
"name": "hbase_client_retries_number",
"value": "3"
},
{
"desc": "Controls which queries a non-admin user can see in the queries list view",
"display_name": "Non-Admin Users Query List Visibility Settings",
"name": "user_query_list_settings",
"value": "ALL"
},
{
"desc": "The group that this Impala's processes should run as (except Llama, which has its own group).",
"display_name": "Impala System Group (except Llama)",
"name": "process_groupname",
"value": "impala"
},
{
"desc": "Specifies the set of authorized proxy users (users who can impersonate other users during authorization) and whom they are allowed to impersonate. Input is a semicolon-separated list of key=value pairs of authorized proxy users to the user(s) they can impersonate. These users are specified as a comma separated list of short usernames, or '*' to indicate all users. For example: joe=alice,bob;hue=*;admin=*. Only valid when Sentry is enabled.",
"display_name": "Proxy User Configuration",
"name": "impala_authorized_proxy_user_config",
"value": "hue=*"
},
{
"desc": "Controls the aggregate metrics generated for Impala queries. The structure is a JSON list of the attributes to aggregate and the entities to aggregate to. For example, if the attributeName is 'hdfs_bytes_read' and the aggregationTargets is ['USER'] then the Service Monitor will create the metric 'impala_query_hdfs_bytes_read_rate' and, every ten minutes, will record the total hdfs bytes read for each user across all their Impala queries. By default it will also record the number of queries issues ('num_impala_queries_rate') for both users and pool. For a full list of the supported attributes see the Impala search page. Note that the valid aggregation targets are USER, YARN_POOL, and IMPALA (the service), and that these aggregate metrics can be viewed on both the reports and charts search pages.",
"display_name": "Impala Query Aggregates",
"name": "impala_query_aggregates",
"value": "[\n {\n \"attributeName\": \"hdfs_bytes_read\",\n \"aggregationTargets\": [\"USER\", \"YARN_POOL\", \"IMPALA\"]\n },\n {\n \"attributeName\": \"hdfs_bytes_written\",\n \"aggregationTargets\": [\"USER\", \"YARN_POOL\", \"IMPALA\"]\n },\n {\n \"attributeName\": \"thread_cpu_time\",\n \"aggregationTargets\": [\"USER\", \"YARN_POOL\", \"IMPALA\"]\n },\n {\n \"attributeName\": \"bytes_streamed\",\n \"aggregationTargets\": [\"USER\", \"YARN_POOL\", \"IMPALA\"]\n },\n {\n \"attributeName\": \"cm_cpu_milliseconds\",\n \"aggregationTargets\": [\"USER\"]\n }\n]\n"
},
{
"desc": "When set, Cloudera Manager will send alerts when the health of this service reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold",
"display_name": "Enable Service Level Health Alerts",
"name": "enable_alerts",
"value": "true"
},
{
"desc": "For advanced use only, key-value pairs (one on each line) to be added (verbatim) to Impala Daemon command-line flags. Applies to all roles in this service. Key names should begin with a hyphen(-). For example: -log_filename=foo.log",
"display_name": "Impala Command Line Argument Advanced Configuration Snippet (Safety Valve)",
"name": "impala_cmd_args_safety_valve",
"value": null
},
{
"desc": "Used to generate a core dump to get more information about an Impala crash. Unless otherwise configured system wide using /proc/sys/kernel/core_pattern, the dump is generated in the 'current directory' of the Impala process (usually a subdirectory of the /var/run/cloudera-scm-agent/process directory). The core file can be very large.",
"display_name": "Enable Core Dump",
"name": "enable_core_dump",
"value": "false"
},
{
"desc": "Use debug build of Impala binaries when starting roles. Useful when performing diagnostic activities to get more information in the stacktrace or core dump.",
"display_name": "Use Debug Build",
"name": "use_debug_build",
"value": "false"
},
{
"desc": "Enable HDFS short circuit read. This allows a client co-located with the DataNode to read HDFS file blocks directly. This gives a performance boost to distributed clients that are aware of locality.",
"display_name": "Enable HDFS Short Circuit Read",
"name": "dfs_client_read_shortcircuit",
"value": "true"
},
{
"desc": "Action to take when the audit event queue is full. Drop the event or shutdown the affected process.",
"display_name": "Queue Policy",
"name": "navigator_audit_queue_policy",
"value": "DROP"
},
{
"desc": "Local path to the SSL private key file.",
"display_name": "SSL Server Private Key",
"name": "ssl_private_key",
"value": null
},
{
"desc": "The configured triggers for this service. This is a JSON formatted list of triggers. These triggers are evaluated as part as the health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed.
Each trigger has all of the following fields:
triggerName
(mandatory) - the name of the trigger. This value must be unique for the specific service. triggerExpression
(mandatory) - a tsquery expression representing the trigger. streamThreshold
(optional) - the maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire. enabled
(optional) - by default set to 'true'. If set to 'false' the trigger will not be evaluated.
For example, here is a JSON formatted trigger that fires if there are more than 10 DataNodes with more than 500 file-descriptors opened:
[{\"triggerName\": \"sample-trigger\",\n \"triggerExpression\": \"IF (SELECT fd_open WHERE roleType = DataNode and last(fd_open) > 500) DO health:bad\",\n \"streamThreshold\": 10, \"enabled\": \"true\"}]
Consult the trigger rules documentation for more details on how to write triggers using tsquery.
The JSON format is evolving and may change in the future and as a result backward compatibility is not guaranteed between releases at this time.
",
"display_name": "Service Triggers",
"name": "service_triggers",
"value": "[]"
},
{
"desc": "If true, attempts to establish a TLS (Transport Layer Security) connection with the ldap server. Only supported in Impala 1.4 or CDH 5.1 or higher. Not required when using an LDAP URI with prefix: ldaps://.",
"display_name": "Enable LDAP TLS",
"name": "enable_ldap_tls",
"value": "false"
},
{
"desc": "Controls which queries admin users can see in the queries list view",
"display_name": "Admin Users Query List Visibility Settings",
"name": "admin_query_list_settings",
"value": "ALL"
},
{
"desc": "Enable support for encrypted client-server communication using Secure Socket Layer (SSL) for Impala client services. This is only applicable to non-Kerberos environments.",
"display_name": "Enable SSL for Impala Client Services",
"name": "client_services_ssl_enabled",
"value": "false"
},
{
"desc": "The minimum number of assignments that must occur during the test time period before the threshold values will be checked. Until this number of assignments have been observed in the test time period the health test will be disabled.",
"display_name": "Assignment Locality Minimum Assignments",
"name": "impala_assignment_locality_minimum",
"value": "10"
},
{
"desc": "When computing the overall IMPALA health, consider Impala StateStore's health",
"display_name": "Impala StateStore Role Health Test",
"name": "impala_statestore_health_enabled",
"value": "true"
},
{
"desc": "Name of YARN service to use for resource management integration between Impala and YARN. This service dependency and the existence of a Llama role is required for using said integration.",
"display_name": "YARN Service for Resource Management",
"name": "yarn_service",
"value": null
},
{
"desc": "Local path to the SSL server certificate file.",
"display_name": "SSL Server Certificate",
"name": "ssl_server_certificate",
"value": null
},
{
"desc": "Timeout in milliseconds for all HBase RPCs made by Impala. Overrides configuration in HBase service.",
"display_name": "HBase RPC Timeout",
"name": "hbase_rpc_timeout",
"value": "3000"
},
{
"desc": "Name of the Hive service that this Impala service instance depends on",
"display_name": "Hive Service",
"name": "hive_service",
"value": null
},
{
"desc": "Enable collection of audit events from the service's roles.",
"display_name": "Enable Collection",
"name": "navigator_audit_enabled",
"value": "true"
},
{
"desc": "A list specifying the rules to run to determine which Fair Scheduler configuration to use. Typically edited using the Rules configuration UI. This configuration only has effect on Impala versions 1.3 or greater.",
"display_name": "Fair Scheduler Configuration Rules",
"name": "impala_schedule_rules",
"value": "[]"
},
{
"desc": "If true, LDAP-based authentication for users is enabled.",
"display_name": "Enable LDAP Authentication",
"name": "enable_ldap_auth",
"value": "false"
},
{
"desc": "When computing the overall IMPALA health, consider Impala Catalog Server's health",
"display_name": "Impala Catalog Server Role Health Test",
"name": "impala_catalogserver_health_enabled",
"value": "true"
},
{
"desc": "For advanced use only, a list of derived configuration properties that will be used by the Service Monitor instead of the default ones.",
"display_name": "Service Monitor Derived Configs Advanced Configuration Snippet (Safety Valve)",
"name": "smon_derived_configs_safety_valve",
"value": null
},
{
"desc": "Configures the maximum number of concurrently running queries for admission control when using a single pool. -1 indicates no limit and 0 indicates all incoming requests will be rejected. Ignored when Dynamic Resource Pools for Admission Control is enabled.",
"display_name": "Single Pool Max Running Queries",
"name": "admission_control_single_pool_max_requests",
"value": "200"
}
]