[ { "desc": "For advanced use only, a string to be inserted into hive-site.xml. Applies to configurations of all roles in this service except client configuration.", "display_name": "Hive Service Advanced Configuration Snippet (Safety Valve) for hive-site.xml", "name": "hive_service_config_safety_valve", "value": null }, { "desc": "Directory containing auxiliary JARs used by Hive. This should be a directory location and not a classpath containing one or more JARs. This directory must be created and managed manually on Hive CLI or HiveServer2 host.", "display_name": "Hive Auxiliary JARs Directory", "name": "hive_aux_jars_path_dir", "value": null }, { "desc": "Comma-delimited list of groups that you want to allow the Oozie user to impersonate. The default '*' allows all groups. To disable entirely, use a string that doesn't correspond to a group name, such as '_no_group_'.", "display_name": "Oozie Proxy User Groups", "name": "oozie_proxy_user_groups_list", "value": "*" }, { "desc": "Password for Hive Metastore database", "display_name": "Hive Metastore Database Password", "name": "hive_metastore_database_password", "value": "" }, { "desc": "Directory name where Hive Metastore's database is stored (only for Derby)", "display_name": "Hive Metastore Derby Path", "name": "hive_metastore_derby_path", "value": "/var/lib/hive/cloudera_manager/derby/metastore_db" }, { "desc": "Hive warehouse directory is the location in HDFS where Hive's tables are stored. Note that Hive's default value for its warehouse directory is '/user/hive/warehouse'.", "display_name": "Hive Warehouse Directory", "name": "hive_warehouse_directory", "value": "/user/hive/warehouse" }, { "desc": "SSL keystore password.", "display_name": "Keystore Password", "name": "hiveserver2_keystore_password", "value": null }, { "desc": "
\nConfigures the rules for event tracking and coalescing. This feature is\nused to define equivalency between different audit events. When\nevents match, according to a set of configurable parameters, only one\nentry in the audit list is generated for all the matching events.\n
\n\n\nTracking works by keeping a reference to events when they first appear,\nand comparing other incoming events against the \"tracked\" events according\nto the rules defined here.\n
\n\nEvent trackers are defined in a JSON object like the following:
\n\n\n{\n \"timeToLive\" : [integer],\n \"fields\" : [\n {\n \"type\" : [string],\n \"name\" : [string]\n }\n ]\n}\n\n\n
\nWhere:\n
\n\n\nEach field has an evaluator type associated with it. The evaluator defines\nhow the field data is to be compared. The following evaluators are\navailable:\n
\n\n\nThe following is the list of fields that can be used to compare Hive events:\n
\n\nEvent filters are defined in a JSON object like the following:
\n\n\n{\n \"defaultAction\" : (\"accept\", \"discard\"),\n \"rules\" : [\n {\n \"action\" : (\"accept\", \"discard\"),\n \"fields\" : [\n {\n \"name\" : \"fieldName\",\n \"match\" : \"regex\"\n }\n ]\n }\n ]\n}\n\n\n
\nA filter has a default action and a list of rules, in order of precedence.\nEach rule defines an action, and a list of fields to match against the\naudit event.\n
\n\n\nA rule is \"accepted\" if all the listed field entries match the audit\nevent. At that point, the action declared by the rule is taken.\n
\n\n\nIf no rules match the event, the default action is taken. Actions\ndefault to \"accept\" if not defined in the JSON object.\n
\n\n\nThe following is the list of fields that can be filtered for Hive events:\n
\n\nThe configured triggers for this service. This is a JSON formatted list of triggers. These triggers are evaluated as part as the health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed.
Each trigger has all of the following fields:
triggerName
(mandatory) - the name of the trigger. This value must be unique for the specific service. triggerExpression
(mandatory) - a tsquery expression representing the trigger. streamThreshold
(optional) - the maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned will cause the condition to fire. enabled
(optional) - by default set to 'true'. If set to 'false' the trigger will not be evaluated.For example, here is a JSON formatted trigger that fires if there are more than 10 DataNodes with more than 500 file-descriptors opened:
[{\"triggerName\": \"sample-trigger\",\n \"triggerExpression\": \"IF (SELECT fd_open WHERE roleType = DataNode and last(fd_open) > 500) DO health:bad\",\n \"streamThreshold\": 10, \"enabled\": \"true\"}]
Consult the trigger rules documentation for more details on how to write triggers using tsquery.
The JSON format is evolving and may change in the future and as a result backward compatibility is not guaranteed between releases at this time.
", "display_name": "Service Triggers", "name": "service_triggers", "value": "[]" }, { "desc": "Maximum number of rolled over audit logs to retain. The logs will not be deleted if they contain audit events that have not yet been propagated to Audit Server.", "display_name": "Number of Audit Logs to Retain", "name": "navigator_audit_log_max_backup_index", "value": "10" }, { "desc": "Port number of Hive Metastore database", "display_name": "Hive Metastore Database Port", "name": "hive_metastore_database_port", "value": "3306" }, { "desc": "Name of the ZooKeeper service that this Hive service instance depends on.", "display_name": "ZooKeeper Service", "name": "zookeeper_service", "value": null }, { "desc": "Host name of Hive Metastore database", "display_name": "Hive Metastore Database Host", "name": "hive_metastore_database_host", "value": "localhost" }, { "desc": "Maximum size of audit log file in MB before it is rolled over.", "display_name": "Maximum Audit Log File Size", "name": "navigator_audit_log_max_file_size", "value": "100" }, { "desc": "Prevent Metastore operations in the event of schema version incompatibility. Consider setting this to true to reduce probability of schema corruption during Metastore operations. Note that setting this property to true will also set datanucleus.autoCreateSchema property to false and datanucleus.fixedDatastore property to true. Any values set in Cloudera Manager for these properties will be overridden.", "display_name": "Strict Hive Metastore Schema Validation", "name": "hive_metastore_schema_verification", "value": "true" }, { "desc": "Path to the SSL keystore.", "display_name": "Keystore File Path", "name": "hiveserver2_keystore_path", "value": null }, { "desc": "HDFS path to the global policy file for Sentry authorization. This should be a relative path (and not a full HDFS URL). The global policy file must be in Sentry policy file format.", "display_name": "Sentry Global Policy File", "name": "hive_sentry_provider_resource", "value": "/user/hive/sentry/sentry-provider.ini" }, { "desc": "For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of all roles in this service except client configuration.", "display_name": "Hive Service Environment Advanced Configuration Snippet (Safety Valve)", "name": "hive_service_env_safety_valve", "value": null }, { "desc": "Path to the directory where audit logs will be written. The directory will be created if it doesn't exist.", "display_name": "Audit Log Directory", "name": "audit_event_log_dir", "value": "/var/log/hive/audit" }, { "desc": "Name of Hive Metastore database", "display_name": "Hive Metastore Database Name", "name": "hive_metastore_database_name", "value": "metastore" }, { "desc": "The class to use in Sentry authorization for user to group mapping. Sentry authorization may be configured to use either Hadoop user to group mapping or local groups defined in the policy file. Hadoop user to group mapping may be configured in the Cloudera Manager HDFS service configuration page under the Security section.", "display_name": "Sentry User to Group Mapping Class", "name": "hive_sentry_provider", "value": "org.apache.sentry.provider.file.HadoopGroupResourceAuthorizationProvider" }, { "desc": "Use Sentry to enable role-based, fine-grained authorization. This configuration enables Sentry using policy files. To enable Sentry using Sentry service instead, add Sentry service as a dependency to Hive service. Sentry service provides concurrent and secure access to authorization policy metadata and is the recommended option for enabling Sentry. Sentry is supported only on CDH 4.4 or later deployments. Before enabling Sentry, read the requirements and configuration steps outlined in Setting Up Hive Authorization with Sentry.", "display_name": "Enable Sentry Authorization using Policy Files", "name": "sentry_enabled", "value": "false" }, { "desc": "This configuration overrides the value set for Hive Proxy User Groups configuration in HDFS service for use by Hive Metastore Server. Specify a comma-delimited list of groups that you want to allow access to Hive Metastore metadata and allow the Hive user to impersonate. A value of '*' allows all groups. Default value of empty inherits the value set for Hive Proxy User Groups configuration in HDFS service.", "display_name": "Hive Metastore Access Control and Proxy User Groups Override", "name": "hive_proxy_user_groups_list", "value": null }, { "desc": "Default number of reduce tasks per job. Usually set to a prime number close to the number of available hosts. Ignored when mapred.job.tracker is \"local\". Hadoop sets this to 1 by default, while Hive uses -1 as the default. When set to -1, Hive will automatically determine an appropriate number of reducers for each job.", "display_name": "Hive Reduce Tasks", "name": "hive_reduce_tasks", "value": "-1" }, { "desc": "Let the table directories inherit the permission of the Warehouse or Database directory instead of being created with the permissions derived from dfs umask. This allows Impala to insert into tables created via Hive.", "display_name": "Hive Warehouse Subdirectories Inherit Permissions", "name": "hive_warehouse_subdir_inherit_perms", "value": "true" }, { "desc": "The group that this service's processes should run as.", "display_name": "System Group", "name": "process_groupname", "value": "hive" }, { "desc": "The health test thresholds of the overall Hive Metastore Server health. The check returns \"Concerning\" health if the percentage of \"Healthy\" Hive Metastore Servers falls below the warning threshold. The check is unhealthy if the total percentage of \"Healthy\" and \"Concerning\" Hive Metastore Servers falls below the critical threshold.", "display_name": "Healthy Hive Metastore Server Monitoring Thresholds", "name": "hive_hivemetastores_healthy_thresholds", "value": "{\"critical\":\"51.0\",\"warning\":\"99.0\"}" }, { "desc": "When set, Cloudera Manager will send alerts when the health of this service reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold", "display_name": "Enable Service Level Health Alerts", "name": "enable_alerts", "value": "true" }, { "desc": "The server name used when defining privilege rules in Sentry authorization. Sentry uses this name as an alias for the Hive service. It has nothing to do with any physical server name.", "display_name": "Server Name for Sentry Authorization", "name": "hive_sentry_server", "value": "server1" }, { "desc": "The health test thresholds of the overall HiveServer2 health. The check returns \"Concerning\" health if the percentage of \"Healthy\" HiveServer2s falls below the warning threshold. The check is unhealthy if the total percentage of \"Healthy\" and \"Concerning\" HiveServer2s falls below the critical threshold.", "display_name": "Healthy HiveServer2 Monitoring Thresholds", "name": "hive_hiveserver2s_healthy_thresholds", "value": "{\"critical\":\"51.0\",\"warning\":\"99.0\"}" }, { "desc": "For advanced use only, a list of configuration properties that will be used by the Service Monitor instead of the current client configuration for the service.", "display_name": "Service Monitor Client Config Overrides", "name": "smon_client_config_overrides", "value": "