68999ce9cb
We add a directory v_5_4_0 in cdh plugin, so that we have a choice 5.4.0 when cdh plugin is chosen. Implements: blueprint cdh-5-4-support Change-Id: I05d2082b589eb031b0ce1b5a253dc62a75912e1b
524 lines
33 KiB
JSON
524 lines
33 KiB
JSON
[
|
|
{
|
|
"desc": "The user that this service's processes should run as.",
|
|
"display_name": "System User",
|
|
"name": "process_username",
|
|
"value": "hbase"
|
|
},
|
|
{
|
|
"desc": "<p>Event filters are defined in a JSON object like the following:</p>\n\n<pre>\n{\n \"defaultAction\" : (\"accept\", \"discard\"),\n \"rules\" : [\n {\n \"action\" : (\"accept\", \"discard\"),\n \"fields\" : [\n {\n \"name\" : \"fieldName\",\n \"match\" : \"regex\"\n }\n ]\n }\n ]\n}\n</pre>\n\n<p>\nA filter has a default action and a list of rules, in order of precedence.\nEach rule defines an action, and a list of fields to match against the\naudit event.\n</p>\n\n<p>\nA rule is \"accepted\" if all the listed field entries match the audit\nevent. At that point, the action declared by the rule is taken.\n</p>\n\n<p>\nIf no rules match the event, the default action is taken. Actions\ndefault to \"accept\" if not defined in the JSON object.\n</p>\n\n<p>\nThe following is the list of fields that can be filtered for HBase events:\n</p>\n<ul>\n <li>allowed: whether the operation was allowed or denied.</li>\n <li>username: the user performing the action.</li>\n <li>tableName: the table affected by the operation.</li>\n <li>family: the column family affected by the operation.</li>\n <li>qualifier: the qualifier the operation.</li>\n <li>action: the action being performed.</li>\n</ul>\n",
|
|
"display_name": "Audit Event Filter",
|
|
"name": "navigator_audit_event_filter",
|
|
"value": "{\n \"comment\" : [\n \"Default filter for HBase services.\",\n \"Discards events that affect the internal -ROOT-, .META. and _acl_ tables.\"\n ],\n \"defaultAction\" : \"accept\",\n \"rules\" : [\n {\n \"action\" : \"discard\",\n \"fields\" : [\n { \"name\" : \"tableName\", \"match\" : \"(?:-ROOT-|.META.|_acl_|hbase:meta|hbase:acl)\" }\n ]\n }\n ]\n}\n"
|
|
},
|
|
{
|
|
"desc": "Enables the canary that checks HBase region availability by scanning a row from every region.",
|
|
"display_name": "HBase Region Health Canary",
|
|
"name": "hbase_region_health_canary_enabled",
|
|
"value": "true"
|
|
},
|
|
{
|
|
"desc": "An alert is published if the HBase Hbck tool runs slowly.",
|
|
"display_name": "HBase Hbck Slow Run Alert Enabled",
|
|
"name": "hbase_hbck_slow_run_alert_enabled",
|
|
"value": "true"
|
|
},
|
|
{
|
|
"desc": "Name of the HDFS service that this HBase service instance depends on",
|
|
"display_name": "HDFS Service",
|
|
"name": "hdfs_service",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Period of time, in milliseconds, to pause between connection retries to ZooKeeper. Used together with ${zookeeper.retries} in an exponential backoff fashion when making queries to ZooKeeper.",
|
|
"display_name": "ZooKeeper Connection Retry Pause Duration",
|
|
"name": "zookeeper_pause",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "When computing the overall HBase cluster health, consider the active HBase Master's health.",
|
|
"display_name": "Active Master Health Test",
|
|
"name": "hbase_master_health_enabled",
|
|
"value": "true"
|
|
},
|
|
{
|
|
"desc": "Size of the threadpool used for hedged reads in hdfs clients. If a read from a block is slow, a parallel 'hedged' read will be started against a different block replica. The first one to return with a result is used while the other one is cancelled. This 'hedged' read feature helps rein in the outliers. A value of zero disables the feature.",
|
|
"display_name": "HDFS Hedged Read Threadpool Size",
|
|
"name": "hbase_server_dfs_client_hedged_read_threadpool_size",
|
|
"value": "0"
|
|
},
|
|
{
|
|
"desc": "Configures whether the Hbck poller checks HDFS or not. Checking HBase tables and regions information on HDFS can take a while.",
|
|
"display_name": "HBase Hbck Check HDFS",
|
|
"name": "hbase_hbck_poller_check_hdfs",
|
|
"value": "true"
|
|
},
|
|
{
|
|
"desc": "Path to the directory where audit logs will be written. The directory will be created if it doesn't exist.",
|
|
"display_name": "Audit Log Directory",
|
|
"name": "audit_event_log_dir",
|
|
"value": "/var/log/hbase/audit"
|
|
},
|
|
{
|
|
"desc": "Use this to enable Http server usage on thrift, which is mainly needed for \"doAs\" functionality.",
|
|
"display_name": "Enable HBase Thrift Http Server",
|
|
"name": "hbase_thriftserver_http",
|
|
"value": "false"
|
|
},
|
|
{
|
|
"desc": "An alert is published if the HBase Hbck tool finds any errors with matching codes. Possible error codes: UNKNOWN, NO_META_REGION, NULL_ROOT_REGION, NO_VERSION_FILE, NOT_IN_META_HDFS, NOT_IN_META, NOT_IN_META_OR_DEPLOYED, NOT_IN_HDFS_OR_DEPLOYED, NOT_IN_HDFS, SERVER_DOES_NOT_MATCH_META, NOT_DEPLOYED, MULTI_DEPLOYED, SHOULD_NOT_BE_DEPLOYED, MULTI_META_REGION, RS_CONNECT_FAILURE, FIRST_REGION_STARTKEY_NOT_EMPTY, LAST_REGION_ENDKEY_NOT_EMPTY, DUPE_STARTKEYS, HOLE_IN_REGION_CHAIN, OVERLAP_IN_REGION_CHAIN, REGION_CYCLE, DEGENERATE_REGION, ORPHAN_HDFS_REGION, LINGERING_SPLIT_PARENT, NO_TABLEINFO_FILE",
|
|
"display_name": "HBase Hbck Alert Error Codes",
|
|
"name": "hbase_hbck_alert_error_codes",
|
|
"value": "NO_META_REGION,NULL_ROOT_REGION"
|
|
},
|
|
{
|
|
"desc": "When set, Cloudera Manager will send alerts when the health of this service reaches the threshold specified by the EventServer setting eventserver_health_events_alert_threshold",
|
|
"display_name": "Enable Service Level Health Alerts",
|
|
"name": "enable_alerts",
|
|
"value": "true"
|
|
},
|
|
{
|
|
"desc": "Timeout for all HBase RPCs in milliseconds.",
|
|
"display_name": "RPC Timeout",
|
|
"name": "hbase_rpc_timeout",
|
|
"value": "60000"
|
|
},
|
|
{
|
|
"desc": "For advanced use only, a string to be inserted into <strong>ssl-server.xml</strong>. Applies to configurations of all roles in this service except client configuration.",
|
|
"display_name": "HBase Service Advanced Configuration Snippet (Safety Valve) for ssl-server.xml",
|
|
"name": "hbase_ssl_server_safety_valve",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Action to take when the audit event queue is full. Drop the event or shutdown the affected process.",
|
|
"display_name": "Audit Queue Policy",
|
|
"name": "navigator_audit_queue_policy",
|
|
"value": "DROP"
|
|
},
|
|
{
|
|
"desc": "When set, each role identifies important log events and forwards them to Cloudera Manager.",
|
|
"display_name": "Enable Log Event Capture",
|
|
"name": "catch_events",
|
|
"value": "true"
|
|
},
|
|
{
|
|
"desc": "The number of times to retry connections to ZooKeeper. Used for reading and writing root region location. Used together with ${zookeeper.pause} in an exponential backoff fashion when making queries to ZooKeeper.",
|
|
"display_name": "ZooKeeper Connection Retries",
|
|
"name": "zookeeper_retries",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Path to the keystore file containing the server certificate and private key used for encrypted web UIs.",
|
|
"display_name": "SSL Server Keystore File Location",
|
|
"name": "ssl_server_keystore_location",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Timeout for graceful shutdown of this HBase service. Once this timeout is reached, any remaining running roles are abruptly shutdown. A value of 0 means no timeout.",
|
|
"display_name": "Graceful Shutdown Timeout",
|
|
"name": "hbase_graceful_stop_timeout",
|
|
"value": "180"
|
|
},
|
|
{
|
|
"desc": "The health test thresholds of the overall RegionServer health. The check returns \"Concerning\" health if the percentage of \"Healthy\" RegionServers falls below the warning threshold. The check is unhealthy if the total percentage of \"Healthy\" and \"Concerning\" RegionServers falls below the critical threshold.",
|
|
"display_name": "Healthy RegionServer Monitoring Thresholds",
|
|
"name": "hbase_regionservers_healthy_thresholds",
|
|
"value": "{\"critical\":\"90.0\",\"warning\":\"95.0\"}"
|
|
},
|
|
{
|
|
"desc": "An alert is published if the HBase region health canary detects at least this many unhealthy regions. This setting takes precedence over the hbase_canary_alert_unhealthy_region_percent_threshold config.",
|
|
"display_name": "HBase Canary Unhealthy Region Count Alert Threshold",
|
|
"name": "hbase_canary_alert_unhealthy_region_count_threshold",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Set to true to cause the hosting server (Master or RegionServer) to abort if a coprocessor throws a Throwable object that is not IOException or a subclass of IOException. Setting it to true might be useful in development environments where one wants to terminate the server as soon as possible to simplify coprocessor failure analysis.",
|
|
"display_name": "HBase Coprocessor Abort on Error",
|
|
"name": "hbase_coprocessor_abort_on_error",
|
|
"value": "false"
|
|
},
|
|
{
|
|
"desc": "For advanced use only, a list of derived configuration properties that will be used by the Service Monitor instead of the default ones.",
|
|
"display_name": "Service Monitor Derived Configs Advanced Configuration Snippet (Safety Valve)",
|
|
"name": "smon_derived_configs_safety_valve",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Write buffer size in bytes. A larger buffer requires more memory on both the client and the server because the server instantiates the passed write buffer to process it but reduces the number of remote procedure calls (RPC). To estimate the amount of server memory used, multiply the value of 'hbase.client.write.buffer' by the value of 'hbase.regionserver.handler.count'.",
|
|
"display_name": "HBase Client Write Buffer",
|
|
"name": "hbase_client_write_buffer",
|
|
"value": "2097152"
|
|
},
|
|
{
|
|
"desc": "The user the management services impersonate when connecting to HBase. If no value is specified, the HBase superuser is used.",
|
|
"display_name": "HBase User to Impersonate",
|
|
"name": "hbase_user_to_impersonate",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Timeout (in ms) for the distributed log splitting manager to receive response from a worker.",
|
|
"display_name": "SplitLog Manager Timeout",
|
|
"name": "hbase_service_splitlog_manager_timeout",
|
|
"value": "120000"
|
|
},
|
|
{
|
|
"desc": "Allow indexing of tables in HBase by Lily HBase Indexer. <strong>Note:</strong> Replication must be enabled for indexing to work.",
|
|
"display_name": "Enable Indexing",
|
|
"name": "hbase_enable_indexing",
|
|
"value": "false"
|
|
},
|
|
{
|
|
"desc": "An alert is published if the HBase Hbck tool detects at least this many errors across all tables in this service. Some errors are not associated with a region, e.g. 'RS_CONNECT_FAILURE'. If the value is not set, alerts will not be published based on the count of errors.",
|
|
"display_name": "HBase Hbck Error Count Alert Threshold",
|
|
"name": "hbase_hbck_alert_error_count_threshold",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Maximum number of errors that the HBase Hbck poller will retain through a given run",
|
|
"display_name": "HBase Hbck Poller Maximum Error Count",
|
|
"name": "hbase_hbck_poller_max_error_count",
|
|
"value": "10000"
|
|
},
|
|
{
|
|
"desc": "Enables the HBase Hbck Poller so that Hbck reports will be available. Enabling the Hbck poller will increase the amount of memory used by the Service Monitor. Consider increasing the Service Monitor Java heap size by an additional 3KB per region. For example, for a cluster with 10,000 regions, increase the JVM heap size by approximately 30MB.",
|
|
"display_name": "HBase Hbck Poller",
|
|
"name": "hbase_hbck_poller_enabled",
|
|
"value": "false"
|
|
},
|
|
{
|
|
"desc": "Password for the server keystore file used for encrypted web UIs.",
|
|
"display_name": "SSL Server Keystore File Password",
|
|
"name": "ssl_server_keystore_password",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Ratio of Lily HBase Indexers used by each HBase RegionServer while doing replication.",
|
|
"display_name": "Replication Source Ratio",
|
|
"name": "hbase_replication_source_ratio",
|
|
"value": "1.0"
|
|
},
|
|
{
|
|
"desc": "Maximum size of audit log file in MB before it is rolled over.",
|
|
"display_name": "Maximum Audit Log File Size",
|
|
"name": "navigator_audit_log_max_file_size",
|
|
"value": "100"
|
|
},
|
|
{
|
|
"desc": "For advanced use only, a string to be inserted into <strong>core-site.xml</strong>. Applies to configurations of all roles in this service except client configuration.",
|
|
"display_name": "HBase Service Advanced Configuration Snippet (Safety Valve) for core-site.xml",
|
|
"name": "hbase_core_site_safety_valve",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "The timeout before injecting a snapshot timeout error when waiting for a snapshot completion.",
|
|
"display_name": "HBase Master Snapshot Waiting Timeout",
|
|
"name": "hbase_snapshot_master_timeoutMillis",
|
|
"value": "60000"
|
|
},
|
|
{
|
|
"desc": "The maximum amount of time the Hbase RegionServer waits for a snapshot to complete.",
|
|
"display_name": "HBase RegionServer Snapshot Timeout",
|
|
"name": "hbase_snapshot_region_timeout",
|
|
"value": "60000"
|
|
},
|
|
{
|
|
"desc": "If this is set to \"kerberos\", HBase REST Server will authenticate its clients. HBase Proxy User Hosts and Groups should be configured to allow specific users to access HBase through REST Server.",
|
|
"display_name": "HBase REST Authentication",
|
|
"name": "hbase_restserver_security_authentication",
|
|
"value": "simple"
|
|
},
|
|
{
|
|
"desc": "Specifies the combined maximum allowed size of a KeyValue instance. This option configures an upper boundary for a single entry saved in a storage file. This option prevents a region from splitting if the data is too large. Set this option to a fraction of the maximum region size. To disable this check, use a value of zero or less.",
|
|
"display_name": "Maximum Size of HBase Client KeyValue",
|
|
"name": "hbase_client_keyvalue_maxsize",
|
|
"value": "10485760"
|
|
},
|
|
{
|
|
"desc": "Enable snapshots. Disabling snapshots requires deletion of all snapshots before restarting the HBase master; the HBase master will not start if snapshots are disabled and snapshots exist.",
|
|
"display_name": "Enable Snapshots",
|
|
"name": "hbase_snapshot_enabled",
|
|
"value": "true"
|
|
},
|
|
{
|
|
"desc": "An alert is published if the HBase Hbck tool detects at least this many regions with errors across all tables in this service. If the value is not set, alerts will not be published based on the count of regions with errors.",
|
|
"display_name": "HBase Hbck Region Error Count Alert Threshold",
|
|
"name": "hbase_hbck_alert_region_error_count_threshold",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Maximum number of client retries. Used as a maximum for all operations such as fetching of the root region from the root RegionServer, getting a cell's value, and starting a row update.",
|
|
"display_name": "Maximum HBase Client Retries",
|
|
"name": "hbase_client_retries_number",
|
|
"value": "35"
|
|
},
|
|
{
|
|
"desc": "Set to true to use HBase Secure RPC Engine for remote procedure calls (RPC). This is only effective in simple authentication mode. Does not provide authentication for RPC calls, but provides user information in the audit logs. Changing this setting requires a restart of this and all dependent services and redeployment of client configurations, along with a restart of the Service Monitor management role.",
|
|
"display_name": "HBase Secure RPC Engine",
|
|
"name": "hbase_secure_rpc_engine",
|
|
"value": "false"
|
|
},
|
|
{
|
|
"desc": "For advanced use only, a list of configuration properties that will be used by the Service Monitor instead of the current client configuration for the service.",
|
|
"display_name": "Service Monitor Client Config Overrides",
|
|
"name": "smon_client_config_overrides",
|
|
"value": "<property><name>zookeeper.recovery.retry</name><value>0</value></property><property><name>zookeeper.recovery.retry.intervalmill</name><value>3000</value></property><property><name>hbase.zookeeper.recoverable.waittime</name><value>1000</value></property><property><name>zookeeper.session.timeout</name><value>30000</value></property><property><name>hbase.rpc.timeout</name><value>10000</value></property><property><name>hbase.client.retries.number</name><value>1</value></property><property><name>hbase.client.rpc.maxattempts</name><value>1</value></property><property><name>hbase.client.operation.timeout</name><value>10000</value></property>"
|
|
},
|
|
{
|
|
"desc": "AWS access key ID required to access S3 to store remote snapshots.",
|
|
"display_name": "AWS S3 Access Key ID for Remote Snapshots",
|
|
"name": "hbase_snapshot_s3_access_key_id",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Allow HBase tables to be replicated.",
|
|
"display_name": "Enable Replication",
|
|
"name": "hbase_enable_replication",
|
|
"value": "false"
|
|
},
|
|
{
|
|
"desc": "Enable HBase authorization.",
|
|
"display_name": "HBase Secure Authorization",
|
|
"name": "hbase_security_authorization",
|
|
"value": "false"
|
|
},
|
|
{
|
|
"desc": "Period of time, in milliseconds, to pause between searches for work. Used as a sleep interval by service threads such as a META scanner and log roller.",
|
|
"display_name": "HBase Server Thread Wake Frequency",
|
|
"name": "hbase_server_thread_wakefrequency",
|
|
"value": "10000"
|
|
},
|
|
{
|
|
"desc": "Enable collection of audit events from the service's roles.",
|
|
"display_name": "Enable Audit Collection",
|
|
"name": "navigator_audit_enabled",
|
|
"value": "true"
|
|
},
|
|
{
|
|
"desc": "The root znode for HBase in ZooKeeper. All of HBase's ZooKeeper files that are configured with a relative path will go under this node. By default, all of HBase's ZooKeeper file paths are configured with a relative path, so they will all go under this directory unless changed.",
|
|
"display_name": "ZooKeeper Znode Parent",
|
|
"name": "zookeeper_znode_parent",
|
|
"value": "/hbase"
|
|
},
|
|
{
|
|
"desc": "<p>The configured triggers for this service. This is a JSON formatted list of triggers. These triggers are evaluated as part as the health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed.</p><p>Each trigger has all of the following fields:</p><ul><li><code>triggerName</code> <strong>(mandatory)</strong> - The name of the trigger. This value must be unique for the specific service. </li><li><code>triggerExpression</code> <strong>(mandatory)</strong> - A tsquery expression representing the trigger. </li><li><code>streamThreshold</code> <strong>(optional)</strong> - The maximum number of streams that can satisfy a condition of a trigger before the condition fires. By default set to 0, and any stream returned causes the condition to fire. </li><li><code>enabled</code> <strong> (optional)</strong> - By default set to 'true'. If set to 'false', the trigger will not be evaluated.</li><li><code>expressionEditorConfig</code> <strong> (optional)</strong> - Metadata for the trigger editor. If present, the trigger should only be edited from the Edit Trigger page; editing the trigger here may lead to inconsistencies.</li></ul></p><p>For example, the followig JSON formatted trigger fires if there are more than 10 DataNodes with more than 500 file-descriptors opened:</p><p><pre>[{\"triggerName\": \"sample-trigger\",\n \"triggerExpression\": \"IF (SELECT fd_open WHERE roleType = DataNode and last(fd_open) > 500) DO health:bad\",\n \"streamThreshold\": 10, \"enabled\": \"true\"}]</pre></p><p>See the trigger rules documentation for more details on how to write triggers using tsquery.</p><p>The JSON format is evolving and may change in the future and, as a result, backward compatibility is not guaranteed between releases at this time.</p>",
|
|
"display_name": "Service Triggers",
|
|
"name": "service_triggers",
|
|
"value": "[]"
|
|
},
|
|
{
|
|
"desc": "AWS secret access key required to access S3 to store remote snapshots.",
|
|
"display_name": "AWS S3 Secret Access Key for Remote Snapshots",
|
|
"name": "hbase_snapshot_s3_secret_access_key",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Number of rows to fetch when calling next on a scanner if it is not served from memory. Higher caching values enable faster scanners but require more memory and some calls of next may take longer when the cache is empty.",
|
|
"display_name": "HBase Client Scanner Caching",
|
|
"name": "hbase_client_scanner_caching",
|
|
"value": "100"
|
|
},
|
|
{
|
|
"desc": "Tables to exclude in the HBase Region Health Canary which will scan a row from every region.",
|
|
"display_name": "HBase Region Health Canary Exclude Tables",
|
|
"name": "hbase_region_health_canary_exclude_tables",
|
|
"value": ""
|
|
},
|
|
{
|
|
"desc": "The maximum amount of time the HBase master waits for a snapshot to complete.",
|
|
"display_name": "HBase Master Snapshot Timeout",
|
|
"name": "hbase_snapshot_master_timeout_millis",
|
|
"value": "60000"
|
|
},
|
|
{
|
|
"desc": "AWS S3 path where remote snapshots should be stored.",
|
|
"display_name": "AWS S3 Path for Remote Snapshots",
|
|
"name": "hbase_snapshot_s3_path",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Start a process to periodically check that RegionServer is alive when RegionServer is started. <b>Note</b>: This canary is different from the Cloudera Service Monitoring canary and is provided by the HBase service itself.",
|
|
"display_name": "Enable HBase Canary",
|
|
"name": "hbase_regionserver_enable_canary",
|
|
"value": "false"
|
|
},
|
|
{
|
|
"desc": "Enable HDFS short circuit read. This allows a client co-located with the DataNode to read HDFS file blocks directly. This gives a performance boost to distributed clients that are aware of locality.",
|
|
"display_name": "Enable HDFS Short Circuit Read",
|
|
"name": "dfs_client_read_shortcircuit",
|
|
"value": "true"
|
|
},
|
|
{
|
|
"desc": "Path to ZooKeeper Node holding root region location. This is written by the HBase Master and read by clients and RegionServers. If a relative path is given, the parent folder will be ${zookeeper.znode.parent}. By default, the root location is stored at /hbase/root-region-server.",
|
|
"display_name": "ZooKeeper Znode Rootserver",
|
|
"name": "zookeeper_znode_rootserver",
|
|
"value": "root-region-server"
|
|
},
|
|
{
|
|
"desc": "When computing the overall HBase cluster health, consider the health of the backup HBase Masters.",
|
|
"display_name": "Backup Masters Health Test",
|
|
"name": "hbase_backup_masters_health_enabled",
|
|
"value": "true"
|
|
},
|
|
{
|
|
"desc": "Password that protects the private key contained in the server keystore used for encrypted web UIs.",
|
|
"display_name": "SSL Server Keystore Key Password",
|
|
"name": "ssl_server_keystore_keypassword",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "An alert is published if the HBase region health canary runs slowly.",
|
|
"display_name": "HBase Region Health Canary Slow Run Alert Enabled",
|
|
"name": "hbase_region_health_canary_slow_run_alert_enabled",
|
|
"value": "true"
|
|
},
|
|
{
|
|
"desc": "Name of the scheduler pool to use for MR jobs created during export/import of remote snapshots in AWS S3.",
|
|
"display_name": "Scheduler Pool for Remote Snapshots in AWS S3",
|
|
"name": "hbase_snapshot_s3_scheduler_pool",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "An alert is published if the HBase region health canary detects at least this percentage of total regions are unhealthy. This threshold is used if the explicit count is not set via the hbase_canary_alert_unhealthy_region_count_threshold config.",
|
|
"display_name": "HBase Canary Unhealthy Region Percentage Alert Threshold",
|
|
"name": "hbase_canary_alert_unhealthy_region_percent_threshold",
|
|
"value": "0.1"
|
|
},
|
|
{
|
|
"desc": "Duration to wait before starting up a 'hedged' read.",
|
|
"display_name": "HDFS Hedged Read Delay Threshold",
|
|
"name": "hbase_server_dfs_client_hedged_read_threshold_millis",
|
|
"value": "500"
|
|
},
|
|
{
|
|
"desc": "Enable SSL encryption for HBase web UIs.",
|
|
"display_name": "Web UI SSL Encryption Enabled",
|
|
"name": "hbase_hadoop_ssl_enabled",
|
|
"value": "false"
|
|
},
|
|
{
|
|
"desc": "List of users or groups, who are allowed full privileges, regardless of stored ACLs, across the cluster. Only used when HBase security is enabled.",
|
|
"display_name": "HBase Superusers",
|
|
"name": "hbase_superuser",
|
|
"value": ""
|
|
},
|
|
{
|
|
"desc": "Use this to allow proxy users on thrift gateway, which is mainly needed for \"doAs\" functionality.",
|
|
"display_name": "Enable HBase Thrift Proxy Users",
|
|
"name": "hbase_thriftserver_support_proxyuser",
|
|
"value": "false"
|
|
},
|
|
{
|
|
"desc": "Maximum number of hlog entries to replicate in one go. If this is large, and a consumer takes a while to process the events, the HBase RPC call will time out.",
|
|
"display_name": "Replication Batch Size",
|
|
"name": "hbase_replication_source_nb_capacity",
|
|
"value": "1000"
|
|
},
|
|
{
|
|
"desc": "ZooKeeper session timeout in milliseconds. HBase passes this to the ZooKeeper quorum as the suggested maximum time for a session. See http://hadoop.apache.org/zookeeper/docs/current/zookeeperProgrammers.html#ch_zkSessions The client sends a requested timeout, the server responds with the timeout that it can give the client.",
|
|
"display_name": "ZooKeeper Session Timeout",
|
|
"name": "zookeeper_session_timeout",
|
|
"value": "60000"
|
|
},
|
|
{
|
|
"desc": "Comma-delimited list of hosts where you want to allow the HBase user to impersonate other users. The default '*' allows all hosts. To disable entirely, use a string that does not correspond to a host name, such as '_no_host'. <b>Note:</b> This property is used only if HBase REST/Thrift Server Authentication is enabled.",
|
|
"display_name": "HBase Proxy User Hosts",
|
|
"name": "hbase_proxy_user_hosts_list",
|
|
"value": "*"
|
|
},
|
|
{
|
|
"desc": "Comma-delimited list of groups that you want to allow the HBase user to impersonate. The default '*' allows all groups. To disable entirely, use a string that does not correspond to a group name, such as '_no_group_'. <b>Note:</b> This property is used only if HBase REST/Thrift Server Authentication is enabled.",
|
|
"display_name": "HBase Proxy User Groups",
|
|
"name": "hbase_proxy_user_groups_list",
|
|
"value": "*"
|
|
},
|
|
{
|
|
"desc": "<p>\nConfigures the rules for event tracking and coalescing. This feature is\nused to define equivalency between different audit events. When\nevents match, according to a set of configurable parameters, only one\nentry in the audit list is generated for all the matching events.\n</p>\n\n<p>\nTracking works by keeping a reference to events when they first appear,\nand comparing other incoming events against the \"tracked\" events according\nto the rules defined here.\n</p>\n\n<p>Event trackers are defined in a JSON object like the following:</p>\n\n<pre>\n{\n \"timeToLive\" : [integer],\n \"fields\" : [\n {\n \"type\" : [string],\n \"name\" : [string]\n }\n ]\n}\n</pre>\n\n<p>\nWhere:\n</p>\n\n<ul>\n <li>timeToLive: maximum amount of time an event will be tracked, in\n milliseconds. Must be provided. This defines how long, since it's\n first seen, an event will be tracked. A value of 0 disables tracking.</li>\n\n <li>fields: list of fields to compare when matching events against\n tracked events.</li>\n</ul>\n\n<p>\nEach field has an evaluator type associated with it. The evaluator defines\nhow the field data is to be compared. The following evaluators are\navailable:\n</p>\n\n<ul>\n <li>value: uses the field value for comparison.</li>\n\n <li>username: treats the field value as a user name, and ignores any\n host-specific data. This is useful for environment using Kerberos,\n so that only the principal name and realm are compared.</li>\n</ul>\n\n<p>\nThe following is the list of fields that can used to compare HBase events:\n</p>\n<ul>\n <li>allowed: whether the operation was allowed or denied.</li>\n <li>username: the user performing the action.</li>\n <li>scope: the scopeof the operation.</li>\n <li>family: the column family afftected by the operation.</li>\n <li>qualifier: the qualifier the operation.</li>\n <li>action: the action being performed.</li>\n</ul>\n",
|
|
"display_name": "Audit Event Tracker",
|
|
"name": "navigator_event_tracker",
|
|
"value": "{\n \"comment\" : [\n \"Default event tracker for HBase services.\",\n \"Defines equality by comparing username, action, table name, family \",\n \"and qualifier of the events.\"\n ],\n \"timeToLive\" : 60000,\n \"fields\" : [\n { \"type\": \"value\", \"name\" : \"tableName\" },\n { \"type\": \"value\", \"name\" : \"family\" },\n { \"type\": \"value\", \"name\" : \"qualifier\" },\n { \"type\": \"value\", \"name\" : \"operation\" },\n { \"type\": \"username\", \"name\" : \"username\" }\n ]\n}\n"
|
|
},
|
|
{
|
|
"desc": "The tolerance window that will be used in HBase service tests that depend on detection of the active HBase Master.",
|
|
"display_name": "HBase Active Master Detection Window",
|
|
"name": "hbase_active_master_detecton_window",
|
|
"value": "3"
|
|
},
|
|
{
|
|
"desc": "For advanced use only, a string to be inserted into <strong>hbase-site.xml</strong>. Applies to configurations of all roles in this service except client configuration.",
|
|
"display_name": "HBase Service Advanced Configuration Snippet (Safety Valve) for hbase-site.xml",
|
|
"name": "hbase_service_config_safety_valve",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "Maximum number of rolled over audit logs to retain. The logs will not be deleted if they contain audit events that have not yet been propagated to Audit Server.",
|
|
"display_name": "Number of Audit Logs to Retain",
|
|
"name": "navigator_audit_log_max_backup_index",
|
|
"value": "10"
|
|
},
|
|
{
|
|
"desc": "Choose the authentication mechanism used by HBase.",
|
|
"display_name": "HBase Secure Authentication",
|
|
"name": "hbase_security_authentication",
|
|
"value": "simple"
|
|
},
|
|
{
|
|
"desc": "A general client pause time value. Used mostly as a time period to wait before retrying operations such as a failed get or region lookup.",
|
|
"display_name": "HBase Client Pause",
|
|
"name": "hbase_client_pause",
|
|
"value": "100"
|
|
},
|
|
{
|
|
"desc": "Name of the ZooKeeper service that this HBase service instance depends on.",
|
|
"display_name": "ZooKeeper Service",
|
|
"name": "zookeeper_service",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "If this is set, HBase Thrift Server authenticates its clients. HBase Proxy User Hosts and Groups should be configured to allow specific users to access HBase through Thrift Server.",
|
|
"display_name": "HBase Thrift Authentication",
|
|
"name": "hbase_thriftserver_security_authentication",
|
|
"value": "none"
|
|
},
|
|
{
|
|
"desc": "Kerberos principal used by all roles of this service.",
|
|
"display_name": "Kerberos Principal",
|
|
"name": "kerberos_princ_name",
|
|
"value": "hbase"
|
|
},
|
|
{
|
|
"desc": "The group that this service's processes should run as.",
|
|
"display_name": "System Group",
|
|
"name": "process_groupname",
|
|
"value": "hbase"
|
|
},
|
|
{
|
|
"desc": "The HDFS directory shared by HBase RegionServers.",
|
|
"display_name": "HDFS Root Directory",
|
|
"name": "hdfs_rootdir",
|
|
"value": "/hbase"
|
|
},
|
|
{
|
|
"desc": "The frequency in which the log4j event publication appender will retry sending undelivered log events to the Event server, in seconds",
|
|
"display_name": "Log Event Retry Frequency",
|
|
"name": "log_event_retry_frequency",
|
|
"value": "30"
|
|
},
|
|
{
|
|
"desc": "When set, Cloudera Manager will send alerts when this entity's configuration changes.",
|
|
"display_name": "Enable Configuration Change Alerts",
|
|
"name": "enable_config_alerts",
|
|
"value": "false"
|
|
},
|
|
{
|
|
"desc": "For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of all roles in this service except client configuration.",
|
|
"display_name": "HBase Service Environment Advanced Configuration Snippet (Safety Valve)",
|
|
"name": "hbase_service_env_safety_valve",
|
|
"value": null
|
|
},
|
|
{
|
|
"desc": "For advanced use only, a string to be inserted into the client configuration for <strong>navigator.client.properties</strong>.",
|
|
"display_name": "HBASE Client Advanced Configuration Snippet (Safety Valve) for navigator.client.properties",
|
|
"name": "navigator_client_config_safety_valve",
|
|
"value": null
|
|
}
|
|
] |