ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stoa...@apache.org
Subject [4/8] ambari git commit: AMBARI-21882. Throw an error if unsupported database JDBC driver is configured for HDP services. (stoader)
Date Wed, 06 Sep 2017 13:21:34 GMT
http://git-wip-us.apache.org/repos/asf/ambari/blob/a86e1618/ambari-server/src/test/python/common-services/configs/ranger_kms_default.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/common-services/configs/ranger_kms_default.json b/ambari-server/src/test/python/common-services/configs/ranger_kms_default.json
new file mode 100644
index 0000000..b6de743
--- /dev/null
+++ b/ambari-server/src/test/python/common-services/configs/ranger_kms_default.json
@@ -0,0 +1,802 @@
+{
+  "localComponents": [
+    "SECONDARY_NAMENODE",
+    "HDFS_CLIENT",
+    "DATANODE",
+    "NAMENODE",
+    "ZOOKEEPER_SERVER",
+    "ZOOKEEPER_CLIENT",
+    "RANGER_USERSYNC",
+    "RANGER_ADMIN",
+    "RANGER_TAGSYNC",
+    "RANGER_KMS_SERVER"
+  ],
+  "configuration_attributes": {
+    "ranger-hdfs-audit": {},
+    "ssl-client": {},
+    "ranger-admin-site": {},
+    "ranger-hdfs-policymgr-ssl": {},
+    "tagsync-application-properties": {},
+    "ranger-env": {},
+    "usersync-log4j": {},
+    "admin-properties": {},
+    "ranger-ugsync-site": {},
+    "hdfs-site": {
+      "final": {
+        "dfs.datanode.data.dir": "true",
+        "dfs.namenode.http-address": "true",
+        "dfs.datanode.failed.volumes.tolerated": "true",
+        "dfs.support.append": "true",
+        "dfs.namenode.name.dir": "true",
+        "dfs.webhdfs.enabled": "true"
+      }
+    },
+    "ranger-tagsync-site": {},
+    "zoo.cfg": {},
+    "hadoop-policy": {},
+    "hdfs-log4j": {},
+    "ranger-hdfs-plugin-properties": {},
+    "core-site": {
+      "final": {
+        "fs.defaultFS": "true"
+      }
+    },
+    "hadoop-env": {},
+    "zookeeper-log4j": {},
+    "ssl-server": {},
+    "ranger-site": {},
+    "admin-log4j": {},
+    "tagsync-log4j": {},
+    "ranger-hdfs-security": {},
+    "usersync-properties": {},
+    "zookeeper-env": {},
+    "cluster-env": {},
+    "dbks-site": {},
+    "kms-env": {},
+    "kms-log4j": {},
+    "kms-properties": {},
+    "kms-site": {},
+    "ranger-kms-security": {},
+    "ranger-kms-site": {},
+    "ranger-kms-policymgr-ssl": {},
+    "ranger-kms-audit": {}
+  },
+  "public_hostname": "c6401.ambari.apache.org",
+  "commandId": "9-1",
+  "hostname": "c6401.ambari.apache.org",
+  "kerberosCommandParams": [],
+  "serviceName": "RANGER_KMS",
+  "role": "RANGER_KMS_SERVER",
+  "forceRefreshConfigTagsBeforeExecution": [],
+  "requestId": 9,
+  "agentConfigParams": {
+    "agent": {
+      "parallel_execution": 0
+    }
+  },
+  "clusterName": "c1",
+  "commandType": "EXECUTION_COMMAND",
+  "taskId": 64,
+  "roleParams": {},
+  "configurationTags": {
+    "ranger-hdfs-audit": {
+      "tag": "version1466427664617"
+    },
+    "ssl-client": {
+      "tag": "version1"
+    },
+    "ranger-admin-site": {
+      "tag": "version1466427664621"
+    },
+    "ranger-hdfs-policymgr-ssl": {
+      "tag": "version1466427664617"
+    },
+    "tagsync-application-properties": {
+      "tag": "version1466427664621"
+    },
+    "ranger-env": {
+      "tag": "version1466427664621"
+    },
+    "usersync-log4j": {
+      "tag": "version1466427664621"
+    },
+    "admin-properties": {
+      "tag": "version1466427664621"
+    },
+    "ranger-ugsync-site": {
+      "tag": "version1466427664621"
+    },
+    "hdfs-site": {
+      "tag": "version1"
+    },
+    "ranger-tagsync-site": {
+      "tag": "version1466427664621"
+    },
+    "zoo.cfg": {
+      "tag": "version1"
+    },
+    "hadoop-policy": {
+      "tag": "version1"
+    },
+    "hdfs-log4j": {
+      "tag": "version1"
+    },
+    "ranger-hdfs-plugin-properties": {
+      "tag": "version1466427664617"
+    },
+    "core-site": {
+      "tag": "version1"
+    },
+    "hadoop-env": {
+      "tag": "version1"
+    },
+    "zookeeper-log4j": {
+      "tag": "version1"
+    },
+    "ssl-server": {
+      "tag": "version1"
+    },
+    "ranger-site": {
+      "tag": "version1466427664621"
+    },
+    "admin-log4j": {
+      "tag": "version1466427664621"
+    },
+    "tagsync-log4j": {
+      "tag": "version1466427664621"
+    },
+    "ranger-hdfs-security": {
+      "tag": "version1466427664617"
+    },
+    "usersync-properties": {
+      "tag": "version1466427664621"
+    },
+    "zookeeper-env": {
+      "tag": "version1"
+    },
+    "cluster-env": {
+      "tag": "version1"
+    },
+    "dbks-site": {
+      "tag": "version1"
+    },
+    "kms-env": {
+      "tag": "version1"
+    },
+    "kms-log4j": {
+      "tag": "version1"
+    },
+    "kms-properties": {
+      "tag": "version1"
+    },
+    "kms-site": {
+      "tag": "version1"
+    },
+    "ranger-kms-security": {
+      "tag": "version1"
+    },
+    "ranger-kms-site": {
+      "tag": "version1"
+    },
+    "ranger-kms-policymgr-ssl": {
+      "tag": "version1"
+    },
+    "ranger-kms-audit": {
+      "tag": "version1"
+    }
+  },
+  "roleCommand": "START",
+  "hostLevelParams": {
+    "agent_stack_retry_on_unavailability": "false",
+    "stack_name": "HDP",
+    "custom_mysql_jdbc_name": "mysql-connector-java.jar",
+    "previous_custom_mysql_jdbc_name": "mysql-connector-java-old.jar",
+    "host_sys_prepped": "false",
+    "ambari_db_rca_username": "mapred",
+    "mysql_jdbc_url": "http://c6401.ambari.apache.org:8080/resources//mysql-connector-java.jar",
+    "agent_stack_retry_count": "5",
+    "stack_version": "2.5",
+    "jdk_name": "jdk-8u60-linux-x64.tar.gz",
+    "ambari_db_rca_driver": "org.postgresql.Driver",
+    "java_home": "/usr/jdk64/jdk1.7.0_45",
+    "repository_version_id": "1",
+    "jdk_location": "http://c6401.ambari.apache.org:8080/resources/",
+    "not_managed_hdfs_path_list": "[\"/tmp\"]",
+    "ambari_db_rca_url": "jdbc:postgresql://c6401.ambari.apache.org/ambarirca",
+    "java_version": "8",
+    "repo_info": "[{\"baseUrl\":\"http://s3.amazonaws.com/dev.hortonworks.com/HDP/centos6/2.x/BUILDS/2.5.0.0-777\",\"osType\":\"redhat6\",\"repoId\":\"HDP-2.5\",\"repoName\":\"HDP\",\"defaultBaseUrl\":\"http://s3.amazonaws.com/dev.hortonworks.com/HDP/centos6/2.x/updates/2.5.0.0\",\"latestBaseUrl\":\"http://s3.amazonaws.com/dev.hortonworks.com/HDP/centos6/2.x/BUILDS/2.5.0.0-776\",\"baseSaved\":true},{\"baseUrl\":\"http://s3.amazonaws.com/dev.hortonworks.com/HDP-UTILS-1.1.0.21/repos/centos6\",\"osType\":\"redhat6\",\"repoId\":\"HDP-UTILS-1.1.0.21\",\"repoName\":\"HDP-UTILS\",\"defaultBaseUrl\":\"http://public-repo-1.hortonworks.com/HDP-UTILS-1.1.0.21/repos/centos6\",\"latestBaseUrl\":\"http://public-repo-1.hortonworks.com/HDP-UTILS-1.1.0.21/repos/centos6\",\"baseSaved\":true}]",
+    "package_list": "[{\"name\":\"ranger_${stack_version}-admin\",\"condition\":\"\",\"skipUpgrade\":false},{\"name\":\"ranger_${stack_version}-usersync\",\"condition\":\"\",\"skipUpgrade\":false},{\"name\":\"ranger_${stack_version}-tagsync\",\"condition\":\"should_install_ranger_tagsync\",\"skipUpgrade\":false},{\"name\":\"ambari-logsearch-solr-client\",\"condition\":\"should_install_logsearch_solr_client\",\"skipUpgrade\":false}]",
+    "db_name": "ambari",
+    "group_list": "[\"ranger\",\"hadoop\",\"users\"]",
+    "agentCacheDir": "/var/lib/ambari-agent/cache",
+    "ambari_db_rca_password": "mapred",
+    "jce_name": "UnlimitedJCEPolicyJDK7.zip",
+    "oracle_jdbc_url": "http://c6401.ambari.apache.org:8080/resources//ojdbc6.jar",
+    "db_driver_filename": "mysql-connector-java.jar",
+    "user_list": "[\"zookeeper\",\"ambari-qa\",\"ranger\",\"hdfs\"]",
+    "clientsToUpdateConfigs": "[\"*\"]"
+  },
+  "commandParams": {
+    "service_package_folder": "common-services/RANGER/0.4.0/package",
+    "script": "scripts/ranger_usersync.py",
+    "hooks_folder": "HDP/2.0.6/hooks",
+    "version": "2.5.0.0-777",
+    "max_duration_for_retries": "0",
+    "command_retry_enabled": "false",
+    "command_timeout": "600",
+    "script_type": "PYTHON"
+  },
+  "forceRefreshConfigTags": [],
+  "stageId": 1,
+  "clusterHostInfo": {
+    "snamenode_host": [
+      "c6401.ambari.apache.org"
+    ],
+    "ambari_server_use_ssl": [
+      "false"
+    ],
+    "all_ping_ports": [
+      "8670"
+    ],
+    "ranger_tagsync_hosts": [
+      "c6401.ambari.apache.org"
+    ],
+    "ranger_usersync_hosts": [
+      "c6401.ambari.apache.org"
+    ],
+    "all_hosts": [
+      "c6401.ambari.apache.org"
+    ],
+    "slave_hosts": [
+      "c6401.ambari.apache.org"
+    ],
+    "namenode_host": [
+      "c6401.ambari.apache.org"
+    ],
+    "ambari_server_port": [
+      "8080"
+    ],
+    "ranger_admin_hosts": [
+      "c6401.ambari.apache.org"
+    ],
+    "all_racks": [
+      "/default-rack"
+    ],
+    "all_ipv4_ips": [
+      "172.22.125.4"
+    ],
+    "ambari_server_host": [
+      "c6401.ambari.apache.org"
+    ],
+    "zookeeper_hosts": [
+      "c6401.ambari.apache.org"
+    ],
+    "ranger_kms_server_hosts": [
+      "c6401.ambari.apache.org"
+    ]
+  },
+  "configurations": {
+    "ranger-hdfs-audit": {
+      "xasecure.audit.destination.solr.zookeepers": "c6401.ambari.apache.org:2181/ranger_audits",
+      "xasecure.audit.destination.solr.urls": "",
+      "xasecure.audit.destination.solr.batch.filespool.dir": "/var/log/hadoop/hdfs/audit/solr/spool",
+      "xasecure.audit.destination.hdfs.batch.filespool.dir": "/var/log/hadoop/hdfs/audit/hdfs/spool",
+      "xasecure.audit.destination.hdfs": "true",
+      "xasecure.audit.destination.solr": "true",
+      "xasecure.audit.provider.summary.enabled": "false",
+      "xasecure.audit.destination.hdfs.dir": "hdfs://c6401.ambari.apache.org:8020/ranger/audit",
+      "xasecure.audit.is.enabled": "true"
+    },
+    "ssl-client": {
+      "ssl.client.truststore.reload.interval": "10000",
+      "ssl.client.keystore.password": "bigdata",
+      "ssl.client.truststore.type": "jks",
+      "ssl.client.keystore.location": "/etc/security/clientKeys/keystore.jks",
+      "ssl.client.truststore.location": "/etc/security/clientKeys/all.jks",
+      "ssl.client.truststore.password": "bigdata",
+      "ssl.client.keystore.type": "jks"
+    },
+    "ranger-admin-site": {
+      "ranger.admin.kerberos.cookie.domain": "",
+      "ranger.kms.service.user.hdfs": "hdfs",
+      "ranger.spnego.kerberos.principal": "",
+      "ranger.ldap.ad.url": "{{ranger_ug_ldap_url}}",
+      "ranger.plugins.hive.serviceuser": "hive",
+      "ranger.lookup.kerberos.keytab": "",
+      "ranger.plugins.kms.serviceuser": "kms",
+      "ranger.service.https.attrib.ssl.enabled": "false",
+      "ranger.sso.browser.useragent": "Mozilla,chrome",
+      "ranger.jpa.jdbc.url": "jdbc:mysql://c6401.ambari.apache.org:3306/ranger01",
+      "ranger.plugins.hbase.serviceuser": "hbase",
+      "ranger.plugins.hdfs.serviceuser": "hdfs",
+      "ranger.ldap.group.searchbase": "{{ranger_ug_ldap_group_searchbase}}",
+      "ranger.ldap.user.dnpattern": "uid={0},ou=users,dc=xasecure,dc=net",
+      "ranger.plugins.knox.serviceuser": "knox",
+      "ranger.ldap.base.dn": "dc=example,dc=com",
+      "ranger.sso.publicKey": "",
+      "ranger.admin.kerberos.cookie.path": "/",
+      "ranger.service.https.attrib.clientAuth": "want",
+      "ranger.jpa.jdbc.user": "{{ranger_db_user}}",
+      "ranger.ldap.ad.user.searchfilter": "(sAMAccountName={0})",
+      "ranger.ldap.group.roleattribute": "cn",
+      "ranger.plugins.kafka.serviceuser": "kafka",
+      "ranger.admin.kerberos.principal": "",
+      "ranger.ldap.ad.bind.dn": "{{ranger_ug_ldap_bind_dn}}",
+      "ranger.credential.provider.path": "/etc/ranger/admin/rangeradmin.jceks",
+      "ranger.ldap.referral": "ignore",
+      "ranger.service.http.port": "6080",
+      "ranger.ldap.user.searchfilter": "(uid={0})",
+      "ranger.plugins.atlas.serviceuser": "atlas",
+      "ranger.truststore.password": "changeit",
+      "ranger.ldap.bind.password": "{{ranger_usersync_ldap_ldapbindpassword}}",
+      "ranger.audit.solr.password": "NONE",
+      "ranger.audit.solr.zookeepers": "c6401.ambari.apache.org:2181/ranger_audits",
+      "ranger.lookup.kerberos.principal": "",
+      "ranger.service.https.port": "6182",
+      "ranger.plugins.storm.serviceuser": "storm",
+      "ranger.externalurl": "{{ranger_external_url}}",
+      "ranger.truststore.file": "/etc/ranger/admin/conf/ranger-admin-keystore.jks",
+      "ranger.kms.service.user.hive": "",
+      "ranger.https.attrib.keystore.file": "/etc/ranger/admin/conf/ranger-admin-keystore.jks",
+      "ranger.jpa.jdbc.dialect": "{{jdbc_dialect}}",
+      "ranger.service.host": "{{ranger_host}}",
+      "ranger.service.https.attrib.keystore.keyalias": "rangeradmin",
+      "ranger.service.https.attrib.keystore.pass": "xasecure",
+      "ranger.unixauth.remote.login.enabled": "true",
+      "ranger.jpa.jdbc.credential.alias": "rangeradmin",
+      "ranger.ldap.ad.bind.password": "{{ranger_usersync_ldap_ldapbindpassword}}",
+      "ranger.audit.solr.username": "ranger_solr",
+      "ranger.sso.enabled": "false",
+      "ranger.audit.solr.urls": "",
+      "ranger.ldap.ad.domain": "",
+      "ranger.plugins.yarn.serviceuser": "yarn",
+      "ranger.audit.source.type": "solr",
+      "ranger.ldap.bind.dn": "{{ranger_ug_ldap_bind_dn}}",
+      "ranger.ldap.url": "{{ranger_ug_ldap_url}}",
+      "ranger.authentication.method": "UNIX",
+      "ranger.service.http.enabled": "true",
+      "ranger.ldap.group.searchfilter": "{{ranger_ug_ldap_group_searchfilter}}",
+      "ranger.ldap.ad.referral": "ignore",
+      "ranger.ldap.ad.base.dn": "dc=example,dc=com",
+      "ranger.jpa.jdbc.password": "_",
+      "ranger.spnego.kerberos.keytab": "",
+      "ranger.sso.providerurl": "",
+      "ranger.unixauth.service.hostname": "{{ugsync_host}}",
+      "ranger.admin.kerberos.keytab": "",
+      "ranger.admin.kerberos.token.valid.seconds": "30",
+      "ranger.jpa.jdbc.driver": "com.mysql.jdbc.Driver",
+      "ranger.unixauth.service.port": "5151"
+    },
+    "ranger-hdfs-policymgr-ssl": {
+      "xasecure.policymgr.clientssl.keystore": "/usr/hdp/current/hadoop-client/conf/ranger-plugin-keystore.jks",
+      "xasecure.policymgr.clientssl.truststore.password": "changeit",
+      "xasecure.policymgr.clientssl.keystore.credential.file": "jceks://file{{credential_file}}",
+      "xasecure.policymgr.clientssl.truststore": "/usr/hdp/current/hadoop-client/conf/ranger-plugin-truststore.jks",
+      "xasecure.policymgr.clientssl.truststore.credential.file": "jceks://file{{credential_file}}",
+      "xasecure.policymgr.clientssl.keystore.password": "myKeyFilePassword"
+    },
+    "tagsync-application-properties": {
+      "atlas.kafka.entities.group.id": "ranger_entities_consumer",
+      "atlas.kafka.zookeeper.connect": "c6401.ambari.apache.org:2181",
+      "atlas.kafka.bootstrap.servers": "localhost:6667"
+    },
+    "ranger-env": {
+      "ranger_solr_shards": "1",
+      "ranger_solr_config_set": "ranger_audits",
+      "ranger_user": "ranger",
+      "xml_configurations_supported": "true",
+      "ranger-atlas-plugin-enabled": "No",
+      "ranger-hbase-plugin-enabled": "No",
+      "ranger-yarn-plugin-enabled": "No",
+      "bind_anonymous": "false",
+      "ranger_admin_username": "amb_ranger_admin",
+      "admin_password": "admin",
+      "is_solrCloud_enabled": "true",
+      "ranger-storm-plugin-enabled": "No",
+      "ranger-hdfs-plugin-enabled": "No",
+      "ranger_group": "ranger",
+      "ranger-knox-plugin-enabled": "No",
+      "ranger_admin_log_dir": "/var/log/ranger/admin",
+      "ranger-kafka-plugin-enabled": "No",
+      "ranger_privelege_user_jdbc_url": "jdbc:mysql://c6401.ambari.apache.org:3306",
+      "ranger-hive-plugin-enabled": "No",
+      "xasecure.audit.destination.solr": "true",
+      "ranger_pid_dir": "/var/run/ranger",
+      "xasecure.audit.destination.hdfs": "true",
+      "admin_username": "admin",
+      "xasecure.audit.destination.hdfs.dir": "hdfs://c6401.ambari.apache.org:8020/ranger/audit",
+      "create_db_dbuser": "true",
+      "ranger_solr_collection_name": "ranger_audits",
+      "ranger_admin_password": "P1!qLEQwP24KVlWY",
+      "ranger_usersync_log_dir": "/var/log/ranger/usersync"
+    },
+    "usersync-log4j": {
+      "content": "\n#\n# Licensed to the Apache Software Foundation (ASF) under one\n# or more contributor license agreements.  See the NOTICE file\n# distributed with this work for additional information\n# regarding copyright ownership.  The ASF licenses this file\n# to you under the Apache License, Version 2.0 (the\n# \"License\"); you may not use this file except in compliance\n# with the License.  You may obtain a copy of the License at\n#\n#      http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n#\n\nlog4j.rootLogger = info,logFile\n\n# logFile\nlog4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender\nlog4j.appender.logFile.file=${logdir}/usersync.log\nl
 og4j.appender.logFile.datePattern='.'yyyy-MM-dd\nlog4j.appender.logFile.layout=org.apache.log4j.PatternLayout\nlog4j.appender.logFile.layout.ConversionPattern=%d{dd MMM yyyy HH:mm:ss} %5p %c{1} [%t] - %m%n\n\n# console\nlog4j.appender.console=org.apache.log4j.ConsoleAppender\nlog4j.appender.console.Target=System.out\nlog4j.appender.console.layout=org.apache.log4j.PatternLayout\nlog4j.appender.console.layout.ConversionPattern=%d{dd MMM yyyy HH:mm:ss} %5p %c{1} [%t] - %m%n"
+    },
+    "admin-properties": {
+      "db_user": "rangeradmin01",
+      "DB_FLAVOR": "MYSQL",
+      "db_password": "rangeradmin01",
+      "db_root_user": "root",
+      "policymgr_external_url": "http://c6401.ambari.apache.org:6080",
+      "db_name": "ranger01",
+      "db_host": "c6401.ambari.apache.org",
+      "db_root_password": "vagrant",
+      "SQL_CONNECTOR_JAR": "{{driver_curl_target}}"
+    },
+    "ranger-ugsync-site": {
+      "ranger.usersync.ldap.binddn": "",
+      "ranger.usersync.policymgr.username": "rangerusersync",
+      "ranger.usersync.policymanager.mockrun": "false",
+      "ranger.usersync.group.searchbase": "",
+      "ranger.usersync.ldap.bindalias": "testldapalias",
+      "ranger.usersync.truststore.file": "/usr/hdp/current/ranger-usersync/conf/mytruststore.jks",
+      "ranger.usersync.port": "5151",
+      "ranger.usersync.pagedresultssize": "500",
+      "ranger.usersync.group.memberattributename": "",
+      "ranger.usersync.kerberos.principal": "",
+      "ranger.usersync.source.impl.class": "org.apache.ranger.unixusersync.process.UnixUserGroupBuilder",
+      "ranger.usersync.ldap.referral": "ignore",
+      "ranger.usersync.group.searchfilter": "",
+      "ranger.usersync.ldap.user.objectclass": "person",
+      "ranger.usersync.logdir": "{{usersync_log_dir}}",
+      "ranger.usersync.ldap.user.searchfilter": "",
+      "ranger.usersync.ldap.groupname.caseconversion": "none",
+      "ranger.usersync.ldap.ldapbindpassword": "",
+      "ranger.usersync.unix.minUserId": "500",
+      "ranger.usersync.policymanager.maxrecordsperapicall": "1000",
+      "ranger.usersync.group.nameattribute": "",
+      "ranger.usersync.policymgr.alias": "ranger.usersync.policymgr.password",
+      "ranger.usersync.keystore.file": "/usr/hdp/current/ranger-usersync/conf/unixauthservice.jks",
+      "ranger.usersync.user.searchenabled": "false",
+      "ranger.usersync.group.usermapsyncenabled": "true",
+      "ranger.usersync.ldap.bindkeystore": "",
+      "ranger.usersync.ldap.user.groupnameattribute": "memberof, ismemberof",
+      "ranger.usersync.kerberos.keytab": "",
+      "ranger.usersync.passwordvalidator.path": "./native/credValidator.uexe",
+      "ranger.usersync.group.objectclass": "",
+      "ranger.usersync.ldap.user.searchscope": "sub",
+      "ranger.usersync.unix.password.file": "/etc/passwd",
+      "ranger.usersync.ldap.user.nameattribute": "",
+      "ranger.usersync.pagedresultsenabled": "true",
+      "ranger.usersync.policymanager.baseURL": "{{ranger_external_url}}",
+      "ranger.usersync.group.search.first.enabled": "false",
+      "ranger.usersync.group.searchenabled": "false",
+      "ranger.usersync.sink.impl.class": "org.apache.ranger.unixusersync.process.PolicyMgrUserGroupBuilder",
+      "ranger.usersync.ssl": "true",
+      "ranger.usersync.ldap.url": "",
+      "ranger.usersync.ldap.searchBase": "dc=hadoop,dc=apache,dc=org",
+      "ranger.usersync.policymgr.keystore": "/usr/hdp/current/ranger-usersync/conf/ugsync.jceks",
+      "ranger.usersync.ldap.user.searchbase": "",
+      "ranger.usersync.ldap.username.caseconversion": "none",
+      "ranger.usersync.credstore.filename": "/usr/hdp/current/ranger-usersync/conf/ugsync.jceks",
+      "ranger.usersync.keystore.password": "UnIx529p",
+      "ranger.usersync.unix.group.file": "/etc/group",
+      "ranger.usersync.filesource.file": "/tmp/usergroup.txt",
+      "ranger.usersync.group.searchscope": "",
+      "ranger.usersync.truststore.password": "changeit",
+      "ranger.usersync.enabled": "true",
+      "ranger.usersync.sleeptimeinmillisbetweensynccycle": "60000",
+      "ranger.usersync.filesource.text.delimiter": ","
+    },
+    "hdfs-site": {
+      "dfs.namenode.checkpoint.period": "21600",
+      "dfs.namenode.avoid.write.stale.datanode": "true",
+      "dfs.namenode.startup.delay.block.deletion.sec": "3600",
+      "dfs.namenode.checkpoint.txns": "1000000",
+      "dfs.content-summary.limit": "5000",
+      "dfs.support.append": "true",
+      "dfs.datanode.address": "0.0.0.0:50010",
+      "dfs.cluster.administrators": " hdfs",
+      "dfs.namenode.audit.log.async": "true",
+      "dfs.datanode.balance.bandwidthPerSec": "6250000",
+      "dfs.namenode.safemode.threshold-pct": "1",
+      "dfs.namenode.checkpoint.edits.dir": "${dfs.namenode.checkpoint.dir}",
+      "dfs.namenode.rpc-address": "c6401.ambari.apache.org:8020",
+      "dfs.permissions.enabled": "true",
+      "dfs.client.read.shortcircuit": "true",
+      "dfs.https.port": "50470",
+      "dfs.namenode.https-address": "c6401.ambari.apache.org:50470",
+      "nfs.file.dump.dir": "/tmp/.hdfs-nfs",
+      "dfs.blocksize": "134217728",
+      "dfs.blockreport.initialDelay": "120",
+      "dfs.journalnode.edits.dir": "/hadoop/hdfs/journalnode",
+      "dfs.namenode.fslock.fair": "false",
+      "dfs.datanode.max.transfer.threads": "4096",
+      "dfs.heartbeat.interval": "3",
+      "dfs.replication": "3",
+      "dfs.namenode.handler.count": "50",
+      "dfs.namenode.checkpoint.dir": "/grid/0/hadoop/hdfs/namesecondary",
+      "fs.permissions.umask-mode": "022",
+      "dfs.namenode.stale.datanode.interval": "30000",
+      "dfs.datanode.ipc.address": "0.0.0.0:8010",
+      "dfs.datanode.failed.volumes.tolerated": "0",
+      "dfs.datanode.data.dir": "/grid/0/hadoop/hdfs/data",
+      "dfs.namenode.http-address": "c6401.ambari.apache.org:50070",
+      "dfs.webhdfs.enabled": "true",
+      "dfs.encrypt.data.transfer.cipher.suites": "AES/CTR/NoPadding",
+      "dfs.namenode.accesstime.precision": "0",
+      "dfs.datanode.https.address": "0.0.0.0:50475",
+      "dfs.namenode.write.stale.datanode.ratio": "1.0f",
+      "dfs.namenode.secondary.http-address": "c6401.ambari.apache.org:50090",
+      "nfs.exports.allowed.hosts": "* rw",
+      "dfs.datanode.http.address": "0.0.0.0:50075",
+      "dfs.datanode.du.reserved": "33011188224",
+      "dfs.client.read.shortcircuit.streams.cache.size": "4096",
+      "dfs.http.policy": "HTTP_ONLY",
+      "dfs.block.access.token.enable": "true",
+      "dfs.client.retry.policy.enabled": "false",
+      "dfs.namenode.name.dir.restore": "true",
+      "dfs.permissions.superusergroup": "hdfs",
+      "dfs.journalnode.https-address": "0.0.0.0:8481",
+      "dfs.journalnode.http-address": "0.0.0.0:8480",
+      "dfs.domain.socket.path": "/var/lib/hadoop-hdfs/dn_socket",
+      "dfs.namenode.avoid.read.stale.datanode": "true",
+      "dfs.hosts.exclude": "/etc/hadoop/conf/dfs.exclude",
+      "dfs.datanode.data.dir.perm": "750",
+      "dfs.encryption.key.provider.uri": "",
+      "dfs.replication.max": "50",
+      "dfs.namenode.name.dir": "/grid/0/hadoop/hdfs/namenode"
+    },
+    "ranger-tagsync-site": {
+      "ranger.tagsync.atlas.to.ranger.service.mapping": "",
+      "ranger.tagsync.dest.ranger.ssl.config.filename": "/usr/hdp/current/ranger-tagsync/conf/mytruststore.jks",
+      "ranger.tagsync.source.file.check.interval.millis": "",
+      "ranger.tagsync.logdir": "/var/log/ranger/tagsync",
+      "ranger.tagsync.source.atlasrest.download.interval.millis": "",
+      "ranger.tagsync.keystore.filename": "/usr/hdp/current/ranger-tagsync/conf/rangertagsync.jceks",
+      "ranger.tagsync.source.atlasrest.endpoint": "",
+      "ranger.tagsync.dest.ranger.username": "rangertagsync",
+      "ranger.tagsync.kerberos.principal": "",
+      "ranger.tagsync.dest.ranger.endpoint": "{{ranger_external_url}}",
+      "ranger.tagsync.atlas.custom.resource.mappers": "",
+      "ranger.tagsync.kerberos.keytab": "",
+      "ranger.tagsync.source.atlas": "false",
+      "ranger.tagsync.source.atlasrest": "false",
+      "ranger.tagsync.source.file": "false",
+      "ranger.tagsync.source.file.filename": ""
+    },
+    "zoo.cfg": {
+      "clientPort": "2181",
+      "autopurge.purgeInterval": "24",
+      "syncLimit": "5",
+      "dataDir": "/grid/0/hadoop/zookeeper",
+      "initLimit": "10",
+      "tickTime": "2000",
+      "autopurge.snapRetainCount": "30"
+    },
+    "hadoop-policy": {
+      "security.job.client.protocol.acl": "*",
+      "security.job.task.protocol.acl": "*",
+      "security.datanode.protocol.acl": "*",
+      "security.namenode.protocol.acl": "*",
+      "security.client.datanode.protocol.acl": "*",
+      "security.inter.tracker.protocol.acl": "*",
+      "security.refresh.usertogroups.mappings.protocol.acl": "hadoop",
+      "security.client.protocol.acl": "*",
+      "security.refresh.policy.protocol.acl": "hadoop",
+      "security.admin.operations.protocol.acl": "hadoop",
+      "security.inter.datanode.protocol.acl": "*"
+    },
+    "hdfs-log4j": {
+      "content": "\n#\n# Licensed to the Apache Software Foundation (ASF) under one\n# or more contributor license agreements.  See the NOTICE file\n# distributed with this work for additional information\n# regarding copyright ownership.  The ASF licenses this file\n# to you under the Apache License, Version 2.0 (the\n# \"License\"); you may not use this file except in compliance\n# with the License.  You may obtain a copy of the License at\n#\n#  http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing,\n# software distributed under the License is distributed on an\n# \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n# KIND, either express or implied.  See the License for the\n# specific language governing permissions and limitations\n# under the License.\n#\n\n\n# Define some default values that can be overridden by system properties\n# To change daemon root logger use hadoop_root_logger in hadoop-env\nhadoop.root.logger=I
 NFO,console\nhadoop.log.dir=.\nhadoop.log.file=hadoop.log\n\n\n# Define the root logger to the system property \"hadoop.root.logger\".\nlog4j.rootLogger=${hadoop.root.logger}, EventCounter\n\n# Logging Threshold\nlog4j.threshhold=ALL\n\n#\n# Daily Rolling File Appender\n#\n\nlog4j.appender.DRFA=org.apache.log4j.DailyRollingFileAppender\nlog4j.appender.DRFA.File=${hadoop.log.dir}/${hadoop.log.file}\n\n# Rollver at midnight\nlog4j.appender.DRFA.DatePattern=.yyyy-MM-dd\n\n# 30-day backup\n#log4j.appender.DRFA.MaxBackupIndex=30\nlog4j.appender.DRFA.layout=org.apache.log4j.PatternLayout\n\n# Pattern format: Date LogLevel LoggerName LogMessage\nlog4j.appender.DRFA.layout.ConversionPattern=%d{ISO8601} %p %c: %m%n\n# Debugging Pattern format\n#log4j.appender.DRFA.layout.ConversionPattern=%d{ISO8601} %-5p %c{2} (%F:%M(%L)) - %m%n\n\n\n#\n# console\n# Add \"console\" to rootlogger above if you want to use this\n#\n\nlog4j.appender.console=org.apache.log4j.ConsoleAppender\nlog4j.appender.conso
 le.target=System.err\nlog4j.appender.console.layout=org.apache.log4j.PatternLayout\nlog4j.appender.console.layout.ConversionPattern=%d{yy/MM/dd HH:mm:ss} %p %c{2}: %m%n\n\n#\n# TaskLog Appender\n#\n\n#Default values\nhadoop.tasklog.taskid=null\nhadoop.tasklog.iscleanup=false\nhadoop.tasklog.noKeepSplits=4\nhadoop.tasklog.totalLogFileSize=100\nhadoop.tasklog.purgeLogSplits=true\nhadoop.tasklog.logsRetainHours=12\n\nlog4j.appender.TLA=org.apache.hadoop.mapred.TaskLogAppender\nlog4j.appender.TLA.taskId=${hadoop.tasklog.taskid}\nlog4j.appender.TLA.isCleanup=${hadoop.tasklog.iscleanup}\nlog4j.appender.TLA.totalLogFileSize=${hadoop.tasklog.totalLogFileSize}\n\nlog4j.appender.TLA.layout=org.apache.log4j.PatternLayout\nlog4j.appender.TLA.layout.ConversionPattern=%d{ISO8601} %p %c: %m%n\n\n#\n#Security audit appender\n#\nhadoop.security.logger=INFO,console\nhadoop.security.log.maxfilesize=256MB\nhadoop.security.log.maxbackupindex=20\nlog4j.category.SecurityLogger=${hadoop.security.logger}\nh
 adoop.security.log.file=SecurityAuth.audit\nlog4j.appender.DRFAS=org.apache.log4j.DailyRollingFileAppender\nlog4j.appender.DRFAS.File=${hadoop.log.dir}/${hadoop.security.log.file}\nlog4j.appender.DRFAS.layout=org.apache.log4j.PatternLayout\nlog4j.appender.DRFAS.layout.ConversionPattern=%d{ISO8601} %p %c: %m%n\nlog4j.appender.DRFAS.DatePattern=.yyyy-MM-dd\n\nlog4j.appender.RFAS=org.apache.log4j.RollingFileAppender\nlog4j.appender.RFAS.File=${hadoop.log.dir}/${hadoop.security.log.file}\nlog4j.appender.RFAS.layout=org.apache.log4j.PatternLayout\nlog4j.appender.RFAS.layout.ConversionPattern=%d{ISO8601} %p %c: %m%n\nlog4j.appender.RFAS.MaxFileSize=${hadoop.security.log.maxfilesize}\nlog4j.appender.RFAS.MaxBackupIndex=${hadoop.security.log.maxbackupindex}\n\n#\n# hdfs audit logging\n#\nhdfs.audit.logger=INFO,console\nlog4j.logger.org.apache.hadoop.hdfs.server.namenode.FSNamesystem.audit=${hdfs.audit.logger}\nlog4j.additivity.org.apache.hadoop.hdfs.server.namenode.FSNamesystem.audit=false\
 nlog4j.appender.DRFAAUDIT=org.apache.log4j.DailyRollingFileAppender\nlog4j.appender.DRFAAUDIT.File=${hadoop.log.dir}/hdfs-audit.log\nlog4j.appender.DRFAAUDIT.layout=org.apache.log4j.PatternLayout\nlog4j.appender.DRFAAUDIT.layout.ConversionPattern=%d{ISO8601} %p %c{2}: %m%n\nlog4j.appender.DRFAAUDIT.DatePattern=.yyyy-MM-dd\n\n#\n# NameNode metrics logging.\n# The default is to retain two namenode-metrics.log files up to 64MB each.\n#\nnamenode.metrics.logger=INFO,NullAppender\nlog4j.logger.NameNodeMetricsLog=${namenode.metrics.logger}\nlog4j.additivity.NameNodeMetricsLog=false\nlog4j.appender.NNMETRICSRFA=org.apache.log4j.RollingFileAppender\nlog4j.appender.NNMETRICSRFA.File=${hadoop.log.dir}/namenode-metrics.log\nlog4j.appender.NNMETRICSRFA.layout=org.apache.log4j.PatternLayout\nlog4j.appender.NNMETRICSRFA.layout.ConversionPattern=%d{ISO8601} %m%n\nlog4j.appender.NNMETRICSRFA.MaxBackupIndex=1\nlog4j.appender.NNMETRICSRFA.MaxFileSize=64MB\n\n#\n# mapred audit logging\n#\nmapred.audit
 .logger=INFO,console\nlog4j.logger.org.apache.hadoop.mapred.AuditLogger=${mapred.audit.logger}\nlog4j.additivity.org.apache.hadoop.mapred.AuditLogger=false\nlog4j.appender.MRAUDIT=org.apache.log4j.DailyRollingFileAppender\nlog4j.appender.MRAUDIT.File=${hadoop.log.dir}/mapred-audit.log\nlog4j.appender.MRAUDIT.layout=org.apache.log4j.PatternLayout\nlog4j.appender.MRAUDIT.layout.ConversionPattern=%d{ISO8601} %p %c{2}: %m%n\nlog4j.appender.MRAUDIT.DatePattern=.yyyy-MM-dd\n\n#\n# Rolling File Appender\n#\n\nlog4j.appender.RFA=org.apache.log4j.RollingFileAppender\nlog4j.appender.RFA.File=${hadoop.log.dir}/${hadoop.log.file}\n\n# Logfile size and and 30-day backups\nlog4j.appender.RFA.MaxFileSize=256MB\nlog4j.appender.RFA.MaxBackupIndex=10\n\nlog4j.appender.RFA.layout=org.apache.log4j.PatternLayout\nlog4j.appender.RFA.layout.ConversionPattern=%d{ISO8601} %-5p %c{2} - %m%n\nlog4j.appender.RFA.layout.ConversionPattern=%d{ISO8601} %-5p %c{2} (%F:%M(%L)) - %m%n\n\n\n# Custom Logging levels\n\n
 hadoop.metrics.log.level=INFO\n#log4j.logger.org.apache.hadoop.mapred.JobTracker=DEBUG\n#log4j.logger.org.apache.hadoop.mapred.TaskTracker=DEBUG\n#log4j.logger.org.apache.hadoop.fs.FSNamesystem=DEBUG\nlog4j.logger.org.apache.hadoop.metrics2=${hadoop.metrics.log.level}\n\n# Jets3t library\nlog4j.logger.org.jets3t.service.impl.rest.httpclient.RestS3Service=ERROR\n\n#\n# Null Appender\n# Trap security logger on the hadoop client side\n#\nlog4j.appender.NullAppender=org.apache.log4j.varia.NullAppender\n\n#\n# Event Counter Appender\n# Sends counts of logging messages at different severity levels to Hadoop Metrics.\n#\nlog4j.appender.EventCounter=org.apache.hadoop.log.metrics.EventCounter\n\n# Removes \"deprecated\" messages\nlog4j.logger.org.apache.hadoop.conf.Configuration.deprecation=WARN\n\n#\n# HDFS block state change log from block manager\n#\n# Uncomment the following to suppress normal block state change\n# messages from BlockManager in NameNode.\n#log4j.logger.BlockStateChange=W
 ARN"
+    },
+    "ranger-hdfs-plugin-properties": {
+      "hadoop.rpc.protection": "authentication",
+      "ranger-hdfs-plugin-enabled": "No",
+      "REPOSITORY_CONFIG_USERNAME": "hadoop",
+      "policy_user": "ambari-qa",
+      "common.name.for.certificate": "",
+      "REPOSITORY_CONFIG_PASSWORD": "hadoop"
+    },
+    "core-site": {
+      "hadoop.proxyuser.root.hosts": "*",
+      "io.serializations": "org.apache.hadoop.io.serializer.WritableSerialization",
+      "fs.trash.interval": "360",
+      "ha.failover-controller.active-standby-elector.zk.op.retries": "120",
+      "hadoop.http.authentication.simple.anonymous.allowed": "true",
+      "hadoop.security.authentication": "simple",
+      "hadoop.proxyuser.root.groups": "*",
+      "ipc.client.connection.maxidletime": "30000",
+      "hadoop.security.key.provider.path": "",
+      "mapreduce.jobtracker.webinterface.trusted": "false",
+      "hadoop.security.authorization": "false",
+      "net.topology.script.file.name": "/etc/hadoop/conf/topology_script.py",
+      "ipc.server.tcpnodelay": "true",
+      "ipc.client.connect.max.retries": "50",
+      "hadoop.security.auth_to_local": "DEFAULT",
+      "io.file.buffer.size": "131072",
+      "hadoop.proxyuser.hdfs.hosts": "*",
+      "hadoop.proxyuser.hdfs.groups": "*",
+      "ipc.client.idlethreshold": "8000",
+      "fs.defaultFS": "hdfs://c6401.ambari.apache.org:8020",
+      "io.compression.codecs": "org.apache.hadoop.io.compress.GzipCodec,org.apache.hadoop.io.compress.DefaultCodec,org.apache.hadoop.io.compress.SnappyCodec"
+    },
+    "hadoop-env": {
+      "keyserver_port": "",
+      "proxyuser_group": "users",
+      "hdfs_user_nproc_limit": "65536",
+      "hdfs_log_dir_prefix": "/var/log/hadoop",
+      "hdfs_user_nofile_limit": "128000",
+      "hdfs_user": "hdfs",
+      "keyserver_host": " ",
+      "namenode_opt_maxnewsize": "128m",
+      "namenode_opt_maxpermsize": "256m",
+      "content": "\n# Set Hadoop-specific environment variables here.\n\n# The only required environment variable is JAVA_HOME.  All others are\n# optional.  When running a distributed configuration it is best to\n# set JAVA_HOME in this file, so that it is correctly defined on\n# remote nodes.\n\n# The java implementation to use.  Required.\nexport JAVA_HOME={{java_home}}\nexport HADOOP_HOME_WARN_SUPPRESS=1\n\n# Hadoop home directory\nexport HADOOP_HOME=${HADOOP_HOME:-{{hadoop_home}}}\n\n# Hadoop Configuration Directory\n\n{# this is different for HDP1 #}\n# Path to jsvc required by secure HDP 2.0 datanode\nexport JSVC_HOME={{jsvc_path}}\n\n\n# The maximum amount of heap to use, in MB. Default is 1000.\nexport HADOOP_HEAPSIZE=\"{{hadoop_heapsize}}\"\n\nexport HADOOP_NAMENODE_INIT_HEAPSIZE=\"-Xms{{namenode_heapsize}}\"\n\n# Extra Java runtime options.  Empty by default.\nexport HADOOP_OPTS=\"-Djava.net.preferIPv4Stack=true ${HADOOP_OPTS}\"\n\n# Command specific options appended to H
 ADOOP_OPTS when specified\nHADOOP_JOBTRACKER_OPTS=\"-server -XX:ParallelGCThreads=8 -XX:+UseConcMarkSweepGC -XX:ErrorFile={{hdfs_log_dir_prefix}}/$USER/hs_err_pid%p.log -XX:NewSize={{jtnode_opt_newsize}} -XX:MaxNewSize={{jtnode_opt_maxnewsize}} -Xloggc:{{hdfs_log_dir_prefix}}/$USER/gc.log-`date +'%Y%m%d%H%M'` -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -XX:+PrintGCDateStamps -Xmx{{jtnode_heapsize}} -Dhadoop.security.logger=INFO,DRFAS -Dmapred.audit.logger=INFO,MRAUDIT -Dhadoop.mapreduce.jobsummary.logger=INFO,JSA ${HADOOP_JOBTRACKER_OPTS}\"\n\nHADOOP_TASKTRACKER_OPTS=\"-server -Xmx{{ttnode_heapsize}} -Dhadoop.security.logger=ERROR,console -Dmapred.audit.logger=ERROR,console ${HADOOP_TASKTRACKER_OPTS}\"\n\n{% if java_version < 8 %}\nSHARED_HADOOP_NAMENODE_OPTS=\"-server -XX:ParallelGCThreads=8 -XX:+UseConcMarkSweepGC -XX:ErrorFile={{hdfs_log_dir_prefix}}/$USER/hs_err_pid%p.log -XX:NewSize={{namenode_opt_newsize}} -XX:MaxNewSize={{namenode_opt_maxnewsize}} -XX:PermSize={{na
 menode_opt_permsize}} -XX:MaxPermSize={{namenode_opt_maxpermsize}} -Xloggc:{{hdfs_log_dir_prefix}}/$USER/gc.log-`date +'%Y%m%d%H%M'` -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -XX:+PrintGCDateStamps -XX:CMSInitiatingOccupancyFraction=70 -XX:+UseCMSInitiatingOccupancyOnly -Xms{{namenode_heapsize}} -Xmx{{namenode_heapsize}} -Dhadoop.security.logger=INFO,DRFAS -Dhdfs.audit.logger=INFO,DRFAAUDIT\"\nexport HADOOP_NAMENODE_OPTS=\"${SHARED_HADOOP_NAMENODE_OPTS} -XX:OnOutOfMemoryError=\\\"/usr/hdp/current/hadoop-hdfs-namenode/bin/kill-name-node\\\" -Dorg.mortbay.jetty.Request.maxFormContentSize=-1 ${HADOOP_NAMENODE_OPTS}\"\nexport HADOOP_DATANODE_OPTS=\"-server -XX:ParallelGCThreads=4 -XX:+UseConcMarkSweepGC -XX:ErrorFile=/var/log/hadoop/$USER/hs_err_pid%p.log -XX:NewSize=200m -XX:MaxNewSize=200m -XX:PermSize=128m -XX:MaxPermSize=256m -Xloggc:/var/log/hadoop/$USER/gc.log-`date +'%Y%m%d%H%M'` -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -XX:+PrintGCDateStamps -Xms{{dtno
 de_heapsize}} -Xmx{{dtnode_heapsize}} -Dhadoop.security.logger=INFO,DRFAS -Dhdfs.audit.logger=INFO,DRFAAUDIT ${HADOOP_DATANODE_OPTS}\"\n\nexport HADOOP_SECONDARYNAMENODE_OPTS=\"${SHARED_HADOOP_NAMENODE_OPTS} -XX:OnOutOfMemoryError=\\\"/usr/hdp/current/hadoop-hdfs-secondarynamenode/bin/kill-secondary-name-node\\\" ${HADOOP_SECONDARYNAMENODE_OPTS}\"\n\n# The following applies to multiple commands (fs, dfs, fsck, distcp etc)\nexport HADOOP_CLIENT_OPTS=\"-Xmx${HADOOP_HEAPSIZE}m -XX:MaxPermSize=512m $HADOOP_CLIENT_OPTS\"\n\n{% else %}\nSHARED_HADOOP_NAMENODE_OPTS=\"-server -XX:ParallelGCThreads=8 -XX:+UseConcMarkSweepGC -XX:ErrorFile={{hdfs_log_dir_prefix}}/$USER/hs_err_pid%p.log -XX:NewSize={{namenode_opt_newsize}} -XX:MaxNewSize={{namenode_opt_maxnewsize}} -Xloggc:{{hdfs_log_dir_prefix}}/$USER/gc.log-`date +'%Y%m%d%H%M'` -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -XX:+PrintGCDateStamps -XX:CMSInitiatingOccupancyFraction=70 -XX:+UseCMSInitiatingOccupancyOnly -Xms{{namenode_h
 eapsize}} -Xmx{{namenode_heapsize}} -Dhadoop.security.logger=INFO,DRFAS -Dhdfs.audit.logger=INFO,DRFAAUDIT\"\nexport HADOOP_NAMENODE_OPTS=\"${SHARED_HADOOP_NAMENODE_OPTS} -XX:OnOutOfMemoryError=\\\"/usr/hdp/current/hadoop-hdfs-namenode/bin/kill-name-node\\\" -Dorg.mortbay.jetty.Request.maxFormContentSize=-1 ${HADOOP_NAMENODE_OPTS}\"\nexport HADOOP_DATANODE_OPTS=\"-server -XX:ParallelGCThreads=4 -XX:+UseConcMarkSweepGC -XX:ErrorFile=/var/log/hadoop/$USER/hs_err_pid%p.log -XX:NewSize=200m -XX:MaxNewSize=200m -Xloggc:/var/log/hadoop/$USER/gc.log-`date +'%Y%m%d%H%M'` -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -XX:+PrintGCDateStamps -Xms{{dtnode_heapsize}} -Xmx{{dtnode_heapsize}} -Dhadoop.security.logger=INFO,DRFAS -Dhdfs.audit.logger=INFO,DRFAAUDIT ${HADOOP_DATANODE_OPTS}\"\n\nexport HADOOP_SECONDARYNAMENODE_OPTS=\"${SHARED_HADOOP_NAMENODE_OPTS} -XX:OnOutOfMemoryError=\\\"/usr/hdp/current/hadoop-hdfs-secondarynamenode/bin/kill-secondary-name-node\\\" ${HADOOP_SECONDARYNAMENO
 DE_OPTS}\"\n\n# The following applies to multiple commands (fs, dfs, fsck, distcp etc)\nexport HADOOP_CLIENT_OPTS=\"-Xmx${HADOOP_HEAPSIZE}m $HADOOP_CLIENT_OPTS\"\n{% endif %}\n\nHADOOP_NFS3_OPTS=\"-Xmx{{nfsgateway_heapsize}}m -Dhadoop.security.logger=ERROR,DRFAS ${HADOOP_NFS3_OPTS}\"\nHADOOP_BALANCER_OPTS=\"-server -Xmx{{hadoop_heapsize}}m ${HADOOP_BALANCER_OPTS}\"\n\n\n# On secure datanodes, user to run the datanode as after dropping privileges\nexport HADOOP_SECURE_DN_USER=${HADOOP_SECURE_DN_USER:-{{hadoop_secure_dn_user}}}\n\n# Extra ssh options.  Empty by default.\nexport HADOOP_SSH_OPTS=\"-o ConnectTimeout=5 -o SendEnv=HADOOP_CONF_DIR\"\n\n# Where log files are stored.  $HADOOP_HOME/logs by default.\nexport HADOOP_LOG_DIR={{hdfs_log_dir_prefix}}/$USER\n\n# History server logs\nexport HADOOP_MAPRED_LOG_DIR={{mapred_log_dir_prefix}}/$USER\n\n# Where log files are stored in the secure data environment.\nexport HADOOP_SECURE_DN_LOG_DIR={{hdfs_log_dir_prefix}}/$HADOOP_SECURE_DN_USER
 \n\n# File naming remote slave hosts.  $HADOOP_HOME/conf/slaves by default.\n# export HADOOP_SLAVES=${HADOOP_HOME}/conf/slaves\n\n# host:path where hadoop code should be rsync'd from.  Unset by default.\n# export HADOOP_MASTER=master:/home/$USER/src/hadoop\n\n# Seconds to sleep between slave commands.  Unset by default.  This\n# can be useful in large clusters, where, e.g., slave rsyncs can\n# otherwise arrive faster than the master can service them.\n# export HADOOP_SLAVE_SLEEP=0.1\n\n# The directory where pid files are stored. /tmp by default.\nexport HADOOP_PID_DIR={{hadoop_pid_dir_prefix}}/$USER\nexport HADOOP_SECURE_DN_PID_DIR={{hadoop_pid_dir_prefix}}/$HADOOP_SECURE_DN_USER\n\n# History server pid\nexport HADOOP_MAPRED_PID_DIR={{mapred_pid_dir_prefix}}/$USER\n\nYARN_RESOURCEMANAGER_OPTS=\"-Dyarn.server.resourcemanager.appsummary.logger=INFO,RMSUMMARY\"\n\n# A string representing this instance of hadoop. $USER by default.\nexport HADOOP_IDENT_STRING=$USER\n\n# The scheduling pr
 iority for daemon processes.  See 'man nice'.\n\n# export HADOOP_NICENESS=10\n\n# Add database libraries\nJAVA_JDBC_LIBS=\"\"\nif [ -d \"/usr/share/java\" ]; then\n  for jarFile in `ls /usr/share/java | grep -E \"(mysql|ojdbc|postgresql|sqljdbc)\" 2>/dev/null`\n  do\n    JAVA_JDBC_LIBS=${JAVA_JDBC_LIBS}:$jarFile\n  done\nfi\n\n# Add libraries to the hadoop classpath - some may not need a colon as they already include it\nexport HADOOP_CLASSPATH=${HADOOP_CLASSPATH}${JAVA_JDBC_LIBS}\n\n# Setting path to hdfs command line\nexport HADOOP_LIBEXEC_DIR={{hadoop_libexec_dir}}\n\n# Mostly required for hadoop 2.0\nexport JAVA_LIBRARY_PATH=${JAVA_LIBRARY_PATH}\n\nexport HADOOP_OPTS=\"-Dhdp.version=$HDP_VERSION $HADOOP_OPTS\"\n\n{% if is_datanode_max_locked_memory_set %}\n# Fix temporary bug, when ulimit from conf files is not picked up, without full relogin. \n# Makes sense to fix only when runing DN as root \nif [ \"$command\" == \"datanode\" ] && [ \"$EUID\" -eq 0 ] && [ -n \"$HADOOP_SECURE_
 DN_USER\" ]; then\n  ulimit -l {{datanode_max_locked_memory}}\nfi\n{% endif %}",
+      "namenode_heapsize": "1024m",
+      "namenode_opt_newsize": "128m",
+      "nfsgateway_heapsize": "1024",
+      "dtnode_heapsize": "1024m",
+      "hadoop_root_logger": "INFO,RFA",
+      "hadoop_heapsize": "1024",
+      "hadoop_pid_dir_prefix": "/var/run/hadoop",
+      "namenode_opt_permsize": "128m",
+      "hdfs_tmp_dir": "/tmp"
+    },
+    "zookeeper-log4j": {
+      "content": "\n#\n#\n# Licensed to the Apache Software Foundation (ASF) under one\n# or more contributor license agreements.  See the NOTICE file\n# distributed with this work for additional information\n# regarding copyright ownership.  The ASF licenses this file\n# to you under the Apache License, Version 2.0 (the\n# \"License\"); you may not use this file except in compliance\n# with the License.  You may obtain a copy of the License at\n#\n#   http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing,\n# software distributed under the License is distributed on an\n# \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n# KIND, either express or implied.  See the License for the\n# specific language governing permissions and limitations\n# under the License.\n#\n#\n#\n\n#\n# ZooKeeper Logging Configuration\n#\n\n# DEFAULT: console appender only\nlog4j.rootLogger=INFO, CONSOLE\n\n# Example with rolling log file\n#log4j.root
 Logger=DEBUG, CONSOLE, ROLLINGFILE\n\n# Example with rolling log file and tracing\n#log4j.rootLogger=TRACE, CONSOLE, ROLLINGFILE, TRACEFILE\n\n#\n# Log INFO level and above messages to the console\n#\nlog4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender\nlog4j.appender.CONSOLE.Threshold=INFO\nlog4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout\nlog4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} - %-5p [%t:%C{1}@%L] - %m%n\n\n#\n# Add ROLLINGFILE to rootLogger to get log file output\n#    Log DEBUG level and above messages to a log file\nlog4j.appender.ROLLINGFILE=org.apache.log4j.RollingFileAppender\nlog4j.appender.ROLLINGFILE.Threshold=DEBUG\nlog4j.appender.ROLLINGFILE.File=zookeeper.log\n\n# Max log file size of 10MB\nlog4j.appender.ROLLINGFILE.MaxFileSize=10MB\n# uncomment the next line to limit number of backup files\n#log4j.appender.ROLLINGFILE.MaxBackupIndex=10\n\nlog4j.appender.ROLLINGFILE.layout=org.apache.log4j.PatternLayout\nlog4j.appender.ROLLINGFILE.
 layout.ConversionPattern=%d{ISO8601} - %-5p [%t:%C{1}@%L] - %m%n\n\n\n#\n# Add TRACEFILE to rootLogger to get log file output\n#    Log DEBUG level and above messages to a log file\nlog4j.appender.TRACEFILE=org.apache.log4j.FileAppender\nlog4j.appender.TRACEFILE.Threshold=TRACE\nlog4j.appender.TRACEFILE.File=zookeeper_trace.log\n\nlog4j.appender.TRACEFILE.layout=org.apache.log4j.PatternLayout\n### Notice we are including log4j's NDC here (%x)\nlog4j.appender.TRACEFILE.layout.ConversionPattern=%d{ISO8601} - %-5p [%t:%C{1}@%L][%x] - %m%n"
+    },
+    "ssl-server": {
+      "ssl.server.keystore.location": "/etc/security/serverKeys/keystore.jks",
+      "ssl.server.keystore.keypassword": "bigdata",
+      "ssl.server.truststore.location": "/etc/security/serverKeys/all.jks",
+      "ssl.server.keystore.password": "bigdata",
+      "ssl.server.truststore.password": "bigdata",
+      "ssl.server.truststore.type": "jks",
+      "ssl.server.keystore.type": "jks",
+      "ssl.server.truststore.reload.interval": "10000"
+    },
+    "ranger-site": {},
+    "admin-log4j": {
+      "content": "\n#\n# Licensed to the Apache Software Foundation (ASF) under one\n# or more contributor license agreements.  See the NOTICE file\n# distributed with this work for additional information\n# regarding copyright ownership.  The ASF licenses this file\n# to you under the Apache License, Version 2.0 (the\n# \"License\"); you may not use this file except in compliance\n# with the License.  You may obtain a copy of the License at\n#\n#      http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n#\n\n\nlog4j.rootLogger = warn,xa_log_appender\n\n\n# xa_logger\nlog4j.appender.xa_log_appender=org.apache.log4j.DailyRollingFileAppender\nlog4j.appender.xa_log_appender.
 file=${logdir}/xa_portal.log\nlog4j.appender.xa_log_appender.datePattern='.'yyyy-MM-dd\nlog4j.appender.xa_log_appender.append=true\nlog4j.appender.xa_log_appender.layout=org.apache.log4j.PatternLayout\nlog4j.appender.xa_log_appender.layout.ConversionPattern=%d [%t] %-5p %C{6} (%F:%L) - %m%n\n# xa_log_appender : category and additivity\nlog4j.category.org.springframework=warn,xa_log_appender\nlog4j.additivity.org.springframework=false\n\nlog4j.category.org.apache.ranger=info,xa_log_appender\nlog4j.additivity.org.apache.ranger=false\n\nlog4j.category.xa=info,xa_log_appender\nlog4j.additivity.xa=false\n\n# perf_logger\nlog4j.appender.perf_appender=org.apache.log4j.DailyRollingFileAppender\nlog4j.appender.perf_appender.file=${logdir}/ranger_admin_perf.log\nlog4j.appender.perf_appender.datePattern='.'yyyy-MM-dd\nlog4j.appender.perf_appender.append=true\nlog4j.appender.perf_appender.layout=org.apache.log4j.PatternLayout\nlog4j.appender.perf_appender.layout.ConversionPattern=%d [%t] %m%n\n
 \n\n# sql_appender\nlog4j.appender.sql_appender=org.apache.log4j.DailyRollingFileAppender\nlog4j.appender.sql_appender.file=${logdir}/xa_portal_sql.log\nlog4j.appender.sql_appender.datePattern='.'yyyy-MM-dd\nlog4j.appender.sql_appender.append=true\nlog4j.appender.sql_appender.layout=org.apache.log4j.PatternLayout\nlog4j.appender.sql_appender.layout.ConversionPattern=%d [%t] %-5p %C{6} (%F:%L) - %m%n\n\n# sql_appender : category and additivity\nlog4j.category.org.hibernate.SQL=warn,sql_appender\nlog4j.additivity.org.hibernate.SQL=false\n\nlog4j.category.jdbc.sqlonly=fatal,sql_appender\nlog4j.additivity.jdbc.sqlonly=false\n\nlog4j.category.jdbc.sqltiming=warn,sql_appender\nlog4j.additivity.jdbc.sqltiming=false\n\nlog4j.category.jdbc.audit=fatal,sql_appender\nlog4j.additivity.jdbc.audit=false\n\nlog4j.category.jdbc.resultset=fatal,sql_appender\nlog4j.additivity.jdbc.resultset=false\n\nlog4j.category.jdbc.connection=fatal,sql_appender\nlog4j.additivity.jdbc.connection=false"
+    },
+    "tagsync-log4j": {
+      "content": "\n#\n# Licensed to the Apache Software Foundation (ASF) under one\n# or more contributor license agreements.  See the NOTICE file\n# distributed with this work for additional information\n# regarding copyright ownership.  The ASF licenses this file\n# to you under the Apache License, Version 2.0 (the\n# \"License\"); you may not use this file except in compliance\n# with the License.  You may obtain a copy of the License at\n#\n#      http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n#\n\n\nlog4j.rootLogger = info,logFile\n\n# logFile\nlog4j.appender.logFile=org.apache.log4j.DailyRollingFileAppender\nlog4j.appender.logFile.file=${logdir}/tagsync.log\n
 log4j.appender.logFile.datePattern='.'yyyy-MM-dd\nlog4j.appender.logFile.layout=org.apache.log4j.PatternLayout\nlog4j.appender.logFile.layout.ConversionPattern=%d{dd MMM yyyy HH:mm:ss} %5p %c{1} [%t] - %L %m%n\n\n# console\nlog4j.appender.console=org.apache.log4j.ConsoleAppender\nlog4j.appender.console.Target=System.out\nlog4j.appender.console.layout=org.apache.log4j.PatternLayout\nlog4j.appender.console.layout.ConversionPattern=%d{dd MMM yyyy HH:mm:ss} %5p %c{1} [%t] - %L %m%n"
+    },
+    "ranger-hdfs-security": {
+      "ranger.plugin.hdfs.policy.source.impl": "org.apache.ranger.admin.client.RangerAdminRESTClient",
+      "ranger.plugin.hdfs.service.name": "{{repo_name}}",
+      "ranger.plugin.hdfs.policy.cache.dir": "/etc/ranger/{{repo_name}}/policycache",
+      "ranger.plugin.hdfs.policy.pollIntervalMs": "30000",
+      "ranger.plugin.hdfs.policy.rest.url": "{{policymgr_mgr_url}}",
+      "ranger.plugin.hdfs.policy.rest.ssl.config.file": "/etc/hadoop/conf/ranger-policymgr-ssl.xml",
+      "xasecure.add-hadoop-authorization": "true"
+    },
+    "usersync-properties": {},
+    "zookeeper-env": {
+      "zk_log_dir": "/var/log/zookeeper",
+      "content": "\nexport JAVA_HOME={{java64_home}}\nexport ZOOKEEPER_HOME={{zk_home}}\nexport ZOO_LOG_DIR={{zk_log_dir}}\nexport ZOOPIDFILE={{zk_pid_file}}\nexport SERVER_JVMFLAGS={{zk_server_heapsize}}\nexport JAVA=$JAVA_HOME/bin/java\nexport CLASSPATH=$CLASSPATH:/usr/share/zookeeper/*\n\n{% if security_enabled %}\nexport SERVER_JVMFLAGS=\"$SERVER_JVMFLAGS -Djava.security.auth.login.config={{zk_server_jaas_file}}\"\nexport CLIENT_JVMFLAGS=\"$CLIENT_JVMFLAGS -Djava.security.auth.login.config={{zk_client_jaas_file}}\"\n{% endif %}",
+      "zk_server_heapsize": "1024m",
+      "zk_pid_dir": "/var/run/zookeeper",
+      "zk_user": "zookeeper"
+    },
+    "cluster-env": {
+      "security_enabled": "false",
+      "override_uid": "true",
+      "fetch_nonlocal_groups": "true",
+      "one_dir_per_partition": "true",
+      "repo_ubuntu_template": "{{package_type}} {{base_url}} {{components}}",
+      "ignore_groupsusers_create": "false",
+      "alerts_repeat_tolerance": "1",
+      "smokeuser_keytab": "/etc/security/keytabs/smokeuser.headless.keytab",
+      "kerberos_domain": "EXAMPLE.COM",
+      "manage_dirs_on_root": "true",
+      "recovery_lifetime_max_count": "1024",
+      "recovery_type": "AUTO_START",
+      "ignore_bad_mounts": "false",
+      "recovery_window_in_minutes": "60",
+      "user_group": "hadoop",
+      "stack_name": "HDP",
+      "stack_root": "{\"HDP\": \"/usr/hdp\"}",
+      "stack_tools": "{\n \"HDP\": { \"stack_selector\": [\"hdp-select\", \"/usr/bin/hdp-select\", \"hdp-select\"],\n  \"conf_selector\": [\"conf-select\", \"/usr/bin/conf-select\", \"conf-select\"]\n}\n}",
+      "recovery_retry_interval": "5",
+      "recovery_enabled": "true",
+      "recovery_max_count": "6",
+      "repo_suse_rhel_template": "[{{repo_id}}]\nname={{repo_id}}\n{% if mirror_list %}mirrorlist={{mirror_list}}{% else %}baseurl={{base_url}}{% endif %}\n\npath=/\nenabled=1\ngpgcheck=0",
+      "managed_hdfs_resource_property_names": "",
+      "smokeuser": "ambari-qa"
+    },
+    "dbks-site": {
+      "ranger.ks.jpa.jdbc.credential.provider.path": "/etc/ranger/kms/rangerkms.jceks",
+      "ranger.ks.kerberos.keytab": "/etc/security/keytabs/rangerkms.service.keytab",
+      "ranger.ks.hsm.partition.password": "_",
+      "ranger.ks.jpa.jdbc.driver": "com.mysql.jdbc.Driver",
+      "ranger.ks.jpa.jdbc.credential.alias": "ranger.ks.jdbc.password",
+      "ranger.ks.kerberos.principal": "rangerkms12/_HOST@EXAMPLE.COM",
+      "ranger.db.encrypt.key.password": "_",
+      "ranger.ks.hsm.enabled": "false",
+      "ranger.ks.jpa.jdbc.password": "_",
+      "ranger.ks.masterkey.credential.alias": "ranger.ks.masterkey.password",
+      "ranger.ks.jpa.jdbc.url": "jdbc:mysql://c6401.ambari.apache.org:3306/rangerkms01",
+      "hadoop.kms.blacklist.DECRYPT_EEK": "hdfs",
+      "ranger.ks.jdbc.sqlconnectorjar": "{{ews_lib_jar_path}}",
+      "ranger.ks.jpa.jdbc.user": "{{db_user}}",
+      "ranger.ks.hsm.partition.password.alias": "ranger.kms.hsm.partition.password",
+      "ranger.ks.hsm.type": "LunaProvider",
+      "ranger.ks.hsm.partition.name": "par19",
+      "ranger.ks.jpa.jdbc.dialect": "{{jdbc_dialect}}"
+    },
+    "kms-env": {
+      "kms_group": "kms",
+      "kms_log_dir": "/var/log/ranger/kms",
+      "hsm_partition_password": "",
+      "kms_user": "kms",
+      "create_db_user": "true",
+      "kms_port": "9292"
+    },
+    "kms-log4j": {
+      "content": "\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n#    http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License. See accompanying LICENSE file.\n#\n\n# If the Java System property 'kms.log.dir' is not defined at KMS start up time\n# Setup sets its value to '${kms.home}/logs'\n\nlog4j.appender.kms=org.apache.log4j.DailyRollingFileAppender\nlog4j.appender.kms.DatePattern='.'yyyy-MM-dd\nlog4j.appender.kms.File=${kms.log.dir}/kms.log\nlog4j.appender.kms.Append=true\nlog4j.appender.kms.layout=org.apache.log4j.PatternLayout\nlog4j
 .appender.kms.layout.ConversionPattern=%d{ISO8601} %-5p %c{1} - %m%n\n\nlog4j.appender.kms-audit=org.apache.log4j.DailyRollingFileAppender\nlog4j.appender.kms-audit.DatePattern='.'yyyy-MM-dd\nlog4j.appender.kms-audit.File=${kms.log.dir}/kms-audit.log\nlog4j.appender.kms-audit.Append=true\nlog4j.appender.kms-audit.layout=org.apache.log4j.PatternLayout\nlog4j.appender.kms-audit.layout.ConversionPattern=%d{ISO8601} %m%n\n\nlog4j.logger.kms-audit=INFO, kms-audit\nlog4j.additivity.kms-audit=false\n\nlog4j.rootLogger=ALL, kms\nlog4j.logger.org.apache.hadoop.conf=ERROR\nlog4j.logger.org.apache.hadoop=INFO\nlog4j.logger.com.sun.jersey.server.wadl.generators.WadlGeneratorJAXBGrammarGenerator=OFF"
+    },
+    "kms-properties": {
+      "REPOSITORY_CONFIG_USERNAME": "keyadmin",
+      "db_user": "rangerkms01",
+      "DB_FLAVOR": "MYSQL",
+      "db_password": "rangerkms01",
+      "KMS_MASTER_KEY_PASSWD": "StrongPassword01",
+      "db_root_user": "root",
+      "db_name": "rangerkms01",
+      "db_host": "c6401.ambari.apache.org",
+      "db_root_password": "vagrant",
+      "SQL_CONNECTOR_JAR": "{{driver_curl_target}}",
+      "REPOSITORY_CONFIG_PASSWORD": "keyadmin"
+    },
+    "kms-site": {
+      "hadoop.kms.proxyuser.ranger.hosts": "*",
+      "hadoop.kms.authentication.type": "simple",
+      "hadoop.kms.proxyuser.ranger.groups": "*",
+      "hadoop.kms.authentication.signer.secret.provider.zookeeper.path": "/hadoop-kms/hadoop-auth-signature-secret",
+      "hadoop.kms.security.authorization.manager": "org.apache.ranger.authorization.kms.authorizer.RangerKmsAuthorizer",
+      "hadoop.kms.authentication.kerberos.name.rules": "DEFAULT",
+      "hadoop.kms.authentication.signer.secret.provider.zookeeper.kerberos.keytab": "/etc/security/keytabs/spnego.service.keytab",
+      "hadoop.kms.current.key.cache.timeout.ms": "30000",
+      "hadoop.kms.authentication.kerberos.keytab": "/etc/security/keytabs/spnego.service.keytab",
+      "hadoop.kms.audit.aggregation.window.ms": "10000",
+      "hadoop.kms.proxyuser.ranger.users": "*",
+      "hadoop.kms.authentication.signer.secret.provider.zookeeper.auth.type": "kerberos",
+      "hadoop.kms.key.provider.uri": "dbks://http@localhost:9292/kms",
+      "hadoop.security.keystore.JavaKeyStoreProvider.password": "none",
+      "hadoop.kms.authentication.signer.secret.provider.zookeeper.kerberos.principal": "HTTP/_HOST@EXAMPLE.COM",
+      "hadoop.kms.authentication.signer.secret.provider": "random",
+      "hadoop.kms.authentication.signer.secret.provider.zookeeper.connection.string": "#HOSTNAME#:#PORT#,...",
+      "hadoop.kms.cache.enable": "true",
+      "hadoop.kms.cache.timeout.ms": "600000",
+      "hadoop.kms.authentication.kerberos.principal": "*"
+    },
+    "ranger-kms-audit": {
+      "xasecure.audit.destination.solr.zookeepers": "c6401.ambari.apache.org:2181/ranger_audits",
+      "xasecure.audit.destination.solr.urls": "",
+      "xasecure.audit.destination.solr.batch.filespool.dir": "/var/log/ranger/kms/audit/solr/spool",
+      "xasecure.audit.destination.hdfs.batch.filespool.dir": "/var/log/ranger/kms/audit/hdfs/spool",
+      "xasecure.audit.destination.hdfs": "true",
+      "xasecure.audit.destination.solr": "true",
+      "xasecure.audit.provider.summary.enabled": "false",
+      "xasecure.audit.destination.hdfs.dir": "hdfs://c6401.ambari.apache.org:8020/ranger/audit",
+      "xasecure.audit.is.enabled": "true"
+    },
+    "ranger-kms-policymgr-ssl": {
+      "xasecure.policymgr.clientssl.keystore": "/usr/hdp/current/ranger-kms/conf/ranger-plugin-keystore.jks",
+      "xasecure.policymgr.clientssl.truststore.password": "changeit",
+      "xasecure.policymgr.clientssl.keystore.credential.file": "jceks://file{{credential_file}}",
+      "xasecure.policymgr.clientssl.truststore": "/usr/hdp/current/ranger-kms/conf/ranger-plugin-truststore.jks",
+      "xasecure.policymgr.clientssl.truststore.credential.file": "jceks://file{{credential_file}}",
+      "xasecure.policymgr.clientssl.keystore.password": "myKeyFilePassword"
+    },
+    "ranger-kms-security": {
+      "ranger.plugin.kms.policy.pollIntervalMs": "30000",
+      "ranger.plugin.kms.service.name": "{{repo_name}}",
+      "ranger.plugin.kms.policy.source.impl": "org.apache.ranger.admin.client.RangerAdminRESTClient",
+      "ranger.plugin.kms.policy.rest.ssl.config.file": "/etc/ranger/kms/conf/ranger-policymgr-ssl.xml",
+      "ranger.plugin.kms.policy.cache.dir": "/etc/ranger/{{repo_name}}/policycache",
+      "ranger.plugin.kms.policy.rest.url": "{{policymgr_mgr_url}}"
+    },
+    "ranger-kms-site": {
+      "ranger.service.https.port": "9393",
+      "ranger.service.https.attrib.ssl.enabled": "false",
+      "xa.webapp.dir": "./webapp",
+      "ranger.service.host": "{{kms_host}}",
+      "ranger.service.shutdown.port": "7085",
+      "ranger.contextName": "/kms",
+      "ranger.service.http.port": "{{kms_port}}"
+    }
+  }
+}


Mime
View raw message