You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ja...@apache.org on 2014/12/19 06:41:58 UTC
ambari git commit: AMBARI-8781. create Kerberos descriptor for knox
service. (dilli via jaimin)
Repository: ambari
Updated Branches:
refs/heads/trunk dc534389a -> c3e76b0e7
AMBARI-8781. create Kerberos descriptor for knox service. (dilli via jaimin)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/c3e76b0e
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/c3e76b0e
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/c3e76b0e
Branch: refs/heads/trunk
Commit: c3e76b0e7c38447f8a5997be87848f9e5a652185
Parents: dc53438
Author: Jaimin Jetly <ja...@hortonworks.com>
Authored: Thu Dec 18 21:41:07 2014 -0800
Committer: Jaimin Jetly <ja...@hortonworks.com>
Committed: Thu Dec 18 21:41:21 2014 -0800
----------------------------------------------------------------------
.../stacks/HDP/2.2/services/KNOX/kerberos.json | 54 ++++++++++++++++++++
1 file changed, 54 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/c3e76b0e/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/kerberos.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/kerberos.json b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/kerberos.json
new file mode 100644
index 0000000..ab70d39
--- /dev/null
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/KNOX/kerberos.json
@@ -0,0 +1,54 @@
+{
+ "services": [
+ {
+ "name": "KNOX",
+ "components": [
+ {
+ "name": "KNOX_GATEWAY",
+ "identities": [
+ {
+ "name": "knox_principal",
+ "principal": {
+ "value": "${knox-env/knox_user}/_HOST@${realm}",
+ "configuration": "knox-env/knox_principal_name"
+ },
+ "keytab": {
+ "file": "${keytab_dir}/knox.service.keytab",
+ "owner": {
+ "name": "${knox-env/knox_user}",
+ "access": "r"
+ },
+ "group": {
+ "name": "${cluster-env/user_group}",
+ "access": ""
+ },
+ "configuration": "knox-env/knox_keytab_path"
+ }
+ }
+ ],
+ "configurations": [
+ {
+ "gateway-site": {
+ "gateway.hadoop.kerberos.secured": "true",
+ "java.security.krb5.conf": "/etc/krb5.conf"
+ },
+ "core-site": {
+ "hadoop.proxyuser.knox.groups": "${hadoop-env/proxyuser_group}",
+ "hadoop.proxyuser.knox.hosts": "${host}"
+ },
+ "webhcat-site": {
+ "webhcat.proxyuser.knox.groups": "${hadoop-env/proxyuser_group}",
+ "webhcat.proxyuser.knox.hosts": "${host}"
+ },
+ "oozie-site": {
+ "oozie.service.ProxyUserService.proxyuser.knox.groups": "${hadoop-env/proxyuser_group}",
+ "oozie.service.ProxyUserService.proxyuser.knox.hosts": "${host}"
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ]
+}
+