apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "hdfs-k8s.config.fullname" . }}
labels:
app: {{ template "hdfs-k8s.client.name" . }}
chart: {{ template "hdfs-k8s.subchart" . }}
release: {{ .Release.Name }}
data:
core-site.xml: |
{{- if .Values.global.kerberosEnabled }}
hadoop.security.authentication
kerberos
hadoop.security.authorization
false
hadoop.rpc.protection
privacy
hadoop.user.group.static.mapping.overrides
hdfs=root;
{{- end }}
{{- range $key, $value := .Values.customHadoopConfig.coreSite }}
{{ $key }}
{{ $value }}
{{- end }}
{{- if .Values.global.namenodeHAEnabled }}
fs.defaultFS
hdfs://hdfs-k8s
ha.zookeeper.quorum
{{ template "zookeeper-quorum" . }}
{{- else }}
fs.defaultFS
hdfs://{{ template "namenode-svc-0" . }}:8020
{{- end }}
hdfs-site.xml: |
{{- if .Values.global.kerberosEnabled }}
dfs.block.access.token.enable
true
dfs.encrypt.data.transfer
true
dfs.namenode.kerberos.principal
{{ template "hdfs-principal" . }}
{{/*
TODO: Check if the https principal is no longer needed in newer Hadoop version.
*/}}
dfs.namenode.kerberos.https.principal
{{ template "http-principal" . }}
dfs.web.authentication.kerberos.principal
{{ template "http-principal" . }}
dfs.namenode.keytab.file
/etc/security/hdfs.keytab
dfs.journalnode.kerberos.principal
{{ template "hdfs-principal" . }}
dfs.journalnode.kerberos.internal.spnego.principal
{{ template "http-principal" . }}
dfs.journalnode.keytab.file
/etc/security/hdfs.keytab
dfs.datanode.kerberos.principal
{{ template "hdfs-principal" . }}
dfs.datanode.kerberos.https.principal
{{ template "http-principal" . }}
dfs.datanode.keytab.file
/etc/security/hdfs.keytab
{{- if .Values.global.jsvcEnabled }}
dfs.datanode.address
0.0.0.0:1004
dfs.datanode.http.address
0.0.0.0:1006
{{- end }}
{{- end }}
{{- range $key, $value := .Values.customHadoopConfig.hdfsSite }}
{{ $key }}
{{ $value }}
{{- end }}
{{- if .Values.global.namenodeHAEnabled }}
dfs.nameservices
hdfs-k8s
dfs.ha.namenodes.hdfs-k8s
nn0,nn1
dfs.namenode.rpc-address.hdfs-k8s.nn0
{{ template "namenode-svc-0" . }}:8020
dfs.namenode.rpc-address.hdfs-k8s.nn1
{{ template "namenode-svc-1" . }}:8020
dfs.namenode.http-address.hdfs-k8s.nn0
{{ template "namenode-svc-0" . }}:50070
dfs.namenode.http-address.hdfs-k8s.nn1
{{ template "namenode-svc-1" . }}:50070
dfs.namenode.shared.edits.dir
qjournal://{{ template "journalnode-quorum" . }}/hdfs-k8s
dfs.ha.automatic-failover.enabled
true
dfs.ha.fencing.methods
shell(/bin/true)
dfs.journalnode.edits.dir
/hadoop/dfs/journal
dfs.client.failover.proxy.provider.hdfs-k8s
org.apache.hadoop.hdfs.server.namenode.ha.ConfiguredFailoverProxyProvider
{{- end }}
dfs.namenode.name.dir
file:///hadoop/dfs/name
dfs.namenode.datanode.registration.ip-hostname-check
false
dfs.datanode.data.dir
{{ template "datanode-data-dirs" . }}