3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
# File 'manifests/datanode/config.pp', line 3
class hadoop::datanode::config {
include ::stdlib
contain hadoop::common::config
contain hadoop::common::hdfs::config
contain hadoop::common::hdfs::daemon
$keytab = $hadoop::keytab_datanode
$user = 'hdfs'
$file = '/tmp/krb5cc_dn'
$principal = "dn/${::fqdn}@${hadoop::realm}"
# for templates in env/*
$krbrefresh = $hadoop::features["krbrefresh"]
$realm = $hadoop::realm
# ensure proper owner and group
# (better to enable sticky bit for more protection)
ensure_resource('file', $hadoop::_hdfs_data_storages['paths'], {
ensure => directory,
owner => 'hdfs',
group => 'hadoop',
mode => '1755',
})
if $hadoop::realm and $hadoop::realm != '' {
file { $keytab:
owner => 'hdfs',
group => 'hdfs',
mode => '0400',
alias => 'dn.service.keytab',
}
if $hadoop::features["krbrefresh"] {
$cron_ensure = 'present'
} else {
$cron_ensure = 'absent'
}
file { '/etc/cron.d/hadoop-datanode-krb5cc':
ensure => $cron_ensure,
owner => 'root',
group => 'root',
mode => '0644',
alias => 'dn-cron',
content => template('hadoop/cron.erb'),
}
if $hadoop::features["krbrefresh"] {
exec { 'dn-kinit':
command => "kinit -k -t ${keytab} ${principal}",
user => $user,
path => '/bin:/usr/bin',
environment => [ "KRB5CCNAME=FILE:${file}" ],
creates => $file,
}
File[$keytab] -> Exec['dn-kinit']
}
}
$env_datanode = $hadoop::envs['datanode']
augeas{$env_datanode:
lens => 'Shellvars.lns',
incl => $env_datanode,
changes => template('hadoop/env/hdfs-datanode.augeas.erb'),
}
#notice(template('hadoop/env/hdfs-datanode.augeas.erb'))
}
|