Configuration Properties

namevaluedescription
httpfs.buffer.size4096 The buffer size used by a read/write request when streaming data from/to HDFS.
httpfs.services org.apache.hadoop.lib.service.instrumentation.InstrumentationService, org.apache.hadoop.lib.service.scheduler.SchedulerService, org.apache.hadoop.lib.service.security.GroupsService, org.apache.hadoop.lib.service.security.ProxyUserService, org.apache.hadoop.lib.service.security.DelegationTokenManagerService, org.apache.hadoop.lib.service.hadoop.FileSystemAccessService Services used by the httpfs server.
kerberos.realmLOCALHOST Kerberos realm, used only if Kerberos authentication is used between the clients and httpfs or between HttpFS and HDFS. This property is only used to resolve other properties within this configuration file.
httpfs.hostname${httpfs.http.hostname} Property used to synthetize the HTTP Kerberos principal used by httpfs. This property is only used to resolve other properties within this configuration file.
httpfs.authentication.signature.secret.file${httpfs.config.dir}/httpfs-signature.secret File containing the secret to sign HttpFS hadoop-auth cookies. This file should be readable only by the system user running HttpFS service. If multiple HttpFS servers are used in a load-balancer/round-robin fashion, they should share the secret file.
httpfs.authentication.typesimple Defines the authentication mechanism used by httpfs for its HTTP clients. Valid values are 'simple' or 'kerberos'. If using 'simple' HTTP clients must specify the username with the 'user.name' query string parameter. If using 'kerberos' HTTP clients must use HTTP SPNEGO or delegation tokens.
httpfs.authentication.kerberos.principalHTTP/${httpfs.hostname}@${kerberos.realm} The HTTP Kerberos principal used by HttpFS in the HTTP endpoint. The HTTP Kerberos principal MUST start with 'HTTP/' per Kerberos HTTP SPNEGO specification.
httpfs.authentication.kerberos.keytab${user.home}/httpfs.keytab The Kerberos keytab file with the credentials for the HTTP Kerberos principal used by httpfs in the HTTP endpoint.
httpfs.proxyuser.#USER#.hosts* List of hosts the '#USER#' user is allowed to perform 'doAs' operations. The '#USER#' must be replaced with the username o the user who is allowed to perform 'doAs' operations. The value can be the '*' wildcard or a list of hostnames. For multiple users copy this property and replace the user name in the property name.
httpfs.proxyuser.#USER#.groups* List of groups the '#USER#' user is allowed to impersonate users from to perform 'doAs' operations. The '#USER#' must be replaced with the username o the user who is allowed to perform 'doAs' operations. The value can be the '*' wildcard or a list of groups. For multiple users copy this property and replace the user name in the property name.
httpfs.delegation.token.manager.update.interval86400 HttpFS delegation token update interval, default 1 day, in seconds.
httpfs.delegation.token.manager.max.lifetime604800 HttpFS delegation token maximum lifetime, default 7 days, in seconds
httpfs.delegation.token.manager.renewal.interval86400 HttpFS delegation token update interval, default 1 day, in seconds.
httpfs.hadoop.authentication.typesimple Defines the authentication mechanism used by httpfs to connect to the HDFS Namenode. Valid values are 'simple' and 'kerberos'.
httpfs.hadoop.authentication.kerberos.keytab${user.home}/httpfs.keytab The Kerberos keytab file with the credentials for the Kerberos principal used by httpfs to connect to the HDFS Namenode.
httpfs.hadoop.authentication.kerberos.principal${user.name}/${httpfs.hostname}@${kerberos.realm} The Kerberos principal used by httpfs to connect to the HDFS Namenode.
httpfs.hadoop.filesystem.cache.purge.frequency60 Frequency, in seconds, for the idle filesystem purging daemon runs.
httpfs.hadoop.filesystem.cache.purge.timeout60 Timeout, in seconds, for an idle filesystem to be purged.
httpfs.user.provider.user.pattern^[A-Za-z_][A-Za-z0-9._-]*[$]?$ Valid pattern for user and group names, it must be a valid java regex.