nixos/hadoop: disable openFirewall by default
This commit is contained in:
illustris
parent
f6cf1ced33
commit
0f97c9ae82
|
|
@ -22,7 +22,7 @@ let
|
|||
} // (optionalAttrs firewallOption {
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
default = false;
|
||||
description = "Open firewall ports for ${serviceName}.";
|
||||
};
|
||||
});
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ in
|
|||
inherit restartIfChanged;
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
default = false;
|
||||
description = ''
|
||||
Open firewall ports for resourcemanager
|
||||
'';
|
||||
|
|
@ -39,7 +39,7 @@ in
|
|||
};
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
default = false;
|
||||
description = ''
|
||||
Open firewall ports for nodemanager.
|
||||
Because containers can listen on any ephemeral port, TCP ports 1024–65535 will be opened.
|
||||
|
|
|
|||
|
|
@ -55,14 +55,20 @@ import ../make-test-python.nix ({pkgs, ...}: {
|
|||
nn1 = {pkgs, options, ...}: {
|
||||
services.hadoop = {
|
||||
inherit package coreSite hdfsSite;
|
||||
hdfs.namenode.enable = true;
|
||||
hdfs.namenode = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
hdfs.zkfc.enable = true;
|
||||
};
|
||||
};
|
||||
nn2 = {pkgs, options, ...}: {
|
||||
services.hadoop = {
|
||||
inherit package coreSite hdfsSite;
|
||||
hdfs.namenode.enable = true;
|
||||
hdfs.namenode = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
hdfs.zkfc.enable = true;
|
||||
};
|
||||
};
|
||||
|
|
@ -70,26 +76,38 @@ import ../make-test-python.nix ({pkgs, ...}: {
|
|||
jn1 = {pkgs, options, ...}: {
|
||||
services.hadoop = {
|
||||
inherit package coreSite hdfsSite;
|
||||
hdfs.journalnode.enable = true;
|
||||
hdfs.journalnode = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
jn2 = {pkgs, options, ...}: {
|
||||
services.hadoop = {
|
||||
inherit package coreSite hdfsSite;
|
||||
hdfs.journalnode.enable = true;
|
||||
hdfs.journalnode = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
jn3 = {pkgs, options, ...}: {
|
||||
services.hadoop = {
|
||||
inherit package coreSite hdfsSite;
|
||||
hdfs.journalnode.enable = true;
|
||||
hdfs.journalnode = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
dn1 = {pkgs, options, ...}: {
|
||||
services.hadoop = {
|
||||
inherit package coreSite hdfsSite;
|
||||
hdfs.datanode.enable = true;
|
||||
hdfs.datanode = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
|
@ -98,14 +116,20 @@ import ../make-test-python.nix ({pkgs, ...}: {
|
|||
services.hadoop = {
|
||||
inherit package coreSite hdfsSite;
|
||||
yarnSite = options.services.hadoop.yarnSite.default // yarnSiteHA;
|
||||
yarn.resourcemanager.enable = true;
|
||||
yarn.resourcemanager = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
rm2 = {pkgs, options, ...}: {
|
||||
services.hadoop = {
|
||||
inherit package coreSite hdfsSite;
|
||||
yarnSite = options.services.hadoop.yarnSite.default // yarnSiteHA;
|
||||
yarn.resourcemanager.enable = true;
|
||||
yarn.resourcemanager = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
nm1 = {pkgs, options, ...}: {
|
||||
|
|
@ -113,7 +137,10 @@ import ../make-test-python.nix ({pkgs, ...}: {
|
|||
services.hadoop = {
|
||||
inherit package coreSite hdfsSite;
|
||||
yarnSite = options.services.hadoop.yarnSite.default // yarnSiteHA;
|
||||
yarn.nodemanager.enable = true;
|
||||
yarn.nodemanager = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -7,9 +7,13 @@ import ../make-test-python.nix ({...}: {
|
|||
hdfs = {
|
||||
namenode = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
formatOnInit = true;
|
||||
};
|
||||
httpfs.enable = true;
|
||||
httpfs = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
};
|
||||
coreSite = {
|
||||
"fs.defaultFS" = "hdfs://namenode:8020";
|
||||
|
|
@ -21,7 +25,10 @@ import ../make-test-python.nix ({...}: {
|
|||
datanode = {pkgs, ...}: {
|
||||
services.hadoop = {
|
||||
package = pkgs.hadoop;
|
||||
hdfs.datanode.enable = true;
|
||||
hdfs.datanode = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
coreSite = {
|
||||
"fs.defaultFS" = "hdfs://namenode:8020";
|
||||
"hadoop.proxyuser.httpfs.groups" = "*";
|
||||
|
|
|
|||
|
|
@ -3,14 +3,20 @@ import ../make-test-python.nix ({...}: {
|
|||
nodes = {
|
||||
resourcemanager = {pkgs, ...}: {
|
||||
services.hadoop.package = pkgs.hadoop;
|
||||
services.hadoop.yarn.resourcemanager.enable = true;
|
||||
services.hadoop.yarn.resourcemanager = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
services.hadoop.yarnSite = {
|
||||
"yarn.resourcemanager.scheduler.class" = "org.apache.hadoop.yarn.server.resourcemanager.scheduler.fifo.FifoScheduler";
|
||||
};
|
||||
};
|
||||
nodemanager = {pkgs, ...}: {
|
||||
services.hadoop.package = pkgs.hadoop;
|
||||
services.hadoop.yarn.nodemanager.enable = true;
|
||||
services.hadoop.yarn.nodemanager = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
services.hadoop.yarnSite = {
|
||||
"yarn.resourcemanager.hostname" = "resourcemanager";
|
||||
"yarn.nodemanager.log-dirs" = "/tmp/userlogs";
|
||||
|
|
|
|||
Loading…
Reference in a new issue