Versions Compared

Old Version 25

changes.mady.by.user Lester Martin

Saved on

compared with

New Version 26

changes.mady.by.user Lester Martin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

If you find yourself needing to setup Hortonworks Data Platform (HDP) with Ambari in an environment that users and groups need to be pre-provisioned instead of simply created during the install process, then don't fret as Ambari has got you covered.  This write-up piggybacks the HDP Documentation site and uses HDP 2.1.2 along with Ambari 1.5.1 as a baseline to build against.  It will also build a 4-node cluster (2 worker nodes, 1 master node, and 1 node to run Knox on) all running on CentOS 6.5 

...

Warning

A note is identified in http://docs.hortonworks.com/HDPDocuments/Ambari-1.5.1.0/bk_using_Ambari_book/content/ambari-users_2x.html that states "All new service user accounts, and any existing user accounts used as service users, must have a UID >= 1000. Unfortunately, as described here, CentOS & RHEL begin their numbering at 500.

...

Warning

A note is identified in http://docs.hortonworks.com/HDPDocuments/Ambari-1.5.1.0/bk_using_Ambari_book/content/ambari-chap1-5-2.html that (in regards to installing/running Ambari) states, "It is possible to use a non-root SSH account, if that account can execute sudo without entering a password.

On that note there are great write-ups out there like found here, but I cheated since this is a dev-only setup (virtualized even within my Mac) and every "real" environment will have a sysadmin who knows how to do this best for their setup.  I followed this thread and just did the following to grant everyone the ability to do password-less sudo commands.

...

Now we can circle back and work on the SSH instructions found at http://docs.hortonworks.com/HDPDocuments/Ambari-1.5.1.0/bk_using_Ambari_book/content/ambari-chap1-5-2.html, but do them with ryoambari instead of root as shown below (i.e. replaying the instructions back in Build building a Virtualized virtualized 5-Node Hadoop node HDP 2.0 Clustercluster (all within a mac)).

Code Block
languagebash
[ryoambari@m1 ~]$ sudo yum install openssh-clients
[ryoambari@m1 ~]$ ssh localhost
ryoambari@localhost's password: 
Last login: Wed May  7 09:21:26 2014 from 192.168.56.1
[ryoambari@m1 ~]$ exit
logout
Connection to localhost closed.
[ryoambari@m1 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ryoambari/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/ryoambari/.ssh/id_rsa.
Your public key has been saved in /home/ryoambari/.ssh/id_rsa.pub.
The key fingerprint is:
a0:6b:49:e6:27:f4:0c:2c:8b:bf:49:f8:bb:6d:07:4e ryoambari@m1.hdp2
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|      .          |
|   . . .         |
|  . B   S        |
| o BE*           |
|o oo*.+          |
| + +oo.          |
|  B=..           |
+-----------------+
[ryoambari@m1 ~]$ cd .ssh
[ryoambari@m1 .ssh]$ pwd
/home/ryoambari/.ssh
[ryoambari@m1 .ssh]$ ls -l
total 12
-rw-------. 1 ryoambari ryoambari 1675 May  7 19:52 id_rsa
-rw-r--r--. 1 ryoambari ryoambari  399 May  7 19:52 id_rsa.pub
-rw-r--r--. 1 ryoambari ryoambari  391 May  7 09:29 known_hosts
[ryoambari@m1 .ssh]$ cat id_rsa.pub >> authorized_keys
[ryoambari@m1 .ssh]$ ls -l
total 16
-rw-rw-r--. 1 ryoambari ryoambari  399 May  7 19:53 authorized_keys
-rw-------. 1 ryoambari ryoambari 1675 May  7 19:52 id_rsa
-rw-r--r--. 1 ryoambari ryoambari  399 May  7 19:52 id_rsa.pub
-rw-r--r--. 1 ryoambari ryoambari  391 May  7 09:29 known_hosts
[ryoambari@m1 .ssh]$ chmod 600 authorized_keys 
[ryoambari@m1 .ssh]$ ls -l
total 16
-rw-------. 1 ryoambari ryoambari  399 May  7 19:53 authorized_keys
-rw-------. 1 ryoambari ryoambari 1675 May  7 19:52 id_rsa
-rw-r--r--. 1 ryoambari ryoambari  399 May  7 19:52 id_rsa.pub
-rw-r--r--. 1 ryoambari ryoambari  391 May  7 09:29 known_hosts
[ryoambari@m1 .ssh]$ cd ..
[ryoambari@m1 ~]$ pwd
/home/ryoambari
[ryoambari@m1 ~]$ 
[ryoambari@m1 ~]$ ssh localhost
Last login: Wed May  7 09:29:10 2014 from localhost
[ryoambari@m1 ~]$ 
[ryoambari@m1 ~]$ cd .ssh
[ryoambari@m1 .ssh]$ echo 'StrictHostKeyChecking no' >> config
[ryoambari@m1 .ssh]$ cat config 
StrictHostKeyChecking no
[ryoambari@m1 .ssh]$

...

Item to ResolveAction Taken
The Misc tab had a "Proxy group for Hive, WebHCat, Oozie and Falcon" field that I wasn't expectingI simply left it as "users"
The Misc tab had no place to identify the Ganglia Group of "ryonobody" that I previously created and used as the primary group for the "ryonobody" userKnowing there is a user and a group both named "nobody" on the base OS install (and considering the bolt-on nature of Ganglia to HDP) I left the user as "nobody"
The Misc tab had no place to identify the RRDTool's "ryorrdcahed" user that I previously createdReading the notes again I decided (maybe realized?) this is another bolt-on service for HDP and didn't worry about the user I previously created
The Misc tab had no place to identify the "ryoapache" user that is associated with GangliaSame as prior action
The Misc tab had not place to identify the "ryopostgres" user that Ambari itself usesNo worries, but this could have been resolved during the CLI setup of Ambari as mentioned earlier

...