If you find yourself needing to setup Hortonworks Data Platform (HDP) with Ambari in an environment that users and groups need to be pre-provisioned instead of simply created during the install process, then don't fret as Ambari has got you covered. This write-up piggybacks the HDP Documentation site and uses HDP 2.1.2 along with Ambari 1.5.1 as a baseline to build against. It will also build a 4-node cluster (2 worker nodes, 1 master node, and 1 node to run Knox on) all running on CentOS 6.5
...
Warning |
---|
A note is identified in http://docs.hortonworks.com/HDPDocuments/Ambari-1.5.1.0/bk_using_Ambari_book/content/ambari-users_2x.html that states "All new service user accounts, and any existing user accounts used as service users, must have a UID >= 1000." Unfortunately, as described here, CentOS & RHEL begin their numbering at 500. |
...
Warning |
---|
A note is identified in http://docs.hortonworks.com/HDPDocuments/Ambari-1.5.1.0/bk_using_Ambari_book/content/ambari-chap1-5-2.html that (in regards to installing/running Ambari) states, "It is possible to use a non-root SSH account, if that account can execute |
On that note there are great write-ups out there like found here, but I cheated since this is a dev-only setup (virtualized even within my Mac) and every "real" environment will have a sysadmin who knows how to do this best for their setup. I followed this thread and just did the following to grant everyone the ability to do password-less sudo
commands.
...
Now we can circle back and work on the SSH instructions found at http://docs.hortonworks.com/HDPDocuments/Ambari-1.5.1.0/bk_using_Ambari_book/content/ambari-chap1-5-2.html, but do them with ryoambari
instead of root
as shown below (i.e. replaying the instructions back in Build building a Virtualized virtualized 5-Node Hadoop node HDP 2.0 Clustercluster (all within a mac)).
Code Block | ||
---|---|---|
| ||
[ryoambari@m1 ~]$ sudo yum install openssh-clients [ryoambari@m1 ~]$ ssh localhost ryoambari@localhost's password: Last login: Wed May 7 09:21:26 2014 from 192.168.56.1 [ryoambari@m1 ~]$ exit logout Connection to localhost closed. [ryoambari@m1 ~]$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/ryoambari/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/ryoambari/.ssh/id_rsa. Your public key has been saved in /home/ryoambari/.ssh/id_rsa.pub. The key fingerprint is: a0:6b:49:e6:27:f4:0c:2c:8b:bf:49:f8:bb:6d:07:4e ryoambari@m1.hdp2 The key's randomart image is: +--[ RSA 2048]----+ | | | | | . | | . . . | | . B S | | o BE* | |o oo*.+ | | + +oo. | | B=.. | +-----------------+ [ryoambari@m1 ~]$ cd .ssh [ryoambari@m1 .ssh]$ pwd /home/ryoambari/.ssh [ryoambari@m1 .ssh]$ ls -l total 12 -rw-------. 1 ryoambari ryoambari 1675 May 7 19:52 id_rsa -rw-r--r--. 1 ryoambari ryoambari 399 May 7 19:52 id_rsa.pub -rw-r--r--. 1 ryoambari ryoambari 391 May 7 09:29 known_hosts [ryoambari@m1 .ssh]$ cat id_rsa.pub >> authorized_keys [ryoambari@m1 .ssh]$ ls -l total 16 -rw-rw-r--. 1 ryoambari ryoambari 399 May 7 19:53 authorized_keys -rw-------. 1 ryoambari ryoambari 1675 May 7 19:52 id_rsa -rw-r--r--. 1 ryoambari ryoambari 399 May 7 19:52 id_rsa.pub -rw-r--r--. 1 ryoambari ryoambari 391 May 7 09:29 known_hosts [ryoambari@m1 .ssh]$ chmod 600 authorized_keys [ryoambari@m1 .ssh]$ ls -l total 16 -rw-------. 1 ryoambari ryoambari 399 May 7 19:53 authorized_keys -rw-------. 1 ryoambari ryoambari 1675 May 7 19:52 id_rsa -rw-r--r--. 1 ryoambari ryoambari 399 May 7 19:52 id_rsa.pub -rw-r--r--. 1 ryoambari ryoambari 391 May 7 09:29 known_hosts [ryoambari@m1 .ssh]$ cd .. [ryoambari@m1 ~]$ pwd /home/ryoambari [ryoambari@m1 ~]$ [ryoambari@m1 ~]$ ssh localhost Last login: Wed May 7 09:29:10 2014 from localhost [ryoambari@m1 ~]$ [ryoambari@m1 ~]$ cd .ssh [ryoambari@m1 .ssh]$ echo 'StrictHostKeyChecking no' >> config [ryoambari@m1 .ssh]$ cat config StrictHostKeyChecking no [ryoambari@m1 .ssh]$ |
...
Item to Resolve | Action Taken |
---|---|
The Misc tab had a "Proxy group for Hive, WebHCat, Oozie and Falcon" field that I wasn't expecting | I simply left it as "users " |
The Misc tab had no place to identify the Ganglia Group of "ryonobody " that I previously created and used as the primary group for the "ryonobody " user | Knowing there is a user and a group both named "nobody " on the base OS install (and considering the bolt-on nature of Ganglia to HDP) I left the user as "nobody " |
The Misc tab had no place to identify the RRDTool's "ryorrdcahed " user that I previously created | Reading the notes again I decided (maybe realized?) this is another bolt-on service for HDP and didn't worry about the user I previously created |
The Misc tab had no place to identify the "ryoapache " user that is associated with Ganglia | Same as prior action |
The Misc tab had not place to identify the "ryopostgres " user that Ambari itself uses | No worries, but this could have been resolved during the CLI setup of Ambari as mentioned earlier |
...