docs/2.0.0/provisioning_guide/index.html

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<!--[if IE]><meta http-equiv="X-UA-Compatible" content="IE=edge"><![endif]-->
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="generator" content="Asciidoctor 1.5.4">
<title>Provisioning Guide</title>
<style>
/**
* @@@ START COPYRIGHT @@@  
*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements.  See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership.  The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License.  You may obtain a copy of the License at
*
*   http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied.  See the License for the
* specific language governing permissions and limitations
* under the License.
*
* @@@ END COPYRIGHT @@@ 
  */
/* Asciidoctor default stylesheet | MIT License | http://asciidoctor.org */
/* Remove the comments around the @import statement below when using this as a custom stylesheet */
/*@import "https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400";*/
article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section,summary{display:block}
audio,canvas,video{display:inline-block}
audio:not([controls]){display:none;height:0}
[hidden],template{display:none}
script{display:none!important}
html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}
body{margin:0}
a{background:transparent}
a:focus{outline:thin dotted}
a:active,a:hover{outline:0}
h1{font-size:2em;margin:.67em 0}
abbr[title]{border-bottom:1px dotted}
b,strong{font-weight:bold}
dfn{font-style:italic}
hr{-moz-box-sizing:content-box;box-sizing:content-box;height:0}
mark{background:#ff0;color:#000}
code,kbd,pre,samp{font-family:monospace;font-size:1em}
pre{white-space:pre-wrap}
q{quotes:"\201C" "\201D" "\2018" "\2019"}
small{font-size:80%}
sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}
sup{top:-.5em}
sub{bottom:-.25em}
img{border:0}
svg:not(:root){overflow:hidden}
figure{margin:0}
fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em}
legend{border:0;padding:0}
button,input,select,textarea{font-family:inherit;font-size:100%;margin:0}
button,input{line-height:normal}
button,select{text-transform:none}
button,html input[type="button"],input[type="reset"],input[type="submit"]{-webkit-appearance:button;cursor:pointer}
button[disabled],html input[disabled]{cursor:default}
input[type="checkbox"],input[type="radio"]{box-sizing:border-box;padding:0}
input[type="search"]{-webkit-appearance:textfield;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;box-sizing:content-box}
input[type="search"]::-webkit-search-cancel-button,input[type="search"]::-webkit-search-decoration{-webkit-appearance:none}
button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0}
textarea{overflow:auto;vertical-align:top}
table{border-collapse:collapse;border-spacing:0}
*,*:before,*:after{-moz-box-sizing:border-box;-webkit-box-sizing:border-box;box-sizing:border-box}
html,body{font-size:100%}
body{background:#fff;color:rgba(0,0,0,.8);padding:0;margin:0;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif,serif;font-weight:400;font-style:normal;line-height:1;position:relative;cursor:auto}
a:hover{cursor:pointer}
img,object,embed{max-width:100%;height:auto}
object,embed{height:100%}
img{-ms-interpolation-mode:bicubic}
#map_canvas img,#map_canvas embed,#map_canvas object,.map_canvas img,.map_canvas embed,.map_canvas object{max-width:none!important}
.left{float:left!important}
.right{float:right!important}
.text-left{text-align:left!important}
.text-right{text-align:right!important}
.text-center{text-align:center!important}
.text-justify{text-align:justify!important}
.hide{display:none}
.antialiased,body{-webkit-font-smoothing:antialiased}
img{display:inline-block;vertical-align:middle}
textarea{height:auto;min-height:50px}
select{width:100%}
p.lead,.paragraph.lead>p,#preamble>.sectionbody>.paragraph:first-of-type p{font-size:1.21875em;line-height:1.6}
.subheader,.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{line-height:1.45;color:#3188ac;font-weight:400;margin-top:0;margin-bottom:.25em}
div,dl,dt,dd,ul,ol,li,h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6,pre,form,p,blockquote,th,td{margin:0;padding:0;direction:ltr}
a{color:#2156a5;text-decoration:underline;line-height:inherit}
a:hover,a:focus{color:#1d4b8f}
a img{border:none}
p{font-family:inherit;font-weight:400;font-size:1em;line-height:1.6;margin-bottom:1.25em;text-rendering:optimizeLegibility}
p aside{font-size:.875em;line-height:1.35;font-style:italic}
/* Defines headings */
h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-weight:bold;font-style:normal;color:#3188ac;text-rendering:optimizeLegibility;margin-top:1em;margin-bottom:.5em;line-height:1.0125em}
h1 small,h2 small,h3 small,#toctitle small,.sidebarblock>.content>.title small,h4 small,h5 small,h6 small{font-size:60%;color:#e99b8f;line-height:0}
h1{font-size:2.125em}
h2{font-size:1.6875em}
h3,#toctitle,.sidebarblock>.content>.title{font-size:1.375em}
h4,h5{font-size:1.125em}
h6{font-size:1em}
hr{border:solid #ddddd8;border-width:1px 0 0;clear:both;margin:1.25em 0 1.1875em;height:0}
em,i{font-style:italic;line-height:inherit}
strong,b{font-weight:bold;line-height:inherit}
small{font-size:60%;line-height:inherit}
/* Defines the `text` (passthru) format */
code{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:bold;color:#3188ac}
ul,ol,dl{font-size:1em;line-height:1.6;margin-bottom:1.25em;list-style-position:outside;font-family:inherit}
ul,ol,ul.no-bullet,ol.no-bullet{margin-left:1.5em}
ul li ul,ul li ol{margin-left:1.25em;margin-bottom:0;font-size:1em}
ul.square li ul,ul.circle li ul,ul.disc li ul{list-style:inherit}
ul.square{list-style-type:square}
ul.circle{list-style-type:circle}
ul.disc{list-style-type:disc}
ul.no-bullet{list-style:none}
ol li ul,ol li ol{margin-left:1.25em;margin-bottom:0}
dl dt{margin-bottom:.3125em;font-weight:bold}
dl dd{margin-bottom:1.25em}
abbr,acronym{text-transform:uppercase;font-size:90%;color:rgba(0,0,0,.8);border-bottom:1px dotted #ddd;cursor:help}
abbr{text-transform:none}
blockquote{margin:0 0 1.25em;padding:.5625em 1.25em 0 1.1875em;border-left:1px solid #ddd}
blockquote cite{display:block;font-size:.9375em;color:rgba(0,0,0,.6)}
blockquote cite:before{content:"\2014 \0020"}
blockquote cite a,blockquote cite a:visited{color:rgba(0,0,0,.6)}
blockquote,blockquote p{line-height:1.6;color:rgba(0,0,0,.85)}
@media only screen and (min-width:768px){h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2}
h1{font-size:2.75em}
h2{font-size:2.3125em}
h3,#toctitle,.sidebarblock>.content>.title{font-size:1.6875em}
h4{font-size:1.4375em}}table{background:#fff;margin-bottom:1.25em;border:solid 1px #dedede}
table thead,table tfoot{background:#f7f8f7;font-weight:bold}
table thead tr th,table thead tr td,table tfoot tr th,table tfoot tr td{padding:.5em .625em .625em;font-size:inherit;color:rgba(0,0,0,.8);text-align:left}
table tr th,table tr td{padding:.5625em .625em;font-size:inherit;color:rgba(0,0,0,.8)}
table tr.even,table tr.alt,table tr:nth-of-type(even){background:#f8f8f7}
table thead tr th,table tfoot tr th,table tbody tr td,table tr td,table tfoot tr td{display:table-cell;line-height:1.6}
h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2;word-spacing:-.05em}
h1 strong,h2 strong,h3 strong,#toctitle strong,.sidebarblock>.content>.title strong,h4 strong,h5 strong,h6 strong{font-weight:400}
.clearfix:before,.clearfix:after,.float-group:before,.float-group:after{content:" ";display:table}
.clearfix:after,.float-group:after{clear:both}
*:not(pre)>code{font-size:1.0em;font-style:normal!important;letter-spacing:0;padding:.1em .5ex;word-spacing:-.15em;-webkit-border-radius:4px;border-radius:4px;line-height:1.45;text-rendering:optimizeSpeed}
/**:not(pre)>code{font-size:.9375em;font-style:normal!important;letter-spacing:0;padding:.1em .5ex;word-spacing:-.15em;background-color:#f7f7f8;-webkit-border-radius:4px;border-radius:4px;line-height:1.45;text-rendering:optimizeSpeed}*/
pre,pre>code{line-height:1.45;color:rgba(0,0,0,.9);font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;text-rendering:optimizeSpeed}
.keyseq{color:rgba(51,51,51,.8)}
kbd{display:inline-block;color:rgba(0,0,0,.8);font-size:.75em;line-height:1.4;background-color:#f7f7f7;border:1px solid #ccc;-webkit-border-radius:3px;border-radius:3px;-webkit-box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em white inset;box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em #fff inset;margin:-.15em .15em 0 .15em;padding:.2em .6em .2em .5em;vertical-align:middle;white-space:nowrap}
.keyseq kbd:first-child{margin-left:0}
.keyseq kbd:last-child{margin-right:0}
.menuseq,.menu{color:rgba(0,0,0,.8)}
b.button:before,b.button:after{position:relative;top:-1px;font-weight:400}
b.button:before{content:"[";padding:0 3px 0 2px}
b.button:after{content:"]";padding:0 2px 0 3px}
p a>code:hover{color:rgba(0,0,0,.9)}
#header,#content,#footnotes,#footer{width:100%;margin-left:auto;margin-right:auto;margin-top:0;margin-bottom:0;max-width:62.5em;*zoom:1;position:relative;padding-left:.9375em;padding-right:.9375em}
#header:before,#header:after,#content:before,#content:after,#footnotes:before,#footnotes:after,#footer:before,#footer:after{content:" ";display:table}
#header:after,#content:after,#footnotes:after,#footer:after{clear:both}
#content{margin-top:1.25em}
#content:before{content:none}
/* #header>h1:first-child{color:rgba(0,0,0,.85);margin-top:2.25rem;margin-bottom:0} */
#header>h1:first-child{color:#3188ac;margin-top:2.25rem;margin-bottom:0}
#header>h1:first-child+#toc{margin-top:8px;border-top:1px solid #ddddd8}
#header>h1:only-child,body.toc2 #header>h1:nth-last-child(2){border-bottom:1px solid #ddddd8;padding-bottom:8px}
#header .details{border-bottom:1px solid #ddddd8;line-height:1.45;padding-top:.25em;padding-bottom:.25em;padding-left:.25em;color:rgba(0,0,0,.6);display:-ms-flexbox;display:-webkit-flex;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap}
#header .details span:first-child{margin-left:-.125em}
#header .details span.email a{color:rgba(0,0,0,.85)}
#header .details br{display:none}
#header .details br+span:before{content:"\00a0\2013\00a0"}
#header .details br+span.author:before{content:"\00a0\22c5\00a0";color:rgba(0,0,0,.85)}
#header .details br+span#revremark:before{content:"\00a0|\00a0"}
#header #revnumber{text-transform:capitalize}
#header #revnumber:after{content:"\00a0"}
#content>h1:first-child:not([class]){color:rgba(0,0,0,.85);border-bottom:1px solid #ddddd8;padding-bottom:8px;margin-top:0;padding-top:1rem;margin-bottom:1.25rem}
#toc{border-bottom:1px solid #efefed;padding-bottom:.5em}
#toc>ul{margin-left:.125em}
#toc ul.sectlevel0>li>a{font-style:italic}
#toc ul.sectlevel0 ul.sectlevel1{margin:.5em 0}
#toc ul{font-family:"Open Sans","DejaVu Sans",sans-serif;list-style-type:none}
#toc a{text-decoration:none}
#toc a:active{text-decoration:underline}
#toctitle{color:#3188ac;font-size:1.2em}
@media only screen and (min-width:768px){#toctitle{font-size:1.375em}
body.toc2{padding-left:15em;padding-right:0}
#toc.toc2{margin-top:0!important;background-color:#f8f8f7;position:fixed;width:15em;left:0;top:0;border-right:1px solid #efefed;border-top-width:0!important;border-bottom-width:0!important;z-index:1000;padding:1.25em 1em;height:100%;overflow:auto}
#toc.toc2 #toctitle{margin-top:0;font-size:1.2em}
#toc.toc2>ul{font-size:.9em;margin-bottom:0}
#toc.toc2 ul ul{margin-left:0;padding-left:1em}
#toc.toc2 ul.sectlevel0 ul.sectlevel1{padding-left:0;margin-top:.5em;margin-bottom:.5em}
body.toc2.toc-right{padding-left:0;padding-right:15em}
body.toc2.toc-right #toc.toc2{border-right-width:0;border-left:1px solid #efefed;left:auto;right:0}}@media only screen and (min-width:1280px){body.toc2{padding-left:20em;padding-right:0}
/* Controls width of panel */
#toc.toc2{width:20em}
#toc.toc2 #toctitle{font-size:1.375em}
#toc.toc2>ul{font-size:.95em}
#toc.toc2 ul ul{padding-left:1.25em}
body.toc2.toc-right{padding-left:0;padding-right:20em}}#content #toc{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px}
#content #toc>:first-child{margin-top:0}
#content #toc>:last-child{margin-bottom:0}
#footer{max-width:100%;background-color:rgba(0,0,0,.8);padding:1.25em}
#footer-text,#footer_nav{color:rgba(255,255,255,.8);line-height:1.44}
#footer a{color: #990000}
.sect1{padding-bottom:.625em}
@media only screen and (min-width:768px){.sect1{padding-bottom:1.25em}}.sect1+.sect1{border-top:1px solid #efefed}
#content h1>a.anchor,h2>a.anchor,h3>a.anchor,#toctitle>a.anchor,.sidebarblock>.content>.title>a.anchor,h4>a.anchor,h5>a.anchor,h6>a.anchor{position:absolute;z-index:1001;width:1.5ex;margin-left:-1.5ex;display:block;text-decoration:none!important;visibility:hidden;text-align:center;font-weight:400}
#content h1>a.anchor:before,h2>a.anchor:before,h3>a.anchor:before,#toctitle>a.anchor:before,.sidebarblock>.content>.title>a.anchor:before,h4>a.anchor:before,h5>a.anchor:before,h6>a.anchor:before{content:"\00A7";font-size:.85em;display:block;padding-top:.1em}
#content h1:hover>a.anchor,#content h1>a.anchor:hover,h2:hover>a.anchor,h2>a.anchor:hover,h3:hover>a.anchor,#toctitle:hover>a.anchor,.sidebarblock>.content>.title:hover>a.anchor,h3>a.anchor:hover,#toctitle>a.anchor:hover,.sidebarblock>.content>.title>a.anchor:hover,h4:hover>a.anchor,h4>a.anchor:hover,h5:hover>a.anchor,h5>a.anchor:hover,h6:hover>a.anchor,h6>a.anchor:hover{visibility:visible}
#content h1>a.link,h2>a.link,h3>a.link,#toctitle>a.link,.sidebarblock>.content>.title>a.link,h4>a.link,h5>a.link,h6>a.link{color:#990000;text-decoration:none}
#content h1>a.link:hover,h2>a.link:hover,h3>a.link:hover,#toctitle>a.link:hover,.sidebarblock>.content>.title>a.link:hover,h4>a.link:hover,h5>a.link:hover,h6>a.link:hover{color:#a53221}
.audioblock,.imageblock,.literalblock,.listingblock,.stemblock,.videoblock{margin-bottom:1.25em}
.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{text-rendering:optimizeLegibility;text-align:left;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif,serif;font-size:1rem;font-weight:bold}
/* Here */
table.tableblock>caption.title{white-space:nowrap;overflow:visible;max-width:0}
.paragraph.lead>p,#preamble>.sectionbody>.paragraph:first-of-type p{color:rgba(0,0,0,.85)}
table.tableblock #preamble>.sectionbody>.paragraph:first-of-type p{font-size:inherit}
.admonitionblock>table{border-collapse:separate;border:0;background:none;width:100%}
.admonitionblock>table td.icon{text-align:center;width:80px}
.admonitionblock>table td.icon img{max-width:none}
.admonitionblock>table td.icon .title{font-weight:bold;font-family:"Open Sans","DejaVu Sans",sans-serif;text-transform:uppercase}
.admonitionblock>table td.content{padding-left:1.125em;padding-right:1.25em;border-left:1px solid #ddddd8;color:rgba(0,0,0,.6)}
.admonitionblock>table td.content>:last-child>:last-child{margin-bottom:0}
.exampleblock>.content{border-style:solid;border-width:1px;border-color:#e6e6e6;margin-bottom:1.25em;padding:1.25em;background:#fff;-webkit-border-radius:4px;border-radius:4px}
.exampleblock>.content>:first-child{margin-top:0}
.exampleblock>.content>:last-child{margin-bottom:0}
.sidebarblock{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px}
.sidebarblock>:first-child{margin-top:0}
.sidebarblock>:last-child{margin-bottom:0}
.sidebarblock>.content>.title{color:#7a2518;margin-top:0;text-align:center}
.exampleblock>.content>:last-child>:last-child,.exampleblock>.content .olist>ol>li:last-child>:last-child,.exampleblock>.content .ulist>ul>li:last-child>:last-child,.exampleblock>.content .qlist>ol>li:last-child>:last-child,.sidebarblock>.content>:last-child>:last-child,.sidebarblock>.content .olist>ol>li:last-child>:last-child,.sidebarblock>.content .ulist>ul>li:last-child>:last-child,.sidebarblock>.content .qlist>ol>li:last-child>:last-child{margin-bottom:0}
.literalblock pre,.listingblock pre:not(.highlight),.listingblock pre[class="highlight"],.listingblock pre[class^="highlight "],.listingblock pre.CodeRay,.listingblock pre.prettyprint{background:#f7f7f8}
.sidebarblock .literalblock pre,.sidebarblock .listingblock pre:not(.highlight),.sidebarblock .listingblock pre[class="highlight"],.sidebarblock .listingblock pre[class^="highlight "],.sidebarblock .listingblock pre.CodeRay,.sidebarblock .listingblock pre.prettyprint{background:#f2f1f1}
.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{-webkit-border-radius:4px;border-radius:4px;word-wrap:break-word;padding:1em;font-size:.8125em}
.literalblock pre.nowrap,.literalblock pre[class].nowrap,.listingblock pre.nowrap,.listingblock pre[class].nowrap{overflow-x:auto;white-space:pre;word-wrap:normal}
@media only screen and (min-width:768px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:.90625em}}@media only screen and (min-width:1280px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:1em}}.literalblock.output pre{color:#f7f7f8;background-color:rgba(0,0,0,.9)}
.listingblock pre.highlightjs{padding:0}
.listingblock pre.highlightjs>code{padding:1em;-webkit-border-radius:4px;border-radius:4px}
.listingblock pre.prettyprint{border-width:0}
.listingblock>.content{position:relative}
.listingblock code[data-lang]:before{display:none;content:attr(data-lang);position:absolute;font-size:.75em;top:.425rem;right:.5rem;line-height:1;text-transform:uppercase;color:#999}
.listingblock:hover code[data-lang]:before{display:block}
.listingblock.terminal pre .command:before{content:attr(data-prompt);padding-right:.5em;color:#999}
.listingblock.terminal pre .command:not([data-prompt]):before{content:"$"}
table.pyhltable{border-collapse:separate;border:0;margin-bottom:0;background:none}
table.pyhltable td{vertical-align:top;padding-top:0;padding-bottom:0}
table.pyhltable td.code{padding-left:.75em;padding-right:0}
pre.pygments .lineno,table.pyhltable td:not(.code){color:#999;padding-left:0;padding-right:.5em;border-right:1px solid #ddddd8}
pre.pygments .lineno{display:inline-block;margin-right:.25em}
table.pyhltable .linenodiv{background:none!important;padding-right:0!important}
.quoteblock{margin:0 1em 1.25em 1.5em;display:table}
.quoteblock>.title{margin-left:-1.5em;margin-bottom:.75em}
.quoteblock blockquote,.quoteblock blockquote p{color:rgba(0,0,0,.85);font-size:1.15rem;line-height:1.75;word-spacing:.1em;letter-spacing:0;font-style:italic;text-align:justify}
.quoteblock blockquote{margin:0;padding:0;border:0}
.quoteblock blockquote:before{content:"\201c";float:left;font-size:2.75em;font-weight:bold;line-height:.6em;margin-left:-.6em;color:#7a2518;text-shadow:0 1px 2px rgba(0,0,0,.1)}
.quoteblock blockquote>.paragraph:last-child p{margin-bottom:0}
.quoteblock .attribution{margin-top:.5em;margin-right:.5ex;text-align:right}
.quoteblock .quoteblock{margin-left:0;margin-right:0;padding:.5em 0;border-left:3px solid rgba(0,0,0,.6)}
.quoteblock .quoteblock blockquote{padding:0 0 0 .75em}
.quoteblock .quoteblock blockquote:before{display:none}
.verseblock{margin:0 1em 1.25em 1em}
.verseblock pre{font-family:"Open Sans","DejaVu Sans",sans;font-size:1.15rem;color:rgba(0,0,0,.85);font-weight:300;text-rendering:optimizeLegibility}
.verseblock pre strong{font-weight:400}
.verseblock .attribution{margin-top:1.25rem;margin-left:.5ex}
.quoteblock .attribution,.verseblock .attribution{font-size:.9375em;line-height:1.45;font-style:italic}
.quoteblock .attribution br,.verseblock .attribution br{display:none}
.quoteblock .attribution cite,.verseblock .attribution cite{display:block;letter-spacing:-.05em;color:rgba(0,0,0,.6)}
.quoteblock.abstract{margin:0 0 1.25em 0;display:block}
.quoteblock.abstract blockquote,.quoteblock.abstract blockquote p{text-align:left;word-spacing:0}
.quoteblock.abstract blockquote:before,.quoteblock.abstract blockquote p:first-of-type:before{display:none}
table.tableblock{max-width:100%;border-collapse:separate}
table.tableblock td>.paragraph:last-child p>p:last-child,table.tableblock th>p:last-child,table.tableblock td>p:last-child{margin-bottom:0}
table.spread{width:100%}
table.tableblock,th.tableblock,td.tableblock{border:0 solid #dedede}
table.grid-all th.tableblock,table.grid-all td.tableblock{border-width:0 1px 1px 0}
table.grid-all tfoot>tr>th.tableblock,table.grid-all tfoot>tr>td.tableblock{border-width:1px 1px 0 0}
table.grid-cols th.tableblock,table.grid-cols td.tableblock{border-width:0 1px 0 0}
table.grid-all *>tr>.tableblock:last-child,table.grid-cols *>tr>.tableblock:last-child{border-right-width:0}
table.grid-rows th.tableblock,table.grid-rows td.tableblock{border-width:0 0 1px 0}
table.grid-all tbody>tr:last-child>th.tableblock,table.grid-all tbody>tr:last-child>td.tableblock,table.grid-all thead:last-child>tr>th.tableblock,table.grid-rows tbody>tr:last-child>th.tableblock,table.grid-rows tbody>tr:last-child>td.tableblock,table.grid-rows thead:last-child>tr>th.tableblock{border-bottom-width:0}
table.grid-rows tfoot>tr>th.tableblock,table.grid-rows tfoot>tr>td.tableblock{border-width:1px 0 0 0}
table.frame-all{border-width:1px}
table.frame-sides{border-width:0 1px}
table.frame-topbot{border-width:1px 0}
th.halign-left,td.halign-left{text-align:left}
th.halign-right,td.halign-right{text-align:right}
th.halign-center,td.halign-center{text-align:center}
th.valign-top,td.valign-top{vertical-align:top}
th.valign-bottom,td.valign-bottom{vertical-align:bottom}
th.valign-middle,td.valign-middle{vertical-align:middle}
table thead th,table tfoot th{font-weight:bold}
tbody tr th{display:table-cell;line-height:1.6;background:#f7f8f7}
tbody tr th,tbody tr th p,tfoot tr th,tfoot tr th p{color:rgba(0,0,0,.8);font-weight:bold}
p.tableblock>code:only-child{background:none;padding:0}
p.tableblock{font-size:1em}
td>div.verse{white-space:pre}
ol{margin-left:1.75em}
ul li ol{margin-left:1.5em}
dl dd{margin-left:1.125em}
dl dd:last-child,dl dd:last-child>:last-child{margin-bottom:0}
ol>li p,ul>li p,ul dd,ol dd,.olist .olist,.ulist .ulist,.ulist .olist,.olist .ulist{margin-bottom:.625em}
ul.unstyled,ol.unnumbered,ul.checklist,ul.none{list-style-type:none}
ul.unstyled,ol.unnumbered,ul.checklist{margin-left:.625em}
ul.checklist li>p:first-child>.fa-square-o:first-child,ul.checklist li>p:first-child>.fa-check-square-o:first-child{width:1em;font-size:.85em}
ul.checklist li>p:first-child>input[type="checkbox"]:first-child{width:1em;position:relative;top:1px}
ul.inline{margin:0 auto .625em auto;margin-left:-1.375em;margin-right:0;padding:0;list-style:none;overflow:hidden}
ul.inline>li{list-style:none;float:left;margin-left:1.375em;display:block}
ul.inline>li>*{display:block}
.unstyled dl dt{font-weight:400;font-style:normal}
ol.arabic{list-style-type:decimal}
ol.decimal{list-style-type:decimal-leading-zero}
ol.loweralpha{list-style-type:lower-alpha}
ol.upperalpha{list-style-type:upper-alpha}
ol.lowerroman{list-style-type:lower-roman}
ol.upperroman{list-style-type:upper-roman}
ol.lowergreek{list-style-type:lower-greek}
.hdlist>table,.colist>table{border:0;background:none}
.hdlist>table>tbody>tr,.colist>table>tbody>tr{background:none}
td.hdlist1{padding-right:.75em;font-weight:bold}
td.hdlist1,td.hdlist2{vertical-align:top}
.literalblock+.colist,.listingblock+.colist{margin-top:-.5em}
.colist>table tr>td:first-of-type{padding:0 .75em;line-height:1}
.colist>table tr>td:last-of-type{padding:.25em 0}
.thumb,.th{line-height:0;display:inline-block;border:solid 4px #fff;-webkit-box-shadow:0 0 0 1px #ddd;box-shadow:0 0 0 1px #ddd}
.imageblock.left,.imageblock[style*="float: left"]{margin:.25em .625em 1.25em 0}
.imageblock.right,.imageblock[style*="float: right"]{margin:.25em 0 1.25em .625em}
.imageblock>.title{margin-bottom:0}
.imageblock.thumb,.imageblock.th{border-width:6px}
.imageblock.thumb>.title,.imageblock.th>.title{padding:0 .125em}
.image.left,.image.right{margin-top:.25em;margin-bottom:.25em;display:inline-block;line-height:0}
.image.left{margin-right:.625em}
.image.right{margin-left:.625em}
a.image{text-decoration:none}
span.footnote,span.footnoteref{vertical-align:super;font-size:.875em}
span.footnote a,span.footnoteref a{text-decoration:none}
span.footnote a:active,span.footnoteref a:active{text-decoration:underline}
#footnotes{padding-top:.75em;padding-bottom:.75em;margin-bottom:.625em}
#footnotes hr{width:20%;min-width:6.25em;margin:-.25em 0 .75em 0;border-width:1px 0 0 0}
#footnotes .footnote{padding:0 .375em;line-height:1.3;font-size:.875em;margin-left:1.2em;text-indent:-1.2em;margin-bottom:.2em}
#footnotes .footnote a:first-of-type{font-weight:bold;text-decoration:none}
#footnotes .footnote:last-of-type{margin-bottom:0}
#content #footnotes{margin-top:-.625em;margin-bottom:0;padding:.75em 0}
.gist .file-data>table{border:0;background:#fff;width:100%;margin-bottom:0}
.gist .file-data>table td.line-data{width:99%}
div.unbreakable{page-break-inside:avoid}
.big{font-size:larger}
.small{font-size:smaller}
.underline{text-decoration:underline}
.overline{text-decoration:overline}
.line-through{text-decoration:line-through}
.aqua{color:#00bfbf}
.aqua-background{background-color:#00fafa}
.black{color:#000}
.black-background{background-color:#000}
.blue{color:#0000bf}
.blue-background{background-color:#0000fa}
.fuchsia{color:#bf00bf}
.fuchsia-background{background-color:#fa00fa}
.gray{color:#606060}
.gray-background{background-color:#7d7d7d}
.green{color:#006000}
.green-background{background-color:#007d00}
.lime{color:#00bf00}
.lime-background{background-color:#00fa00}
.maroon{color:#600000}
.maroon-background{background-color:#7d0000}
.navy{color:#000060}
.navy-background{background-color:#00007d}
.olive{color:#606000}
.olive-background{background-color:#7d7d00}
.purple{color:#600060}
.purple-background{background-color:#7d007d}
.red{color:#bf0000}
.red-background{background-color:#fa0000}
.silver{color:#909090}
.silver-background{background-color:#bcbcbc}
.teal{color:#006060}
.teal-background{background-color:#007d7d}
.white{color:#bfbfbf}
.white-background{background-color:#fafafa}
.yellow{color:#bfbf00}
.yellow-background{background-color:#fafa00}
span.icon>.fa{cursor:default}
.admonitionblock td.icon [class^="fa icon-"]{font-size:2.5em;text-shadow:1px 1px 2px rgba(0,0,0,.5);cursor:default}
.admonitionblock td.icon .icon-note:before{content:"\f05a";color:#19407c}
.admonitionblock td.icon .icon-tip:before{content:"\f0eb";text-shadow:1px 1px 2px rgba(155,155,0,.8);color:#111}
.admonitionblock td.icon .icon-warning:before{content:"\f071";color:#bf6900}
.admonitionblock td.icon .icon-caution:before{content:"\f06d";color:#bf3400}
.admonitionblock td.icon .icon-important:before{content:"\f06a";color:#bf0000}
.conum[data-value]{display:inline-block;color:#fff!important;background-color:rgba(0,0,0,.8);-webkit-border-radius:100px;border-radius:100px;text-align:center;font-size:.75em;width:1.67em;height:1.67em;line-height:1.67em;font-family:"Open Sans","DejaVu Sans",sans-serif;font-style:normal;font-weight:bold}
.conum[data-value] *{color:#fff!important}
.conum[data-value]+b{display:none}
.conum[data-value]:after{content:attr(data-value)}
pre .conum[data-value]{position:relative;top:-.125em}
b.conum *{color:inherit!important}
.conum:not([data-value]):empty{display:none}
h1,h2{letter-spacing:-.01em}
dt,th.tableblock,td.content{text-rendering:optimizeLegibility}
p,td.content{letter-spacing:-.01em}
p strong,td.content strong{letter-spacing:-.005em}
p,blockquote,dt,td.content{font-size:1.0625rem}
p{margin-bottom:1.25rem}
.sidebarblock p,.sidebarblock dt,.sidebarblock td.content,p.tableblock{font-size:1em}
.exampleblock>.content{background-color:#fffef7;border-color:#e0e0dc;-webkit-box-shadow:0 1px 4px #e0e0dc;box-shadow:0 1px 4px #e0e0dc}
.print-only{display:none!important}
@media print{@page{margin:1.25cm .75cm}
*{-webkit-box-shadow:none!important;box-shadow:none!important;text-shadow:none!important}
a{color:inherit!important;text-decoration:underline!important}
a.bare,a[href^="#"],a[href^="mailto:"]{text-decoration:none!important}
a[href^="http:"]:not(.bare):after,a[href^="https:"]:not(.bare):after{content:"(" attr(href) ")";display:inline-block;font-size:.875em;padding-left:.25em}
abbr[title]:after{content:" (" attr(title) ")"}
pre,blockquote,tr,img{page-break-inside:avoid}
thead{display:table-header-group}
img{max-width:100%!important}
p,blockquote,dt,td.content{font-size:1em;orphans:3;widows:3}
h2,h3,#toctitle,.sidebarblock>.content>.title{page-break-after:avoid}
#toc,.sidebarblock,.exampleblock>.content{background:none!important}
#toc{border-bottom:1px solid #ddddd8!important;padding-bottom:0!important}
.sect1{padding-bottom:0!important}
.sect1+.sect1{border:0!important}
#header>h1:first-child{margin-top:1.25rem}
body.book #header{text-align:center}
body.book #header>h1:first-child{border:0!important;margin:2.5em 0 1em 0}
body.book #header .details{border:0!important;display:block;padding:0!important}
body.book #header .details span:first-child{margin-left:0!important}
body.book #header .details br{display:block}
body.book #header .details br+span:before{content:none!important}
body.book #toc{border:0!important;text-align:left!important;padding:0!important;margin:0!important}
body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-break-before:always}
.listingblock code[data-lang]:before{display:block}
#footer{background:none!important;padding:0 .9375em}
#footer-text{color:rgba(0,0,0,.6)!important;font-size:.9em}
.hide-on-print{display:none!important}
.print-only{display:block!important}
.hide-for-print{display:none!important}
.show-for-print{display:inherit!important}}
div.paragraph.indented p {padding-left: 3em;}
div.paragraph.indented2 p {padding-left: 6em;}
div.paragraph.indented3 p {padding-left: 9em;}

</style>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css">
<style>
/* Stylesheet for CodeRay to match GitHub theme | MIT License | http://foundation.zurb.com */
/*pre.CodeRay {background-color:#f7f7f8;}*/
.CodeRay .line-numbers{border-right:1px solid #d8d8d8;padding:0 0.5em 0 .25em}
.CodeRay span.line-numbers{display:inline-block;margin-right:.5em;color:rgba(0,0,0,.3)}
.CodeRay .line-numbers strong{color:rgba(0,0,0,.4)}
table.CodeRay{border-collapse:separate;border-spacing:0;margin-bottom:0;border:0;background:none}
table.CodeRay td{vertical-align: top;line-height:1.45}
table.CodeRay td.line-numbers{text-align:right}
table.CodeRay td.line-numbers>pre{padding:0;color:rgba(0,0,0,.3)}
table.CodeRay td.code{padding:0 0 0 .5em}
table.CodeRay td.code>pre{padding:0}
.CodeRay .debug{color:#fff !important;background:#000080 !important}
.CodeRay .annotation{color:#007}
.CodeRay .attribute-name{color:#000080}
.CodeRay .attribute-value{color:#700}
.CodeRay .binary{color:#509}
.CodeRay .comment{color:#998;font-style:italic}
.CodeRay .char{color:#04d}
.CodeRay .char .content{color:#04d}
.CodeRay .char .delimiter{color:#039}
.CodeRay .class{color:#458;font-weight:bold}
.CodeRay .complex{color:#a08}
.CodeRay .constant,.CodeRay .predefined-constant{color:#008080}
.CodeRay .color{color:#099}
.CodeRay .class-variable{color:#369}
.CodeRay .decorator{color:#b0b}
.CodeRay .definition{color:#099}
.CodeRay .delimiter{color:#000}
.CodeRay .doc{color:#970}
.CodeRay .doctype{color:#34b}
.CodeRay .doc-string{color:#d42}
.CodeRay .escape{color:#666}
.CodeRay .entity{color:#800}
.CodeRay .error{color:#808}
.CodeRay .exception{color:inherit}
.CodeRay .filename{color:#099}
.CodeRay .function{color:#900;font-weight:bold}
.CodeRay .global-variable{color:#008080}
.CodeRay .hex{color:#058}
.CodeRay .integer,.CodeRay .float{color:#099}
.CodeRay .include{color:#555}
.CodeRay .inline{color:#000}
.CodeRay .inline .inline{background:#ccc}
.CodeRay .inline .inline .inline{background:#bbb}
.CodeRay .inline .inline-delimiter{color:#d14}
.CodeRay .inline-delimiter{color:#d14}
.CodeRay .important{color:#555;font-weight:bold}
.CodeRay .interpreted{color:#b2b}
.CodeRay .instance-variable{color:#008080}
.CodeRay .label{color:#970}
.CodeRay .local-variable{color:#963}
.CodeRay .octal{color:#40e}
.CodeRay .predefined{color:#369}
.CodeRay .preprocessor{color:#579}
.CodeRay .pseudo-class{color:#555}
.CodeRay .directive{font-weight:bold}
.CodeRay .type{font-weight:bold}
.CodeRay .predefined-type{color:inherit}
.CodeRay .reserved,.CodeRay .keyword {color:#000;font-weight:bold}
.CodeRay .key{color:#808}
.CodeRay .key .delimiter{color:#606}
.CodeRay .key .char{color:#80f}
.CodeRay .value{color:#088}
.CodeRay .regexp .delimiter{color:#808}
.CodeRay .regexp .content{color:#808}
.CodeRay .regexp .modifier{color:#808}
.CodeRay .regexp .char{color:#d14}
.CodeRay .regexp .function{color:#404;font-weight:bold}
.CodeRay .string{color:#d20}
.CodeRay .string .string .string{background:#ffd0d0}
.CodeRay .string .content{color:#d14}
.CodeRay .string .char{color:#d14}
.CodeRay .string .delimiter{color:#d14}
.CodeRay .shell{color:#d14}
.CodeRay .shell .delimiter{color:#d14}
.CodeRay .symbol{color:#990073}
.CodeRay .symbol .content{color:#a60}
.CodeRay .symbol .delimiter{color:#630}
.CodeRay .tag{color:#008080}
.CodeRay .tag-special{color:#d70}
.CodeRay .variable{color:#036}
.CodeRay .insert{background:#afa}
.CodeRay .delete{background:#faa}
.CodeRay .change{color:#aaf;background:#007}
.CodeRay .head{color:#f8f;background:#505}
.CodeRay .insert .insert{color:#080}
.CodeRay .delete .delete{color:#800}
.CodeRay .change .change{color:#66f}
.CodeRay .head .head{color:#f4f}
</style>
</head>
<body class="book toc2 toc-left">
<div id="header">
<h1>Provisioning Guide</h1>
<div class="details">
<span id="revnumber">version 2.0.0</span>
</div>
<div id="toc" class="toc2">
<div id="toctitle">Table of Contents</div>
<ul class="sectlevel1">
<li><a href="#_about_this_document">1. About This Document</a>
<ul class="sectlevel2">
<li><a href="#_intended_audience">1.1. Intended Audience</a></li>
<li><a href="#_new_and_changed_information">1.2. New and Changed Information</a></li>
<li><a href="#_notation_conventions">1.3. Notation Conventions</a></li>
<li><a href="#_comments_encouraged">1.4. Comments Encouraged</a></li>
</ul>
</li>
<li><a href="#introduction">2. Introduction</a>
<ul class="sectlevel2">
<li><a href="#introduction-security-considerations">2.1. Security Considerations</a></li>
<li><a href="#introduction-provisioning-options">2.2. Provisioning Options</a></li>
<li><a href="#introduction-provisioning-activities">2.3. Provisioning Activities</a></li>
<li><a href="#introduction-provisioning-master-node">2.4. Provisioning Master Node</a></li>
<li><a href="#introduction-trafodion-installer">2.5. Trafodion Installer</a>
<ul class="sectlevel3">
<li><a href="#introduction-trafodion-installer-usage">2.5.1. Usage</a></li>
<li><a href="#introduction-trafodion-installer-install-vs-upgrade">2.5.2. Install vs. Upgrade</a></li>
<li><a href="#introduction-trafodion-installer-guided-setup">2.5.3. Guided Setup</a></li>
<li><a href="#introduction-trafodion-installer-automated-setup">2.5.4. Automated Setup</a></li>
</ul>
</li>
<li><a href="#introduction-trafodion-provisioning-directories">2.6. Trafodion Provisioning Directories</a></li>
</ul>
</li>
<li><a href="#requirements">3. Requirements</a>
<ul class="sectlevel2">
<li><a href="#requirements-general-cluster-and-os-requirements-and-recommendations">3.1. General Cluster and OS Requirements and Recommendations</a>
<ul class="sectlevel3">
<li><a href="#requirements-cluster-requirements-and-recommendations">3.1.1. Hardware Requirements and Recommendations</a></li>
<li><a href="#requirements-os-requirements-and-recommendations">3.1.2. OS Requirements and Recommendations</a></li>
<li><a href="#requirements-ip-ports">3.1.3. IP Ports</a></li>
</ul>
</li>
<li><a href="#requirements-prerequisite-software">3.2. Prerequisite Software</a>
<ul class="sectlevel3">
<li><a href="#requirements-hadoop-software">3.2.1. Hadoop Software</a></li>
<li><a href="#requirements-software-packages">3.2.2. Software Packages</a></li>
</ul>
</li>
<li><a href="#requirements-trafodion-user-ids-and-their-privileges">3.3. Trafodion User IDs and Their Privileges</a>
<ul class="sectlevel3">
<li><a href="#requirements-trafodion-runtime-user">3.3.1. Trafodion Runtime User</a></li>
<li><a href="#requirements-trafodion-provisioning-user">3.3.2. Trafodion Provisioning User</a></li>
</ul>
</li>
<li><a href="#requirements-required-configuration-changes">3.4. Required Configuration Changes</a>
<ul class="sectlevel3">
<li><a href="#requirements-operating-system-changes">3.4.1. Operating System Changes</a></li>
<li><a href="#requirements-zookeeper-changes">3.4.2. ZooKeeper Changes</a></li>
<li><a href="#requirements-hdfs-changes">3.4.3. HDFS Changes</a></li>
<li><a href="#requirements-hbase-changes">3.4.4. HBase Changes</a></li>
</ul>
</li>
<li><a href="#requirements-recommended-configuration-changes">3.5. Recommended Configuration Changes</a>
<ul class="sectlevel3">
<li><a href="#requirements-recommended-security-changes">3.5.1. Recommended Security Changes</a></li>
<li><a href="#requirements-recommended-hdfs-configuration-changes">3.5.2. Recommended HDFS Configuration Changes</a></li>
<li><a href="#requirements-recommended-hbase-configuration-changes">3.5.3. Recommended HBase Configuration Changes</a></li>
</ul>
</li>
</ul>
</li>
<li><a href="#prepare">4. Prepare</a>
<ul class="sectlevel2">
<li><a href="#prepare-install-optional-workstation-software">4.1. Install Optional Workstation Software</a></li>
<li><a href="#configure-installation-user-id">4.2. Configure Installation User ID</a></li>
<li><a href="#prepare-disable-requiretty">4.3. Disable requiretty</a></li>
<li><a href="#prepare-verify-os-requirements-and-recommendations">4.4. Verify OS Requirements and Recommendations</a></li>
<li><a href="#prepare-configure-ldap-identity-store">4.5. Configure LDAP Identity Store</a></li>
<li><a href="#prepare-gather-configuration-information">4.6. Gather Configuration Information</a></li>
<li><a href="#prepare-install-required-software-packages">4.7. Install Required Software Packages</a>
<ul class="sectlevel3">
<li><a href="#prepare-download-and-install-packages">4.7.1. Download and Install Packages</a></li>
<li><a href="#prepare-install-log4cplusplus">4.7.2. Install log4c++</a></li>
</ul>
</li>
<li><a href="#prepare-download-trafodion-binaries">4.8. Download Trafodion Binaries</a></li>
<li><a href="#prepare-preparation-for-recipe-based-provisioning">4.9. Preparation for Recipe-Based Provisioning</a>
<ul class="sectlevel3">
<li><a href="#prepare-modify-os-settings">4.9.1. Modify OS Settings</a></li>
<li><a href="#prepare-modify-zookeeper-configuration">4.9.2. Modify ZooKeeper Configuration</a></li>
<li><a href="#prepare-modify-hdfs-configuration">4.9.3. Modify HDFS Configuration</a></li>
<li><a href="#prepare-modify-hbase-configuration">4.9.4. Modify HBase Configuration</a></li>
</ul>
</li>
</ul>
</li>
<li><a href="#install">5. Install</a>
<ul class="sectlevel2">
<li><a href="#install-unpack-installer">5.1. Unpack Installer</a></li>
<li><a href="#install-automated-install">5.2. Automated Install</a></li>
<li><a href="#install-guided-install">5.3. Guided Install</a></li>
</ul>
</li>
<li><a href="#upgrade">6. Upgrade</a>
<ul class="sectlevel2">
<li><a href="#upgraded-download-updated-trafodion-binaries">6.1. Download Updated Trafodion Binaries</a></li>
<li><a href="#upgrade-unpack-installer">6.2. Unpack Installer</a></li>
<li><a href="#upgrade-stop-tradodion">6.3. Stop Trafodion</a></li>
<li><a href="#upgrade-automated-upgrade">6.4. Automated Upgrade</a></li>
<li><a href="#upgrade-guided-upgrade">6.5. Guided Upgrade</a></li>
</ul>
</li>
<li><a href="#activate">7. Activate</a>
<ul class="sectlevel2">
<li><a href="#activate-manage-trafodion">7.1. Manage Trafodion</a></li>
<li><a href="#activate-validate-trafodion-installation">7.2. Validate Trafodion Installation</a>
<ul class="sectlevel3">
<li><a href="#_smoke_test">7.2.1. Smoke Test</a></li>
</ul>
</li>
<li><a href="#activate-troubleshooting-tips">7.3. Troubleshooting Tips</a></li>
</ul>
</li>
<li><a href="#remove">8. Remove</a>
<ul class="sectlevel2">
<li><a href="#_stop_trafodion">8.1. Stop Trafodion</a></li>
<li><a href="#_run_code_trafodion_uninstaller_code">8.2. Run <code>trafodion_uninstaller</code></a></li>
</ul>
</li>
<li><a href="#enable-security">9. Enable Security</a>
<ul class="sectlevel2">
<li><a href="#enable-security-configuring-ldap-servers">9.1. Configuring LDAP Servers</a></li>
<li><a href="#enable-security-generate-trafodion-certificate">9.2. Generate Trafodion Certificate</a></li>
<li><a href="#enable-security-authentication-setup-script">9.3. Authentication Setup Script</a></li>
<li><a href="#enable-security-manage-users">9.4. Manage Users</a></li>
<li><a href="#enable-security-traf-authentication-config">9.5. .traf_authentication_config</a>
<ul class="sectlevel3">
<li><a href="#_file_location">9.5.1. File Location</a></li>
<li><a href="#enable-security-template">9.5.2. Template</a></li>
<li><a href="#enable-security-configuration-attributes">9.5.3. Configuration Attributes</a></li>
</ul>
</li>
<li><a href="#enable-security-ldapcheck">9.6. ldapcheck</a>
<ul class="sectlevel3">
<li><a href="#_usage">9.6.1. Usage</a></li>
<li><a href="#_considerations">9.6.2. Considerations</a></li>
</ul>
</li>
<li><a href="#enable-security-ldapconfigcheck">9.7. ldapconfigcheck</a>
<ul class="sectlevel3">
<li><a href="#enable-security-ldapconfigcheck-considerations">9.7.1. Considerations</a></li>
<li><a href="#enable-security-ldapconfigcheck-errors">9.7.2. Errors</a></li>
</ul>
</li>
</ul>
</li>
<li><a href="#install-recipe">10. Install Recipe</a></li>
<li><a href="#upgrade-recipe">11. Upgrade Recipe</a></li>
</ul>
</div>
</div>
<div id="content">
<div id="preamble">
<div class="sectionbody">
<div class="paragraph">
<p><strong>License Statement</strong></p>
</div>
<div class="paragraph">
<p>Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements.  See the NOTICE file
distributed with this work for additional information regarding copyright ownership.  The ASF licenses this file
to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
the License.  You may obtain a copy of the License at <a href="http://www.apache.org/licenses/LICENSE-2.0" class="bare">http://www.apache.org/licenses/LICENSE-2.0</a></p>
</div>
<div class="paragraph">
<p>Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the License for the
specific language governing permissions and limitations under the License.</p>
</div>
<div style="page-break-after: always;"></div>
<div class="paragraph">
<p><strong>Revision History</strong></p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 50%;">
<col style="width: 50%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Version</th>
<th class="tableblock halign-left valign-top">Date</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">2.0.0</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">To be announced.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">1.3.0</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">January, 2016</p></td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="sect1">
<h2 id="_about_this_document">1. About This Document</h2>
<div class="sectionbody">
<div class="paragraph">
<p>This guide describes how to provision the end-user Trafodion binaries on top of an existing Hadoop environment. This install allows you to store and query data using Trafodion, either via Trafodion clients
(see <a href="http://trafodion.incubator.apache.org/docs/client_install/index.html">Trafodion Client Installation Guide</a> or via application code you write.</p>
</div>
<div class="paragraph">
<p>If you want to install a Trafodion developer-build environment, then please refer to the
<a href="http://trafodion.incubator.apache.org/contributing_redirect.html">Trafodion Contributor Guide</a> for instructions.</p>
</div>
<div class="sect2">
<h3 id="_intended_audience">1.1. Intended Audience</h3>
<div class="paragraph">
<p>This guide assumes that you are well-versed in Linux and Hadoop administration. If you don&#8217;t have such experience, then
you should consider going through the steps required to install a Hadoop environment before attempting to install Trafodion.</p>
</div>
<div class="paragraph">
<p>The instructions contained herein apply to the following environments.</p>
</div>
<div class="ulist">
<ul>
<li>
<p><strong>Single-Node Environments</strong>: Typically used when you want to evaluate Trafodion.</p>
</li>
<li>
<p><strong>Cluster (Multi-Node) Environments</strong>: Typically used when you deploy Trafodion for application usage.</p>
</li>
</ul>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
Trafodion can be provisioned on a single-node or multi-node environment. Unless specifically noted, the term <strong>cluster</strong> is used
to mean both single- and multi-node environments.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>The provisioning instructions applies to a diverse set of platforms:</p>
</div>
<div class="ulist">
<ul>
<li>
<p><strong>Virtual Machines</strong>: Often used for evaluations and Trafodion development.</p>
</li>
<li>
<p><strong>Cloud</strong>: Used for Product Environments as well as for Developer Environments.</p>
</li>
<li>
<p><strong>Bare Metal</strong>: Used for Product Environments as well as for Developer Environments.</p>
</li>
</ul>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
The term <strong>node</strong> is used to represent a computing platform on which operating system, Hadoop, and Trafodion software is running.
Unless specifically qualified (bare-metal node, virtual-machine node, or cloud-node), <strong>node</strong> represents a computing platform in your cluster
regardless of platform type.
</td>
</tr>
</table>
</div>
</div>
<div class="sect2">
<h3 id="_new_and_changed_information">1.2. New and Changed Information</h3>
<div class="paragraph">
<p>This is a new guide.</p>
</div>
<div style="page-break-after: always;"></div>
</div>
<div class="sect2">
<h3 id="_notation_conventions">1.3. Notation Conventions</h3>
<div class="paragraph">
<p>This list summarizes the notation conventions for syntax presentation in this manual.</p>
</div>
<div class="ulist">
<ul>
<li>
<p>UPPERCASE LETTERS</p>
<div class="paragraph">
<p>Uppercase letters indicate keywords and reserved words. Type these items exactly as shown. Items not enclosed in brackets are required.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">SELECT</code></pre>
</div>
</div>
</li>
<li>
<p>lowercase letters</p>
<div class="paragraph">
<p>Lowercase letters, regardless of font, indicate variable items that you supply. Items not enclosed in brackets are required.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">file-name</code></pre>
</div>
</div>
</li>
<li>
<p>&#91; &#93; Brackets</p>
<div class="paragraph">
<p>Brackets enclose optional syntax items.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">DATETIME [start-field TO] end-field</code></pre>
</div>
</div>
<div class="paragraph">
<p>A group of items enclosed in brackets is a list from which you can choose one item or none.</p>
</div>
<div class="paragraph">
<p>The items in the list can be arranged either vertically, with aligned brackets on each side of the list, or horizontally, enclosed in a pair of brackets and separated by vertical lines.</p>
</div>
<div class="paragraph">
<p>For example:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">DROP SCHEMA schema [CASCADE]
DROP SCHEMA schema [ CASCADE | RESTRICT ]</code></pre>
</div>
</div>
</li>
</ul>
</div>
<div style="page-break-after: always;"></div>
<div class="ulist">
<ul>
<li>
<p>{ } Braces</p>
<div class="paragraph">
<p>Braces enclose required syntax items.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">FROM { grantee [, grantee ] ... }</code></pre>
</div>
</div>
<div class="paragraph">
<p>A group of items enclosed in braces is a list from which you are required to choose one item.</p>
</div>
<div class="paragraph">
<p>The items in the list can be arranged either vertically, with aligned braces on each side of the list, or horizontally, enclosed in a pair of braces and separated by vertical lines.</p>
</div>
<div class="paragraph">
<p>For example:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">INTERVAL { start-field TO end-field }
{ single-field }
INTERVAL { start-field TO end-field | single-field }</code></pre>
</div>
</div>
</li>
<li>
<p>| Vertical Line</p>
<div class="paragraph">
<p>A vertical line separates alternatives in a horizontal list that is enclosed in brackets or braces.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">{expression | NULL}</code></pre>
</div>
</div>
</li>
<li>
<p>&#8230; Ellipsis</p>
<div class="paragraph">
<p>An ellipsis immediately following a pair of brackets or braces indicates that you can repeat the enclosed sequence of syntax items any number of times.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">ATTRIBUTE[S] attribute [, attribute] ...
{, sql-expression } ...</code></pre>
</div>
</div>
<div class="paragraph">
<p>An ellipsis immediately following a single syntax item indicates that you can repeat that syntax item any number of times.</p>
</div>
<div class="paragraph">
<p>For example:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">expression-n ...</code></pre>
</div>
</div>
</li>
<li>
<p>Punctuation</p>
<div class="paragraph">
<p>Parentheses, commas, semicolons, and other symbols not previously described must be typed as shown.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">DAY (datetime-expression)
@script-file</code></pre>
</div>
</div>
<div class="paragraph">
<p>Quotation marks around a symbol such as a bracket or brace indicate the symbol is a required character that you must type as shown.</p>
</div>
<div class="paragraph">
<p>For example:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">&quot;{&quot; module-name [, module-name] ... &quot;}&quot;</code></pre>
</div>
</div>
</li>
<li>
<p>Item Spacing</p>
<div class="paragraph">
<p>Spaces shown between items are required unless one of the items is a punctuation symbol such as a parenthesis or a comma.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">DAY (datetime-expression) DAY(datetime-expression)</code></pre>
</div>
</div>
<div class="paragraph">
<p>If there is no space between two items, spaces are not permitted. In this example, no spaces are permitted between the period and any other items:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">myfile.sh</code></pre>
</div>
</div>
</li>
<li>
<p>Line Spacing</p>
<div class="paragraph">
<p>If the syntax of a command is too long to fit on a single line, each continuation line is indented three spaces and is separated from the preceding line by a blank line.</p>
</div>
<div class="paragraph">
<p>This spacing distinguishes items in a continuation line from items in a vertical list of selections.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">match-value [NOT] LIKE _pattern
   [ESCAPE esc-char-expression]</code></pre>
</div>
</div>
</li>
</ul>
</div>
</div>
<div class="sect2">
<h3 id="_comments_encouraged">1.4. Comments Encouraged</h3>
<div class="paragraph">
<p>We encourage your comments concerning this document. We are committed to providing documentation that meets your
needs. Send any errors found, suggestions for improvement, or compliments to <a href="mailto:user@trafodion.incubator.apache.org">user@trafodion.incubator.apache.org</a>.</p>
</div>
<div class="paragraph">
<p>Include the document title and any comment, error found, or suggestion for improvement you have concerning this document.</p>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="introduction">2. Introduction</h2>
<div class="sectionbody">
<div class="paragraph">
<p>Trafodion is a Hadoop add-on service that provides transactional SQL on top of HBase. Typically, you
use Trafodion as the database for applications that require Online Transaction Processing (OLTP),
Operational Data Store (ODS), and/or strong reporting capabilities. You access Trafodion using
standard JDBC and ODBC APIs.</p>
</div>
<div class="paragraph">
<p>You may choose whether to add Trafodion to an existing Hadoop environment or to create a standalone
Hadoop environment specifically for Hadoop.</p>
</div>
<div class="paragraph">
<p>This guide assumes that a Hadoop environment exists upon which your provisioning Trafodion. Refer to
<a href="#requirements-hadoop-software">Hadoop Software</a> for information about what Hadoop software is required
Trafodion.</p>
</div>
<div class="sect2">
<h3 id="introduction-security-considerations">2.1. Security Considerations</h3>
<div class="paragraph">
<p>The following users need be considered for Trafodion:</p>
</div>
<div class="ulist">
<ul>
<li>
<p><strong>Provisioning User</strong>: A Linux-level user that performs the Trafodion provisioning tasks. This user ID
requires <code>sudo</code> access and passwordless ssh among the nodes where Trafodion is installed. In addition,
this user ID requires access to Hadoop distribution, HDFS, and HBase administrative users to change
respective environment&#8217;s configuration settings per Trafodion requirements. Refer to
<a href="#requirements-trafodion-provisioning-user">Trafodion Provisioning User</a> for more information
about the requirements and usage associated with this user ID.</p>
</li>
<li>
<p><strong>Runtime User</strong>: A Linux-level user under which the Trafodion software runs. This user ID must be registered
as a user in the Hadoop Distributed File System (HDFS) to store and  access objects in HDFS, HBase, and Hive.
In addition, this  user ID requires passwordless access among the nodes where Trafodion is installed.
Refer to <a href="#requirements-trafodion-runtime-user">Trafodion Runtime User</a> for more information about this user ID.</p>
</li>
<li>
<p><strong>Trafodion Database Users</strong>: Trafodion users are managed by the Trafodion security features (grant, revoke, etc.),
which can be integrated with LDAP if so desired. These users are referred to as <strong>database users</strong> and
do not have direct access to the operating system. Refer to
<a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html#register_user_statement">Register User</a>,
<a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html#grant_statement">Grant</a>, and other SQL statements
in the <a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html">Trafodion SQL Reference Manual</a> for
more information about managing Trafodion Database Users.
<br>
<br>
Optionally, you can enable Trafodion Security. If you do not enable security in Trafodion, then a client interface
to Trafodion may request a user name and password, but Trafodion ignores the user name and password entered in the
client interface, and the session runs as the database <strong>root</strong> user, <code>DB__ROOT</code>, without restrictions. If you want
to restrict users, restrict access to certain users only, or restrict access to an object or operation, then you must
enable security, which enforces authentication and authorization. Refer to
<a href="#enable-security">Enable Security</a> for more information about this option.</p>
</li>
</ul>
</div>
</div>
<div class="sect2">
<h3 id="introduction-provisioning-options">2.2. Provisioning Options</h3>
<div class="paragraph">
<p>Trafodion ships with a set of scripts (the Trafodion Installer) that takes care of many of the installation and upgrade
tasks associated with the Trafodion software and its requirements. There is a separate set of scripts to remove Trafodion,
if needed.</p>
</div>
<div class="paragraph">
<p>Currently, the Trafodion Installer is able to install Trafodion on select Cloudera and  Hortonworks Hadoop distributions only.
The Trafodion Installer limitations are noted as they apply in the different chapters below. For example, the Trafodion Installer
is less capable on SUSE than it is on RedHat/CentOS; you have to install the prerequisite software packages outside the Trafodion Installer.</p>
</div>
<div class="paragraph">
<p>The Trafodion Installer automates many of the tasks required to install/upgrade Trafodion, spanning from downloading and
installing required software packages and making required changes to your Hadoop environment via creating
the Trafodion runtime user ID to installing and starting Trafodion. It is, therefore,  highly recommend that
you use the Trafodion Installer for initial installation and upgrades of Trafodion. These steps are referred to as
"Script-Based Provisioning" in this guide. Refer to <a href="#introduction-trafodion-installer">Trafodion Installer</a> provides
usage information.</p>
</div>
<div class="paragraph">
<p>If, for any reason, you choose not to use the Trafodion Installer, then separate chapters provide
step-by-step recipes for the tasks required to install/upgrade Trafodion. These steps are referred to as
<strong>Recipe-Based Provisioning</strong> in this guide. It is assumed that you are well-versed in Linux and Hadoop
administrative tasks if using Recipe-Based Provisioning.</p>
</div>
</div>
<div class="sect2">
<h3 id="introduction-provisioning-activities">2.3. Provisioning Activities</h3>
<div class="paragraph">
<p>Trafodion provisioning is divided into the following main activities:</p>
</div>
<div class="ulist">
<ul>
<li>
<p><strong><a href="#requirements">Requirements</a></strong>: Activities and documentation required to install the Trafodion software.
These activities include tasks such as understanding hardware and operating system requirements,
Hadoop requirements, what software packages that need to be downloaded, configuration settings that need to be changed,
user IDs requirements, and so on.</p>
</li>
<li>
<p><strong><a href="#prepare">Prepare</a></strong>: Activities to prepare the operating system and the Hadoop ecosystem to run
Trafodion. These activities include tasks such as installing required software packages, configure
the Trafodion Installation User, gather information about the Hadoop environment, modify configuration
for different Hadoop services, and so forth.</p>
</li>
<li>
<p><strong><a href="#install">Install</a></strong>: Activities related to installing the Trafodion software. These activities
include tasks such as unpacking the Trafodion tar files, creating the Trafodion Runtime User,
creating Trafodion HDFS directories, installing the Trafodion software, and so forth.</p>
</li>
</ul>
</div>
<div style="page-break-after: always;"></div>
<div class="ulist">
<ul>
<li>
<p><strong><a href="#upgrade">Upgrade</a></strong>: Activities related to the upgrading the Trafodion software. These activities
include tasks such as shutting down Trafodion, installing a new version of the Trafodion software,
and so on. The upgrade tasks vary depending on the differences between the current and new release of
Trafodion. For example, an upgrade may or may not include an upgrade of the Trafodion metadata.</p>
</li>
<li>
<p><strong><a href="#activate">Activate</a></strong>: Activities related to starting the Trafodion software. These actives
include basic management tasks such as starting and checking the status of the Trafodion components,
performing basic smoke tests, and so forth.</p>
</li>
<li>
<p><strong><a href="#remove">Remove</a></strong>: Activities related to removing Trafodion from your Hadoop cluster.</p>
</li>
</ul>
</div>
</div>
<div class="sect2">
<h3 id="introduction-provisioning-master-node">2.4. Provisioning Master Node</h3>
<div class="paragraph">
<p>All provisioning tasks are performed from a single node in the cluster, which must be part
of the Hadoop environment you&#8217;re adding Trafodion to. This node is referred to as the
"<strong>Provisioning Master Node</strong>" in this guide.</p>
</div>
<div class="paragraph">
<p>The Trafodion Provisioning User must have access to all other nodes from the Provisioning
Master Node in order to perform provisioning tasks on the cluster.</p>
</div>
</div>
<div class="sect2">
<h3 id="introduction-trafodion-installer">2.5. Trafodion Installer</h3>
<div class="paragraph">
<p>The Trafodion Installer is a set of scripts automates most of the tasks requires to install/upgrade Trafodion.
You download the Trafodion Installer tar file from the Trafodion <a href="http://trafodion.incubator.apache.org/download.html">download</a> page.
Next, you unpack the tar file.</p>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ mkdir $HOME/trafodion-installer
$ cd $HOME/trafodion-downloads
$ tar -zxf apache-trafodion-installer-1.3.0-incubating-bin.tar.gz -C $HOME/trafodion-installer
$ ls $HOME/trafodion-installer/installer
bashrc_default           tools                             traf_config_check           trafodion_apache_hadoop_install  traf_package_setup
build-version-1.3.0.txt  traf_add_user                     traf_config_setup           trafodion_config_default         traf_setup
dcs_installer            traf_apache_hadoop_config_setup   traf_create_systemdefaults  trafodion_install                traf_sqconfig
rest_installer           traf_authentication_conf_default  traf_getHadoopNodes         trafodion_license                traf_start
setup_known_hosts.exp    traf_cloudera_mods98              traf_hortonworks_mods98     trafodion_uninstaller
$</code></pre>
</div>
</div>
<div style="page-break-after: always;"></div>
<div class="paragraph">
<p>The Trafodion Installer supports two different modes:</p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p><strong>Guided Setup</strong>: Prompts for information as it works through the installation/upgrade process. This mode is recommended for new users.</p>
</li>
<li>
<p><strong>Automated Setup</strong>: Required information is provided in a pre-formatted bash-script configuration file, which is provided
via a command argument when running the Trafodion Installer thereby suppressing all prompts.</p>
<div class="paragraph">
<p>A template of the configuration file is available here within the installer directory: <code>trafodion_config_default</code>.
Make a copy of the file in your directory and populate the needed information.</p>
</div>
<div class="paragraph">
<p>Automated Setup is recommended since it allows you to record the required provisioning information information ahead of time.
Refer to <a href="#introduction-trafodion-automated-setup">Automated Setup</a> for information about how to
populate this file.</p>
</div>
</li>
</ol>
</div>
<div class="sect3">
<h4 id="introduction-trafodion-installer-usage">2.5.1. Usage</h4>
<div class="paragraph">
<p>The following shows help for the Trafodion Installer.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">./trafodion_install --help

This script will install Trafodion. It will create a configuration
file (if one has not been created), setup of the environment needed
for Trafodion, configure HBase with Hbase-trx and co-processors needed,
and install a specified Trafodion build.

Options:
    --help             Print this message and exit
    --accept_license   If provided, the user agrees to accept all the
                       provisions in the Trafodion license.  This allows
                       for automation by skipping the display and prompt of
                       the Trafodion license.
    --config_file      If provided, all install prompts will be
                       taken from this file and not prompted for.</code></pre>
</div>
</div>
<div style="page-break-after: always;"></div>
</div>
<div class="sect3">
<h4 id="introduction-trafodion-installer-install-vs-upgrade">2.5.2. Install vs. Upgrade</h4>
<div class="paragraph">
<p>The Trafodion Installer automatically detects whether you&#8217;re performing an install
or an upgrade by looking for the Trafodion Runtime User in the <code>/etc/passwd</code> file.</p>
</div>
<div class="ulist">
<ul>
<li>
<p>If the user ID doesn&#8217;t exist, then the Trafodion Installer runs in install mode.</p>
</li>
<li>
<p>If the user ID exists, then the Trafodion Installer runs in upgrade mode.</p>
</li>
</ul>
</div>
</div>
<div class="sect3">
<h4 id="introduction-trafodion-installer-guided-setup">2.5.3. Guided Setup</h4>
<div class="paragraph">
<p>By default, the Trafodion Installer runs in Guided Setup mode, which means
that it prompts you for information during the install/upgrade process.</p>
</div>
<div class="paragraph">
<p>Refer to the following sections for examples:</p>
</div>
<div class="ulist">
<ul>
<li>
<p><a href="#install-guided-install">Guided Install</a></p>
</li>
<li>
<p><a href="#upgrade-guided-upgrade">Guided Upgrade</a></p>
</li>
</ul>
</div>
</div>
<div class="sect3">
<h4 id="introduction-trafodion-installer-automated-setup">2.5.4. Automated Setup</h4>
<div class="paragraph">
<p>The <code>--config_file</code> option runs the Trafodion in Automated Setup mode.</p>
</div>
<div class="paragraph">
<p>Before running the Trafodion Installer with this option, you do the following:</p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>Copy the <code>trafodion_config_default</code> file.</p>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">cp trafodion_config_default my_config</code></pre>
</div>
</div>
</li>
<li>
<p>Edit the new file using information you collect in the
<a href="#prepare-gather-configuration-information">Gather Configuration Information</a>
section in the <a href="#prepare">Prepare</a> chapter.</p>
</li>
<li>
<p>Run the Trafodion Installer in Automated Setup Mode</p>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">./trafodion_installer --config_file my_config</code></pre>
</div>
</div>
</li>
</ol>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
Your Trafodion Configuration File contains the password for the Trafodion Runtime User
and for the Distribution Manager. Therefore, we recommend that you secure the file in a manner
that matches the security policies of your organization.
</td>
</tr>
</table>
</div>
<div class="sect4">
<h5 id="_example_creating_a_trafodion_configuration_file">Example: Creating a Trafodion Configuration File</h5>
<div class="paragraph">
<p>Using the instructions in <a href="#prepare-gather-configuration-information">Gather Configuration Information</a>
in the <a href="#prepare">Prepare</a> chapter, you record the following information.</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 30%;">
<col style="width: 50%;">
<col style="width: 20%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">ID</th>
<th class="tableblock halign-left valign-top">Information</th>
<th class="tableblock halign-left valign-top">Setting</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>ADMIN</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Administrator user name for Apache Ambari or Cloudera Manager.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">admin</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>BACKUP_DCS_NODES</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">List of nodes where to start the backup DCS Master components.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>CLOUD_CONFIG</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether you&#8217;re installing Trafodion on a cloud environment.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">N</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>CLOUD_TYPE</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">What type of cloud environment you&#8217;re installing Trafodion on.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>CLUSTER_NAME</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The name of the Hadoop Cluster.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Cluster 1</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_BUILD</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Tar file containing the DCS component.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_PRIMARY_MASTER_NODE</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The node where the primary DCS should run.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_SERVER_PARM</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Number of concurrent client sessions per node.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">8</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>ENABLE_HA</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether to run DCS in high-availability (HA) mode.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">N</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>EPEL_RPM</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Location of EPEL RPM. Specify if you don&#8217;t have access to the Internet.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>FLOATING_IP</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">IP address if running DCS in HA mode.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>HADOOP_TYPE</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The type of Hadoop distribution you&#8217;re installing Trafodion on.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">cloudera</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>HBASE_GROUP</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Linux group name for the HBASE administrative user.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">hbase</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>HBASE_USER</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Linux user name for the HBASE administrative user.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">hbase</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>HDFS_USER</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Linux user name for the HDFS administrative user.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">hdfs</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>HOME_DIR</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Root directory under which the <code>trafodion</code> home directory should be created.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">/home</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>INIT_TRAFODION</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether to automatically initialize the Trafodion database.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Y</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>INTERFACE</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Interface type used for $FLOATING_IP.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>JAVA_HOME</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Location of Java 1.7.0_65 or higher (JDK).</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">/usr/java/jdk1.7.0_67-cloudera</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_CERT</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Full path to TLS certificate.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_HOSTS</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">List of nodes where LDAP Identity Store servers are running.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_ID</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">List of LDAP unique identifiers.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_LEVEL</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">LDAP Encryption Level.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_PASSWORD</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Password for LDAP_USER.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_PORT</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Port used to communicate with LDAP Identity Store.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_SECURITY</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether to enable simple LDAP authentication.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">N</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_USER</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">LDAP Search user name.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LOCAL_WORKDIR</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The directory where the Trafodion Installer is located.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">/home/centos/trafodion-installer/installer</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>MANAGEMENT_ENABLED</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether your installation uses separate management nodes.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">N</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>MANAGEMENT_NODES</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The FQDN names of management nodes, if any.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>NODE_LIST</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The FQDN names of the nodes where Trafodion will be installed.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">trafodion-1 trafodion-2</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>PASSWORD</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Administrator password for Apache Ambari or Cloudera Manager.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">admin</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>REST_BUILD</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Tar file containing the REST component.</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>SQ_ROOT</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Target directory for the Trafodion software.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">/home/trafodion/apache-trafodion-1.3.0-incubating-bin</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>START</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether to start Trafodion after install/upgrade.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Y</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>SUSE_LINUX</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether your installing Trafodion on SUSE Linux.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_PACKAGE</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The location of the Trafodion installation package tar file or core installation tar file.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">/home/centos/trafodion-download/apache-trafodion-1.3.0-incubating-bin.tar.gz</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_USER</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The Trafodion runtime user ID. Must be <code>trafodion</code> in this release.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">trafodion</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_USER_PASSWORD</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The password used for the <code>trafodion:trafodion</code> user ID.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">traf123</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>URL</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">FQDN and port for the Distribution Manager&#8217;s REST API.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">trafodion-1.apache.org:7180</p></td>
</tr>
</tbody>
</table>
<div class="paragraph">
<p>Next, you edit <code>my_config</code> to contain the following:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">#!/bin/bash
# @@@ START COPYRIGHT @@@
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# &quot;License&quot;); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
#
#   http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# &quot;AS IS&quot; BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied.  See the License for the
# specific language governing permissions and limitations
# under the License.
#
# @@@ END COPYRIGHT @@@

#====================================================
# Trafodion Configuration File
# This file contains default values for the installer.

# Users can also edit this file and provide values for all parameters
# and then specify this file on the run line of trafodion_install.
# Example:
# ./trafodion_install --config_file &lt;Trafodion-config-file&gt;
# WARNING: This mode is for advanced users!
#
#=====================================================


#=====================================================
#Must be set to 'true' if on a SUSE linux system. If on another type of system
#this must be set to false.

export SUSE_LINUX=&quot;false&quot;

# The working directory where Trafodion installer untars files, etc.
# do not change this unless you really know what you are doing
export TRAF_WORKDIR=&quot;/usr/lib/trafodion&quot;

# This is the directory where the installer scripts were untarred to
export LOCAL_WORKDIR=&quot;/home/centos/trafodion-installer/installer&quot;

# The maximum number of dcs servers, i.e. client connections
export DCS_SERVERS_PARM=&quot;8&quot;

# &quot;true&quot; if this is an upgrade
export UPGRADE_TRAF=&quot;false&quot;

# Trafodion userid, This is the userid the Trafodion instance will run under
export TRAF_USER=&quot;trafodion&quot;

# Trafodion userid's password
export TRAF_USER_PASSWORD=&quot;traf123&quot;

# a blank separated list of nodes in your cluster
# node names should include full domain names
#This can not be left blank!
export NODE_LIST=&quot;trafodion-1 trafodion-2&quot;

# count of nodes in node list
export node_count=&quot;2&quot;

# another list of the same nodes in NODE_LIST but specified in a pdsh usable format
# i.e.  &quot;-w centos-cdh[1-6]&quot;  or &quot;-w node1 -w node2 -w node3&quot;
export MY_NODES=&quot;-w trafodion-[1-2]&quot;

# the directory prefix for the trafodion userid's $HOME directory
# i.e. /opt/home, not /opt/home/trafodion
export HOME_DIR=&quot;/home&quot;

#JAVA HOME must be a JDK. Must include FULL Path. Must be 1.7.0_65 or higher.

export JAVA_HOME=&quot;/usr/java/jdk1.7.0_67-cloudera&quot;

# If your machine doesn't have external internet access then you must
# specify the location of the EPEL rpm, otherwise leave blank and it
# will be installed from the internet
export EPEL_RPM=&quot;&quot;

# full path of the Trafodion package tar file
export TRAF_PACKAGE=&quot;/home/centos/trafodion-download/apache-trafodion-1.3.0-incubating-bin.tar.gz&quot;

# if TRAF_PACKAGE wasn't specified then these two values must be specified
# TRAF_BUILD is the trafodion_server tar file
# DCS_BUILD is the DCS tar file
# REST_BUILD is the REST tar file
export TRAF_BUILD=&quot;&quot;
export DCS_BUILD=&quot;&quot;
export REST_BUILD=&quot;&quot;
# Either &quot;cloudera&quot; or &quot;hortonworks&quot; (all lowercase)
export HADOOP_TYPE=&quot;cloudera&quot;

# The URL for Cloudera/Hortonworks REST API (i.e. node1.host.com:8080)
export URL=&quot;trafodion-1.apache.org:7180&quot;

# Cloudera/Hortonworks UI admin's userid and password
export ADMIN=&quot;admin&quot;
export PASSWORD=&quot;admin&quot;

# hadoop cluster name
export CLUSTER_NAME=&quot;&quot;

# the Hadoop HDFS userid
export HDFS_USER=&quot;hdfs&quot;

# the Hadoop HBase userid and group
export HBASE_USER=&quot;hbase&quot;
export HBASE_GROUP=&quot;hbase&quot;

# The hadoop HBase service name
export HBASE=&quot;hbase&quot;

# full path of where to install Trafodion to
# Example is used below. If $HOME_DIR or $TRAF_USER have been changed
# then this will need to be changed.
# On an upgrade, it is recommend to choose a different directory.
# First time install : /home/trafodion/traf
# On Upgrade: /home/trafodion/traf_&lt;date&gt;
# By doing this the previous version will remain and allow for an easier rollback.
export SQ_ROOT=&quot;/home/trafodion/apache-trafodion-1.3.0-incubating-bin&quot;

# Start Trafodion after install completes
export START=&quot;Y&quot;

# initialize trafodion after starting
export INIT_TRAFODION=&quot;Y&quot;

# full path to the sqconfig file
# Default is to leave as is and this file will be created.
export SQCONFIG=&quot;&quot;

export CONFIG_COMPLETE=&quot;true&quot;

#Turn on simple security. MUST have existing LDAP configured.
export LDAP_SECURITY=&quot;N&quot;

#Name of LDAP Config file
export LDAP_AUTH_FILE=&quot;traf_authentication_config_${HOSTNAME}&quot;</code></pre>
</div>
</div>
<div class="paragraph">
<p>Once completed, run the Trafodion Installer with the <code>--config_file</code> option.</p>
</div>
<div class="paragraph">
<p>Refer to the following sections for examples:</p>
</div>
<div class="ulist">
<ul>
<li>
<p><a href="#install-automated-install">Automated Install</a></p>
</li>
<li>
<p><a href="#upgrade-automated-upgrade">Automated Upgrade</a></p>
</li>
</ul>
</div>
</div>
</div>
</div>
<div class="sect2">
<h3 id="introduction-trafodion-provisioning-directories">2.6. Trafodion Provisioning Directories</h3>
<div class="paragraph">
<p>Trafodion stores its provisioning information in the following directories on each node in the cluster:</p>
</div>
<div class="ulist">
<ul>
<li>
<p><code>/etc/trafodion</code>: Configurtion information.</p>
</li>
<li>
<p><code>/usr/lib/trafodion</code>: Copies of the installer files.</p>
</li>
</ul>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="requirements">3. Requirements</h2>
<div class="sectionbody">
<div class="paragraph">
<p>Trafodion requires an x86 version of Linux.</p>
</div>
<div class="paragraph">
<p>The current release of Trafodion has been tested with:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>64-bit Red Hat Enterprise Linux (RHEL) or CentOS 6.5, 6.6, and 6.7</p>
</li>
<li>
<p>SUSE SLES 11.3</p>
</li>
<li>
<p>Cloudera CDH 5.2</p>
</li>
<li>
<p>Cloudera CDH 5.3</p>
</li>
<li>
<p>Hortonworks HDP 2.2</p>
</li>
</ul>
</div>
<div class="paragraph">
<p>Other OS releases may work, too. The Trafodion project is currently working on better support for non-distribution version of Hadoop.</p>
</div>
<div class="sect2">
<h3 id="requirements-general-cluster-and-os-requirements-and-recommendations">3.1. General Cluster and OS Requirements and Recommendations</h3>
<div class="paragraph">
<p>64-bit x86 instruction set running a Linux distribution is required. Further, Trafodion assumes an environment
based on the requirements of the tested Hadoop distributions/services.</p>
</div>
<div class="sect3">
<h4 id="requirements-cluster-requirements-and-recommendations">3.1.1. Hardware Requirements and Recommendations</h4>
<div class="sect4">
<h5 id="requirements-single-node-cluster">Single-Node Cluster</h5>
<div class="paragraph">
<p>It is possible to run Trafodion on a single-node sandbox environment. Typically, any sandbox running a Hadoop distribution
can be used. A typical single-node configuration uses 4-8 cores with 16 GB of memory, and  20 GB free disk space.</p>
</div>
</div>
<div class="sect4">
<h5 id="requirements-multi-node-cluster">Multi-Node Cluster</h5>
<div class="paragraph">
<p>For multi-node end-user clusters, your typical HBase environment should suffice for Trafodion.
Typically, memory configuration range between 64-128 GB per node with minimum requirement of 16 GB.
The cluster size can span from 1 to <em>n</em> nodes; a minimum of two nodes is recommended.
A minimum of two cores is required regardless of whether you&#8217;re deploying Trafodion on a bare-metal or virtual environment.</p>
</div>
<div style="page-break-after: always;"></div>
<div class="paragraph">
<p>Recommended configurations:</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 40%;">
<col style="width: 60%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Attribute</th>
<th class="tableblock halign-left valign-top">Guidance</th>
</tr>
</thead>
<tbody>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">Processors per Node</p></th>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; Small: 2 cores<br>
&#8226; Medium: 4 cores<br>
&#8226; Large: 8+ cores</p>
</div></div></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">Memory per Node</p></th>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; Small: 16 GB<br>
&#8226; Medium: 64 GB<br>
&#8226; Large: 128 GB</p>
</div></div></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">Concurrency:Nodes</p></th>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; Two Small Nodes: Four concurrent queries<br>
&#8226; Two Medium Nodes: 64 concurrent queries<br>
&#8226; Two Large Nodes: 256 concurrent queries</p>
</div></div></td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="sect3">
<h4 id="requirements-os-requirements-and-recommendations">3.1.2. OS Requirements and Recommendations</h4>
<div class="paragraph">
<p>Please verify these requirements on each node you will install Trafodion on:</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 20%;">
<col style="width: 40%;">
<col style="width: 40%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Function</th>
<th class="tableblock halign-left valign-top">Requirement</th>
<th class="tableblock halign-left valign-top">Verification Guidance</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Linux</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>64-bit version of Red Hat 6.5 or later, or SUSE SLES 11.3 or later.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>sshd</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>The <code>ssh</code> daemon is running on each node in the cluster.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; <code>ps aux  | grep sshd</code><br>
&#8226; <code>sudo netstat -plant | grep :22</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>ntpd</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>The <code>ntp</code> daemon is running and synchronizing time on each node in the cluster.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; <code>ps aux | grep ntp</code><br>
&#8226; <code>ntpq -p</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>FQDN</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; <code>/etc/hosts</code> is set up for fully-qualified node names (FQDN).<br>
&#8226; <code>/etc/resolv.conf</code> is configured to use a name server.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; <code>hostname --fqdn</code> shows the fully-qualified node name, if any.<br>
&#8226; The fully-qualified node name is part of the <code>/etc/hosts</code> file.<br>
&#8226; <code>host -T &lt;FQDN&gt;</code> (responds if using a DNS server, times out otherwise)<br>
&#8226; Simply ssh among nodes using <code>ssh &lt;FQDN&gt;</code>.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Port Availability</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>The Linux Kernel Firewall (<code>iptables</code>) has either been disabled or <a href="#ip-ports">ports required by Trafodion</a> have been opened.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; <code>lsmod | grep ip_tables</code> checks whether <code>iptables</code> is loaded. If not, no further checking is needed.<br>
&#8226; <code>sudo iptables -nL | grep &lt;port&gt;</code> checks the configuration of a port. An empty response indicates no rule for the port, which often means
the port is <strong>not</strong> open.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>passwordless ssh</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>The user name used to provision Trafodion must have passwordless ssh access to all nodes.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>ssh to the nodes, ensure that no password prompt appears.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>sudo privileges</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>The user name used to provision Trafodion must sudo access to a number of root functions .</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>sudo echo "test"</code> on each node.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>bash</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Available for shell-script execution.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>bash --version</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>java</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Available to run the Trafodion software. Same version as HBase is using.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>java --version</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>perl</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Available for script execution.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>perl --version</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>python</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Available for script execution.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>python --version</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>yum</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Available for installs, updates, and removal of software packages.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>yum --version</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>rpm</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Available for installs, updates, and removal of software packages.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>rpm --version</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>scp</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Available to copy files among nodes in the cluster.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>scp --help</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>curl</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Available to transfer data with URL syntax.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>curl --version</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>wget</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Available to download files from the Web.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>wget --version</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>pdsh</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Available to run shell commands in parallel.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>pdsh -V</code></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>pdcp</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Available to copy files among nodes in parallel. part of the <code>pdsh</code> package.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>pdcp -V</code></p>
</div></div></td>
</tr>
</tbody>
</table>
</div>
<div class="sect3">
<h4 id="requirements-ip-ports">3.1.3. IP Ports</h4>
<div class="paragraph">
<p>The following table lists the default ports used by the different Trafodion components plus the configuration file and configuration attribute associated with each port setting.</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 10%;">
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 10%;">
<col style="width: 5%;">
<col style="width: 10%;">
<col style="width: 25%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Default Port</th>
<th class="tableblock halign-left valign-top">Configuration File</th>
<th class="tableblock halign-left valign-top">Configuration Entry</th>
<th class="tableblock halign-left valign-top">Required</th>
<th class="tableblock halign-left valign-top">Range</th>
<th class="tableblock halign-left valign-top">Protocol</th>
<th class="tableblock halign-left valign-top">Comment</th>
</tr>
</thead>
<tbody>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">4200</p></th>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>rest-site.xml</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>trafodion.rest.port</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Yes</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">REST</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Trafodion REST Server.</p></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">4201</p></th>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>rest-site.xml</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>trafodion.rest.https.port</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Yes</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HTTPS</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Trafodion REST Server (HTTPS).</p></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">23400</p></th>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs-site.xml</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs.master.port</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Yes</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock"><em>n</em></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">binary</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Start of Trafodion DCS port range. (37800 for Trafodion 1.1)</p></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">24400</p></th>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs-site.xml</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs.master.info.port</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Yes</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">DCS master web GUI. (40010 for Trafodion 1.1)</p></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">24410</p></th>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs-site.xml</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs.server.info.port</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Yes</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock"><em>n</em></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Start of range for DCS server web GUIs. (40020 for Trafodion 1.1)</p></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">50030</p></th>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>mapred-site.xml</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>mapred.job.tracker.http.address</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">MapReduce Job Tracker web GUI.</p></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">50070</p></th>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hdfs-site.xml</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dfs.http.address</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HDFS Name Node web GUI.</p></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">50075</p></th>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hdfs-site.xml</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dfs.datanode.http.address</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HDFS Data Node web GUI.</p></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">50090</p></th>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hdfs-site.xml</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dfs.secondary.http.address</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HDFS Secondary Name Node web GUI.</p></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">60010</p></th>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase-site.xml</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.master.info.port</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HBase Master web GUI.</p></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">60030</p></th>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase-site.xml</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.info.port</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">HBase Region Server web GUI.</p></td>
</tr>
</tbody>
</table>
<div class="paragraph">
<p>There are two port ranges used by Trafodion.</p>
</div>
<div class="ulist">
<ul>
<li>
<p>23400 is a range, to allow multiple mxosrvr processes on each node. Allow a range of a few ports,
enough to cover all the servers per node that are listed in the "servers" file in the DCS configuration directory.</p>
</li>
<li>
<p>24410 is a range as well, enough to cover the DCS servers per node, usually 1 or 2.</p>
</li>
</ul>
</div>
<div class="paragraph">
<p>On top of the ports identified above, you also need the ports required by your Hadoop distribution. For example:</p>
</div>
<div class="ulist">
<ul>
<li>
<p><a href="http://www.cloudera.com/content/www/en-us/documentation/enterprise/latest/topics/cdh_ig_ports_cdh5.html"><em>Cloudera Ports</em></a></p>
</li>
<li>
<p><a href="http://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.3.0-Win/bk_HDP_Install_Win/content/ref-79239257-778e-42a9-9059-d982d0c08885.1.html"><em>Hortonworks Ports</em></a></p>
</li>
</ul>
</div>
<div class="paragraph">
<p>Although not all the ports will be used on every node of the cluster, you need to open most of them for all the nodes in the cluster that
have Trafodion, HBase, or HDFS servers on them.</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="requirements-prerequisite-software">3.2. Prerequisite Software</h3>
<div class="sect3">
<h4 id="requirements-hadoop-software">3.2.1. Hadoop Software</h4>
<div class="paragraph">
<p>Trafodion runs as an add-on service on Hadoop distributions. The following Hadoop services and their dependencies must be installed and running
on the cluster where you intend to install Trafodion:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>Hadoop Distributed File System (HDFS)</p>
</li>
<li>
<p>YARN with MapReduce version 2</p>
</li>
<li>
<p>ZooKeeper</p>
</li>
<li>
<p>HBase</p>
</li>
<li>
<p>Hive</p>
</li>
<li>
<p>Apache Ambari (Hortonworks) or Cloudera Manager (Cloudera) with associated embedded databases.</p>
</li>
</ul>
</div>
<div class="paragraph">
<p>The following distributions have been tested with Trafodion.<sup>1</sup></p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 25%;">
<col style="width: 15%;">
<col style="width: 10%;">
<col style="width: 50%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Distribution</th>
<th class="tableblock halign-left valign-top">Version</th>
<th class="tableblock halign-left valign-top">HBase Version</th>
<th class="tableblock halign-left valign-top">Installation Documentation</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Cloudera Distribution Including Apache Hadoop (CDH)</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">5.2 or 5.3</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">0.98</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="http://www.cloudera.com/downloads/manager/5-2-0.html">CHD 5.2 Installation</a><br>
<a href="http://www.cloudera.com/downloads/manager/5-3-0.html" class="bare">http://www.cloudera.com/downloads/manager/5-3-0.html</a><sup class="CDH 5.3 Installation">2</sup></p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Hortonworks Data Platform (HDP)</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">2.2</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">0.98</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="http://hortonworks.com/products/releases/hdp-2-2/#install">HDP 2.2 Installation</a></p></td>
</tr>
</tbody>
</table>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>Future releases of Trafodion will move away from distribution-specific integration. Instead, Trafodion will be tested with
specific version of the Hadoop, HDFS, HBase, and other services/products only.</p>
</li>
<li>
<p>When possible, install using <strong>parcels</strong> to simply the installation process.</p>
</li>
</ol>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
Trafodion does not yet support installation on a non-distribution version of Hadoop; that is,
Hadoop downloaded from the Apache web site. This restriction will be lifted in a later release of
Trafodion.
</td>
</tr>
</table>
</div>
</div>
<div class="sect3">
<h4 id="requirements-software-packages">3.2.2. Software Packages</h4>
<div class="paragraph">
<p>In addition to the software packages required to run different Hadoop services listed above (for example, <code>Java</code>),
Trafodion requires supplementary software to be installed on the cluster before it is installed. These are Linux
tools that are not typically packaged as part of the core Linux distribution.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
For RedHat/CentOS, the Trafodion Installer automatically attempts get a subset of these packages over the Internet.
If the cluster&#8217;s access to the Internet is disabled, then you need to manually download the packages and make them available
for installation. You need to build and install <code>log4c&#43;&#43;</code> manually.
</td>
</tr>
</table>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 20%;">
<col style="width: 45%;">
<col style="width: 35%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Package</th>
<th class="tableblock halign-left valign-top">Usage</th>
<th class="tableblock halign-left valign-top">Installation</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">EPEL</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Add-on packages to completed the Linux distribution.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>Download
<a href="http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch">Fedora RPM</a></pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">pdsh</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Parallelize shell commands during install and Trafodion runtime utilities.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install pdsh</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">log4cxx</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Message logging.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>Manual process<sup>1</sup></pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">sqlite</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Internal configuration information managed by the Trafodion Foundation component.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install sqlite</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">expect</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Not used?</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install expect</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">perl-DBD-SQLite</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Allows Perl scripts to connect to SQLite.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install perl-DBD-SQLite</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">perl-Params-Validate</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Validates method/function parameters in Perl scripts.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install perl-Params-Validate</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">perl-Time-HiRes</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">High resolution alarm, sleep, gettimeofday, interval timers in Perl scripts.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install perl-Time-HiRes</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">protobuf</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Data serialization.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install protobuf</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">xerces-c</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">C++ XML parsing.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install xerces-c</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">gzip</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Data compress/decompress.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install gzip</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">rpm-build<sup>2</sup></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Build binary and source software packages.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install rpm-build</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">apr-devel<sup>2</sup></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Support files used to build applications using the APR library.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install apr-devel</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">apr-util-devel<sup>2</sup></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Support files used to build applications using the APR utility library.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install apr-util-devel</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">doxygen<sup>2</sup></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Generate documentation from annotated C++ sources.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install doxygen</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">gcc<sup>2</sup></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">GNU Compiler Collection</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install gcc</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">gcc_c++<sup>2</sup></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">GNU C++ compiler.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install gcc_c++</pre></div></td>
</tr>
</tbody>
</table>
<div class="olist arabic">
<ol class="arabic">
<li>
<p><code>log4c&#43;&#43;</code> was recently withdrawn from public repositories. Therefore, you will need to build the <code>log4c&#43;&#43;</code> RPM
on your system and then install the RPM using the procedure described in <a href="#log4cplusplus_installation">log4c++ Installation</a>.</p>
</li>
<li>
<p>Software package required to build <code>log4c&#43;&#43;</code>. Not required otherwise. These packages are <strong>not</strong> installed by the Trafodion Installer in this release.</p>
</li>
</ol>
</div>
<div class="paragraph">
<p>The Trafodion Installer requires Internet access to install the required software packages.</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="requirements-trafodion-user-ids-and-their-privileges">3.3. Trafodion User IDs and Their Privileges</h3>
<div class="sect3">
<h4 id="requirements-trafodion-runtime-user">3.3.1. Trafodion Runtime User</h4>
<div class="paragraph">
<p>The <code>trafodion:trafodion</code> user ID is created as part of the installation process. The default password is: <code>traf123</code>.</p>
</div>
<div class="paragraph">
<p>Trafodion requires that either HDFS ACL support or Kerberos is enabled. The Trafodion Installer will enable HDFS ACL support.
Kerberos-based security settings are outside the scope of this guide. Please refer to the security information in
<a href="https://hbase.apache.org/book.html#security">Apache HBase&#8482; Reference Guide</a> for information about how to set up
HBase security with Kerberos.</p>
</div>
<div class="paragraph">
<p>Also, Trafodion requires <code>sudo</code> access to <code>ip</code> and <code>arping</code> so that floating or elastic IP addresses can be moved from one node to
another in case of node failures.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
Do <strong>not</strong> create the <code>trafodion:trafodion</code> user ID in advance. The Trafodion Installer uses the presence of this user ID to determine
whether you&#8217;re doing an installation or upgrade.
</td>
</tr>
</table>
</div>
</div>
<div class="sect3">
<h4 id="requirements-trafodion-provisioning-user">3.3.2. Trafodion Provisioning User</h4>
<div class="paragraph">
<p>Typically, the Trafodion Installer is used for Trafodion installations. It requires access to the user IDs documented below.</p>
</div>
<div class="sect4">
<h5 id="requirements-linux-installation-user">Linux Installation User</h5>
<div class="paragraph">
<p>The user ID that performs the Trafodion installation steps. Typically, this User ID runs the Trafodion Installer.</p>
</div>
<div class="paragraph">
<p><strong>Requirements</strong>:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>User name or group cannot be <code>trafodion</code>.</p>
</li>
<li>
<p>Passwordless ssh access to all nodes in the cluster.</p>
</li>
<li>
<p>Internet access to download software packages.</p>
</li>
<li>
<p><code>requiretty</code> must be disabled in <code>/etc/sudoers</code>.</p>
</li>
<li>
<p><code>sudo</code><sup>1</sup> access to:</p>
<div class="ulist">
<ul>
<li>
<p>Download and install software packages.</p>
</li>
<li>
<p>Modify <code>/etc/sudoers.d</code> (allow the <code>trafodion</code> user to modify floating IP: <code>ip</code> and <code>arping</code>).</p>
</li>
<li>
<p>Create the <code>trafodion</code> user ID and group.</p>
</li>
<li>
<p>Install Trafodion software into the HBase environment.</p>
</li>
<li>
<p>Run Java version command on each node in the cluster.</p>
</li>
<li>
<p>Run Hadoop version command on each node in the cluster.</p>
</li>
<li>
<p>Run HBase version command on each node in the cluster.</p>
</li>
<li>
<p>Create directories and files in:</p>
<div class="ulist">
<ul>
<li>
<p><code>/etc</code></p>
</li>
<li>
<p><code>/usr/lib</code></p>
</li>
<li>
<p><code>/var/log</code></p>
</li>
</ul>
</div>
</li>
<li>
<p>Invoke <code>su</code> to execute commands as other users; for example, <code>trafodion</code>.</p>
</li>
<li>
<p>Edit <code>sysctl.conf</code> and activate changes using <code>sysctl -p</code>:</p>
<div class="ulist">
<ul>
<li>
<p>Modify kernel limits.</p>
</li>
<li>
<p>Reserve IP ports.</p>
</li>
</ul>
</div>
</li>
</ul>
</div>
</li>
</ul>
</div>
<div class="paragraph">
<p><sup>1</sup> <code>sudo</code> is <strong>required</strong> in the current release of Trafodion. This restriction may be relaxed in later releases.
Alternative mechanisms for privileged access (such as running as <code>root</code> or <code>sudo</code> alternative commands) are not supported.</p>
</div>
</div>
<div class="sect4">
<h5 id="requirements-distribution-manager-user">Distribution Manager User</h5>
<div class="paragraph">
<p>A user ID that can change the configuration using Apache Ambari or Cloudera Manager. The Trafodion Installer makes REST
request to perform configuration and control functions to the distribution manager using this user ID.</p>
</div>
<div class="paragraph">
<p><strong>Requirements</strong>:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>Administrator user name and password.</p>
</li>
<li>
<p>URL to Distribution Manager&#8217;s REST API.</p>
</li>
</ul>
</div>
</div>
<div class="sect4">
<h5 id="requirements-hdfs-administrator-user">HDFS Administrator User</h5>
<div class="paragraph">
<p>The HDFS super user. Required to create directories and change security settings, as needed.
The Trafodion Installer uses <code>su</code> to run commands under this user ID.</p>
</div>
<div class="paragraph">
<p><strong>Requirements</strong>:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>HDFS Administrator user name.</p>
</li>
<li>
<p>Write access to home directory on the node where the Distribution Manager is running.</p>
</li>
</ul>
</div>
</div>
<div class="sect4">
<h5 id="requirements-hbase-administrator-user">HBase Administrator User</h5>
<div class="paragraph">
<p>The HBase super user. Required to change directory ownership in HDFS.</p>
</div>
<div class="paragraph">
<p><strong>Requirements</strong>:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>HBase Administrator user name and group.</p>
</li>
<li>
<p>Read access to <code>hbase-site.xml</code>.</p>
</li>
</ul>
</div>
</div>
</div>
</div>
<div class="sect2">
<h3 id="requirements-required-configuration-changes">3.4. Required Configuration Changes</h3>
<div class="paragraph">
<p>Trafodion requires changes to a number of different areas of your system configuration: operating system, HDFS, and HBase.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
These changes are performed by the Trafodion Installer, if used.
</td>
</tr>
</table>
</div>
<div class="sect3">
<h4 id="requirements-operating-system-changes">3.4.1. Operating System Changes</h4>
<div class="paragraph">
<p><code>/etc/security/limits.d/trafodion.conf</code> on each node in the cluster must contain the following settings:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text"># Trafodion settings
trafodion  soft core    unlimited
trafodion  hard core    unlimited
trafodion  soft memlock unlimited
trafodion  hard memlock unlimited
trafodion  soft nofile  32768
trafodion  hard nofile  65536
trafodion  soft nproc   100000
trafodion  hard nproc   100000</code></pre>
</div>
</div>
<div style="page-break-after: always;"></div>
</div>
<div class="sect3">
<h4 id="requirements-zookeeper-changes">3.4.2. ZooKeeper Changes</h4>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
These changes require a restart of ZooKeeper on all nodes in the cluster.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Trafodion requires the following changes to <code>zoo.cfg</code>:</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 30%;">
<col style="width: 40%;">
<col style="width: 30%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Setting</th>
<th class="tableblock halign-left valign-top">New Value</th>
<th class="tableblock halign-left valign-top">Purpose</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>maxClientCnxns</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>0</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Tell ZooKeeper to impose no limit to the number of connections to enable better Trafodion concurrency.</p>
</div></div></td>
</tr>
</tbody>
</table>
</div>
<div class="sect3">
<h4 id="requirements-hdfs-changes">3.4.3. HDFS Changes</h4>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
These changes require a restart of HDFS on all nodes in the cluster.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Trafodion requires the following changes to the HDFS environment:</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 60%;">
<col style="width: 40%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Action</th>
<th class="tableblock halign-left valign-top">Purpose</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; Create <code>/hbase-staging</code> directory. <br>
  &#8226; Change owner to HBase Administrator.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; Create <code>/bulkload</code> directory. <br>
  &#8226; Change owner to <code>trafodion</code>.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Used to stage data when processing the Trafodion
<a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html#load_statement">LOAD INTO table</a>
statement and as a temporary directory to create links to actual HFile for snapshot scanning.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; Create <code>/lobs</code> directory. <br>
  &#8226; Change owner to <code>trafodion</code>.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; Create <code>/apps/hbase/data/archive</code><sup>1</sup>. <br>
  &#8226; Change owner to: <code>hbase:hbase</code> (Cloudera) or <code>hbase:hdfs</code> (Hortonworks)<br>
  &#8226; Give the <code>trafodion</code> user RWX access to <code>/apps/hbase/data/archive</code><br>
  &#8226; Set default user of <code>/apps/hbase/data/archive</code> to <code>trafodion</code><br>
  &#8226; Recursively change <code>setafcl</code> of <code>/apps/hbase/data/archive</code> to RWX</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div></div></td>
</tr>
</tbody>
</table>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>These steps are performed <strong>after</strong> HDFS ACLs have been enabled.</p>
</li>
</ol>
</div>
<div class="paragraph">
<p>The following changes are required in <code>hdfs-site.xml</code>:</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 30%;">
<col style="width: 40%;">
<col style="width: 30%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Setting</th>
<th class="tableblock halign-left valign-top">New Value</th>
<th class="tableblock halign-left valign-top">Purpose</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dfs.namenode.acls.enabled</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Enable HDFS  POSIX Access Control Lists (ACLs).</p>
</div></div></td>
</tr>
</tbody>
</table>
</div>
<div class="sect3">
<h4 id="requirements-hbase-changes">3.4.4. HBase Changes</h4>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
These changes require a restart of ZooKeeper and HBase on all nodes in the cluster.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Trafodion requires that the following changes to the HBase environment:</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 25%;">
<col style="width: 40%;">
<col style="width: 35%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Action</th>
<th class="tableblock halign-left valign-top">Affected Directories</th>
<th class="tableblock halign-left valign-top">Purpose</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Install/replace Trafodion&#8217;s version of <code>hbase-trx</code></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; <code>/usr/lib/hbase/lib/</code><br>
&#8226; <code>/usr/share/cmf/lib/plugins/</code> (Cloudera)<br>
&#8226; <code>/usr/hdp/current/hbase-regionserver/lib/</code> (Hortonworks)</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Trafodion transaction management relies on an enhanced version of <code>hbase-trx</code>.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Install/Replace Trafodion utility jar file.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>&#8226; <code>/usr/lib/hbase/lib/</code><br>
&#8226; <code>/usr/share/cmf/lib/plugins/</code> (Cloudera)<br>
&#8226; <code>/usr/hdp/current/hbase-regionserver/lib</code> (Hortonworks)</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>TODO: Add purpose here.</p>
</div></div></td>
</tr>
</tbody>
</table>
<div class="paragraph">
<p>The following changes are required in <code>hbase-site.xml</code>. Please refer to the
<a href="https://hbase.apache.org/book.html">Apache HBase&#8482; Reference Guide</a> for additional descriptions of these settings.</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 30%;">
<col style="width: 40%;">
<col style="width: 30%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Setting</th>
<th class="tableblock halign-left valign-top">New Value</th>
<th class="tableblock halign-left valign-top">Purpose</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.master.
distributed.log.splitting</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>false</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Do not use the HBase Split Log Manager. Instead, the HMaster controls all log-splitting activities.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.coprocessor.
region.classes</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop.
hbase.coprocessor.
transactional.TrxRegionObserver,
org.apache.hadoop.
hbase.coprocessor.
transactional.TrxRegionEndpoint,
org.apache.hadoop.
hbase.coprocessor.
AggregateImplementation</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Install Trafodion coprocessor classes.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.hregion.impl</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop.
hbase.regionserver.
transactional.TransactionalRegion</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Trafodion needs to be able to read the Write Ahead Log from a coprocessor using the getScanner method. This method
is protected in standard HBase. This change overloads the getScanner method to be public thereby allowing coprocessor code to use it.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.
region.split.policy</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop.
hbase.regionserver.
ConstantSizeRegionSplitPolicy</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Tell HBase to use the ConstantSizeRegionSplitPolicy for region splitting.
This setting causes region splitting to occur only when the maximum file size is reached.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot.
enabled</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Enable the HBase Snapshot feature. Used for Trafodion backup and restore.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.bulkload.
staging.dir</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase-staging</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Use <code>/hbase-staging</code> as the bulk load staging directory.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.region.
transactional.tlog</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>The HBase Regions requests that the Transaction Manager re-drives in-doubt transactions.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot.
master.timeoutMillis</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>HMaster timeout when waiting for RegionServers involved in the snapshot operation.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot.
region.timeout</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>RegionServer timeout when waiting for snapshot to be created.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.client.
scanner.timeout.period</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Time limit to perform a scan request.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.
lease.period</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Clients must report within this time limit or they are considered dead by HBase.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.namenode.
java.heapsize<sup>1</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>1073741824 (1GB)</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Java Heap Size for the HDFS NameNode.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.secondary.namenode.
java.heapsize<sup>1</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>1073741824 (1GB)</pre></div></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Java Heap Size for the HDFS Secondary NameNode.</p>
</div></div></td>
</tr>
</tbody>
</table>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>Applies to Cloudera distributions only.</p>
</li>
</ol>
</div>
</div>
</div>
<div class="sect2">
<h3 id="requirements-recommended-configuration-changes">3.5. Recommended Configuration Changes</h3>
<div class="paragraph">
<p>The following configuration changes are recommended but not required.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
The Trafodion Installer does <strong>not</strong> make these changes.
</td>
</tr>
</table>
</div>
<div class="sect3">
<h4 id="requirements-recommended-security-changes">3.5.1. Recommended Security Changes</h4>
<div class="paragraph">
<p>The <code>trafodion</code> user ID should not be given other <code>sudo</code> privileges than what&#8217;s specified in this manual. Also, we
recommend that this user ID is locked (<code>sudo passwd -l trafodion</code>) once the installation/upgrade activity has been completed.
Users that need issue commands as the <code>trafodion</code> ID should do so using <code>sudo</code>; for example, <code>sudo -u trafodion -i</code>.</p>
</div>
</div>
<div class="sect3">
<h4 id="requirements-recommended-hdfs-configuration-changes">3.5.2. Recommended HDFS Configuration Changes</h4>
<div class="paragraph">
<p>These settings are configured in the <code>hadoop-env.sh</code> file.</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 40%;">
<col style="width: 20%;">
<col style="width: 40%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Property</th>
<th class="tableblock halign-left valign-top">Recommended Setting</th>
<th class="tableblock halign-left valign-top">Guidance</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>DataNode Java Heap Size</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">2 GB</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Use this setting for a large configuration.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>NameNode Java Heap Size</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">2 GB</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Use this setting for a large configuration.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>Secondary NameNode Java Heap Size</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">2 GB</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Use this setting for a large configuration.</p>
</div></div></td>
</tr>
</tbody>
</table>
</div>
<div class="sect3">
<h4 id="requirements-recommended-hbase-configuration-changes">3.5.3. Recommended HBase Configuration Changes</h4>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 30%;">
<col style="width: 20%;">
<col style="width: 50%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Configuration Property</th>
<th class="tableblock halign-left valign-top">Recommended Setting</th>
<th class="tableblock halign-left valign-top">Guidance</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.rpc.timeout</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">10 minutes</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>This setting depends on the tables' size. Sixty (60) seconds is the default.
Increase this value for big tables. Make it the same value as <code>hbase.client.scanner.timeout.period</code>. We have found
that increasing the setting to six-hundred (600) seconds will prevent many of the timeout-related errors we encountered,
such as <code>OutOfOrderNextException</code> errors.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.client.scanner.timeout.period</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">10 minutes</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>Similar to the <code>hbase.rpc.timeout</code> setting. Sixty (60) seconds is the
default. Depending on the size of a user table, we have experienced timeout failures on count(*) and update statistics commands
from this setting. The underlying issue is the length of the execution of the coprocessor within HBase.
<br>
NOTE: HBase uses the smaller of <code>hbase.rpc.timeout</code> and <code>hbase.client.scanner.timeout.period</code> to calculate the scanner timeout.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot.master.timeoutMillis and hbase.snapshot.region.timeout</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">10 minutes</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>HBase&#8217;s default setting is 60000 milliseconds.
If you experience timeout issues with HBase snapshots when you use the Trafodion Bulk Loader or other statements,
you can set the value for these two HBase properties to 10 minutes (600,000 milliseconds).</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.hregion.max.filesize</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">107374182400 bytes</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>HBase&#8217;s default setting is 10737418240 (10 GB). We have increased the setting to
107374182400 (100 GB), which reduces the number of HStoreFiles per table and appears to reduce disruptions to active transactions from
region splitting.</p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.hstore.blockingStoreFiles</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">10</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><a href="http://gbif.blogspot.com/2012/07/optimizing-writes-in-hbase.html" class="bare">http://gbif.blogspot.com/2012/07/optimizing-writes-in-hbase.html</a></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.handler.count</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">&lt;num&gt;</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p>This setting should match the number of concurrent sessions (mxosrvr). The default is 10.</p>
</div></div></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="prepare">4. Prepare</h2>
<div class="sectionbody">
<div class="paragraph">
<p>You need to prepare your Hadoop environment before installing Trafodion.</p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p><a href="#prepare-install-optional-workstation-software">Install Optional Workstation Software</a></p>
</li>
<li>
<p><a href="#configure-installation-user-id">Configure Installation User ID</a></p>
</li>
<li>
<p><a href="#prepare-disable-requiretty">Disable requiretty</a></p>
</li>
<li>
<p><a href="#prepare-verify-os-requirements-and-recommendations">Verify OS Requirements and Recommendations</a></p>
</li>
<li>
<p><a href="#prepare-configure-ldap-identity-store">Configure LDAP Identity Store</a></p>
</li>
<li>
<p><a href="#prepare-gather-configuration-information">Gather Configuration Information</a></p>
</li>
<li>
<p><a href="#prepare-install-required-software-packages">Install Required Software Packages</a></p>
</li>
<li>
<p><a href="#prepare-perform-recipe-based-provisioning-tasks">Perform Recipe-Based Provisioning Tasks</a></p>
</li>
</ol>
</div>
<div class="sect2">
<h3 id="prepare-install-optional-workstation-software">4.1. Install Optional Workstation Software</h3>
<div class="paragraph">
<p>If you are using a Windows workstation, then the following optional software helps installation process.
We recommended that you pre-install the software before continuing with the Trafodion installation:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>putty and puttygen (download from <a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html">PuTTY web site</a>)</p>
</li>
<li>
<p>VNC client (download from <a href="http://www.realvnc.com">RealVNC web site</a>)</p>
</li>
<li>
<p>Firefox or Chrome browser</p>
</li>
<li>
<p>SFTP client to transfer files from your workstation to the Linux server: WinSCP or FileZilla</p>
</li>
</ul>
</div>
</div>
<div class="sect2">
<h3 id="configure-installation-user-id">4.2. Configure Installation User ID</h3>
<div class="paragraph">
<p>Trafodion installation requires a user ID with these attributes:</p>
</div>
<div class="ulist">
<ul>
<li>
<p><code>sudo</code> access per the requirements documented in <a href="#requirements-linux-installation-user">Linux Installation User</a>.</p>
</li>
<li>
<p>passwordless ssh to all nodes on the cluster where Trafodion will be installed.</p>
</li>
</ul>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
You may need to request permission from your cluster-management team to obtain this type of access.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>The following example shows how to set up your user ID to have "passwordless ssh" abilities.</p>
</div>
<div class="paragraph">
<p>Do the following on the Provision Master Node:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">echo -e 'y\n' | ssh-keygen -t rsa -N &quot;&quot; -f $HOME/.ssh/id_rsa
cat $HOME/.ssh/id_rsa.pub &gt;&gt; $HOME/.ssh/authorized_keys
echo localhost $(cat /etc/ssh/ssh_host_rsa_key.pub) &gt;&gt; $HOME/.ssh/known_hosts
echo &quot;NoHostAuthenticationForLocalhost=yes&quot; &gt;&gt; $HOME/.ssh/config
chmod 600 $HOME/.ssh/config
chmod 600 $HOME/.ssh/authorized_keys
chmod 700 $HOME/.ssh/</code></pre>
</div>
</div>
<div class="paragraph">
<p>After running these commands, do the following:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>If necessary, create the <code>$HOME/.ssh</code> directory on the other nodes in your cluster and secure it private to yourself (<code>chmod 700</code>).</p>
</li>
<li>
<p>If necessary, create the <code>$HOME/.ssh/authorized_keys</code> file on the other nodes in your cluster. Secure it with <code>chmod 600 $HOME/.ssh/authorized_keys</code>.</p>
</li>
<li>
<p>Copy the content of the <code>$HOME/.ssh/authorized_keys</code> file on the Provisioning Master Node and append the to the
<code>$HOME/.ssh/authorized_keys</code> file on the other nodes in your cluster.</p>
</li>
<li>
<p><code>ssh</code> to the other nodes in the cluster. Answer <code>y</code> to the prompt asking you whether to continue the connection.
This adds the node to the <code>$HOME/.ssh/known_hosts</code> file completing the passwordless ssh setup.</p>
</li>
</ul>
</div>
</div>
<div class="sect2">
<h3 id="prepare-disable-requiretty">4.3. Disable requiretty</h3>
<div class="paragraph">
<p>You need to disable <code>requiretty</code> in <code>/etc/sudoers</code> on all nodes in the cluster
to ensure that <code>sudo</code> commands can be run from inside the installation scripts.</p>
</div>
<div class="paragraph">
<p>Comment out the <code>Defaults requiretty</code> setting in the <code>/etc/sudoers</code> file to
ensure that the <code>requiretty</code> option is NOT being used.</p>
</div>
</div>
<div class="sect2">
<h3 id="prepare-verify-os-requirements-and-recommendations">4.4. Verify OS Requirements and Recommendations</h3>
<div class="paragraph">
<p>Please ensure that the <a href="#requirements-os-requirements-and-recommendations">OS Requirements and Recommendations</a>
are met for each node in the cluster where you intend to install Trafodion.</p>
</div>
<div style="page-break-after: always;"></div>
</div>
<div class="sect2">
<h3 id="prepare-configure-ldap-identity-store">4.5. Configure LDAP Identity Store</h3>
<div class="paragraph">
<p>If you plan to enable security in Trafodion, then you need to have an LDAP identity store available to perform authentication.
The Trafodion Installer prompts you to set up an authentication configuration file that points to an LDAP server (or servers),
which enables security (that is, authentication and authorization) in the Trafodion database.</p>
</div>
<div class="paragraph">
<p>If you wish to manually set up the authentication configuration file and enable security, then refer to the section on
<a href="#enable-security">Enable Security</a>.</p>
</div>
</div>
<div class="sect2">
<h3 id="prepare-gather-configuration-information">4.6. Gather Configuration Information</h3>
<div class="paragraph">
<p>You need to gather/decide information about your environment to aid installation Trafodion, both for the Trafodion Installer
and for recipe-based provisioning. (Listed in alphabetical order to make it easier to find information when referenced in the install and upgrade instructions.)</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 25%;">
<col style="width: 25%;">
<col style="width: 15%;">
<col style="width: 35%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">ID<sup>1</sup></th>
<th class="tableblock halign-left valign-top">Information</th>
<th class="tableblock halign-left valign-top">Default</th>
<th class="tableblock halign-left valign-top">Notes</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>ADMIN</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Administrator user name for Apache Ambari or Cloudera Manager.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>admin</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">A user that can change configuration and restart services via the
distribution manager&#8217;s REST API.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>BACKUP_DCS_NODES</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">List of nodes where to start the backup DCS Master components.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Blank separated FQDN list. Not needed if $ENABLE_HA = N.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>CLOUD_CONFIG</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether you&#8217;re installing Trafodion on a cloud environment.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">N = bare-metal or VM installation.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>CLOUD_TYPE</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">What type of cloud environment you&#8217;re installing Trafodion on.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">{ AWS | OpenStack | Other }. Not applicable for bare-metal or VM installation.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>CLUSTER_NAME</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The name of the Hadoop Cluster.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">From Apache Ambari or Cloudera Manager.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_BUILD</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Tar file containing the DCS component.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Not needed if using a Trafodion package installation tar file.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_PRIMARY_MASTER_NODE</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The node where the primary DCS should run.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The DCS Master handles JDBC and ODBC connection requests.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_SERVER_PARM</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Number of concurrent client sessions per node.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>16</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">This number specifies the concurrent sessions per node to be supported. Each session could require up to 1GB of physical memory. The number can be changed post-installation. For more information,
refer to the <a href="http://trafodion.incubator.apache.org/docs/client_install/index.html">Trafodion Client Installation Guide</a>.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>ENABLE_HA</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether to run DCS in high-availability (HA) mode.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">You need the floating IP address, the interface, and the backup nodes for DCS Master if enabling this feature.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>EPEL_RPM</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Location of EPEL RPM.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Specify if you don&#8217;t have access to the Internet.
Downloaded automatically by the Trafodion Installer.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>FLOATING_IP</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">IP address if running DCS in HA mode.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Not needed if $ENABLE_HA = N. An FQDN name or IP address.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>HADOOP_TYPE</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The type of Hadoop distribution you&#8217;re installing Trafodion on.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Lowercase. cloudera or hadoop.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>HBASE_GROUP</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Linux group name for the HBASE administrative user.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Required in order to provide access to select HDFS directories to this user ID.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>HBASE_USER</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Linux user name for the HBASE administrative user.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Required in order to provide access to select HDFS directories to this user ID.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>HDFS_USER</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Linux user name for the HDFS administrative user.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hdfs</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The Trafodion Installer uses <code>sudo su</code> to make HDFS
configuration changes under this user.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>HOME_DIR</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Root directory under which the <code>trafodion</code> home directory should be created.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>/home</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Example</strong><br>
<br>
If the home directory of the <code>trafodion</code> user is
<code>/opt/home/trafodion</code>, then specify the root directory as <code>/opt/home</code>.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>INIT_TRAFODION</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether to automatically initialize the Trafodion database.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Does not apply to Recipe-Based Provisioning. Applies if $START=Y only.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>INTERFACE</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Interface type used for $FLOATING_IP.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Not needed if $ENABLE_HA = N.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>JAVA_HOME</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Location of Java 1.7.0_65 or higher (JDK).</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>$JAVA_HOME setting</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Fully qualified path of the JDK. For example:
<code>/usr/java/jdk1.7.0_67-cloudera</code></p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_CERT<sup>2</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Full path to TLS certificate.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Required of $LDAP_LEVEL = 1 or 2.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_HOSTS<sup>2</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">List of nodes where LDAP Identity Store servers are running.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Blank separated. FQDN format.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_ID<sup>2</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">List of LDAP unique identifiers.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Blank separated.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_LEVEL<sup>2</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">LDAP Encryption Level.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>0</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">0: Encryption not used, 1: SSL, 2: TLS</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_PASSWORD<sup>2</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Password for LDAP_USER.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">If LDAP_USER is required only.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_PORT<sup>2</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Port used to communicate with LDAP Identity Store.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Examples: 389 for no encryption or TLS, 636 for SSL.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_SECURITY<sup>2</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether to enable simple LDAP authentication.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">If Y, then you need to provide LDAP_HOSTS.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_USER<sup>2</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">LDAP Search user name.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">If required. If so, must provide LDAP_PASSWORD, too.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LOCAL_WORKDIR</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The directory where the Trafodion Installer is located.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Full path, no environmental variables.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>MANAGEMENT_ENABLED</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether your installation uses separate management nodes.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Y if using separate management nodes for Apache Ambari or Cloudera Manager.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>MANAGEMENT_NODES</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The FQDN names of management nodes, if any.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Provide a blank-separated list of node names.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>NODE_LIST</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The FQDN names of the nodes where Trafodion will be installed.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Provide a blank-separated list of node names. The Trafodion
Provisioning ID must have passwordless and <code>sudo</code> access to these nodes.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>PASSWORD</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Administrator password for Apache Ambari or Cloudera Manager.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>admin</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">A user that can change configuration and restart services via the
distribution manager&#8217;s REST API.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>REST_BUILD</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Tar file containing the REST component.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Not needed if using a Trafodion package installation tar file.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>SQ_ROOT</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Target directory for the Trafodion software.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>$HOME_DIR/trafodion</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Trafodion is installed in this directory on all nodes in <code>$NODE_LIST</code>.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>START</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether to start Trafodion after install/upgrade.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Does not apply to Recipe-Based Provisioning.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>SUSE_LINUX</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Whether your installing Trafodion on SUSE Linux.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>false</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Auto-detected by the Trafodion Installer.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_PACKAGE</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The location of the Trafodion installation package tar file or core installation tar file.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The package file contains the Trafodion server,
DCS, and REST software while the core installation file contains the Trafodion server software only. If you&#8217;re using a core installation file, then you need to
record the location of the DCS and REST installation tar files, too. Normally, you perform Trafodion provisioning using a Trafodion package installation tar file.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_USER</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The Trafodion runtime user ID.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>trafodion</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Must be <code>trafodion</code> in this release.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_USER_PASSWORD</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The password used for the <code>trafodion:trafodion</code> user ID.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>traf123</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Must be 6-8 characters long.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>URL</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">FQDN and port for the Distribution Manager&#8217;s REST API.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Include <code>http://</code> or <code>https://</code> as applicable. Specify in the form:
<code>&lt;IP-address&gt;:&lt;port&gt;</code> or <code>&lt;node name&gt;:&lt;port&gt;</code> Example: <code><a href="https://susevm-1.yourcompany.local:8080" class="bare">https://susevm-1.yourcompany.local:8080</a></code></p></td>
</tr>
</tbody>
</table>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>The ID matches the environmental variables used in the Trafodion Installation configuration file. Refer to <a href="#install-trafodion-installer">Trafodion Installer</a>
for more information.</p>
</li>
<li>
<p>Refer to <a href="#enable-security">Enable Security</a> for more information about these security settings.</p>
</li>
</ol>
</div>
<div style="page-break-after: always;"></div>
</div>
<div class="sect2">
<h3 id="prepare-install-required-software-packages">4.7. Install Required Software Packages</h3>
<div class="sect3">
<h4 id="prepare-download-and-install-packages">4.7.1. Download and Install Packages</h4>
<div class="paragraph">
<p>This step is required if you&#8217;re:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>Installing Trafodion on SUSE.</p>
</li>
<li>
<p>Using Recipe-Based Provisioning.</p>
</li>
<li>
<p>Can&#8217;t download the required software packages using the Internet.</p>
</li>
</ul>
</div>
<div class="paragraph">
<p>If none of these situations exist, then we highly recommend that you use the Trafodion Installer.</p>
</div>
<div class="paragraph">
<p>You perform this step as a user with <code>root</code> or <code>sudo</code> access.</p>
</div>
<div class="paragraph">
<p>Install the packages listed in <a href="#requirements-software-packages">Software Packages</a> above on all nodes in the cluster. Note the special
handling for <code>log4c&#43;&#43;</code>. See <a href="#prepare-install-log4cplusplus">Install log4c++</a> below for more information.</p>
</div>
<div style="page-break-after: always;"></div>
</div>
<div class="sect3">
<h4 id="prepare-install-log4cplusplus">4.7.2. Install log4c++</h4>
<div class="paragraph">
<p>You perform this step as a user with <code>root</code> or <code>sudo</code> access.</p>
</div>
<div class="paragraph">
<p>This step is required regardless of the <a href="#introduction-provisioning-options">Provisioning Options</a> used.</p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>Download the log4c&#43;&#43; RPM from the Trafodion <a href="http://trafodion.incubator.apache.org/download.html">Download</a> page.</p>
</li>
<li>
<p>Copy and Install the log4c&#43;&#43; RPM on All Nodes</p>
<div class="paragraph">
<p>Use either <code>rpm -U</code> or <code>yum install</code>.</p>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text"># Repeat for all nodes in the cluster from the Provisioning Master Node
scp log4cxx-0.10.0-13.el6.x86_64.rpm &lt;other-node&gt;:$PWD

ssh &lt;other-node&gt;
sudo yum -y install log4cxx-0.10.0-13.el6.x86_64.rpm
exit</code></pre>
</div>
</div>
<div style="page-break-after: always;"></div>
</li>
<li>
<p>Verify RPM Installation on Every Node</p>
<div class="paragraph">
<p>Use the following command to verify that <code>log4c&#43;&#43;</code> has been installed on every node in the cluster.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text"># Repeat for all nodes in the cluster
sudo rpm -qa | grep log4cxx
log4cxx-0.10.0-13.el6.x86_64</code></pre>
</div>
</div>
</li>
</ol>
</div>
</div>
</div>
<div class="sect2">
<h3 id="prepare-download-trafodion-binaries">4.8. Download Trafodion Binaries</h3>
<div class="paragraph">
<p>You download the Trafodion binaries from the Trafodion <a href="http://trafodion.incubator.apache.org/download.html">Download</a> page.
Download the following packages:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>Trafodion Installer (if planning to use the Trafodion Installer)</p>
</li>
<li>
<p>Trafodion Server</p>
</li>
</ul>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
You can download and install the Trafodion Clients once you&#8217;ve installed and activated Trafodion. Refer to the
<a href="http://trafodion.incubator.apache.org/docs/client_install/index.html">Trafodion Client Install Guide</a> for instructions.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="paragraph">
<p><a href="http://apache.cs.utah.edu/incubator/celix/celix-1.0.0.incubating/celix-1.0.0.incubating.tar.gz" class="bare">http://apache.cs.utah.edu/incubator/celix/celix-1.0.0.incubating/celix-1.0.0.incubating.tar.gz</a></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ mkdir $HOME/trafodion-download
$ cd $HOME/trafodion-download
$ # Download the Trafodion Installer binaries
$ wget http://apache.cs.utah.edu/incubator/trafodion/trafodion-1.3.0.incubating/apache-trafodion-installer-1.3.0-incubating-bin.tar.gz
Resolving http://apache.cs.utah.edu... 192.168.1.56
Connecting to http://apache.cs.utah.edu|192.168.1.56|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 68813 (67K) [application/x-gzip]
Saving to: &quot;apache-trafodion-installer-1.3.0-incubating-bin.tar.gz&quot;

100%[=====================================================================================================================&gt;] 68,813       124K/s   in 0.5s

2016-02-14 04:19:42 (124 KB/s) - &quot;apache-trafodion-installer-1.3.0-incubating-bin.tar.gz&quot; saved [68813/68813]</code></pre>
</div>
</div>
<div style="page-break-after: always;"></div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ # Download the Trafodion Server binaries
$ wget http://apache.cs.utah.edu/incubator/trafodion/trafodion-1.3.0.incubating/apache-trafodion-1.3.0-incubating-bin.tar.gz
Resolving http://apache.cs.utah.edu... 192.168.1.56
Connecting to http://apache.cs.utah.edu|192.168.1.56|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 214508243 (205M) [application/x-gzip]
Saving to: &quot;apache-trafodion-1.3.0-incubating-bin.tar.gz&quot;

100%[=====================================================================================================================&gt;] 214,508,243 3.90M/s   in 55s

2016-02-14 04:22:14 (3.72 MB/s) - &quot;apache-trafodion-1.3.0-incubating-bin.tar.gz&quot; saved [214508243/214508243]

$ ls -l
total 209552
-rw-rw-r-- 1 centos centos 214508243 Jan 12 20:10 apache-trafodion-1.3.0-incubating-bin.tar.gz
-rw-rw-r-- 1 centos centos     68813 Jan 12 20:10 apache-trafodion-installer-1.3.0-incubating-bin.tar.gz
$</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="prepare-preparation-for-recipe-based-provisioning">4.9. Preparation for Recipe-Based Provisioning</h3>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
This step should be skipped if you plan to use the Trafodion Installer
</td>
</tr>
</table>
</div>
<div class="sect3">
<h4 id="prepare-modify-os-settings">4.9.1. Modify OS Settings</h4>
<div class="paragraph">
<p>Ensure that the <code>/etc/security/limits.d/trafodion.conf</code> on each node contains the limits settings required by Trafodion.
Refer to <a href="#requirements-operating-system-changes">Operating System Changes</a> for the required settings.</p>
</div>
</div>
<div class="sect3">
<h4 id="prepare-modify-zookeeper-configuration">4.9.2. Modify ZooKeeper Configuration</h4>
<div class="paragraph">
<p>Do the following:</p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>Modify the ZooKeeper configuration as follows:</p>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 40%;">
<col style="width: 60%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Attribute</th>
<th class="tableblock halign-left valign-top">Setting</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>maxClientCnxns</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>0</pre></div></td>
</tr>
</tbody>
</table>
</li>
<li>
<p>Restart ZooKeeper to activate the new configuration setting.</p>
</li>
</ol>
</div>
</div>
<div class="sect3">
<h4 id="prepare-modify-hdfs-configuration">4.9.3. Modify HDFS Configuration</h4>
<div class="paragraph">
<p>Do the following:</p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>Modify the HDFS configuration as follows:</p>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 40%;">
<col style="width: 60%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Attribute</th>
<th class="tableblock halign-left valign-top">Setting</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dfs.namenode.acls.enabled</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td>
</tr>
</tbody>
</table>
</li>
<li>
<p>Restart HDFS to activate the new configuration setting.</p>
</li>
</ol>
</div>
</div>
<div class="sect3">
<h4 id="prepare-modify-hbase-configuration">4.9.4. Modify HBase Configuration</h4>
<div class="paragraph">
<p>Do the following:</p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>Modify the HBase configuration as follows:</p>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 40%;">
<col style="width: 60%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Attribute</th>
<th class="tableblock halign-left valign-top">Setting</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.master.distributed.log.splitting</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>false</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.coprocessor.region.classes</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop.hbase.coprocessor.transactional.TrxRegionObserver,org.apache.hadoop.hbase.coprocessor.transactional.TrxRegionEndpoint,
org.apache.hadoop.hbase.coprocessor.AggregateImplementation</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.hregion.impl</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop.hbase.regionserver.transactional.TransactionalRegion</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.region.split.policy</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop.hbase.regionserver.ConstantSizeRegionSplitPolicy</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot.enabled</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.bulkload.staging.dir</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase-staging</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.region.transactional.tlog</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot.master.timeoutMillis</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot.region.timeout</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.client.scanner.timeout.period</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.lease.period</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.namenode.java.heapsize<sup>a</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>1073741824</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.secondary.namenode.java.heapsize<sup>a</sup></pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>1073741824</pre></div></td>
</tr>
</tbody>
</table>
<div class="paragraph">
<p>a) Applies to Cloudera distributions only.</p>
</div>
</li>
<li>
<p>Restart HBase to activate the new configuration setting.</p>
</li>
</ol>
</div>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="install">5. Install</h2>
<div class="sectionbody">
<div class="paragraph">
<p>This chapter describes how to use the Trafodion Installer to install Trafodion. You use the Trafodion Provisioning ID
to run the Trafodion Installer.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
Prior to version 2.0.0, you <strong>must</strong> install log4c&#43;&#43; on all nodes in the cluster prior to running the Trafodion Installer. Refer
to <a href="#prepare-build-and-install-log4cplusplus">Build and Install log4c++</a> for instructions.
</td>
</tr>
</table>
</div>
<div class="sect2">
<h3 id="install-unpack-installer">5.1. Unpack Installer</h3>
<div class="paragraph">
<p>You should already have downloaded the Trafodion Binaries per the instructions in the
<a href="#prepare-download-trafodion-binaries">Download Trafodion Binaries</a> in the <a href="#prepare">Prepare</a>
chapter. If not, please do so now.</p>
</div>
<div class="paragraph">
<p>The first step in the installation process is to unpack the Trafodion Installer tar file.</p>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ mkdir $HOME/trafodion-installer
$ cd $HOME/trafodion-downloads
$ tar -zxf apache-trafodion-installer-1.3.0-incubating-bin.tar.gz -C $HOME/trafodion-installer
$ ls $HOME/trafodion-installer/installer
bashrc_default           tools                             traf_config_check           trafodion_apache_hadoop_install  traf_package_setup
build-version-1.3.0.txt  traf_add_user                     traf_config_setup           trafodion_config_default         traf_setup
dcs_installer            traf_apache_hadoop_config_setup   traf_create_systemdefaults  trafodion_install                traf_sqconfig
rest_installer           traf_authentication_conf_default  traf_getHadoopNodes         trafodion_license                traf_start
setup_known_hosts.exp    traf_cloudera_mods98              traf_hortonworks_mods98     trafodion_uninstaller
$</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="install-automated-install">5.2. Automated Install</h3>
<div class="paragraph">
<p>The <code>--config_file</code> option runs the Trafodion in Automated Setup mode. Refer to <a href="#introduction-trafodion-installer">Trafodion Installer</a>
in the <a href="#introduction">Introduction</a> chapter for instructions of how you edit your configuration file.</p>
</div>
<div class="paragraph">
<p>Edit your config file using the information you collected in the <a href="#prepare-gather-configuration-information">Gather Configuration Information</a>
step in the <a href="#prepare">Prepare</a> chapter.</p>
</div>
<div class="paragraph">
<p>The following example shows an automated install of Trafodion on a two-node Hortonworks Hadoop cluster.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
By default, the Trafodion Installer invokes <code>sqlci</code> so that you can enter the <code>initialize trafodion;</code> command.
This is shown in the example below.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>Run the Trafodion Installer in Automated Setup mode.</p>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ cd $HOME/trafodion-installer/installer
$ ./trafodion_install --config_file my
******************************
 TRAFODION INSTALLATION START
******************************

***INFO: testing sudo access
***INFO: Log file located at /var/log/trafodion/trafodion_install_2016-02-16-21-12-03.log
***INFO: Config directory: /etc/trafodion
***INFO: Working directory: /usr/lib/trafodion

************************************
 Trafodion Configuration File Check
************************************


***INFO: Testing sudo access on node trafodion-1
***INFO: Testing sudo access on node trafodion-2
***INFO: Testing ssh on trafodion-1
***INFO: Testing ssh on trafodion-2
***INFO: Getting list of all hortonworks nodes
***INFO: Getting list of all hortonworks nodes
***INFO: hortonworks list of nodes:  trafodion-1 trafodion-2
***INFO: Testing ssh on trafodion-1
***INFO: Testing ssh on trafodion-2
***INFO: Testing sudo access on trafodion-1
***INFO: Testing sudo access on trafodion-2
***DEBUG: trafodionFullName=trafodion_server-1.3.0.tgz
***INFO: Trafodion version = 1.3.0
***DEBUG: HBase's java_exec=/usr/jdk64/jdk1.7.0_67/bin/java

******************************
 TRAFODION SETUP
******************************

***INFO: Starting Trafodion environment setup (2016-02-16-21-12-31)
=== 2016-02-16-21-12-31 ===
# @@@ START COPYRIGHT @@@
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# &quot;License&quot;); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
.
.
.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer, and
charge a fee for, acceptance of support, warranty, indemnity, or
other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify, defend,
and hold each Contributor harmless for any liability incurred by,
or claims asserted against, such Contributor by reason of your
accepting any such warranty or additional liability.

END OF TERMS AND CONDITIONS

BY TYPING &quot;ACCEPT&quot; YOU AGREE TO THE TERMS OF THIS AGREEMENT: ***INFO: testing sudo access
***INFO: Checking all nodes in specified node list
trafodion-1
trafodion-2
***INFO: Total number of nodes = 2
***INFO: Starting Trafodion Package Setup (2016-02-16-21-12-35)
***INFO: Installing required packages
***INFO: Log file located in /var/log/trafodion
***INFO: ... EPEL rpm
***INFO: ... pdsh on node trafodion-1
***INFO: ... pdsh on node trafodion-2
***INFO: Checking if log4cxx is installed ...
***INFO: Checking if sqlite is installed ...
***INFO: Checking if expect is installed ...
.
.
.
***INFO: trafodion user added successfully
***INFO: Trafodion environment setup completed
***INFO: creating sqconfig file
***INFO: Reserving DCS ports

******************************
 TRAFODION MODS
******************************

***INFO: Hortonworks installed will run traf_hortonworks_mods98
***INFO: Detected JAVA version 1.7
***INFO: copying hbase-trx-hdp2_2-1.3.0.jar to all nodes
PORT=:8080
########## Performing 'set' hbase.master.distributed.log.splitting:false on (Site:hbase-site, Tag:version1)
########## PUTting json into: doSet_version1455657199513777160.json
.
.
.
Starting the REST environment now
starting rest, logging to /home/trafodion/apache-trafodion-1.3.0-incubating-bin/rest-1.3.0/bin/../logs/rest-trafodion-1-rest-trafodion-1.out
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/home/trafodion/apache-trafodion-1.3.0-incubating-bin/rest-1.3.0/lib/slf4j-log4j12-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/usr/hdp/2.2.9.0-3393/hadoop/lib/slf4j-log4j12-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
SLF4J: Actual binding is of type [org.slf4j.impl.Log4jLoggerFactory]


DcsMaster is not started. Please start DCS using 'dcsstart' command...

Process         Configured      Actual          Down
---------       ----------      ------          ----
DcsMaster       1               0               1
DcsServer       2               0               2
mxosrvr         8               8


You can monitor the SQ shell log file : /home/trafodion/apache-trafodion-1.3.0-incubating-bin/logs/sqmon.log


Startup time  0 hour(s) 1 minute(s) 9 second(s)
Apache Trafodion Conversational Interface 1.3.0
Copyright (c) 2015 Apache Software Foundation
&gt;&gt; initialize trafodion;
--- SQL operation complete.
&gt;&gt;

End of MXCI Session

***INFO: Installation completed successfully.

*********************************
 TRAFODION INSTALLATION COMPLETE
*********************************

$</code></pre>
</div>
</div>
</li>
<li>
<p>Switch to the Trafodion Runtime User and check the status of Trafodion.</p>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ sudo su - trafodion
$ sqcheck
Checking if processes are up.
Checking attempt: 1; user specified max: 2. Execution time in seconds: 0.

The SQ environment is up!


Process         Configured      Actual      Down
-------         ----------      ------      ----
DTM             2               2
RMS             4               4
MXOSRVR         8               8

$</code></pre>
</div>
</div>
</li>
</ol>
</div>
<div class="paragraph">
<p>Trafodion is now running on your Hadoop cluster. Please refer to the <a href="#activate">Activate</a> chapter for
basic instructions on how to verify the Trafodion management and how to perform basic management
operations.</p>
</div>
</div>
<div class="sect2">
<h3 id="install-guided-install">5.3. Guided Install</h3>
<div class="paragraph">
<p>The Trafodion Installer prompts you for the information you collected in the
<a href="#prepare-gather-configuration-information">Gather Configuration Information</a> step in the <a href="#prepare">Prepare</a> chapter.</p>
</div>
<div class="paragraph">
<p>The following example shows a guided install of Trafodion on a two-node Cloudera Hadoop cluster.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
By default, the Trafodion Installer invokes <code>sqlci</code> so that you can enter the <code>initialize trafodion;</code> command.
This is shown in the example below.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>Run the Trafodion Installer in guided mode.</p>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ cd $HOME/trafodion-installer/installer
$ ./trafodion_install

******************************
 TRAFODION INSTALLATION START
******************************

***INFO: testing sudo access
***INFO: Log file located at /var/log/trafodion/trafodion_install_2016-02-15-04-45-30.log
***INFO: Config directory: /etc/trafodion
***INFO: Working directory: /usr/lib/trafodion

*******************************
 Trafodion Configuration Setup
*******************************

***INFO: Please press [Enter] to select defaults.

Enter trafodion password, default is [traf123]: traf123
Enter list of nodes (blank separated), default []: trafodion-1 trafodion-2
Enter Trafodion userid's home directory prefix, default is [/home]: /home
Specify full path to EPEL RPM (including .rpm), default is None:
***INFO: Will attempt to download RPM if EPEL is not installed on all nodes.
Specify location of Java 1.7.0_65 or higher (JDK), default is []: /usr/java/jdk1.7.0_67-cloudera
Enter full path (including .tar or .tar.gz) of trafodion tar file []: /home/centos/trafodion-download/apache-trafodion-1.3.0-incubating-bin.tar.gz
Enter Hadoop admin username, default is [admin]:
Enter Hadoop admin password, default is [admin]:
Enter Hadoop external network URL:port (no 'http://' needed), default is []: trafodion-1.apache.org:7180
Enter HDFS username, default is [hdfs]:
Enter HBase username, default is [hbase]:
Enter HBase group, default is [hbase]:
Enter directory to install trafodion to, default is [/home/trafodion/apache-trafodion-1.3.0-incubating-bin]:
Total number of client connections per node, default [16]: 8
Enable simple LDAP security (Y/N), default is N: N
***INFO: Configuration file: /etc/trafodion/trafodion_config
***INFO: Trafodion configuration setup complete

************************************
 Trafodion Configuration File Check
************************************


The authenticity of host 'trafodion-1 (10.1.30.71)' can't be established.
RSA key fingerprint is 83:96:d4:5e:c1:b8:b1:62:8d:c6:78:a7:7f:1f:6a:d7.
Are you sure you want to continue connecting (yes/no)? yes
***INFO: Testing sudo access on node trafodion-1
***INFO: Testing sudo access on node trafodion-2
***INFO: Testing ssh on trafodion-1
***INFO: Testing ssh on trafodion-2
***INFO: Getting list of all cloudera nodes
***INFO: Getting list of all cloudera nodes
***INFO: cloudera list of nodes:  trafodion-1 trafodion-2
***INFO: Testing ssh on trafodion-1
***INFO: Testing ssh on trafodion-2
***INFO: Testing sudo access on trafodion-1
***INFO: Testing sudo access on trafodion-2
***DEBUG: trafodionFullName=trafodion_server-1.3.0.tgz
***INFO: Trafodion version = 1.3.0
***DEBUG: HBase's java_exec=/usr/java/jdk1.7.0_67-cloudera/bin/java

******************************
 TRAFODION SETUP
******************************

***INFO: Starting Trafodion environment setup (2016-02-15-07-09-58)
=== 2016-02-15-07-09-58 ===
# @@@ START COPYRIGHT @@@
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# &quot;License&quot;); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
#
.
.
.
and hold each Contributor harmless for any liability incurred by,
or claims asserted against, such Contributor by reason of your
accepting any such warranty or additional liability.

END OF TERMS AND CONDITIONS

BY TYPING &quot;ACCEPT&quot; YOU AGREE TO THE TERMS OF THIS AGREEMENT:ACCEPT
***INFO: testing sudo access
***INFO: Checking all nodes in specified node list
trafodion-1
trafodion-2
***INFO: Total number of nodes = 2
***INFO: Starting Trafodion Package Setup (2016-02-15-07-11-09)
***INFO: Installing required packages
***INFO: Log file located in /var/log/trafodion
***INFO: ... pdsh on node trafodion-1
***INFO: ... pdsh on node trafodion-2
***INFO: Checking if log4cxx is installed ...
***INFO: Checking if sqlite is installed ...
***INFO: Checking if expect is installed ...
***INFO: Installing expect on all nodes
.
.
.
***INFO: modifying limits in /usr/lib/trafodion/trafodion.conf on all nodes
***INFO: create Trafodion userid &quot;trafodion&quot;
***INFO: Trafodion userid's (trafodion) home directory: /home/trafodion
***INFO: testing sudo access
Generating public/private rsa key pair.
Created directory '/home/trafodion/.ssh'.
Your identification has been saved in /home/trafodion/.ssh/id_rsa.
Your public key has been saved in /home/trafodion/.ssh/id_rsa.pub.
The key fingerprint is:
4b:b3:60:38:c9:9d:19:f8:cd:b1:c8:cd:2a:6e:4e:d0 trafodion@trafodion-1
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|     .           |
|    . . .        |
|   o * X o       |
|  . E X S        |
|   . o + +       |
|    o . o        |
|   o..           |
|   oo            |
+-----------------+
***INFO: creating .bashrc file
***INFO: Setting up userid trafodion on all other nodes in cluster
***INFO: Creating known_hosts file for all nodes
trafodion-1
trafodion-2
***INFO: trafodion user added successfully
***INFO: Trafodion environment setup completed
***INFO: creating sqconfig file
***INFO: Reserving DCS ports

******************************
 TRAFODION MODS
******************************

***INFO: Cloudera installed will run traf_cloudera_mods98
***INFO: Detected JAVA version 1.7
***INFO: copying hbase-trx-cdh5_3-1.3.0.jar to all nodes
***INFO: Cloudera Manager is on trafodion-1
***INFO: Detected JAVA version 1.7
***INFO: copying hbase-trx-cdh5_3-1.3.0.jar to all nodes
***INFO: Cloudera Manager is on trafodion-1
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
.
.
.
***INFO: Hadoop restart completed successfully
***INFO: waiting for HDFS to exit safemode
Safe mode is OFF
***INFO: Setting HDFS ACLs for snapshot scan support
***INFO: Trafodion Mods ran successfully.

******************************
 TRAFODION START
******************************

/usr/lib/trafodion/installer/..
***INFO: Log file location /var/log/trafodion/trafodion_install_2016-02-15-07-08-07.log
***INFO: traf_start
******************************************
******************************************
******************************************
******************************************
/home/trafodion/apache-trafodion-1.3.0-incubating-bin
***INFO: untarring build file /usr/lib/trafodion/apache-trafodion-1.3.0-incubating-bin/trafodion_server-1.3.0.tgz to /home/trafodion/apache-trafodion-1.3.0-incubating-bin
.
.
.
******* Generate public/private certificates *******

 Cluster Name : Cluster%201
Generating Self Signed Certificate....
***********************************************************
 Certificate file :server.crt
 Private key file :server.key
 Certificate/Private key created in directory :/home/trafodion/sqcert
***********************************************************

***********************************************************
 Updating Authentication Configuration
***********************************************************
Creating folders for storing certificates

***INFO: copying /home/trafodion/sqcert directory to all nodes
***INFO: copying install to all nodes
***INFO: starting Trafodion instance
Checking orphan processes.
Removing old mpijob* files from /home/trafodion/apache-trafodion-1.3.0-incubating-bin/tmp

Removing old monitor.port* files from /home/trafodion/apache-trafodion-1.3.0-incubating-bin/tmp

Executing sqipcrm (output to sqipcrm.out)
Starting the SQ Environment (Executing /home/trafodion/apache-trafodion-1.3.0-incubating-bin/sql/scripts/gomon.cold)
Background SQ Startup job (pid: 7276)
.
.
.
Zookeeper is listening on port 2181
DcsMaster is listening on port 23400

Process         Configured      Actual          Down
---------       ----------      ------          ----
DcsMaster       1               1
DcsServer       2               2
mxosrvr         8               8


You can monitor the SQ shell log file : /home/trafodion/apache-trafodion-1.3.0-incubating-bin/logs/sqmon.log


Startup time  0 hour(s) 1 minute(s) 9 second(s)
Apache Trafodion Conversational Interface 1.3.0
Copyright (c) 2015 Apache Software Foundation
&gt;&gt; initialize trafodion;
--- SQL operation complete.
&gt;&gt;

End of MXCI Session

***INFO: Installation completed successfully.

*********************************
 TRAFODION INSTALLATION COMPLETE
*********************************

$</code></pre>
</div>
</div>
</li>
<li>
<p>Switch to the Trafodion Runtime User and check the status of Trafodion.</p>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ sudo su - trafodion
$ sqcheck
Checking if processes are up.
Checking attempt: 1; user specified max: 2. Execution time in seconds: 0.

The SQ environment is up!


Process         Configured      Actual      Down
-------         ----------      ------      ----
DTM             2               2
RMS             4               4
MXOSRVR         8               8

$</code></pre>
</div>
</div>
</li>
</ol>
</div>
<div class="paragraph">
<p>Trafodion is now running on your Hadoop cluster. Please refer to the <a href="#activate">Activate</a> chapter for
basic instructions on how to verify the Trafodion management and how to perform basic management
operations.</p>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="upgrade">6. Upgrade</h2>
<div class="sectionbody">
<div class="paragraph">
<p>This chapter describes how to use the Trafodion Installer to upgrade Trafodion. You use the Trafodion Provisioning ID
to run the Trafodion Installer.</p>
</div>
<div class="sect2">
<h3 id="upgraded-download-updated-trafodion-binaries">6.1. Download Updated Trafodion Binaries</h3>
<div class="paragraph">
<p>You perform this step as the Trafodion Provisioning User.</p>
</div>
<div class="paragraph">
<p>You download the updated Trafodion binaries from the Trafodion <a href="http://trafodion.incubator.apache.org/download.html">Download</a> page.
Download the following packages:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>Trafodion Installer (if planning to use the Trafodion Installer)</p>
</li>
<li>
<p>Trafodion Server</p>
</li>
</ul>
</div>
<div class="paragraph">
<p>Refer to <a href="#prepare-download-trafodion-binaries">Download Trafodion Binaries</a> in the <a href="#prepare">Prepare</a> chapter for examples.</p>
</div>
</div>
<div class="sect2">
<h3 id="upgrade-unpack-installer">6.2. Unpack Installer</h3>
<div class="paragraph">
<p>You perform this step as the Trafodion Provisioning User.</p>
</div>
<div class="paragraph">
<p>You unpack the updated Trafodion Installer into a new directory.</p>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ mkdir $HOME/trafodion-installer-2.0
$ cd $HOME/trafodion-downloads
$ tar -zxf apache-trafodion-installer-2.0.0-incubating-bin.tar.gz -C $HOME/trafodion-installer
$ ls $HOME/trafodion-installer/installer-2.0
bashrc_default           tools                             traf_config_check           trafodion_apache_hadoop_install  traf_package_setup
build-version-2.0.0.txt  traf_add_user                     traf_config_setup           trafodion_config_default         traf_setup
dcs_installer            traf_apache_hadoop_config_setup   traf_create_systemdefaults  trafodion_install                traf_sqconfig
rest_installer           traf_authentication_conf_default  traf_getHadoopNodes         trafodion_license                traf_start
setup_known_hosts.exp    traf_cloudera_mods98              traf_hortonworks_mods98     trafodion_uninstaller
$</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="upgrade-stop-tradodion">6.3. Stop Trafodion</h3>
<div class="paragraph">
<p>You perform this step as the Trafodion Runtime User.</p>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ sudo su trafodion
$ sqstop
Shutting down the REST environment now
stopping rest.
Shutting down the DCS environment now
stopping master.
trafodion-1: stopping server.
trafodion-2: stopping server.
stopped $zlobsrv0
stopped $zlobsrv1
Shutting down (normal) the SQ environment!
Wed Feb 17 05:12:40 UTC 2016
Processing cluster.conf on local host trafodion-1
[$Z000KAE] Shell/shell Version 1.0.1 Apache_Trafodion Release 1.3.0 (Build release [1.3.0-0-g5af956f_Bld2], date 20160112_1927)
ps</code></pre>
</div>
</div>
<div style="page-break-after: always;"></div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">[$Z000KAE] %ps
[$Z000KAE] NID,PID(os)  PRI TYPE STATES  NAME        PARENT      PROGRAM
[$Z000KAE] ------------ --- ---- ------- ----------- ----------- ---------------
[$Z000KAE] 000,00064198 000 WDG  ES--A-- $WDG000     NONE        sqwatchdog
[$Z000KAE] 000,00064199 000 PSD  ES--A-- $PSD000     NONE        pstartd
[$Z000KAE] 000,00064212 001 GEN  ES--A-- $TSID0      NONE        idtmsrv
[$Z000KAE] 000,00064242 001 DTM  ES--A-- $TM0        NONE        tm
[$Z000KAE] 000,00065278 001 GEN  ES--A-- $ZSC000     NONE        mxsscp
[$Z000KAE] 000,00065305 001 SSMP ES--A-- $ZSM000     NONE        mxssmp
[$Z000KAE] 000,00001219 001 GEN  ES--A-- $Z0000ZU    NONE        mxosrvr
[$Z000KAE] 000,00001235 001 GEN  ES--A-- $Z00010A    NONE        mxosrvr
[$Z000KAE] 000,00001279 001 GEN  ES--A-- $Z00011J    NONE        mxosrvr
[$Z000KAE] 000,00001446 001 GEN  ES--A-- $Z00016B    NONE        mxosrvr
[$Z000KAE] 000,00024864 001 GEN  ES--A-- $Z000KAE    NONE        shell
[$Z000KAE] 001,00025180 000 PSD  ES--A-- $PSD001     NONE        pstartd
[$Z000KAE] 001,00025179 000 WDG  ES--A-- $WDG001     NONE        sqwatchdog
[$Z000KAE] 001,00025234 001 DTM  ES--A-- $TM1        NONE        tm
[$Z000KAE] 001,00025793 001 GEN  ES--A-- $ZSC001     NONE        mxsscp
[$Z000KAE] 001,00025797 001 SSMP ES--A-- $ZSM001     NONE        mxssmp
[$Z000KAE] 001,00026587 001 GEN  ES--A-- $Z010LPM    NONE        mxosrvr
[$Z000KAE] 001,00026617 001 GEN  ES--A-- $Z010LQH    NONE        mxosrvr
[$Z000KAE] 001,00026643 001 GEN  ES--A-- $Z010LR8    NONE        mxosrvr
[$Z000KAE] 001,00026644 001 GEN  ES--A-- $Z010LR9    NONE        mxosrvr
shutdown
[$Z000KAE] %shutdown
exit
Issued a 'shutdown normal' request

Shutdown in progress

# of SQ processes: 0
SQ Shutdown (normal) from /home/trafodion Successful
Wed Feb 17 05:12:47 UTC 2016
$</code></pre>
</div>
</div>
<div style="page-break-after: always;"></div>
</div>
<div class="sect2">
<h3 id="upgrade-automated-upgrade">6.4. Automated Upgrade</h3>
<div class="paragraph">
<p>You perform this step as the Trafodion Provisioning User.</p>
</div>
<div class="paragraph">
<p>The <code>--config_file</code> option runs the Trafodion in Automated Setup mode. Refer to <a href="#introduction-trafodion-installer">Trafodion Installer</a>
in the <a href="#introduction">Introduction</a> chapter for instructions of how you edit your configuration file.</p>
</div>
<div class="paragraph">
<p>At a minimum, you need to change the following settings:</p>
</div>
<div class="ulist">
<ul>
<li>
<p><code>LOCAL_WORKDIR</code></p>
</li>
<li>
<p><code>TRAF_PACKAGE</code></p>
</li>
<li>
<p><code>SQ_ROOT</code></p>
</li>
</ul>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ cd $HOME/trafodion-configuration
$ cp my_config my_config_2.0
$ # Pre edit content

export LOCAL_WORKDIR=&quot;/home/centos/trafodion-installer/installer&quot;
export TRAF_PACKAGE=&quot;/home/centos/trafodion-download/apache-trafodion-1.3.0-incubating-bin.tar.gz&quot;
export SQ_ROOT=&quot;/home/trafodion/apache-trafodion-1.3.0-incubating-bin&quot;

$ # Use your favorit editor to modify my_config_2.0
$ emacs my_config_2.0
$ # Post edit changes

export LOCAL_WORKDIR=&quot;/home/centos/trafodion-installer-2.0/installer&quot;
export TRAF_PACKAGE=&quot;/home/centos/trafodion-download/apache-trafodion-2.0.0-incubating-bin.tar.gz&quot;
export SQ_ROOT=&quot;/home/trafodion/apache-trafodion-2.0.0-incubating-bin&quot;</code></pre>
</div>
</div>
<div class="paragraph">
<p>The following example shows an upgrade of Trafodion on a two-node Hortonworks Hadoop cluster using
Automated Setup mode.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
The Trafodion Installer performs the same configuration changes as it does for an installation,
including restarting Hadoop services.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>Run the updated Trafodion Installer using the modified my_config_2.0 file.</p>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ cd $HOME/trafodion-installer-2.0/installer
$ ./trafodion_install --config_file $HOME/trafodion-configuration/my_config_2.0
******************************
 TRAFODION INSTALLATION START
******************************

***INFO: Testing sudo access on node trafodion-1
***INFO: Testing sudo access on node trafodion-2
***INFO: Testing ssh on trafodion-1
***INFO: Testing ssh on trafodion-2
***INFO: Getting list of all hortonworks nodes
***INFO: Getting list of all hortonworks nodes
***INFO: hortonworks list of nodes:  trafodion-1 trafodion-2
***INFO: Testing ssh on trafodion-1
***INFO: Testing ssh on trafodion-2
***INFO: Testing sudo access on trafodion-1
***INFO: Testing sudo access on trafodion-2
***INFO: Trafodion scanner will not be run.
***DEBUG: trafodionFullName=trafodion_server-2.0.0.tgz
***INFO: Trafodion version = 2.0.0
***DEBUG: HBase's java_exec=/usr/jdk64/jdk1.7.0_67/bin/java

******************************
 TRAFODION SETUP
******************************

***INFO: Installing required RPM packages
***INFO: Starting Trafodion Package Setup (2016-02-17-05-33-29)
***INFO: Installing required packages
***INFO: Log file located in /var/log/trafodion
***INFO: ... pdsh on node trafodion-1
***INFO: ... pdsh on node trafodion-2
***INFO: Checking if log4cxx is installed ...
.
.
.
DcsMaster is not started. Please start DCS using 'dcsstart' command...

Process         Configured      Actual          Down
---------       ----------      ------          ----
DcsMaster       1               0               1
DcsServer       2               0               2
mxosrvr         8               8


You can monitor the SQ shell log file : /home/trafodion/apache-trafodion-2.0.0-incubating-bin/logs/sqmon.log


Startup time  0 hour(s) 1 minute(s) 9 second(s)
Apache Trafodion Conversational Interface 1.3.0
Copyright (c) 2015 Apache Software Foundation
&gt;&gt;Metadata Upgrade: started

Version Check: started
  Metadata is already at Version 1.1.
Version Check: done

Metadata Upgrade: done


--- SQL operation complete.
&gt;&gt;

End of MXCI Session

***INFO: Installation completed successfully.

*********************************
 TRAFODION INSTALLATION COMPLETE
*********************************

$</code></pre>
</div>
</div>
</li>
<li>
<p>Switch to the Trafodion Runtime User and check the status of Trafodion.</p>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ sudo su - trafodion
$ sqcheck
Checking if processes are up.
Checking attempt: 1; user specified max: 2. Execution time in seconds: 0.

The SQ environment is up!


Process         Configured      Actual      Down
-------         ----------      ------      ----
DTM             2               2
RMS             4               4
MXOSRVR         8               8

$</code></pre>
</div>
</div>
</li>
</ol>
</div>
<div class="paragraph">
<p>Trafodion is now running on your Hadoop cluster. Please refer to the <a href="#activate">Activate</a> chapter for
basic instructions on how to verify the Trafodion management and how to perform basic management
operations.</p>
</div>
<div style="page-break-after: always;"></div>
</div>
<div class="sect2">
<h3 id="upgrade-guided-upgrade">6.5. Guided Upgrade</h3>
<div class="paragraph">
<p>You perform this step as the Trafodion Provisioning User.</p>
</div>
<div class="paragraph">
<p>As in the case with an installation, the Trafodion Installer prompts you for the information you collected in the
<a href="#prepare-gather-configuration-information">Gather Configuration Information</a> step in the <a href="#prepare">Prepare</a> chapter.
Some of the prompts are populated with the current values.</p>
</div>
<div class="paragraph">
<p>export LOCAL_WORKDIR="/home/centos/trafodion-installer/installer"
export TRAF_PACKAGE="/home/centos/trafodion-download/apache-trafodion-1.3.0-incubating-bin.tar.gz"
export SQ_ROOT="/home/trafodion/apache-trafodion-1.3.0-incubating-bin"</p>
</div>
<div class="paragraph">
<p>The following example shows a guided upgrade of Trafodion on a two-node Cloudera Hadoop cluster.</p>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p>Run the updated Trafodion Installer in Guided Setup mode to perform the upgrade. Change information
at prompts as applicable.</p>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ cd $HOME/trafodion-installer-2.0/installer
$ ./trafodion_install
******************************
 TRAFODION INSTALLATION START
******************************

***INFO: testing sudo access
***INFO: Log file located at /var/log/trafodion/trafodion_install_2016-02-17-08-15-33.log
***INFO: Config directory: /etc/trafodion
***INFO: Working directory: /usr/lib/trafodion

*******************************
 Trafodion Configuration Setup
*******************************

***INFO: Please press [Enter] to select defaults.

Enter trafodion password, default is [traf123]:
Enter list of nodes (blank separated), default []: trafodion-1.apache.org trafodion-2.apache.org
Specify location of Java 1.7.0_65 or higher (JDK), default is [/usr/java/jdk1.7.0_67-cloudera]:
Enter full path (including .tar or .tar.gz) of trafodion tar file []: /home/centos/trafodion-download/apache-trafodion-2.0.0-incubating-bin.tar.gz
Enter Hadoop admin username, default is [admin]:
Enter Hadoop admin password, default is [admin]:
Enter Hadoop external network URL:port (no 'http://' needed), default is []: trafodion-1.apache.org:7180
Enter HDFS username, default is [hdfs]:
Enter HBase username, default is [hbase]:
Enter HBase group, default is [hbase]:
Enter directory to install trafodion to, default is [/home/trafodion/apache-trafodion-1.3.0-incubating-bin]: /home/centos/apache-trafodion-2.0.0-incubating-bin
Start Trafodion after install (Y/N), default is Y:
Total number of client connections per node, default [16]: 8
Enable simple LDAP security (Y/N), default is N:
***INFO: Configuration file: /etc/trafodion/trafodion_config
***INFO: Trafodion configuration setup complete

************************************
 Trafodion Configuration File Check
************************************


***INFO: Testing sudo access on node trafodion-1
***INFO: Testing sudo access on node trafodion-2
***INFO: Testing ssh on trafodion-1
***INFO: Testing ssh on trafodion-2
***INFO: Getting list of all cloudera nodes
***INFO: Getting list of all cloudera nodes
***INFO: cloudera list of nodes:  trafodion-1 trafodion-2
***INFO: Testing ssh on trafodion-1
***INFO: Testing ssh on trafodion-2
***INFO: Testing sudo access on trafodion-1
***INFO: Testing sudo access on trafodion-2
***INFO: Checking cloudera Version
***INFO: nameOfVersion=cdh5.3.0
***INFO: HADOOP_PATH=/usr/lib/hbase/lib
***INFO: Trafodion scanner will not be run.
***DEBUG: trafodionFullName=trafodion_server-1.3.0.tgz
***INFO: Trafodion version = 1.3.0
***DEBUG: HBase's java_exec=/usr/java/jdk1.7.0_67-cloudera/bin/java

******************************
 TRAFODION SETUP
******************************

***INFO: Installing required RPM packages
***INFO: Starting Trafodion Package Setup (2016-02-17-08-16-11)
***INFO: Installing required packages
***INFO: Log file located in /var/log/trafodion
***INFO: ... pdsh on node trafodion-1
***INFO: ... pdsh on node trafodion-2
***INFO: Checking if log4cxx is installed ...
***INFO: Checking if sqlite is installed ...
***INFO: Checking if expect is installed ...
***INFO: Checking if perl-DBD-SQLite* is installed ...
***INFO: Checking if protobuf is installed ...
***INFO: Checking if xerces-c is installed ...
***INFO: Checking if perl-Params-Validate is installed ...
***INFO: Checking if perl-Time-HiRes is installed ...
***INFO: Checking if gzip is installed ...
***INFO: creating sqconfig file
***INFO: Reserving DCS ports

******************************
 TRAFODION MODS
******************************

***INFO: Cloudera installed will run traf_cloudera_mods98
***INFO: Detected JAVA version 1.7
***INFO: copying hbase-trx-cdh5_3-1.3.0.jar to all nodes
***INFO: Cloudera Manager is on trafodion-1
.
.
.
Zookeeper is listening on port 2181
DcsMaster is listening on port 23400

Process         Configured      Actual          Down
---------       ----------      ------          ----
DcsMaster       1               1
DcsServer       2               2
mxosrvr         8               8


You can monitor the SQ shell log file : /home/trafodion/apache-trafodion-2.0.0-incubating-bin/logs/sqmon.log


Startup time  0 hour(s) 1 minute(s) 9 second(s)
Apache Trafodion Conversational Interface 1.3.0
Copyright (c) 2015 Apache Software Foundation
&gt;&gt;

End of MXCI Session

***INFO: Installation completed successfully.

*********************************
 TRAFODION INSTALLATION COMPLETE
*********************************

$</code></pre>
</div>
</div>
</li>
<li>
<p>Switch to the Trafodion Runtime User and check the status of Trafodion.</p>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ sudo su - trafodion
$ sqcheck
Checking if processes are up.
Checking attempt: 1; user specified max: 2. Execution time in seconds: 0.

The SQ environment is up!


Process         Configured      Actual      Down
-------         ----------      ------      ----
DTM             2               2
RMS             4               4
MXOSRVR         8               8

$</code></pre>
</div>
</div>
</li>
</ol>
</div>
<div class="paragraph">
<p>Trafodion is now running on your Hadoop cluster. Please refer to the <a href="#activate">Activate</a> chapter for
basic instructions on how to verify the Trafodion management and how to perform basic management
operations.</p>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="activate">7. Activate</h2>
<div class="sectionbody">
<div class="sect2">
<h3 id="activate-manage-trafodion">7.1. Manage Trafodion</h3>
<div class="paragraph">
<p>You use the Trafodion runtime user ID to perform Trafodion management operations.</p>
</div>
<div class="paragraph">
<p>The following table provides an overview of the different Trafodion management scripts.</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 40%;">
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 20%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Component</th>
<th class="tableblock halign-left valign-top">Start</th>
<th class="tableblock halign-left valign-top">Stop</th>
<th class="tableblock halign-left valign-top">Status</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>All of Trafodion</strong></p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>sqstart</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>sqstop</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>sqcheck</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>RMS Server</strong></p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>rmsstart</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>rmsstop</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>rmscheck</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>REST Server</strong></p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>reststart</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>reststop</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>-</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>LOB Server</strong></p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>lobstart</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>lobstop</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>-</pre></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>DCS (Database Connectivity Services)</strong></p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dcsstart</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dcsstop</pre></div></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>dcscheck</pre></div></td>
</tr>
</tbody>
</table>
<div class="paragraph">
<p><strong>Example: Start Trafodion</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">cd $MY_SQROOT/sql/scripts
sqstart
sqcheck</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="activate-validate-trafodion-installation">7.2. Validate Trafodion Installation</h3>
<div class="paragraph">
<p>You can use sqlci (part of the base product) or trafci (requires separate install; see the
<a href="http://trafodion.incubator.apache.org/docs/client_install/index.html">Trafodion Client Installation Guide</a>) to validate your installation.</p>
</div>
<div class="sect3">
<h4 id="_smoke_test">7.2.1. Smoke Test</h4>
<div class="paragraph">
<p>A simple smoke test to validate that Trafodion is functioning.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">get schemas;
create table table1 (a int);
invoke table1;
insert into table1 values (1), (2), (3), (4);
select * from table1;
drop table table1;
exit;</code></pre>
</div>
</div>
<div style="page-break-after: always;"></div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">$ sqlci
Apache Trafodion Conversational Interface 1.3.0
Copyright (c) 2015 Apache Software Foundation
&gt;&gt;get schemas;

Schemas in Catalog TRAFODION
============================

SEABASE
_MD_
_REPOS_

--- SQL operation complete.
&gt;&gt;create table table1 (a int);

--- SQL operation complete.
&gt;&gt;invoke table1;

-- Definition of Trafodion table TRAFODION.SEABASE.TABLE1
-- Definition current  Mon Feb 15 07:42:02 2016

  (
    SYSKEY                           LARGEINT NO DEFAULT NOT NULL NOT DROPPABLE
      NOT SERIALIZED
  , A                                INT DEFAULT NULL SERIALIZED
  )

--- SQL operation complete.
&gt;&gt;insert into table1 values (1), (2), (3), (4);

--- 4 row(s) inserted.
&gt;&gt;select * from table1;

A
-----------

          1
          2
          3
          4

--- 4 row(s) selected.
&gt;&gt;drop table table1;

--- SQL operation complete.
&gt;&gt;exit;
$</code></pre>
</div>
</div>
<div style="page-break-after: always;"></div>
<div class="paragraph">
<p>Assuming no errors, your installation has been successful. Next, do the following:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>Install the Trafodion client software. Refer to the <a href="http://trafodion.incubator.apache.org/docs/client_install/index.html">Trafodion Client Installation Guide</a>.</p>
</li>
<li>
<p>Use Trafodion. Refer to the <a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html">Trafodion SQL Reference Manual.</a></p>
</li>
<li>
<p>Review other Trafodion documentation. Refer to the <a href="http://trafodion.apache.org/documentation.html">Trafodion documentation</a>.</p>
</li>
</ul>
</div>
</div>
</div>
<div class="sect2">
<h3 id="activate-troubleshooting-tips">7.3. Troubleshooting Tips</h3>
<div class="paragraph">
<p>If you are not able to start up the environment or if there are problems running sqlci or trafci, then verify that the all the processes are up and running.</p>
</div>
<div class="ulist">
<ul>
<li>
<p><code>sqcheck</code> should indicate all processes are running.</p>
</li>
</ul>
</div>
<div class="paragraph">
<p>If processes are not running as expected, then:</p>
</div>
<div class="ulist">
<ul>
<li>
<p><code>sqstop</code> to shut down Trafodion. If some Trafodion processes do not terminate cleanly, then run <code>ckillall</code>.</p>
</li>
<li>
<p><code>sqstart</code> to restart Trafodion.</p>
</li>
</ul>
</div>
<div class="paragraph">
<p>If problems persist please review logs:</p>
</div>
<div class="ulist">
<ul>
<li>
<p><code>$MY_SQROOT/logs</code>: Trafodion logs.</p>
</li>
</ul>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="remove">8. Remove</h2>
<div class="sectionbody">
<div class="paragraph">
<p>You use the Trafodion Provisioning User for these instructions.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
You do not need to use the <code>trafodion_uninstaller</code> script if upgrading Trafodion. Instead, use the <code>trafodion_install</code> script,
which automatically upgrades the version of Trafodion. Please refer to the <a href="#install">Install</a> chapter for further instructions.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Run the commands from the first node of the cluster. Do not run them from a machine that is not part of the Trafodion cluster.</p>
</div>
<div class="sect2">
<h3 id="_stop_trafodion">8.1. Stop Trafodion</h3>
<div class="paragraph">
<p>Do the following:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">su trafodion
cd $MY_SQROOT/sql/scripts or cds
sqstop
exit</code></pre>
</div>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">[admin@trafodion-1 ~]$ su trafodion
[trafodion@trafodion-1 scripts]$ cds
[trafodion@trafodion-1 scripts]$ sqstop
Shutting down the REST environment now
stopping rest.
Shutting down the DCS environment now
stopping master.
trafodion-1: stopping server.
trafodion-2: stopping server.
stopped $zlobsrv0
stopped $zlobsrv1
Shutting down (normal) the SQ environment!
Mon Feb 15 07:49:18 UTC 2016
Processing cluster.conf on local host trafodion-1
.
.
.</code></pre>
</div>
</div>
<div style="page-break-after: always;"></div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">[$Z000HDS] 001,00024772 001 GEN  ES--A-- $Z010K7S    NONE        mxosrvr
[$Z000HDS] 001,00024782 001 GEN  ES--U-- $ZLOBSRV1   NONE        mxlobsrvr
shutdown
[$Z000HDS] %shutdown
exit
Issued a 'shutdown normal' request

Shutdown in progress

# of SQ processes: 0
SQ Shutdown (normal) from /home/trafodion/apache-trafodion-1.3.0-incubating-bin/sql/scripts Successful
Mon Feb 15 07:49:26 UTC 2016
[trafodion@trafodion-1 scripts]$ exit
[admin@trafodion-1 ~]$</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_run_code_trafodion_uninstaller_code">8.2. Run <code>trafodion_uninstaller</code></h3>
<div class="paragraph">
<p>The <code>trafodion_uninstaller</code> completely removes Trafodion.</p>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">[admin@trafodion-1 ~]$ cd $HOME/trafodion-installer/installer
[admin@trafodion-1 installer]$ ./trafodion_uninstaller
Do you want to uninstall Trafodion (Everything will be removed)? (Y/N) y
***INFO: testing sudo access
***INFO: NOTE, rpms that were installed will not be removed.
***INFO: stopping Trafodion instance
SQ environment is not up.
Going to execute ckillall

Can't find file /home/trafodion/.vnc/trafodion-1:1.pid
You'll have to kill the Xvnc process manually

***INFO: restoring linux system files that were changed
***INFO: removing hbase-trx* from Hadoop directories
pdsh@trafodion-1: trafodion-1: ssh exited with exit code 1
pdsh@trafodion-1: trafodion-2: ssh exited with exit code 1
pdsh@trafodion-1: trafodion-1: ssh exited with exit code 1
pdsh@trafodion-1: trafodion-2: ssh exited with exit code 1
***INFO remove the Trafodion userid and group
***INFO: removing all files from /home/trafodion/apache-trafodion-1.3.0-incubating-bin
***INFO: removing all files from /usr/lib/trafodion and /var/log/trafodion
***INFO: removing all files from /etc/trafodion
***INFO: Trafodion uninstall complete.
[admin@trafodion-1 installer]$</code></pre>
</div>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="enable-security">9. Enable Security</h2>
<div class="sectionbody">
<div class="paragraph">
<p>If you do not enable security in Trafodion, then a client interface to Trafodion may request a user name and password,
but Trafodion ignores the user name and password entered in the client interface, and the session runs as the database <strong>root</strong> user,
<code>DB__ROOT</code>, without restrictions. If you want to restrict users, restrict access to certain users only, or restrict access to an
object or operation, then you must enable security, which enforces authentication and authorization. You can enable security
during installation by answering the Trafodion Installer&#8217;s prompts or after installation by running the <code>traf_authentication_setup</code>
script, which enables both authentication and authorization. For more information, see
<a href="#enable-security-authentication-setup-script">Authentication Setup Script</a> below.</p>
</div>
<div class="paragraph">
<p>Trafodion does not manage user names and passwords internally but does support authentication via directory servers that support
the OpenLDAP protocol, also known as LDAP servers. You can configure the LDAP servers during installation by answering the Trafodion
Installer&#8217;s prompts, or you can configure the LDAP servers manually after installation. For more information, please refer to
<a href="#enable-security-configuring-ldap-servers">Configuring LDAP Servers</a> below.</p>
</div>
<div class="paragraph">
<p>Once authentication and authorization are enabled, Trafodion allows users to be registered in the database and allows privileges
on objects to be granted to users and roles (which are granted to users). Trafodion also supports component-level (or system-level)
privileges, such as MANAGE_USERS, which can be granted to users and roles. Refer to <a href="#enable-security-manage-users">Manage Users</a> below.</p>
</div>
<div class="sect2">
<h3 id="enable-security-configuring-ldap-servers">9.1. Configuring LDAP Servers</h3>
<div class="paragraph">
<p>To specify the LDAP server(s) to be used for authentication, you need to configure the text file <code>.traf_authentication_config</code>,
located (by default) in <code>$MY_SQROOT/sql/scripts</code>. This file is a flat file, organized as a series of attribute/value pairs.
Details on all the attributes and values accepted in the authentication configuration file and how to configure alternate locations
can be found in <a href="#enable-security-traf-authentication-config">.traf_authentication_config</a> below.</p>
</div>
<div class="paragraph">
<p>A sample template file is located in <code>$MY_SQROOT/sql/scripts/traf_authentication_config</code>.</p>
</div>
<div class="paragraph">
<p>Attributes and values in the authentication configuration file are separated with a colon immediately following the attribute name.
In general, white space is ignored  but spaces may be relevant in some values. Attribute names are always case insensitive. Multiple
instances of an attribute are specified by repeating the attribute name and providing the new value. For attributes with only one
instance, if the attribute is repeated, the last value provided is used.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">Attribute1: valueA
Attribute2: valueB
Attribute1: valueC</code></pre>
</div>
</div>
<div class="paragraph">
<p>If <code>Attribute1</code> has only one instance, <code>valueC</code> is used, otherwise, <code>valueA</code> and <code>valueC</code> are both added to the list of values for <code>Attribute1</code>.</p>
</div>
<div class="paragraph">
<p>Attributes are grouped into sections; this is for future enhancements. Attributes are declared in the <code>LOCAL</code> section, unless otherwise specified.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
Section names, attribute names, and the general layout of the authentication configuration file are subject to change in future versions
of Trafodion and backward compatibility is not guaranteed.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Specification of your directory server(s) requires at a minimum:</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 15%;">
<col style="width: 55%;">
<col style="width: 30%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Setting</th>
<th class="tableblock halign-left valign-top">Description</th>
<th class="tableblock halign-left valign-top">Example</th>
</tr>
</thead>
<tbody>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">LDAP Host Name(s)</p></th>
<td class="tableblock halign-left valign-top"><p class="tableblock">One or more names of hosts that support the OpenLDAP protocol must be specified. Trafodion attempts to connect to all
provided host names during the authentication process. The set of user names and passwords should be identical on all hosts to avoid unpredictable
results. The attribute name is <code>LDAPHostName</code>.</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>LDAPHostName: ldap.company.com</code></p>
</div></div></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">LDAP Port Number</p></th>
<td class="tableblock halign-left valign-top"><p class="tableblock">Port number of the LDAP server. Typically this is 389 for servers using no encryption or TLS, and 636 for servers using SSL.
The attribute name is <code>LDAPPort</code>.</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>LDAPPort: 389</code></p>
</div></div></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">LDAP Unique Identifier</p></th>
<td class="tableblock halign-left valign-top"><p class="tableblock">Attribute(s) used by the directory server that uniquely identifies the user name. You may provide one or more unique
identifier specifiers.</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>UniqueIdentifier: uid=,ou=users,dc=com</code></p>
</div></div></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">Encryption Level</p></th>
<td class="tableblock halign-left valign-top"><p class="tableblock">A numeric value indicating the encryption scheme used by your LDAP server. Values are:<br>
<br>
&#8226; 0: Encryption not used<br>
&#8226; 1: SSL<br>
&#8226; 2: TLS</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>LDAPSSL: 2</code><br>
<br>
If your LDAP server uses TLS you must specify a file containing the certificate used to encrypt the password. By default the Trafodion software
looks for this file in <code>$MY_SQROOT/cacerts</code>, but you may specify a fully qualified filename, or set the environment variable <code>CACERTS_DIR</code> to another
directory. To specify the file containing the certificate, you set the value of the attribute <code>TLS_CACERTFilename</code>, located in the Defaults section.<br>
<br>
<strong>Example</strong><br></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">TLS_CACERTFilename: mycert.pem
TLS_CACertFilename: /usr/etc/cert.pem</code></pre>
</div>
</div></div></td>
</tr>
<tr>
<th class="tableblock halign-left valign-top"><p class="tableblock">Search username and password</p></th>
<td class="tableblock halign-left valign-top"><p class="tableblock">Some LDAP servers require a known user name and password to search the directory of user names. If your environment
has that requirement, provide these "search" values.</p></td>
<td class="tableblock halign-left valign-top"><div><div class="paragraph">
<p><code>LDAPSearchDN: <a href="mailto:lookup@company.com">lookup@company.com</a></code><br>
<code>LDAPSearchPwd: Lookup123</code></p>
</div></div></td>
</tr>
</tbody>
</table>
<div class="paragraph">
<p>There are additional optional attributes that can be used to customize Trafodion authentication. As mentioned earlier, they are described in
<a href="#enable-security-traf-authentication-config">.traf_authentication_config</a> below.</p>
</div>
<div class="paragraph">
<p>You can test the authentication configuration file for syntactic errors using the <code>ldapconfigcheck</code> tool. If you have loaded the Trafodion
environment (<code>sqenv.sh</code>), then the tool automatically checks the file at <code>$MY_SQROOT/sql/scripts/.traf_authentication_config</code>.
If not, you can specify the file to be checked.</p>
</div>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">ldapconfigcheck -file myconfigfile
File myconfigfile is valid.</code></pre>
</div>
</div>
<div class="paragraph">
<p>If an error is found, then the line number with the error is displayed along with the error.
Please refer to <a href="#enable-security-ldapconfigcheck">ldapconfigcheck</a> below for more information.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
The authentication configuration file needs to be propagated to all nodes, but there is a script that does that for you described later.
For now, you can test your changes on the local node.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>You can test the LDAP connection using the utility <code>ldapcheck</code>. To use this utility the Trafodion environment must be loaded (<code>sqenv.sh</code>),
but the Trafodion instance does not need to be running. To test the connection only, you can specify any user name, and a name lookup is performed
using the attributes in <code>.traf_authentication_config</code>.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">ldapcheck --username=fakename@company.com
User fakename@company.com not found</code></pre>
</div>
</div>
<div class="paragraph">
<p>If <code>ldapcheck</code> reports either that the user was found or the user was not found, the connection was successful. However, if an error is reported,
either the configuration file is not setup correctly, or there is a problem either with your LDAP server or the connection to the server. You can
get additional error detail by including the <code>--verbose</code> option. Please refer to <a href="#enable-security-ldapcheck">ldapcheck</a> for more information.</p>
</div>
<div class="paragraph">
<p>If you supply a password, <code>ldapcheck</code> attempts to authenticate the specified <code>username</code> and <code>password</code>. The example below shows the password
for illustrative purposes, but to avoid typing the password on the command line, leave the password blank (<code>--password=</code>) and the utility
prompts for the password with no echo.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">ldapcheck --username=realuser@company.com --password=StrongPassword
Authentication successful</code></pre>
</div>
</div>
<div style="page-break-after: always;"></div>
</div>
<div class="sect2">
<h3 id="enable-security-generate-trafodion-certificate">9.2. Generate Trafodion Certificate</h3>
<div class="paragraph">
<p>Trafodion clients such as <code>trafci</code> encrypt the password before sending it to Trafodion. A self-signed certificate is used to encrypt the password.
The certificate and key should be generated when the <code>sqgen</code> script is invoked. By default, the files <code>server.key</code> and <code>server.crt</code> are located
in <code>$HOME/sqcert</code>. If those files are not present and since Trafodion clients does not send unencrypted passwords, then you need to manually generate
those files. To do so, run the script <code>sqcertgen</code> located in <code>$MY_SQROOT/sql/scripts</code>. The script runs <code>openssl</code> to generate the certificate and key.</p>
</div>
<div class="paragraph">
<p>To run openssl manually, follow the example:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">openssl req -x509 -nodes -days 365 -subj '/C=US/ST=California/L=PaloAlto/CN=host.domain.com/O=Some Company/OU=Service Connection'
- newkey rsa:2048 -keyout server.key -out server.crt</code></pre>
</div>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 40%;">
<col style="width: 60%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Option</th>
<th class="tableblock halign-left valign-top">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>-x509</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Generate a self-signed certificate.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>-days &lt;validity of certificate&gt;</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Make the certificate valid for the days specified.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>-newkey rsa:&lt;bytes&gt;</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Generate a new private key of type RSA of length 1024 or 2048 bytes.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>-subj &lt;certificateinfo&gt;</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Specify the information that is incorporated in the certificate.
Each instance in a cluster should have a unique common name(<code>CN</code>).</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>-keyout &lt;filename&gt;</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Write the newly generated RSA private key to the file specified.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>-nodes</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">It is an optional parameter that specifies NOT to encrypt the private key.
If you encrypt the private key, then you must enter the password every time the private key is used by an application.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>-out &lt;filename&gt;</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Write the self-signed certificate to the specified file.</p></td>
</tr>
</tbody>
</table>
<div class="paragraph">
<p>Both the public (<code>server.crt</code>) and private (<code>server.key</code>) files should be placed in the directory <code>$HOME/sqcert</code>. If you do not want to use
the <code>HOME</code> directory or if you want to use different names for the private and/or public key files, then Trafodion supports environment variables
to specific the alternate locations or names.</p>
</div>
<div class="ulist">
<ul>
<li>
<p>Trafodion first checks the environment variables <code>SQCERT_PRIVKEY</code> and <code>SQCERT_PUBKEY</code>. If they are set, Trafodion uses the fully qualified filename
value of the environment variable.</p>
<div class="paragraph">
<p>You can specify either one filename environment variable or both.</p>
</div>
</li>
<li>
<p>If at least one filename environment variable is not set, Trafodion checks the value of the environment variable <code>SQCERT_DIR</code>. If set,
then the default filename <code>server.key</code> or <code>server.crt</code> is appended to the value of the environment variable <code>SQCERT_DIR</code>.</p>
</li>
<li>
<p>If the filename environment variable is not set and the directory environment variable is not set,
then Trafodion uses the default location (<code>$HOME/sqcert</code>) and the default filename.</p>
</li>
</ul>
</div>
</div>
<div class="sect2">
<h3 id="enable-security-authentication-setup-script">9.3. Authentication Setup Script</h3>
<div class="paragraph">
<p>The final step to enable security is to change the value of the environment variable <code>TRAFODION_ENABLE_AUTHENTICATION</code> from <code>NO</code> to <code>YES</code>
and turn on authorization. This is achieved by invoking the <code>traf_authentication_setup</code> script, which is located in <code>$MY_SQROOT/sql/scripts</code>.</p>
</div>
<div class="paragraph">
<p><strong>Usage</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">Usage: traf_authentication_setup [options]

Options:
    --file &lt;loc&gt;  Optional location of OpenLDAP configuration file
    --help        Prints this message
    --off         Disables authentication and authorization
    --on          Enables authentication and authorization
    --setup       Enables authentication
    --status      Returns status of authentication enablement</code></pre>
</div>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 25%;">
<col style="width: 75%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Option</th>
<th class="tableblock halign-left valign-top">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>--file</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">If specified, then <code>filename</code> is copied to <code>$MY_SQROOT/</code>. Users working in their own private environment can refer to a
site-specific configuration file from a central location.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>--on</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>traf_authentication_setup</code> invokes <a href="#enable-security-ldapconfigcheck">ldapconfigcheck</a> to verify the configuration file is
syntactically correct. It also invokes <a href="#enable-security-ldapcheck">ldapcheck</a> to verify that a connection can be made to an LDAP server.<br>
<br>
If both checks pass, the script sets the environment variable <code>TRAFODION_ENABLE_AUTHENTICATION</code> to <code>YES</code> in the file <code>$MY_SQROOT/sqenvcom.sh</code>,
and propagates <code>sqenvcom.sh</code> and <code>.traf_authentication_config</code> to all nodes in the cluster.<br>
<br>
The last step is to enable authorization by creating privilege-related metadata tables and set up default permissions with a call to the database.
The list of privilege-related metadata tables, users, roles, and component privileges are logged in <code>$MY_SQROOT/logs/authEnable.log</code>.<br>
<br>
Specifying <code>--on</code> requires that a valid <code>.traf_authentication_config</code> file exists and the Trafodion metadata initialized.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>--off</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">If specified, then <code>traf_authentication_setup</code> sets the environment variable <code>TRAFODION_ENABLE_AUTHENTICATION</code> to <code>NO</code> in
<code>$MY_SQROOT/sqenvcom.sh</code> and propagates the file to all the nodes in the cluster.<br>
<br>
The last step is to disable authorization by removing any privilege-related metadata and permissions with a call to the database.
The results of this operation is logged in <code>$MY_SQROOT/logs/authEnable.log</code>.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>--setup</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Use this option if the Trafodion metadata has not been initialized. This option enables authentication but does not call the database
to create privilege-related metadata tables. Later, when Trafodion metadata is initialized, privilege-related metadata tables and default permissions
are automatically created.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>--status</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Reports the value of the environment variable <code>TRAFODION_ENABLE_AUTHENTICATION</code> in <code>$MY_SQROOT/sqenvcom.sh</code> on the current node and
reports the status of security features in the database.</p></td>
</tr>
</tbody>
</table>
<div class="paragraph">
<p><strong>Example</strong></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">INFO: Start of security (authentication and authorization) script Wed Mar 25 15:12:50 PDT 2xxx.

INFO:  *** Trafodion security (authentication and authorization) status ***
   Authentication is ENABLED
   Authorization (grant/revoke) is ENABLED

INFO: End of security (authorization and authentication) script Wed Mar 25 15:12:54 PDT 2xxx.</code></pre>
</div>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
Any time the environment file (<code>sqenvcom.sh</code>) is changed (and propagated to all nodes), Database Connectivity Services (DCS) must be restarted to
pick up the new value. If the configuration file is changed, it re-reads in 30 minutes (by default), but you can have changes take effect
immediately by restarting DCS.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>To restart DCS, run the scripts <code>stop-dcs.sh</code> and <code>start-dcs.sh</code>, located in <code>$MY_SQROOT/dcs-&lt;x&gt;.&lt;y&gt;.&lt;z&gt;/bin</code>.</p>
</div>
</div>
<div class="sect2">
<h3 id="enable-security-manage-users">9.4. Manage Users</h3>
<div class="paragraph">
<p>Users are registered in the Trafodion database and are used to enforce authorization. If security is disabled, any user can register any user at any time.
However, once security is enabled, user administration is considered a secure operation, and registration of users is restricted to <code>DB<em>ROOT</code> or any user
granted the <code>MANAGE_USERS</code> component privilege. To initially register a user, connect to Trafodion with the external user mapped to <code>DB</em>ROOT</code>
(also known as the Trafodion ID).</p>
</div>
<div class="paragraph">
<p>When security is enabled, the <code>DB<em>ROOT</code> user is registered as the <code>TRAFODION</code> external user name. It is recommended that the <code>DB</em>ROOT</code> user be mapped
to the external user name that is used to connect for root operations. To do this, start a <code>sqlci</code> session and perform the <code>ALTER USER</code> command, for example:</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">ALTER USER DB__ROOT SET EXTERNAL NAME trafodion_rootuser_in_ldap;</code></pre>
</div>
</div>
<div class="paragraph">
<p>To learn more about how to register users, grant object and component privileges, and manage users and roles, please see the
<a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html">Trafodion SQL Reference Manual</a>.</p>
</div>
</div>
<div class="sect2">
<h3 id="enable-security-traf-authentication-config">9.5. .traf_authentication_config</h3>
<div class="paragraph">
<p>The <code>.traf_authentication_config</code> file is user to enable the Trafodion security features.</p>
</div>
<div class="sect3">
<h4 id="_file_location">9.5.1. File Location</h4>
<div class="paragraph">
<p>By default, the Trafodion authentication configuration file is located in <code>$MY_SQROOT/sql/scripts/.traf_authentication_config</code>.
If you want to store the configuration file in a different location and/or use a different filename, then Trafodion supports environment
variables to specify the alternate location/name.</p>
</div>
<div class="paragraph">
<p>Trafodion firsts checks the environment variable <code>TRAFAUTH_CONFIGFILE</code>. If set, the value is used as the fully-qualified Trafodion
authentication configuration file.</p>
</div>
<div class="paragraph">
<p>If the environment variable is not set, then Trafodion next checks the variable <code>TRAFAUTH_CONFIGDIR</code>. If set, the value is prepended to
<code>.traf_authentication_config</code> and used as the Trafodion authentication file.</p>
</div>
<div class="paragraph">
<p>If neither is set, Trafodion defaults to <code>$MY_SQROOT/sql/scripts/.traf_authentication_config</code>.</p>
</div>
<div style="page-break-after: always;"></div>
</div>
<div class="sect3">
<h4 id="enable-security-template">9.5.2. Template</h4>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text"># To use authentication in Trafodion, this file must be configured
# as described below and placed in $MY_SQROOT/sql/scripts and be named
# .traf_authentication_config.  You must also enable authentication by
# running the script traf_authentication_setup in $MY_SQROOT/sql/scripts.
#
# NOTE: the format of this configuration file is expected to change in the
# next release of Trafodion.  Backward compatibility is not guaranteed.
#
SECTION: Defaults
  DefaultSectionName: local
  RefreshTime: 1800
  TLS_CACERTFilename:
SECTION: local

# If one or more of the LDAPHostName values is a load balancing host, list
# the name(s) here, one name: value pair for each host.
  LoadBalanceHostName:

# One or more identically configured hosts must be specified here,
# one name: value pair for each host.
  LDAPHostName:

# Default is port 389, change if using 636 or any other port
  LDAPPort:389

# Must specify one or more unique identifiers, one name: value pair for each
  UniqueIdentifier:

# If the configured LDAP server requires a username and password to
# to perform name lookup, provide those here.
  LDAPSearchDN:
  LDAPSearchPwd:

# If configured LDAP server requires TLS(1) or SSL (2), update this value
  LDAPSSL:0

# Default timeout values in seconds
  LDAPNetworkTimeout: 30
  LDAPTimeout: 30
  LDAPTimeLimit: 30

# Default values for retry logic algorithm
  RetryCount: 5
  RetryDelay: 2
  PreserveConnection: No
  ExcludeBadHosts: Yes
  MaxExcludeListSize: 3</code></pre>
</div>
</div>
</div>
<div class="sect3">
<h4 id="enable-security-configuration-attributes">9.5.3. Configuration Attributes</h4>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 25%;">
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 35%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Attribute Name</th>
<th class="tableblock halign-left valign-top">Purpose</th>
<th class="tableblock halign-left valign-top">Example Value</th>
<th class="tableblock halign-left valign-top">Notes</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPHostName</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Host name of the local LDAP server.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>ldap.master.com</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">If more than one <code>LDAPHostName</code> entry is provided,
then Trafodion attempts to connect with each LDAP server before returning an authentication error.
Also see the description related to <code>RetryCount</code> and <code>RetryDelay</code> entries.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPPort</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Port number of the local LDAP server.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>345</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Must be numeric value. Related to <code>LDAPSSL</code> entry.
Standard port numbers for OpenLDAP are as follows:<br>
<br>
&#8226; Non-secure: 389<br>
&#8226; SSL: 636<br>
&#8226;  TLS: 389</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPSearchDN</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">If a search user is needed, the search user distinguished name is specified here.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>cn=aaabbb, dc=demo, dc=net</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">If anonymous search is allowed on the local server, then this attribute does not need to be specified or can be specified with no value (blank).
To date, anonymous search is the normal approach used.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPSearchPWD</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Password for the <code>LDAPSearchDN</code> value. See that entry for details.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>welcome</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">None.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPSSL</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">A numeric value specifying whether the local LDAP server interface is unencrypted or TLS or SSL.
Legal values are 0 for unencrypted, 1 for SSL, and 2 for TLS. For SSL/TLS, see the section below on Encryption Support.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>0</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">None.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>UniqueIdentifier</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The directory attribute that contains the user&#8217;s unique identifier.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>uid=,ou=Users,dc=demo,dc=net</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">To account for the multiple forms of <code>DN</code> supported by a given LDAP server, specify the <code>UniqueIdentifier</code> parameter multiple times
with different values. During a search, each <code>UniqueIdentifier</code> is tried in the order it is listed in the configuration file.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPNetworkTimeout</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the timeout (in seconds) after which the next <code>LDAPHostName</code> entry is tried, in case of no response for a connection request.
This parameter is similar to <code>NETWORK_TIMEOUT</code> in <code>ldap_conf(5)</code>. Default value is 30 seconds.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>20</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The value must be a positive number or -1. Setting this to -1 results in an infinite timeout.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPTimelimit</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the time to wait when performing a search on the LDAP server for the user name. The number must be a positive integer.
This parameter is similar to <code>TIMELIMIT</code> in <code>ldap_conf(5)</code>. Default value is 30 seconds.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>15</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The server may still apply a lower server-side limit on the duration of a search operation.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPTimeout</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs aborts if no response is received.
This parameter is similar to <code>TIMEOUT</code> in <code>ldap_conf(5)</code>. Default value is 30 seconds.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>15</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The value must be a positive number or -1. Setting this to -1 results in an infinite timeout.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>RetryCount</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Number of attempts to establish a successful LDAP connection. Default is 5 retries before returning an error.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>10</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">When a failed operation is retried, it is attempted with each configured LDAP server, until the operation is successful or the number of configured retries is exceeded.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>RetryDelay</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the number of seconds to delay between retries. Default value is 2 seconds. See description of <code>RetryCount</code>.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>1</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">None.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>PreserveConnection</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies whether the connection to LDAP server is maintained (YES) or closed (NO) once the operation finishes. Default value is NO.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>YES</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">None.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>RefreshTime</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the number of seconds that must have elapsed before the configuration file is reread. Default is 1800 (30 minutes).</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>3600</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">If set to zero, the configuration file is never read. The connectivity servers must be restarted for changes to take effect if this value is zero.
This attribute is not specific to either configuration and must be defined in the DEFAULTS section.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS_CACERTFilename</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the location of the certificate file for the LDAP server(s). Filename can either be fully qualified or relative to <code>$CACERTS_DIR</code>.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>cert.pem</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">This attribute applies to both configurations. If a configuration does not require a certificate, then this attribute is ignored.
This attribute must be defined in the DEFAULTS section.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock"><code>DefaultSectionName</code></p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the configuration type that is assigned to a user by the <code>REGISTER USER</code> command if no authentication type is specified.
In the initial Trafodion release, only one configuration is supported.</p></td>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>LOCAL</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">This attribute must be defined in the <code>DEFAULTS</code> section.
If the <code>DefaultSectionName</code> attribute is specified, then a section by that name (or equivalent) must be defined in <code>.traf_ldapconfig</code>.
Legal values are <code>LOCAL</code> and <code>ENTERPRISE</code>. This syntax is likely to change.</p></td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="sect2">
<h3 id="enable-security-ldapcheck">9.6. ldapcheck</h3>
<div class="sect3">
<h4 id="_usage">9.6.1. Usage</h4>
<div class="listingblock">
<div class="content">
<pre class="CodeRay highlight"><code data-lang="text">ldapcheck  [&lt;option&gt;]...
&lt;option&gt; ::= --help|-h            display usage information
             --username=&lt;LDAP-username&gt;
             --password[=&lt;password&gt;]
             --primary            Use first configuration
             --local              Use first configuration
             --enterprise         Use first configuration
             --secondary          Use second configuration
             --remote             Use second configuration
             --cluster            Use second configuration
             --verbose            Display non-zero retry counts
                                  and LDAP errors</code></pre>
</div>
</div>
</div>
<div class="sect3">
<h4 id="_considerations">9.6.2. Considerations</h4>
<div class="ulist">
<ul>
<li>
<p>Aliases for primary include enterprise and local. Aliases for secondary include cluster and remote. If no configuration is specified, primary is assumed.</p>
</li>
<li>
<p>The equals sign is required when supplying a value to username or password.</p>
</li>
<li>
<p>To be prompted for a password value with no echo, specify the password argument but omit the equals sign and value.</p>
</li>
<li>
<p>Passwords that contain special characters may need to be escaped if the password is specified on the command line or within a script file.</p>
</li>
<li>
<p>If the password keyword is not specified, only the username is checked. The tool can therefore be used to test the LDAP configuration and connection
to the configured LDAP server(s) without knowing a valid username or password.</p>
</li>
</ul>
</div>
</div>
</div>
<div class="sect2">
<h3 id="enable-security-ldapconfigcheck">9.7. ldapconfigcheck</h3>
<div class="paragraph">
<p>This page describes the <code>ldapconfigcheck</code> tool, which validates the syntactic correctness of a Trafodion authentication configuration file. Trafodion does not need to be running to run the tool.</p>
</div>
<div class="sect3">
<h4 id="enable-security-ldapconfigcheck-considerations">9.7.1. Considerations</h4>
<div class="paragraph">
<p>If the configuration filename is not specified, then the tool  looks for a file using environment variables. Those environment variables and the search order are:</p>
</div>
<div class="olist arabic">
<ol class="arabic">
<li>
<p><code>TRAFAUTH_CONFIGFILE</code></p>
<div class="paragraph">
<p>A fully qualified name is expected.</p>
</div>
</li>
<li>
<p><code>TRAFAUTH_CONFIGDIR</code></p>
<div class="paragraph">
<p>Filename <code>.traf_authentication_config/</code> is appended to the specified directory</p>
</div>
</li>
<li>
<p><code>MY_SQROOT</code></p>
<div class="paragraph">
<p><code>/sql/scripts/.traf_authentication_config</code> is appended to the value of <code>MY_SQROOT</code>.</p>
</div>
</li>
</ol>
</div>
<div style="page-break-after: always;"></div>
</div>
<div class="sect3">
<h4 id="enable-security-ldapconfigcheck-errors">9.7.2. Errors</h4>
<div class="paragraph">
<p>One of the following is output when the tool is run. Only the first error encountered is reported.</p>
</div>
<table class="tableblock frame-all grid-all spread">
<colgroup>
<col style="width: 15%;">
<col style="width: 85%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Code</th>
<th class="tableblock halign-left valign-top">Text</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>0</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">File <code>filename</code> is valid.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>1</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">File <code>filename</code> not found.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>2</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">File: <code>filename</code><br>
<br>
Invalid attribute name on line <strong>line-number</strong>.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>3</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">File: <code>filename</code><br>
<br>
Missing required value on line <strong>line-number</strong>.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>4</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">File: <code>filename</code><br>
<br>
Value out of range on line <strong>line-number</strong>.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>5</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">File: <code>filename</code><br>
<br>
Open of traf_authentication_config file failed.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>6</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">File: <code>filename</code><br>
<br>
Read of traf_authentication_config file failed.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>7</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">No file provided. Either specify a file parameter or verify environment variables.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>8</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">TLS was requested in at least one section, but <code>TLS_CACERTFilename</code> was not provided.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>9</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Missing host name in at least one section.<br>
<br>
Each LDAP connection configuration section must provide at least one host name.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>10</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Missing unique identifier in at least one section.<br>
<br>
Each LDAP connection configuration section must provide at least one unique identifier.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>11</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">At least one LDAP connection configuration section must be specified.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><div class="literal"><pre>12</pre></div></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Internal error parsing <code>.traf_authentication_config</code>.</p></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="install-recipe">10. Install Recipe</h2>
<div class="sectionbody">
<div class="paragraph">
<p>To be written.</p>
</div>
</div>
</div>
<div class="sect1">
<h2 id="upgrade-recipe">11. Upgrade Recipe</h2>
<div class="sectionbody">
<div class="paragraph">
<p>To be written.</p>
</div>
</div>
</div>
</div>
<div id="footer">
<div id="footer-text">
Version 2.0.0<br>
Last updated 2016-05-18 18:03:41 UTC
</div>
</div>
<script>
var _gaq = _gaq || [];
_gaq.push(['_setAccount','UA-72491210-1']);
_gaq.push(['_trackPageview']);
(function() {
  var ga = document.createElement('script');
  ga.type = 'text/javascript';
  ga.async = true;
  ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
  var s = document.getElementsByTagName('script')[0];
  s.parentNode.insertBefore(ga, s);
})();
</script>
</body>
</html>