| <!DOCTYPE html> |
| <html lang="en"> |
| <head> |
| <meta charset="UTF-8"> |
| <!--[if IE]><meta http-equiv="X-UA-Compatible" content="IE=edge"><![endif]--> |
| <meta name="viewport" content="width=device-width, initial-scale=1.0"> |
| <meta name="generator" content="Asciidoctor 1.5.4"> |
| <title>Provisioning Guide</title> |
| <style> |
| /** |
| * @@@ START COPYRIGHT @@@ |
| * |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| * |
| * @@@ END COPYRIGHT @@@ |
| */ |
| /* Asciidoctor default stylesheet | MIT License | http://asciidoctor.org */ |
| /* Remove the comments around the @import statement below when using this as a custom stylesheet */ |
| /*@import "https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400";*/ |
| article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section,summary{display:block} |
| audio,canvas,video{display:inline-block} |
| audio:not([controls]){display:none;height:0} |
| [hidden],template{display:none} |
| script{display:none!important} |
| html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%} |
| body{margin:0} |
| a{background:transparent} |
| a:focus{outline:thin dotted} |
| a:active,a:hover{outline:0} |
| h1{font-size:2em;margin:.67em 0} |
| abbr[title]{border-bottom:1px dotted} |
| b,strong{font-weight:bold} |
| dfn{font-style:italic} |
| hr{-moz-box-sizing:content-box;box-sizing:content-box;height:0} |
| mark{background:#ff0;color:#000} |
| code,kbd,pre,samp{font-family:monospace;font-size:1em} |
| pre{white-space:pre-wrap} |
| q{quotes:"\201C" "\201D" "\2018" "\2019"} |
| small{font-size:80%} |
| sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline} |
| sup{top:-.5em} |
| sub{bottom:-.25em} |
| img{border:0} |
| svg:not(:root){overflow:hidden} |
| figure{margin:0} |
| fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em} |
| legend{border:0;padding:0} |
| button,input,select,textarea{font-family:inherit;font-size:100%;margin:0} |
| button,input{line-height:normal} |
| button,select{text-transform:none} |
| button,html input[type="button"],input[type="reset"],input[type="submit"]{-webkit-appearance:button;cursor:pointer} |
| button[disabled],html input[disabled]{cursor:default} |
| input[type="checkbox"],input[type="radio"]{box-sizing:border-box;padding:0} |
| input[type="search"]{-webkit-appearance:textfield;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;box-sizing:content-box} |
| input[type="search"]::-webkit-search-cancel-button,input[type="search"]::-webkit-search-decoration{-webkit-appearance:none} |
| button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0} |
| textarea{overflow:auto;vertical-align:top} |
| table{border-collapse:collapse;border-spacing:0} |
| *,*:before,*:after{-moz-box-sizing:border-box;-webkit-box-sizing:border-box;box-sizing:border-box} |
| html,body{font-size:100%} |
| body{background:#fff;color:rgba(0,0,0,.8);padding:0;margin:0;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif,serif;font-weight:400;font-style:normal;line-height:1;position:relative;cursor:auto} |
| a:hover{cursor:pointer} |
| img,object,embed{max-width:100%;height:auto} |
| object,embed{height:100%} |
| img{-ms-interpolation-mode:bicubic} |
| #map_canvas img,#map_canvas embed,#map_canvas object,.map_canvas img,.map_canvas embed,.map_canvas object{max-width:none!important} |
| .left{float:left!important} |
| .right{float:right!important} |
| .text-left{text-align:left!important} |
| .text-right{text-align:right!important} |
| .text-center{text-align:center!important} |
| .text-justify{text-align:justify!important} |
| .hide{display:none} |
| .antialiased,body{-webkit-font-smoothing:antialiased} |
| img{display:inline-block;vertical-align:middle} |
| textarea{height:auto;min-height:50px} |
| select{width:100%} |
| p.lead,.paragraph.lead>p,#preamble>.sectionbody>.paragraph:first-of-type p{font-size:1.21875em;line-height:1.6} |
| .subheader,.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{line-height:1.45;color:#3188ac;font-weight:400;margin-top:0;margin-bottom:.25em} |
| div,dl,dt,dd,ul,ol,li,h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6,pre,form,p,blockquote,th,td{margin:0;padding:0;direction:ltr} |
| a{color:#2156a5;text-decoration:underline;line-height:inherit} |
| a:hover,a:focus{color:#1d4b8f} |
| a img{border:none} |
| p{font-family:inherit;font-weight:400;font-size:1em;line-height:1.6;margin-bottom:1.25em;text-rendering:optimizeLegibility} |
| p aside{font-size:.875em;line-height:1.35;font-style:italic} |
| /* Defines headings */ |
| h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-weight:bold;font-style:normal;color:#3188ac;text-rendering:optimizeLegibility;margin-top:1em;margin-bottom:.5em;line-height:1.0125em} |
| h1 small,h2 small,h3 small,#toctitle small,.sidebarblock>.content>.title small,h4 small,h5 small,h6 small{font-size:60%;color:#e99b8f;line-height:0} |
| h1{font-size:2.125em} |
| h2{font-size:1.6875em} |
| h3,#toctitle,.sidebarblock>.content>.title{font-size:1.375em} |
| h4,h5{font-size:1.125em} |
| h6{font-size:1em} |
| hr{border:solid #ddddd8;border-width:1px 0 0;clear:both;margin:1.25em 0 1.1875em;height:0} |
| em,i{font-style:italic;line-height:inherit} |
| strong,b{font-weight:bold;line-height:inherit} |
| small{font-size:60%;line-height:inherit} |
| /* Defines the `text` (passthru) format */ |
| code{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:bold;color:#3188ac} |
| ul,ol,dl{font-size:1em;line-height:1.6;margin-bottom:1.25em;list-style-position:outside;font-family:inherit} |
| ul,ol,ul.no-bullet,ol.no-bullet{margin-left:1.5em} |
| ul li ul,ul li ol{margin-left:1.25em;margin-bottom:0;font-size:1em} |
| ul.square li ul,ul.circle li ul,ul.disc li ul{list-style:inherit} |
| ul.square{list-style-type:square} |
| ul.circle{list-style-type:circle} |
| ul.disc{list-style-type:disc} |
| ul.no-bullet{list-style:none} |
| ol li ul,ol li ol{margin-left:1.25em;margin-bottom:0} |
| dl dt{margin-bottom:.3125em;font-weight:bold} |
| dl dd{margin-bottom:1.25em} |
| abbr,acronym{text-transform:uppercase;font-size:90%;color:rgba(0,0,0,.8);border-bottom:1px dotted #ddd;cursor:help} |
| abbr{text-transform:none} |
| blockquote{margin:0 0 1.25em;padding:.5625em 1.25em 0 1.1875em;border-left:1px solid #ddd} |
| blockquote cite{display:block;font-size:.9375em;color:rgba(0,0,0,.6)} |
| blockquote cite:before{content:"\2014 \0020"} |
| blockquote cite a,blockquote cite a:visited{color:rgba(0,0,0,.6)} |
| blockquote,blockquote p{line-height:1.6;color:rgba(0,0,0,.85)} |
| @media only screen and (min-width:768px){h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2} |
| h1{font-size:2.75em} |
| h2{font-size:2.3125em} |
| h3,#toctitle,.sidebarblock>.content>.title{font-size:1.6875em} |
| h4{font-size:1.4375em}}table{background:#fff;margin-bottom:1.25em;border:solid 1px #dedede} |
| table thead,table tfoot{background:#f7f8f7;font-weight:bold} |
| table thead tr th,table thead tr td,table tfoot tr th,table tfoot tr td{padding:.5em .625em .625em;font-size:inherit;color:rgba(0,0,0,.8);text-align:left} |
| table tr th,table tr td{padding:.5625em .625em;font-size:inherit;color:rgba(0,0,0,.8)} |
| table tr.even,table tr.alt,table tr:nth-of-type(even){background:#f8f8f7} |
| table thead tr th,table tfoot tr th,table tbody tr td,table tr td,table tfoot tr td{display:table-cell;line-height:1.6} |
| h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2;word-spacing:-.05em} |
| h1 strong,h2 strong,h3 strong,#toctitle strong,.sidebarblock>.content>.title strong,h4 strong,h5 strong,h6 strong{font-weight:400} |
| .clearfix:before,.clearfix:after,.float-group:before,.float-group:after{content:" ";display:table} |
| .clearfix:after,.float-group:after{clear:both} |
| *:not(pre)>code{font-size:1.0em;font-style:normal!important;letter-spacing:0;padding:.1em .5ex;word-spacing:-.15em;-webkit-border-radius:4px;border-radius:4px;line-height:1.45;text-rendering:optimizeSpeed} |
| /**:not(pre)>code{font-size:.9375em;font-style:normal!important;letter-spacing:0;padding:.1em .5ex;word-spacing:-.15em;background-color:#f7f7f8;-webkit-border-radius:4px;border-radius:4px;line-height:1.45;text-rendering:optimizeSpeed}*/ |
| pre,pre>code{line-height:1.45;color:rgba(0,0,0,.9);font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;text-rendering:optimizeSpeed} |
| .keyseq{color:rgba(51,51,51,.8)} |
| kbd{display:inline-block;color:rgba(0,0,0,.8);font-size:.75em;line-height:1.4;background-color:#f7f7f7;border:1px solid #ccc;-webkit-border-radius:3px;border-radius:3px;-webkit-box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em white inset;box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em #fff inset;margin:-.15em .15em 0 .15em;padding:.2em .6em .2em .5em;vertical-align:middle;white-space:nowrap} |
| .keyseq kbd:first-child{margin-left:0} |
| .keyseq kbd:last-child{margin-right:0} |
| .menuseq,.menu{color:rgba(0,0,0,.8)} |
| b.button:before,b.button:after{position:relative;top:-1px;font-weight:400} |
| b.button:before{content:"[";padding:0 3px 0 2px} |
| b.button:after{content:"]";padding:0 2px 0 3px} |
| p a>code:hover{color:rgba(0,0,0,.9)} |
| #header,#content,#footnotes,#footer{width:100%;margin-left:auto;margin-right:auto;margin-top:0;margin-bottom:0;max-width:62.5em;*zoom:1;position:relative;padding-left:.9375em;padding-right:.9375em} |
| #header:before,#header:after,#content:before,#content:after,#footnotes:before,#footnotes:after,#footer:before,#footer:after{content:" ";display:table} |
| #header:after,#content:after,#footnotes:after,#footer:after{clear:both} |
| #content{margin-top:1.25em} |
| #content:before{content:none} |
| /* #header>h1:first-child{color:rgba(0,0,0,.85);margin-top:2.25rem;margin-bottom:0} */ |
| #header>h1:first-child{color:#3188ac;margin-top:2.25rem;margin-bottom:0} |
| #header>h1:first-child+#toc{margin-top:8px;border-top:1px solid #ddddd8} |
| #header>h1:only-child,body.toc2 #header>h1:nth-last-child(2){border-bottom:1px solid #ddddd8;padding-bottom:8px} |
| #header .details{border-bottom:1px solid #ddddd8;line-height:1.45;padding-top:.25em;padding-bottom:.25em;padding-left:.25em;color:rgba(0,0,0,.6);display:-ms-flexbox;display:-webkit-flex;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap} |
| #header .details span:first-child{margin-left:-.125em} |
| #header .details span.email a{color:rgba(0,0,0,.85)} |
| #header .details br{display:none} |
| #header .details br+span:before{content:"\00a0\2013\00a0"} |
| #header .details br+span.author:before{content:"\00a0\22c5\00a0";color:rgba(0,0,0,.85)} |
| #header .details br+span#revremark:before{content:"\00a0|\00a0"} |
| #header #revnumber{text-transform:capitalize} |
| #header #revnumber:after{content:"\00a0"} |
| #content>h1:first-child:not([class]){color:rgba(0,0,0,.85);border-bottom:1px solid #ddddd8;padding-bottom:8px;margin-top:0;padding-top:1rem;margin-bottom:1.25rem} |
| #toc{border-bottom:1px solid #efefed;padding-bottom:.5em} |
| #toc>ul{margin-left:.125em} |
| #toc ul.sectlevel0>li>a{font-style:italic} |
| #toc ul.sectlevel0 ul.sectlevel1{margin:.5em 0} |
| #toc ul{font-family:"Open Sans","DejaVu Sans",sans-serif;list-style-type:none} |
| #toc a{text-decoration:none} |
| #toc a:active{text-decoration:underline} |
| #toctitle{color:#3188ac;font-size:1.2em} |
| @media only screen and (min-width:768px){#toctitle{font-size:1.375em} |
| body.toc2{padding-left:15em;padding-right:0} |
| #toc.toc2{margin-top:0!important;background-color:#f8f8f7;position:fixed;width:15em;left:0;top:0;border-right:1px solid #efefed;border-top-width:0!important;border-bottom-width:0!important;z-index:1000;padding:1.25em 1em;height:100%;overflow:auto} |
| #toc.toc2 #toctitle{margin-top:0;font-size:1.2em} |
| #toc.toc2>ul{font-size:.9em;margin-bottom:0} |
| #toc.toc2 ul ul{margin-left:0;padding-left:1em} |
| #toc.toc2 ul.sectlevel0 ul.sectlevel1{padding-left:0;margin-top:.5em;margin-bottom:.5em} |
| body.toc2.toc-right{padding-left:0;padding-right:15em} |
| body.toc2.toc-right #toc.toc2{border-right-width:0;border-left:1px solid #efefed;left:auto;right:0}}@media only screen and (min-width:1280px){body.toc2{padding-left:20em;padding-right:0} |
| /* Controls width of panel */ |
| #toc.toc2{width:20em} |
| #toc.toc2 #toctitle{font-size:1.375em} |
| #toc.toc2>ul{font-size:.95em} |
| #toc.toc2 ul ul{padding-left:1.25em} |
| body.toc2.toc-right{padding-left:0;padding-right:20em}}#content #toc{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px} |
| #content #toc>:first-child{margin-top:0} |
| #content #toc>:last-child{margin-bottom:0} |
| #footer{max-width:100%;background-color:rgba(0,0,0,.8);padding:1.25em} |
| #footer-text,#footer_nav{color:rgba(255,255,255,.8);line-height:1.44} |
| #footer a{color: #990000} |
| .sect1{padding-bottom:.625em} |
| @media only screen and (min-width:768px){.sect1{padding-bottom:1.25em}}.sect1+.sect1{border-top:1px solid #efefed} |
| #content h1>a.anchor,h2>a.anchor,h3>a.anchor,#toctitle>a.anchor,.sidebarblock>.content>.title>a.anchor,h4>a.anchor,h5>a.anchor,h6>a.anchor{position:absolute;z-index:1001;width:1.5ex;margin-left:-1.5ex;display:block;text-decoration:none!important;visibility:hidden;text-align:center;font-weight:400} |
| #content h1>a.anchor:before,h2>a.anchor:before,h3>a.anchor:before,#toctitle>a.anchor:before,.sidebarblock>.content>.title>a.anchor:before,h4>a.anchor:before,h5>a.anchor:before,h6>a.anchor:before{content:"\00A7";font-size:.85em;display:block;padding-top:.1em} |
| #content h1:hover>a.anchor,#content h1>a.anchor:hover,h2:hover>a.anchor,h2>a.anchor:hover,h3:hover>a.anchor,#toctitle:hover>a.anchor,.sidebarblock>.content>.title:hover>a.anchor,h3>a.anchor:hover,#toctitle>a.anchor:hover,.sidebarblock>.content>.title>a.anchor:hover,h4:hover>a.anchor,h4>a.anchor:hover,h5:hover>a.anchor,h5>a.anchor:hover,h6:hover>a.anchor,h6>a.anchor:hover{visibility:visible} |
| #content h1>a.link,h2>a.link,h3>a.link,#toctitle>a.link,.sidebarblock>.content>.title>a.link,h4>a.link,h5>a.link,h6>a.link{color:#990000;text-decoration:none} |
| #content h1>a.link:hover,h2>a.link:hover,h3>a.link:hover,#toctitle>a.link:hover,.sidebarblock>.content>.title>a.link:hover,h4>a.link:hover,h5>a.link:hover,h6>a.link:hover{color:#a53221} |
| .audioblock,.imageblock,.literalblock,.listingblock,.stemblock,.videoblock{margin-bottom:1.25em} |
| .admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{text-rendering:optimizeLegibility;text-align:left;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif,serif;font-size:1rem;font-weight:bold} |
| /* Here */ |
| table.tableblock>caption.title{white-space:nowrap;overflow:visible;max-width:0} |
| .paragraph.lead>p,#preamble>.sectionbody>.paragraph:first-of-type p{color:rgba(0,0,0,.85)} |
| table.tableblock #preamble>.sectionbody>.paragraph:first-of-type p{font-size:inherit} |
| .admonitionblock>table{border-collapse:separate;border:0;background:none;width:100%} |
| .admonitionblock>table td.icon{text-align:center;width:80px} |
| .admonitionblock>table td.icon img{max-width:none} |
| .admonitionblock>table td.icon .title{font-weight:bold;font-family:"Open Sans","DejaVu Sans",sans-serif;text-transform:uppercase} |
| .admonitionblock>table td.content{padding-left:1.125em;padding-right:1.25em;border-left:1px solid #ddddd8;color:rgba(0,0,0,.6)} |
| .admonitionblock>table td.content>:last-child>:last-child{margin-bottom:0} |
| .exampleblock>.content{border-style:solid;border-width:1px;border-color:#e6e6e6;margin-bottom:1.25em;padding:1.25em;background:#fff;-webkit-border-radius:4px;border-radius:4px} |
| .exampleblock>.content>:first-child{margin-top:0} |
| .exampleblock>.content>:last-child{margin-bottom:0} |
| .sidebarblock{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px} |
| .sidebarblock>:first-child{margin-top:0} |
| .sidebarblock>:last-child{margin-bottom:0} |
| .sidebarblock>.content>.title{color:#7a2518;margin-top:0;text-align:center} |
| .exampleblock>.content>:last-child>:last-child,.exampleblock>.content .olist>ol>li:last-child>:last-child,.exampleblock>.content .ulist>ul>li:last-child>:last-child,.exampleblock>.content .qlist>ol>li:last-child>:last-child,.sidebarblock>.content>:last-child>:last-child,.sidebarblock>.content .olist>ol>li:last-child>:last-child,.sidebarblock>.content .ulist>ul>li:last-child>:last-child,.sidebarblock>.content .qlist>ol>li:last-child>:last-child{margin-bottom:0} |
| .literalblock pre,.listingblock pre:not(.highlight),.listingblock pre[class="highlight"],.listingblock pre[class^="highlight "],.listingblock pre.CodeRay,.listingblock pre.prettyprint{background:#f7f7f8} |
| .sidebarblock .literalblock pre,.sidebarblock .listingblock pre:not(.highlight),.sidebarblock .listingblock pre[class="highlight"],.sidebarblock .listingblock pre[class^="highlight "],.sidebarblock .listingblock pre.CodeRay,.sidebarblock .listingblock pre.prettyprint{background:#f2f1f1} |
| .literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{-webkit-border-radius:4px;border-radius:4px;word-wrap:break-word;padding:1em;font-size:.8125em} |
| .literalblock pre.nowrap,.literalblock pre[class].nowrap,.listingblock pre.nowrap,.listingblock pre[class].nowrap{overflow-x:auto;white-space:pre;word-wrap:normal} |
| @media only screen and (min-width:768px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:.90625em}}@media only screen and (min-width:1280px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:1em}}.literalblock.output pre{color:#f7f7f8;background-color:rgba(0,0,0,.9)} |
| .listingblock pre.highlightjs{padding:0} |
| .listingblock pre.highlightjs>code{padding:1em;-webkit-border-radius:4px;border-radius:4px} |
| .listingblock pre.prettyprint{border-width:0} |
| .listingblock>.content{position:relative} |
| .listingblock code[data-lang]:before{display:none;content:attr(data-lang);position:absolute;font-size:.75em;top:.425rem;right:.5rem;line-height:1;text-transform:uppercase;color:#999} |
| .listingblock:hover code[data-lang]:before{display:block} |
| .listingblock.terminal pre .command:before{content:attr(data-prompt);padding-right:.5em;color:#999} |
| .listingblock.terminal pre .command:not([data-prompt]):before{content:"$"} |
| table.pyhltable{border-collapse:separate;border:0;margin-bottom:0;background:none} |
| table.pyhltable td{vertical-align:top;padding-top:0;padding-bottom:0} |
| table.pyhltable td.code{padding-left:.75em;padding-right:0} |
| pre.pygments .lineno,table.pyhltable td:not(.code){color:#999;padding-left:0;padding-right:.5em;border-right:1px solid #ddddd8} |
| pre.pygments .lineno{display:inline-block;margin-right:.25em} |
| table.pyhltable .linenodiv{background:none!important;padding-right:0!important} |
| .quoteblock{margin:0 1em 1.25em 1.5em;display:table} |
| .quoteblock>.title{margin-left:-1.5em;margin-bottom:.75em} |
| .quoteblock blockquote,.quoteblock blockquote p{color:rgba(0,0,0,.85);font-size:1.15rem;line-height:1.75;word-spacing:.1em;letter-spacing:0;font-style:italic;text-align:justify} |
| .quoteblock blockquote{margin:0;padding:0;border:0} |
| .quoteblock blockquote:before{content:"\201c";float:left;font-size:2.75em;font-weight:bold;line-height:.6em;margin-left:-.6em;color:#7a2518;text-shadow:0 1px 2px rgba(0,0,0,.1)} |
| .quoteblock blockquote>.paragraph:last-child p{margin-bottom:0} |
| .quoteblock .attribution{margin-top:.5em;margin-right:.5ex;text-align:right} |
| .quoteblock .quoteblock{margin-left:0;margin-right:0;padding:.5em 0;border-left:3px solid rgba(0,0,0,.6)} |
| .quoteblock .quoteblock blockquote{padding:0 0 0 .75em} |
| .quoteblock .quoteblock blockquote:before{display:none} |
| .verseblock{margin:0 1em 1.25em 1em} |
| .verseblock pre{font-family:"Open Sans","DejaVu Sans",sans;font-size:1.15rem;color:rgba(0,0,0,.85);font-weight:300;text-rendering:optimizeLegibility} |
| .verseblock pre strong{font-weight:400} |
| .verseblock .attribution{margin-top:1.25rem;margin-left:.5ex} |
| .quoteblock .attribution,.verseblock .attribution{font-size:.9375em;line-height:1.45;font-style:italic} |
| .quoteblock .attribution br,.verseblock .attribution br{display:none} |
| .quoteblock .attribution cite,.verseblock .attribution cite{display:block;letter-spacing:-.05em;color:rgba(0,0,0,.6)} |
| .quoteblock.abstract{margin:0 0 1.25em 0;display:block} |
| .quoteblock.abstract blockquote,.quoteblock.abstract blockquote p{text-align:left;word-spacing:0} |
| .quoteblock.abstract blockquote:before,.quoteblock.abstract blockquote p:first-of-type:before{display:none} |
| table.tableblock{max-width:100%;border-collapse:separate} |
| table.tableblock td>.paragraph:last-child p>p:last-child,table.tableblock th>p:last-child,table.tableblock td>p:last-child{margin-bottom:0} |
| table.spread{width:100%} |
| table.tableblock,th.tableblock,td.tableblock{border:0 solid #dedede} |
| table.grid-all th.tableblock,table.grid-all td.tableblock{border-width:0 1px 1px 0} |
| table.grid-all tfoot>tr>th.tableblock,table.grid-all tfoot>tr>td.tableblock{border-width:1px 1px 0 0} |
| table.grid-cols th.tableblock,table.grid-cols td.tableblock{border-width:0 1px 0 0} |
| table.grid-all *>tr>.tableblock:last-child,table.grid-cols *>tr>.tableblock:last-child{border-right-width:0} |
| table.grid-rows th.tableblock,table.grid-rows td.tableblock{border-width:0 0 1px 0} |
| table.grid-all tbody>tr:last-child>th.tableblock,table.grid-all tbody>tr:last-child>td.tableblock,table.grid-all thead:last-child>tr>th.tableblock,table.grid-rows tbody>tr:last-child>th.tableblock,table.grid-rows tbody>tr:last-child>td.tableblock,table.grid-rows thead:last-child>tr>th.tableblock{border-bottom-width:0} |
| table.grid-rows tfoot>tr>th.tableblock,table.grid-rows tfoot>tr>td.tableblock{border-width:1px 0 0 0} |
| table.frame-all{border-width:1px} |
| table.frame-sides{border-width:0 1px} |
| table.frame-topbot{border-width:1px 0} |
| th.halign-left,td.halign-left{text-align:left} |
| th.halign-right,td.halign-right{text-align:right} |
| th.halign-center,td.halign-center{text-align:center} |
| th.valign-top,td.valign-top{vertical-align:top} |
| th.valign-bottom,td.valign-bottom{vertical-align:bottom} |
| th.valign-middle,td.valign-middle{vertical-align:middle} |
| table thead th,table tfoot th{font-weight:bold} |
| tbody tr th{display:table-cell;line-height:1.6;background:#f7f8f7} |
| tbody tr th,tbody tr th p,tfoot tr th,tfoot tr th p{color:rgba(0,0,0,.8);font-weight:bold} |
| p.tableblock>code:only-child{background:none;padding:0} |
| p.tableblock{font-size:1em} |
| td>div.verse{white-space:pre} |
| ol{margin-left:1.75em} |
| ul li ol{margin-left:1.5em} |
| dl dd{margin-left:1.125em} |
| dl dd:last-child,dl dd:last-child>:last-child{margin-bottom:0} |
| ol>li p,ul>li p,ul dd,ol dd,.olist .olist,.ulist .ulist,.ulist .olist,.olist .ulist{margin-bottom:.625em} |
| ul.unstyled,ol.unnumbered,ul.checklist,ul.none{list-style-type:none} |
| ul.unstyled,ol.unnumbered,ul.checklist{margin-left:.625em} |
| ul.checklist li>p:first-child>.fa-square-o:first-child,ul.checklist li>p:first-child>.fa-check-square-o:first-child{width:1em;font-size:.85em} |
| ul.checklist li>p:first-child>input[type="checkbox"]:first-child{width:1em;position:relative;top:1px} |
| ul.inline{margin:0 auto .625em auto;margin-left:-1.375em;margin-right:0;padding:0;list-style:none;overflow:hidden} |
| ul.inline>li{list-style:none;float:left;margin-left:1.375em;display:block} |
| ul.inline>li>*{display:block} |
| .unstyled dl dt{font-weight:400;font-style:normal} |
| ol.arabic{list-style-type:decimal} |
| ol.decimal{list-style-type:decimal-leading-zero} |
| ol.loweralpha{list-style-type:lower-alpha} |
| ol.upperalpha{list-style-type:upper-alpha} |
| ol.lowerroman{list-style-type:lower-roman} |
| ol.upperroman{list-style-type:upper-roman} |
| ol.lowergreek{list-style-type:lower-greek} |
| .hdlist>table,.colist>table{border:0;background:none} |
| .hdlist>table>tbody>tr,.colist>table>tbody>tr{background:none} |
| td.hdlist1{padding-right:.75em;font-weight:bold} |
| td.hdlist1,td.hdlist2{vertical-align:top} |
| .literalblock+.colist,.listingblock+.colist{margin-top:-.5em} |
| .colist>table tr>td:first-of-type{padding:0 .75em;line-height:1} |
| .colist>table tr>td:last-of-type{padding:.25em 0} |
| .thumb,.th{line-height:0;display:inline-block;border:solid 4px #fff;-webkit-box-shadow:0 0 0 1px #ddd;box-shadow:0 0 0 1px #ddd} |
| .imageblock.left,.imageblock[style*="float: left"]{margin:.25em .625em 1.25em 0} |
| .imageblock.right,.imageblock[style*="float: right"]{margin:.25em 0 1.25em .625em} |
| .imageblock>.title{margin-bottom:0} |
| .imageblock.thumb,.imageblock.th{border-width:6px} |
| .imageblock.thumb>.title,.imageblock.th>.title{padding:0 .125em} |
| .image.left,.image.right{margin-top:.25em;margin-bottom:.25em;display:inline-block;line-height:0} |
| .image.left{margin-right:.625em} |
| .image.right{margin-left:.625em} |
| a.image{text-decoration:none} |
| span.footnote,span.footnoteref{vertical-align:super;font-size:.875em} |
| span.footnote a,span.footnoteref a{text-decoration:none} |
| span.footnote a:active,span.footnoteref a:active{text-decoration:underline} |
| #footnotes{padding-top:.75em;padding-bottom:.75em;margin-bottom:.625em} |
| #footnotes hr{width:20%;min-width:6.25em;margin:-.25em 0 .75em 0;border-width:1px 0 0 0} |
| #footnotes .footnote{padding:0 .375em;line-height:1.3;font-size:.875em;margin-left:1.2em;text-indent:-1.2em;margin-bottom:.2em} |
| #footnotes .footnote a:first-of-type{font-weight:bold;text-decoration:none} |
| #footnotes .footnote:last-of-type{margin-bottom:0} |
| #content #footnotes{margin-top:-.625em;margin-bottom:0;padding:.75em 0} |
| .gist .file-data>table{border:0;background:#fff;width:100%;margin-bottom:0} |
| .gist .file-data>table td.line-data{width:99%} |
| div.unbreakable{page-break-inside:avoid} |
| .big{font-size:larger} |
| .small{font-size:smaller} |
| .underline{text-decoration:underline} |
| .overline{text-decoration:overline} |
| .line-through{text-decoration:line-through} |
| .aqua{color:#00bfbf} |
| .aqua-background{background-color:#00fafa} |
| .black{color:#000} |
| .black-background{background-color:#000} |
| .blue{color:#0000bf} |
| .blue-background{background-color:#0000fa} |
| .fuchsia{color:#bf00bf} |
| .fuchsia-background{background-color:#fa00fa} |
| .gray{color:#606060} |
| .gray-background{background-color:#7d7d7d} |
| .green{color:#006000} |
| .green-background{background-color:#007d00} |
| .lime{color:#00bf00} |
| .lime-background{background-color:#00fa00} |
| .maroon{color:#600000} |
| .maroon-background{background-color:#7d0000} |
| .navy{color:#000060} |
| .navy-background{background-color:#00007d} |
| .olive{color:#606000} |
| .olive-background{background-color:#7d7d00} |
| .purple{color:#600060} |
| .purple-background{background-color:#7d007d} |
| .red{color:#bf0000} |
| .red-background{background-color:#fa0000} |
| .silver{color:#909090} |
| .silver-background{background-color:#bcbcbc} |
| .teal{color:#006060} |
| .teal-background{background-color:#007d7d} |
| .white{color:#bfbfbf} |
| .white-background{background-color:#fafafa} |
| .yellow{color:#bfbf00} |
| .yellow-background{background-color:#fafa00} |
| span.icon>.fa{cursor:default} |
| .admonitionblock td.icon [class^="fa icon-"]{font-size:2.5em;text-shadow:1px 1px 2px rgba(0,0,0,.5);cursor:default} |
| .admonitionblock td.icon .icon-note:before{content:"\f05a";color:#19407c} |
| .admonitionblock td.icon .icon-tip:before{content:"\f0eb";text-shadow:1px 1px 2px rgba(155,155,0,.8);color:#111} |
| .admonitionblock td.icon .icon-warning:before{content:"\f071";color:#bf6900} |
| .admonitionblock td.icon .icon-caution:before{content:"\f06d";color:#bf3400} |
| .admonitionblock td.icon .icon-important:before{content:"\f06a";color:#bf0000} |
| .conum[data-value]{display:inline-block;color:#fff!important;background-color:rgba(0,0,0,.8);-webkit-border-radius:100px;border-radius:100px;text-align:center;font-size:.75em;width:1.67em;height:1.67em;line-height:1.67em;font-family:"Open Sans","DejaVu Sans",sans-serif;font-style:normal;font-weight:bold} |
| .conum[data-value] *{color:#fff!important} |
| .conum[data-value]+b{display:none} |
| .conum[data-value]:after{content:attr(data-value)} |
| pre .conum[data-value]{position:relative;top:-.125em} |
| b.conum *{color:inherit!important} |
| .conum:not([data-value]):empty{display:none} |
| h1,h2{letter-spacing:-.01em} |
| dt,th.tableblock,td.content{text-rendering:optimizeLegibility} |
| p,td.content{letter-spacing:-.01em} |
| p strong,td.content strong{letter-spacing:-.005em} |
| p,blockquote,dt,td.content{font-size:1.0625rem} |
| p{margin-bottom:1.25rem} |
| .sidebarblock p,.sidebarblock dt,.sidebarblock td.content,p.tableblock{font-size:1em} |
| .exampleblock>.content{background-color:#fffef7;border-color:#e0e0dc;-webkit-box-shadow:0 1px 4px #e0e0dc;box-shadow:0 1px 4px #e0e0dc} |
| .print-only{display:none!important} |
| @media print{@page{margin:1.25cm .75cm} |
| *{-webkit-box-shadow:none!important;box-shadow:none!important;text-shadow:none!important} |
| a{color:inherit!important;text-decoration:underline!important} |
| a.bare,a[href^="#"],a[href^="mailto:"]{text-decoration:none!important} |
| a[href^="http:"]:not(.bare):after,a[href^="https:"]:not(.bare):after{content:"(" attr(href) ")";display:inline-block;font-size:.875em;padding-left:.25em} |
| abbr[title]:after{content:" (" attr(title) ")"} |
| pre,blockquote,tr,img{page-break-inside:avoid} |
| thead{display:table-header-group} |
| img{max-width:100%!important} |
| p,blockquote,dt,td.content{font-size:1em;orphans:3;widows:3} |
| h2,h3,#toctitle,.sidebarblock>.content>.title{page-break-after:avoid} |
| #toc,.sidebarblock,.exampleblock>.content{background:none!important} |
| #toc{border-bottom:1px solid #ddddd8!important;padding-bottom:0!important} |
| .sect1{padding-bottom:0!important} |
| .sect1+.sect1{border:0!important} |
| #header>h1:first-child{margin-top:1.25rem} |
| body.book #header{text-align:center} |
| body.book #header>h1:first-child{border:0!important;margin:2.5em 0 1em 0} |
| body.book #header .details{border:0!important;display:block;padding:0!important} |
| body.book #header .details span:first-child{margin-left:0!important} |
| body.book #header .details br{display:block} |
| body.book #header .details br+span:before{content:none!important} |
| body.book #toc{border:0!important;text-align:left!important;padding:0!important;margin:0!important} |
| body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-break-before:always} |
| .listingblock code[data-lang]:before{display:block} |
| #footer{background:none!important;padding:0 .9375em} |
| #footer-text{color:rgba(0,0,0,.6)!important;font-size:.9em} |
| .hide-on-print{display:none!important} |
| .print-only{display:block!important} |
| .hide-for-print{display:none!important} |
| .show-for-print{display:inherit!important}} |
| div.paragraph.indented p {padding-left: 3em;} |
| div.paragraph.indented2 p {padding-left: 6em;} |
| div.paragraph.indented3 p {padding-left: 9em;} |
| |
| </style> |
| <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css"> |
| <style> |
| /* Stylesheet for CodeRay to match GitHub theme | MIT License | http://foundation.zurb.com */ |
| /*pre.CodeRay {background-color:#f7f7f8;}*/ |
| .CodeRay .line-numbers{border-right:1px solid #d8d8d8;padding:0 0.5em 0 .25em} |
| .CodeRay span.line-numbers{display:inline-block;margin-right:.5em;color:rgba(0,0,0,.3)} |
| .CodeRay .line-numbers strong{color:rgba(0,0,0,.4)} |
| table.CodeRay{border-collapse:separate;border-spacing:0;margin-bottom:0;border:0;background:none} |
| table.CodeRay td{vertical-align: top;line-height:1.45} |
| table.CodeRay td.line-numbers{text-align:right} |
| table.CodeRay td.line-numbers>pre{padding:0;color:rgba(0,0,0,.3)} |
| table.CodeRay td.code{padding:0 0 0 .5em} |
| table.CodeRay td.code>pre{padding:0} |
| .CodeRay .debug{color:#fff !important;background:#000080 !important} |
| .CodeRay .annotation{color:#007} |
| .CodeRay .attribute-name{color:#000080} |
| .CodeRay .attribute-value{color:#700} |
| .CodeRay .binary{color:#509} |
| .CodeRay .comment{color:#998;font-style:italic} |
| .CodeRay .char{color:#04d} |
| .CodeRay .char .content{color:#04d} |
| .CodeRay .char .delimiter{color:#039} |
| .CodeRay .class{color:#458;font-weight:bold} |
| .CodeRay .complex{color:#a08} |
| .CodeRay .constant,.CodeRay .predefined-constant{color:#008080} |
| .CodeRay .color{color:#099} |
| .CodeRay .class-variable{color:#369} |
| .CodeRay .decorator{color:#b0b} |
| .CodeRay .definition{color:#099} |
| .CodeRay .delimiter{color:#000} |
| .CodeRay .doc{color:#970} |
| .CodeRay .doctype{color:#34b} |
| .CodeRay .doc-string{color:#d42} |
| .CodeRay .escape{color:#666} |
| .CodeRay .entity{color:#800} |
| .CodeRay .error{color:#808} |
| .CodeRay .exception{color:inherit} |
| .CodeRay .filename{color:#099} |
| .CodeRay .function{color:#900;font-weight:bold} |
| .CodeRay .global-variable{color:#008080} |
| .CodeRay .hex{color:#058} |
| .CodeRay .integer,.CodeRay .float{color:#099} |
| .CodeRay .include{color:#555} |
| .CodeRay .inline{color:#000} |
| .CodeRay .inline .inline{background:#ccc} |
| .CodeRay .inline .inline .inline{background:#bbb} |
| .CodeRay .inline .inline-delimiter{color:#d14} |
| .CodeRay .inline-delimiter{color:#d14} |
| .CodeRay .important{color:#555;font-weight:bold} |
| .CodeRay .interpreted{color:#b2b} |
| .CodeRay .instance-variable{color:#008080} |
| .CodeRay .label{color:#970} |
| .CodeRay .local-variable{color:#963} |
| .CodeRay .octal{color:#40e} |
| .CodeRay .predefined{color:#369} |
| .CodeRay .preprocessor{color:#579} |
| .CodeRay .pseudo-class{color:#555} |
| .CodeRay .directive{font-weight:bold} |
| .CodeRay .type{font-weight:bold} |
| .CodeRay .predefined-type{color:inherit} |
| .CodeRay .reserved,.CodeRay .keyword {color:#000;font-weight:bold} |
| .CodeRay .key{color:#808} |
| .CodeRay .key .delimiter{color:#606} |
| .CodeRay .key .char{color:#80f} |
| .CodeRay .value{color:#088} |
| .CodeRay .regexp .delimiter{color:#808} |
| .CodeRay .regexp .content{color:#808} |
| .CodeRay .regexp .modifier{color:#808} |
| .CodeRay .regexp .char{color:#d14} |
| .CodeRay .regexp .function{color:#404;font-weight:bold} |
| .CodeRay .string{color:#d20} |
| .CodeRay .string .string .string{background:#ffd0d0} |
| .CodeRay .string .content{color:#d14} |
| .CodeRay .string .char{color:#d14} |
| .CodeRay .string .delimiter{color:#d14} |
| .CodeRay .shell{color:#d14} |
| .CodeRay .shell .delimiter{color:#d14} |
| .CodeRay .symbol{color:#990073} |
| .CodeRay .symbol .content{color:#a60} |
| .CodeRay .symbol .delimiter{color:#630} |
| .CodeRay .tag{color:#008080} |
| .CodeRay .tag-special{color:#d70} |
| .CodeRay .variable{color:#036} |
| .CodeRay .insert{background:#afa} |
| .CodeRay .delete{background:#faa} |
| .CodeRay .change{color:#aaf;background:#007} |
| .CodeRay .head{color:#f8f;background:#505} |
| .CodeRay .insert .insert{color:#080} |
| .CodeRay .delete .delete{color:#800} |
| .CodeRay .change .change{color:#66f} |
| .CodeRay .head .head{color:#f4f} |
| </style> |
| </head> |
| <body class="book toc2 toc-left"> |
| <div id="header"> |
| <h1>Provisioning Guide</h1> |
| <div class="details"> |
| <span id="revnumber">version 2.1.0</span> |
| </div> |
| <div id="toc" class="toc2"> |
| <div id="toctitle">Table of Contents</div> |
| <ul class="sectlevel1"> |
| <li><a href="#_about_this_document">1. About This Document</a> |
| <ul class="sectlevel2"> |
| <li><a href="#_intended_audience">1.1. Intended Audience</a></li> |
| <li><a href="#_new_and_changed_information">1.2. New and Changed Information</a></li> |
| <li><a href="#_notation_conventions">1.3. Notation Conventions</a></li> |
| <li><a href="#_comments_encouraged">1.4. Comments Encouraged</a></li> |
| </ul> |
| </li> |
| <li><a href="#quickstart">2. Quick Start</a> |
| <ul class="sectlevel2"> |
| <li><a href="#_download_binaries">2.1. Download Binaries</a></li> |
| <li><a href="#quickstart-unpack-installer">2.2. Unpack Installer</a></li> |
| <li><a href="#quickstart-collect-information">2.3. Collect Information</a> |
| <ul class="sectlevel3"> |
| <li><a href="#_location_of_trafodion_server_side_binary">2.3.1. Location of Trafodion Server-Side Binary</a></li> |
| <li><a href="#_java_location">2.3.2. Java Location</a></li> |
| <li><a href="#_data_nodes">2.3.3. Data Nodes</a></li> |
| <li><a href="#_trafodion_runtime_user_home_directory">2.3.4. Trafodion Runtime User Home Directory</a></li> |
| <li><a href="#_distribution_manager_url">2.3.5. Distribution Manager URL</a></li> |
| </ul> |
| </li> |
| <li><a href="#quickstart-run-installer">2.4. Run Installer</a></li> |
| </ul> |
| </li> |
| <li><a href="#introduction">3. Introduction</a> |
| <ul class="sectlevel2"> |
| <li><a href="#introduction-security-considerations">3.1. Security Considerations</a></li> |
| <li><a href="#introduction-provisioning-options">3.2. Provisioning Options</a></li> |
| <li><a href="#introduction-provisioning-activities">3.3. Provisioning Activities</a></li> |
| <li><a href="#introduction-provisioning-master-node">3.4. Provisioning Master Node</a></li> |
| <li><a href="#introduction-trafodion-installer">3.5. Trafodion Installer</a> |
| <ul class="sectlevel3"> |
| <li><a href="#introduction-trafodion-installer-usage">3.5.1. Usage</a></li> |
| <li><a href="#introduction-trafodion-installer-install-vs-upgrade">3.5.2. Install vs. Upgrade</a></li> |
| <li><a href="#introduction-trafodion-installer-guided-setup">3.5.3. Guided Setup</a></li> |
| <li><a href="#introduction-trafodion-installer-automated-setup">3.5.4. Automated Setup</a></li> |
| </ul> |
| </li> |
| <li><a href="#introduction-trafodion-provisioning-directories">3.6. Trafodion Provisioning Directories</a></li> |
| </ul> |
| </li> |
| <li><a href="#requirements">4. Requirements</a> |
| <ul class="sectlevel2"> |
| <li><a href="#requirements-general-cluster-and-os-requirements-and-recommendations">4.1. General Cluster and OS Requirements and Recommendations</a> |
| <ul class="sectlevel3"> |
| <li><a href="#requirements-cluster-requirements-and-recommendations">4.1.1. Hardware Requirements and Recommendations</a></li> |
| <li><a href="#requirements-os-requirements-and-recommendations">4.1.2. OS Requirements and Recommendations</a></li> |
| <li><a href="#requirements-ip-ports">4.1.3. IP Ports</a></li> |
| </ul> |
| </li> |
| <li><a href="#requirements-prerequisite-software">4.2. Prerequisite Software</a> |
| <ul class="sectlevel3"> |
| <li><a href="#requirements-hadoop-software">4.2.1. Hadoop Software</a></li> |
| <li><a href="#requirements-software-packages">4.2.2. Software Packages</a></li> |
| </ul> |
| </li> |
| <li><a href="#requirements-trafodion-user-ids-and-their-privileges">4.3. Trafodion User IDs and Their Privileges</a> |
| <ul class="sectlevel3"> |
| <li><a href="#requirements-trafodion-runtime-user">4.3.1. Trafodion Runtime User</a></li> |
| <li><a href="#requirements-trafodion-provisioning-user">4.3.2. Trafodion Provisioning User</a></li> |
| </ul> |
| </li> |
| <li><a href="#requirements-required-configuration-changes">4.4. Required Configuration Changes</a> |
| <ul class="sectlevel3"> |
| <li><a href="#requirements-operating-system-changes">4.4.1. Operating System Changes</a></li> |
| <li><a href="#requirements-zookeeper-changes">4.4.2. ZooKeeper Changes</a></li> |
| <li><a href="#requirements-hdfs-changes">4.4.3. HDFS Changes</a></li> |
| <li><a href="#requirements-hbase-changes">4.4.4. HBase Changes</a></li> |
| </ul> |
| </li> |
| <li><a href="#requirements-recommended-configuration-changes">4.5. Recommended Configuration Changes</a> |
| <ul class="sectlevel3"> |
| <li><a href="#requirements-recommended-security-changes">4.5.1. Recommended Security Changes</a></li> |
| <li><a href="#requirements-recommended-hdfs-configuration-changes">4.5.2. Recommended HDFS Configuration Changes</a></li> |
| <li><a href="#requirements-recommended-hbase-configuration-changes">4.5.3. Recommended HBase Configuration Changes</a></li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li><a href="#prepare">5. Prepare</a> |
| <ul class="sectlevel2"> |
| <li><a href="#prepare-install-optional-workstation-software">5.1. Install Optional Workstation Software</a></li> |
| <li><a href="#configure-installation-user-id">5.2. Configure Installation User ID</a></li> |
| <li><a href="#prepare-disable-requiretty">5.3. Disable requiretty</a></li> |
| <li><a href="#prepare-verify-os-requirements-and-recommendations">5.4. Verify OS Requirements and Recommendations</a></li> |
| <li><a href="#prepare-configure-kerberos">5.5. Configure Kerberos</a></li> |
| <li><a href="#prepare-configure-ldap-identity-store">5.6. Configure LDAP Identity Store</a></li> |
| <li><a href="#prepare-gather-configuration-information">5.7. Gather Configuration Information</a></li> |
| <li><a href="#prepare-install-required-software-packages">5.8. Install Required Software Packages</a> |
| <ul class="sectlevel3"> |
| <li><a href="#prepare-download-and-install-packages">5.8.1. Download and Install Packages</a></li> |
| </ul> |
| </li> |
| <li><a href="#prepare-download-trafodion-binaries">5.9. Download Trafodion Binaries</a></li> |
| <li><a href="#prepare-preparation-for-recipe-based-provisioning">5.10. Preparation for Recipe-Based Provisioning</a> |
| <ul class="sectlevel3"> |
| <li><a href="#prepare-modify-os-settings">5.10.1. Modify OS Settings</a></li> |
| <li><a href="#prepare-modify-zookeeper-configuration">5.10.2. Modify ZooKeeper Configuration</a></li> |
| <li><a href="#prepare-modify-hdfs-configuration">5.10.3. Modify HDFS Configuration</a></li> |
| <li><a href="#prepare-modify-hbase-configuration">5.10.4. Modify HBase Configuration</a></li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li><a href="#install">6. Install</a> |
| <ul class="sectlevel2"> |
| <li><a href="#install-unpack-installer">6.1. Unpack Installer</a></li> |
| <li><a href="#install-guided-install">6.2. Guided Install</a></li> |
| <li><a href="#install-automated-install">6.3. Automated Install</a></li> |
| </ul> |
| </li> |
| <li><a href="#upgrade">7. Upgrade</a> |
| <ul class="sectlevel2"> |
| <li><a href="#upgraded-download-updated-trafodion-binaries">7.1. Download Updated Trafodion Binaries</a></li> |
| <li><a href="#upgrade-unpack-installer">7.2. Unpack Installer</a></li> |
| <li><a href="#upgrade-stop-tradodion">7.3. Stop Trafodion</a></li> |
| <li><a href="#upgrade-guided-upgrade">7.4. Guided Upgrade</a></li> |
| <li><a href="#upgrade-automated-upgrade">7.5. Automated Upgrade</a></li> |
| </ul> |
| </li> |
| <li><a href="#activate">8. Activate</a> |
| <ul class="sectlevel2"> |
| <li><a href="#activate-manage-trafodion">8.1. Manage Trafodion</a></li> |
| <li><a href="#activate-validate-trafodion-installation">8.2. Validate Trafodion Installation</a> |
| <ul class="sectlevel3"> |
| <li><a href="#_smoke_test">8.2.1. Smoke Test</a></li> |
| </ul> |
| </li> |
| <li><a href="#activate-troubleshooting-tips">8.3. Troubleshooting Tips</a></li> |
| </ul> |
| </li> |
| <li><a href="#remove">9. Remove</a> |
| <ul class="sectlevel2"> |
| <li><a href="#_stop_trafodion">9.1. Stop Trafodion</a></li> |
| <li><a href="#_run_code_trafodion_uninstaller_code">9.2. Run <code>trafodion_uninstaller</code></a></li> |
| </ul> |
| </li> |
| <li><a href="#enable-security">10. Enable Security</a> |
| <ul class="sectlevel2"> |
| <li><a href="#enable-security-kerberos">10.1. Configuring Trafodion for Kerberos</a> |
| <ul class="sectlevel3"> |
| <li><a href="#_kerberos_configuration_file">10.1.1. Kerberos configuration file</a></li> |
| <li><a href="#_ticket_management">10.1.2. Ticket Management</a></li> |
| <li><a href="#_kerberos_installation">10.1.3. Kerberos installation</a></li> |
| </ul> |
| </li> |
| <li><a href="#enable-security-ldap">10.2. Configuring LDAP</a> |
| <ul class="sectlevel3"> |
| <li><a href="#enable-security-configuring-ldap-servers">10.2.1. Configuring LDAP Servers</a></li> |
| <li><a href="#enable-security-generate-trafodion-certificate">10.2.2. Generate Trafodion Certificate</a></li> |
| <li><a href="#enable-security-traf-authentication-config">10.2.3. Creating the LDAP configuration file</a></li> |
| <li><a href="#enable-security-ldapcheck">10.2.4. Verifying configuration and users through ldapcheck</a></li> |
| <li><a href="#enable-security-ldapconfigcheck">10.2.5. Verifying contents of configuration file through ldapconfigcheck</a></li> |
| </ul> |
| </li> |
| <li><a href="#enable-security-manage-users">10.3. Manage Users</a></li> |
| </ul> |
| </li> |
| <li><a href="#install-recipe">11. Install Recipe</a></li> |
| <li><a href="#upgrade-recipe">12. Upgrade Recipe</a></li> |
| </ul> |
| </div> |
| </div> |
| <div id="content"> |
| <div id="preamble"> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p><strong>License Statement</strong></p> |
| </div> |
| <div class="paragraph"> |
| <p>Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at <a href="http://www.apache.org/licenses/LICENSE-2.0" class="bare">http://www.apache.org/licenses/LICENSE-2.0</a></p> |
| </div> |
| <div class="paragraph"> |
| <p>Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations under the License.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Disclaimer:</strong> <em>Apache Trafodion is an effort undergoing incubation at the Apache Software Foundation (ASF), sponsored by |
| the Apache Incubator PMC. Incubation is required of all newly accepted projects until a further review indicates that |
| the infrastructure, communications, and decision making process have stabilized in a manner consistent with other |
| successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, |
| it does indicate that the project has yet to be fully endorsed by the ASF.</em> |
| <<<</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Revision History</strong></p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 50%;"> |
| <col style="width: 50%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Version</th> |
| <th class="tableblock halign-left valign-top">Date</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">2.1.0</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">TBD</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">2.0.1</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">July 7, 2016</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">2.0.0</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">June 6, 2016</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1.3.0</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">January, 2016</p></td> |
| </tr> |
| </tbody> |
| </table> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="_about_this_document">1. About This Document</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>This guide describes how to provision the end-user Trafodion binaries on top of an existing Hadoop environment. This install allows you to store and query data using Trafodion, either via Trafodion clients |
| (see <a href="http://trafodion.incubator.apache.org/docs/client_install/index.html">Trafodion Client Installation Guide</a>) or via application code you write.</p> |
| </div> |
| <div class="paragraph"> |
| <p>If you want to install a Trafodion developer-build environment, then please refer to the |
| <a href="http://trafodion.incubator.apache.org/contributing-redirect.html">Trafodion Contributor Guide</a> for instructions.</p> |
| </div> |
| <div class="sect2"> |
| <h3 id="_intended_audience">1.1. Intended Audience</h3> |
| <div class="paragraph"> |
| <p>This guide assumes that you are well-versed in Linux and Hadoop administration. If you don’t have such experience, then |
| you should consider going through the steps required to install a Hadoop environment before attempting to install Trafodion.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The instructions contained herein apply to the following environments.</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><strong>Single-Node Environments</strong>: Typically used when you want to evaluate Trafodion.</p> |
| </li> |
| <li> |
| <p><strong>Cluster (Multi-Node) Environments</strong>: Typically used when you deploy Trafodion for application usage.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| Trafodion can be provisioned on a single-node or multi-node environment. Unless specifically noted, the term <strong>cluster</strong> is used |
| to mean both single- and multi-node environments. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p>The provisioning instructions applies to a diverse set of platforms:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><strong>Virtual Machines</strong>: Often used for evaluations and Trafodion development.</p> |
| </li> |
| <li> |
| <p><strong>Cloud</strong>: Used for Product Environments as well as for Developer Environments.</p> |
| </li> |
| <li> |
| <p><strong>Bare Metal</strong>: Used for Product Environments as well as for Developer Environments.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| The term <strong>node</strong> is used to represent a computing platform on which operating system, Hadoop, and Trafodion software is running. |
| Unless specifically qualified (bare-metal node, virtual-machine node, or cloud-node), <strong>node</strong> represents a computing platform in your cluster |
| regardless of platform type. |
| </td> |
| </tr> |
| </table> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="_new_and_changed_information">1.2. New and Changed Information</h3> |
| <div class="paragraph"> |
| <p>This guide has been updated to include provisioning for LDAP and Kerberos.</p> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect2"> |
| <h3 id="_notation_conventions">1.3. Notation Conventions</h3> |
| <div class="paragraph"> |
| <p>This list summarizes the notation conventions for syntax presentation in this manual.</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>UPPERCASE LETTERS</p> |
| <div class="paragraph"> |
| <p>Uppercase letters indicate keywords and reserved words. Type these items exactly as shown. Items not enclosed in brackets are required.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">SELECT</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>lowercase letters</p> |
| <div class="paragraph"> |
| <p>Lowercase letters, regardless of font, indicate variable items that you supply. Items not enclosed in brackets are required.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">file-name</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>[ ] Brackets</p> |
| <div class="paragraph"> |
| <p>Brackets enclose optional syntax items.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">DATETIME [start-field TO] end-field</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>A group of items enclosed in brackets is a list from which you can choose one item or none.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The items in the list can be arranged either vertically, with aligned brackets on each side of the list, or horizontally, enclosed in a pair of brackets and separated by vertical lines.</p> |
| </div> |
| <div class="paragraph"> |
| <p>For example:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">DROP SCHEMA schema [CASCADE] |
| DROP SCHEMA schema [ CASCADE | RESTRICT ]</code></pre> |
| </div> |
| </div> |
| </li> |
| </ul> |
| </div> |
| <div style="page-break-after: always;"></div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>{ } Braces</p> |
| <div class="paragraph"> |
| <p>Braces enclose required syntax items.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">FROM { grantee [, grantee ] ... }</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>A group of items enclosed in braces is a list from which you are required to choose one item.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The items in the list can be arranged either vertically, with aligned braces on each side of the list, or horizontally, enclosed in a pair of braces and separated by vertical lines.</p> |
| </div> |
| <div class="paragraph"> |
| <p>For example:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">INTERVAL { start-field TO end-field } |
| { single-field } |
| INTERVAL { start-field TO end-field | single-field }</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>| Vertical Line</p> |
| <div class="paragraph"> |
| <p>A vertical line separates alternatives in a horizontal list that is enclosed in brackets or braces.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">{expression | NULL}</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>… Ellipsis</p> |
| <div class="paragraph"> |
| <p>An ellipsis immediately following a pair of brackets or braces indicates that you can repeat the enclosed sequence of syntax items any number of times.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">ATTRIBUTE[S] attribute [, attribute] ... |
| {, sql-expression } ...</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>An ellipsis immediately following a single syntax item indicates that you can repeat that syntax item any number of times.</p> |
| </div> |
| <div class="paragraph"> |
| <p>For example:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">expression-n ...</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>Punctuation</p> |
| <div class="paragraph"> |
| <p>Parentheses, commas, semicolons, and other symbols not previously described must be typed as shown.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">DAY (datetime-expression) |
| @script-file</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Quotation marks around a symbol such as a bracket or brace indicate the symbol is a required character that you must type as shown.</p> |
| </div> |
| <div class="paragraph"> |
| <p>For example:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">"{" module-name [, module-name] ... "}"</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>Item Spacing</p> |
| <div class="paragraph"> |
| <p>Spaces shown between items are required unless one of the items is a punctuation symbol such as a parenthesis or a comma.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">DAY (datetime-expression) DAY(datetime-expression)</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>If there is no space between two items, spaces are not permitted. In this example, no spaces are permitted between the period and any other items:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">myfile.sh</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>Line Spacing</p> |
| <div class="paragraph"> |
| <p>If the syntax of a command is too long to fit on a single line, each continuation line is indented three spaces and is separated from the preceding line by a blank line.</p> |
| </div> |
| <div class="paragraph"> |
| <p>This spacing distinguishes items in a continuation line from items in a vertical list of selections.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">match-value [NOT] LIKE _pattern |
| [ESCAPE esc-char-expression]</code></pre> |
| </div> |
| </div> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="_comments_encouraged">1.4. Comments Encouraged</h3> |
| <div class="paragraph"> |
| <p>We encourage your comments concerning this document. We are committed to providing documentation that meets your |
| needs. Send any errors found, suggestions for improvement, or compliments to <a href="mailto:user@trafodion.incubator.apache.org">user@trafodion.incubator.apache.org</a>.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Include the document title and any comment, error found, or suggestion for improvement you have concerning this document.</p> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="quickstart">2. Quick Start</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>This chapter provides a quick start for how to use the Trafodion Installer to install Trafodion.</p> |
| </div> |
| <div class="paragraph"> |
| <p>You need the following before using the information herein:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>A supported and running Hadoop enviroment with HDFS, HBase, and Hive. Refer to the |
| <a href="http://trafodion.apache.org/release-notes.html">Release Notes</a> for information about supported versions.</p> |
| </li> |
| <li> |
| <p>A user ID with passwordless SSH among all the nodes in the cluster. This user ID must have sudo access.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| The Trafodion Installer modifies and restarts your Hadoop environment. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="sect2"> |
| <h3 id="_download_binaries">2.1. Download Binaries</h3> |
| <div class="paragraph"> |
| <p>You download the Trafodion binaries from the Trafodion <a href="http://trafodion.incubator.apache.org/download.html">Download</a> page. |
| Download the following packages:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Trafodion Installer (if planning to use the Trafodion Installer)</p> |
| </li> |
| <li> |
| <p>Trafodion Server</p> |
| </li> |
| </ul> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| You can download and install the Trafodion Clients once you’ve installed and activated Trafodion. Refer to the |
| <a href="http://trafodion.incubator.apache.org/docs/client_install/index.html">Trafodion Client Install Guide</a> for instructions. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ mkdir $HOME/trafodion-download |
| $ cd $HOME/trafodion-download |
| $ # Download the Trafodion Installer binaries |
| $ wget http://apache.cs.utah.edu/incubator/trafodion/trafodion-1.3.0.incubating/apache-trafodion-installer-1.3.0-incubating-bin.tar.gz |
| Resolving http://apache.cs.utah.edu... 192.168.1.56 |
| Connecting to http://apache.cs.utah.edu|192.168.1.56|:80... connected. |
| HTTP request sent, awaiting response... 200 OK |
| Length: 68813 (67K) [application/x-gzip] |
| Saving to: "apache-trafodion-installer-1.3.0-incubating-bin.tar.gz" |
| |
| 100%[=====================================================================================================================>] 68,813 124K/s in 0.5s |
| |
| 2016-02-14 04:19:42 (124 KB/s) - "apache-trafodion-installer-1.3.0-incubating-bin.tar.gz" saved [68813/68813]</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ # Download the Trafodion Server binaries |
| $ wget http://apache.cs.utah.edu/incubator/trafodion/trafodion-1.3.0.incubating/apache-trafodion-1.3.0-incubating-bin.tar.gz |
| Resolving http://apache.cs.utah.edu... 192.168.1.56 |
| Connecting to http://apache.cs.utah.edu|192.168.1.56|:80... connected. |
| HTTP request sent, awaiting response... 200 OK |
| Length: 214508243 (205M) [application/x-gzip] |
| Saving to: "apache-trafodion-1.3.0-incubating-bin.tar.gz" |
| |
| 100%[=====================================================================================================================>] 214,508,243 3.90M/s in 55s |
| |
| 2016-02-14 04:22:14 (3.72 MB/s) - "apache-trafodion-1.3.0-incubating-bin.tar.gz" saved [214508243/214508243] |
| |
| $ ls -l |
| total 209552 |
| -rw-rw-r-- 1 centos centos 214508243 Jan 12 20:10 apache-trafodion-1.3.0-incubating-bin.tar.gz |
| -rw-rw-r-- 1 centos centos 68813 Jan 12 20:10 apache-trafodion-installer-1.3.0-incubating-bin.tar.gz |
| $</code></pre> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="quickstart-unpack-installer">2.2. Unpack Installer</h3> |
| <div class="paragraph"> |
| <p>The first step in the installation process is to unpack the Trafodion Installer tar file.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ mkdir $HOME/trafodion-installer |
| $ cd $HOME/trafodion-downloads |
| $ tar -zxf apache-trafodion-installer-1.3.0-incubating-bin.tar.gz -C $HOME/trafodion-installer |
| $ ls $HOME/trafodion-installer/installer |
| bashrc_default tools traf_config_check trafodion_apache_hadoop_install traf_package_setup |
| build-version-1.3.0.txt traf_add_user traf_config_setup trafodion_config_default traf_setup |
| dcs_installer traf_apache_hadoop_config_setup traf_create_systemdefaults trafodion_install traf_sqconfig |
| rest_installer traf_authentication_conf_default traf_getHadoopNodes trafodion_license traf_start |
| setup_known_hosts.exp traf_cloudera_mods98 traf_hortonworks_mods98 trafodion_uninstaller |
| $</code></pre> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="quickstart-collect-information">2.3. Collect Information</h3> |
| <div class="paragraph"> |
| <p>Collect/decide the following information:</p> |
| </div> |
| <div class="sect3"> |
| <h4 id="_location_of_trafodion_server_side_binary">2.3.1. Location of Trafodion Server-Side Binary</h4> |
| <div class="paragraph"> |
| <p>You need the fully-qualified name of the Trafodion server-side binary.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">/home/trafodion-downloads/apache-trafodion-installer-1.3.0-incubating-bin.tar.gz</code></pre> |
| </div> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="_java_location">2.3.2. Java Location</h4> |
| <div class="paragraph"> |
| <p>You need to record the location of the Java. For example, use <code>ps -ef | grep java | grep hadoop | grep hbase</code> to determine what version HBase is running.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">ps -ef | grep java | grep hadoop | grep hbase |
| hbase 17302 17288 1 20:35 ? 00:00:10 /usr/jdk64/jdk1.7.0_67/bin/java -Dproc_master -XX:OnOutOfMemoryError=kill -9 %p -Dhdp.version=2.3.6.0-3796 -XX:+UseConcMarkSweepGC -XX:ErrorFile=/var/log/hbase/hs_err_pid%p.log -Djava.io.tmpdir=/tmp -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCDateStamps -Xloggc:/var/log/hbase/gc.log-201606302035 -Xmx1024m -XX:PermSize=128m -XX:MaxPermSize=128m -Dhbase.log.dir=/var/log/hbase -Dhbase.log.file=hbase-hbase-master-ip-172-31-56-238.log -Dhbase.home.dir=/usr/hdp/current/hbase-master/bin/.. -Dhbase.id.str=hbase -Dhbase.root.logger=INFO,RFA -Djava.library.path=:/usr/hdp/2.3.6.0-3796/hadoop/lib/native/Linux-amd64-64:/usr/hdp/2.3.6.0-3796/hadoop/lib/native -Dhbase.security.logger=INFO,RFAS org.apache.hadoop.hbase.master.HMaster start</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>The Java location is: <code>/usr/jdk64/jdk1.7.0_67</code></p> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect3"> |
| <h4 id="_data_nodes">2.3.3. Data Nodes</h4> |
| <div class="paragraph"> |
| <p>{projet-name} is installed on all data nodes in your Hadoop cluster. You need to record the fully-qualified domain name node for each node. |
| For example, refer to <code>/etc/hosts</code>.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ cat /etc/hosts |
| 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 |
| ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 |
| |
| 172.31.56.238 ip-172-31-56-238.ec2.internal node01 |
| 172.31.61.110 ip-172-31-61-110.ec2.internal node02 |
| 172.31.57.143 ip-172-31-57-143.ec2.internal node03</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Record the node names in a space-separated list.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">ip-172-31-56-238.ec2.internal ip-172-31-61-110.ec2.internal ip-172-31-57-143.ec2.internal</code></pre> |
| </div> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="_trafodion_runtime_user_home_directory">2.3.4. Trafodion Runtime User Home Directory</h4> |
| <div class="paragraph"> |
| <p>The Installer creates the <code>trafodion</code> user ID. You need to decide the home directory for this user.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The default is: <code>/home</code></p> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="_distribution_manager_url">2.3.5. Distribution Manager URL</h4> |
| <div class="paragraph"> |
| <p>The Installer interacts with the Distribution Manager (for example, Apache Ambari or Cloudera Manager) to modify the |
| Hadoop configuration.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="paragraph"> |
| <p>Apache Ambari URL</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">http://myhost.com:8080</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="quickstart-run-installer">2.4. Run Installer</h3> |
| <div class="paragraph"> |
| <p>You run the Installer once you’ve collected the base information as described in |
| <a href="#quickstart-collect-information">Collect Information</a> above.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The following example shows a guided install of Trafodion on a three-node Hortonworks Hadoop cluster.</p> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| By default, the Trafodion Installer invokes <code>sqlci</code> so that you can enter the <code>initialize trafodion;</code> command. |
| This is shown in the example below. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Run the Trafodion Installer in guided mode.</p> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ cd $HOME/trafodion-installer/installer |
| $ ./trafodion_install 2>&1 | tee install.log |
| ****************************** |
| TRAFODION INSTALLATION START |
| ****************************** |
| |
| ***INFO: testing sudo access |
| ***INFO: Log file located at /var/log/trafodion/trafodion_install_2016-06-30-21-02-38.log |
| ***INFO: Config directory: /etc/trafodion |
| ***INFO: Working directory: /usr/lib/trafodion |
| |
| ************************************ |
| Trafodion Configuration File Setup |
| ************************************ |
| |
| ***INFO: Please press [Enter] to select defaults. |
| |
| Is this a cloud environment (Y/N), default is [N]: N |
| Enter trafodion password, default is [traf123]: |
| Enter list of data nodes (blank separated), default []: ip-172-31-56-238.ec2.internal ip-172-31-61-110.ec2.internal ip-172-31-57-143.ec2.internal |
| Do you h ave a set of management nodes (Y/N), default is N: N |
| Enter Trafodion userid's home directory prefix, default is [/home]: /opt |
| Specify location of Java 1.7.0_65 or higher (JDK), default is []: /usr/jdk64/jdk1.7.0_67 |
| Enter full path (including .tar or .tar.gz) of trafodion tar file []: /home/trafodion-downloads/apache-trafodion_server-2.0.1-incubating.tar.gz |
| Enter Backup/Restore username (can be Trafodion), default is [trafodion]: |
| Specify the Hadoop distribut ion installed (1: Cloudera, 2: Hortonworks, 3: Other): 2 |
| Enter Hadoop admin username, default is [admin]: Enter Hadoop admin pas sword, default is [admin]: |
| Enter full Hadoop external network URL:port (include 'http://' or 'https://), default is []: http://ip-172-31-56-238.ec2.internal:8080 |
| Enter HDFS username or username running HDFS, default is [hdfs]: |
| Enter HBase username or username running HBase, default is [hbase]: |
| Enter HBase group, default is [hbase]: |
| Enter Zookeeper username or username running Zookeeper, default is [zookeeper]: |
| Enter directory to install trafodion to, default is [/opt/trafodion/apache-trafodion_server-2.0.1-incubating]: |
| Start Trafodion after install (Y/N), default is Y: |
| Total number of client connections per cluster, default [24]: 96 |
| Enter the node of primary DcsMaste r, default [ip-172-31-56-238.ec2.internal]: |
| Enable High Availability (Y/N), default is N: |
| Enable simple LDAP security (Y/N), d efault is N: |
| ***INFO: Trafodion configuration setup complete |
| ***INFO: Trafodion Configuration File Check |
| ***INFO: Testing sudo access on node ip-172-31-56-238 |
| ***INFO: Testing sudo access on node ip-172-31-61-110 |
| ***INFO: Testing sudo access on node ip-172-31-57-143 |
| ***INFO: Testing ssh on ip-172-31-56-238 |
| ***INFO: Testing ssh on ip-172-31-61-110 |
| ***INFO: Testing ssh on ip-172-31-57-143 |
| #!/bin/bash |
| # |
| # @@@ START COPYRIGHT @@@ |
| # |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| # |
| . |
| . |
| . |
| 9. Accepting Warranty or Additional Liability. While redistributing |
| the Work or Derivative Works thereof, You may choose to offer, and |
| charge a fee for, acceptance of support, warranty, indemnity, or |
| other liability obligations and/or rights consistent with this |
| License. However, in accepting such obligations, You may act only |
| on Your own behalf and on Your sole responsibility, not on behalf |
| of any other Contributor, and only if You agree to indemnify, defend, |
| and hold each Contributor harmless for any liability incurred by, |
| or claims asserted against, such Contributor by reason of your |
| accepting any such warranty or additional liability. |
| |
| END OF TERMS AND CONDITIONS |
| |
| BY TYPING "ACCEPT" YOU AGREE TO THE TERMS OF THIS AGREEMENT: ***INFO: testing sudo access |
| ***INFO: Starting Trafodion Package Setup (2016-06-30-21-06-40) |
| ***INFO: Installing required packages |
| ***INFO: Log file located in /var/log/trafodion |
| ***INFO: ... pdsh on node ip-172-31-56-238 |
| ***INFO: ... pdsh on node ip-172-31-61-110 |
| ***INFO: ... pdsh on node ip-172-31-57-143 |
| ***INFO: Checking if apr is installed ... |
| ***INFO: Checking if apr-util is installed ... |
| ***INFO: Checking if sqlite is installed ... |
| ***INFO: Checking if expect is installed ... |
| ***INFO: Checking if perl-DBD-SQLite* is installed ... |
| ***INFO: Checking if protobuf is installed ... |
| ***INFO: Checking if xerces-c is installed ... |
| ***INFO: Checking if perl-Params-Validate is installed ... |
| ***INFO: Checking if perl-Time-HiRes is installed ... |
| ***INFO: Checking if gzip is installed ... |
| ***INFO: Checking if lzo is installed ... |
| ***INFO: Checking if lzop is installed ... |
| ***INFO: Checking if unzip is installed ... |
| ***INFO: modifying limits in /usr/lib/trafodion/trafodion.conf on all nodes |
| ***INFO: create Trafodion userid "trafodion" |
| ***INFO: Trafodion userid's (trafodion) home directory: /opt/trafodion |
| ***INFO: testing sudo access |
| Generating public/private rsa key pair. |
| Created directory '/opt/trafodion/.ssh'. |
| Your identification has been saved in /opt/trafodion/.ssh/id_rsa. |
| Your public key has been saved in /opt/trafodion/.ssh/id_rsa.pub. |
| The key fingerprint is: |
| 12:59:ab:d7:59:a2:0e:e8:38:1c:e9:e1:86:f6:18:23 trafodion@ip-172-31-56-238 |
| The key's randomart image is: |
| +--[ RSA 2048]----+ |
| | . | |
| | o . | |
| | o . . . | |
| | . . o o + | |
| | + . + S o | |
| | = = = | |
| |E+B . . | |
| |o.=. | |
| | . . | |
| +-----------------+ |
| ***INFO: creating .bashrc file |
| ***INFO: Setting up userid trafodion on all other nodes in cluster |
| ***INFO: Creating known_hosts file for all nodes |
| ip-172-31-56-238 |
| ip-172-31-56-238 ip-172-31-61-110 ip-172-31-57-143 |
| ip-172-31-61-110 |
| ip-172-31-56-238 ip-172-31-61-110 ip-172-31-57-143 |
| ip-172-31-57-143 |
| ip-172-31-56-238 ip-172-31-61-110 ip-172-31-57-143 |
| ***INFO: trafodion user added successfully |
| ***INFO: Trafodion environment setup completed |
| ***INFO: creating sqconfig file |
| ***INFO: Reserving DCS ports |
| |
| ***INFO: Creating trafodion sudo access file |
| |
| |
| ****************************** |
| TRAFODION MODS |
| ****************************** |
| |
| ***INFO: Hortonworks installed will run traf_hortonworks_mods |
| ***INFO: copying hbase-trx-hdp2_3-*.jar to all nodes |
| ***INFO: hbase-trx-hdp2_3-*.jar copied correctly! Huzzah. |
| USERID=admin |
| PASSWORD=admin |
| PORT=:8080 |
| { |
| "resources" : [ |
| { |
| "href" : "http://ip-172-31-56-238.ec2.internal:8080/api/v1/clusters/trafodion/configurations/service_config_versions?ser |
| vice_name=HBASE&service_config_version=2", |
| . |
| . |
| . |
| { |
| "href" : "http://ip-172-31-56-238.ec2.internal:8080/api/v1/clusters/trafodion/requests/12/tasks/128", |
| "Tasks" : { |
| "cluster_name" : "trafodion", |
| "id" : 128, |
| "request_id" : 12, |
| "stage_id" : 2 |
| } |
| }, |
| { |
| "href" : "http://ip-172-31-56-238.ec2.internal:8080/api/v1/clusters/trafodion/requests/12/tasks/129", |
| "Tasks" : { |
| "cluster_name" : "trafodion", |
| "id" : 129, |
| "request_id" : 12, |
| "stage_id" : 2 |
| } |
| }, |
| { |
| "href" : "http://ip-172-31-56-238.ec2.internal:8080/api/v1/clusters/trafodion/requests/12/tasks/130", |
| "Tasks" : { |
| "cluster_name" : "trafodion", |
| "id" : 130, |
| "request_id" : 12, |
| "stage_id" : 2 |
| } |
| } |
| ], |
| "stages" : [ |
| { |
| "href" : "http://ip-172-31-56-238.ec2.internal:8080/api/v1/clusters/trafodion/requests/12/stages/0", |
| "Stage" : { |
| "cluster_name" : "trafodion", |
| "request_id" : 12, |
| "stage_id" : 0 |
| } |
| }, |
| { |
| "href" : "http://ip-172-31-56-238.ec2.internal:8080/api/v1/clusters/trafodion/requests/12/stages/1", |
| "Stage" : { |
| "cluster_name" : "trafodion", |
| "request_id" : 12, |
| "stage_id" : 1 |
| } |
| }, |
| { |
| "href" : "http://ip-172-31-56-238.ec2.internal:8080/api/v1/clusters/trafodion/requests/12/stages/2", |
| "Stage" : { |
| "cluster_name" : "trafodion", |
| "request_id" : 12, |
| "stage_id" : 2 |
| } |
| } |
| ] |
| }***INFO: ...polling every 30 seconds until HBase start is completed. |
| ***INFO: HBase restart completed |
| ***INFO: Setting HDFS ACLs for snapshot scan support |
| cp: `trafodion_config' and `/home/trafinstall/trafodion-2.0.1/installer/trafodion_config' are the same file |
| ***INFO: Trafodion Mods ran successfully. |
| |
| ****************************** |
| TRAFODION CONFIGURATION |
| ****************************** |
| |
| /usr/lib/trafodion/installer/.. |
| /opt/trafodion/apache-trafodion_server-2.0.1-incubating |
| ***INFO: untarring file to /opt/trafodion/apache-trafodion_server-2.0.1-incubating |
| ***INFO: modifying .bashrc to set Trafodion environment variables |
| ***INFO: copying .bashrc file to all nodes |
| ***INFO: copying sqconfig file (/opt/trafodion/sqconfig) to /opt/trafodion/apache-trafodion_server-2.0.1-incubating/sql/script |
| s/sqconfig |
| ***INFO: Creating /opt/trafodion/apache-trafodion_server-2.0.1-incubating directory on all nodes |
| ***INFO: Start of DCS install |
| ***INFO: DCS Install Directory: /opt/trafodion/apache-trafodion_server-2.0.1-incubating/dcs-2.0.1 |
| ***INFO: modifying /opt/trafodion/apache-trafodion_server-2.0.1-incubating/dcs-2.0.1/conf/dcs-env.sh |
| ***INFO: modifying /opt/trafodion/apache-trafodion_server-2.0.1-incubating/dcs-2.0.1/conf/dcs-site.xml |
| ***INFO: creating /opt/trafodion/apache-trafodion_server-2.0.1-incubating/dcs-2.0.1/conf/servers file |
| ***INFO: End of DCS install. |
| ***INFO: Start of REST Server install |
| ***INFO: Rest Install Directory: /opt/trafodion/apache-trafodion_server-2.0.1-incubating/rest-2.0.1 |
| ***INFO: modifying /opt/trafodion/apache-trafodion_server-2.0.1-incubating/rest-2.0.1/conf/rest-site.xml |
| ***INFO: End of REST Server install. |
| ***INFO: starting sqgen |
| ip-172-31-56-238,ip-172-31-57-143,ip-172-31-61-110 |
| |
| Creating directories on cluster nodes |
| /usr/bin/pdsh -R exec -w ip-172-31-56-238,ip-172-31-57-143,ip-172-31-61-110 -x ip-172-31-56-238 ssh -q -n %h mkdir -p /opt/tra |
| fodion/apache-trafodion_server-2.0.1-incubating/etc |
| /usr/bin/pdsh -R exec -w ip-172-31-56-238,ip-172-31-57-143,ip-172-31-61-110 -x ip-172-31-56-238 ssh -q -n %h mkdir -p /opt/tra |
| fodion/apache-trafodion_server-2.0.1-incubating/logs |
| /usr/bin/pdsh -R exec -w ip-172-31-56-238,ip-172-31-57-143,ip-172-31-61-110 -x ip-172-31-56-238 ssh -q -n %h mkdir -p /opt/tra |
| fodion/apache-trafodion_server-2.0.1-incubating/tmp |
| /usr/bin/pdsh -R exec -w ip-172-31-56-238,ip-172-31-57-143,ip-172-31-61-110 -x ip-172-31-56-238 ssh -q -n %h mkdir -p /opt/tra |
| fodion/apache-trafodion_server-2.0.1-incubating/sql/scripts |
| |
| Generating SQ environment variable file: /opt/trafodion/apache-trafodion_server-2.0.1-incubating/etc/ms.env |
| |
| Note: Using cluster.conf format type 2. |
| |
| Generating SeaMonster environment variable file: /opt/trafodion/apache-trafodion_server-2.0.1-incubating/etc/seamonster.env |
| |
| |
| Generated SQ startup script file: ./gomon.cold |
| Generated SQ startup script file: ./gomon.warm |
| Generated SQ cluster config file: /opt/trafodion/apache-trafodion_server-2.0.1-incubating/tmp/cluster.conf |
| Generated SQ Shell file: sqshell |
| Generated RMS Startup file: rmsstart |
| Generated RMS Stop file: rmsstop |
| Generated RMS Check file: rmscheck.sql |
| Generated SSMP Startup file: ssmpstart |
| Generated SSMP Stop file: ssmpstop |
| Generated SSCP Startup file: sscpstart |
| Generated SSCP Stop file: sscpstop |
| |
| |
| Copying the generated files to all the nodes in the cluster |
| . |
| . |
| . |
| SQ Startup script (/opt/trafodion/apache-trafodion_server-2.0.1-incubating/sql/scripts/gomon.cold) ran successfully. Performin |
| g further checks... |
| Checking if processes are up. |
| Checking attempt: 1; user specified max: 2. Execution time in seconds: 0. |
| |
| The SQ environment is up! |
| |
| |
| Process Configured Actual Down |
| ------- ---------- ------ ---- |
| DTM 3 3 |
| RMS 6 6 |
| DcsMaster 1 0 1 |
| DcsServer 3 0 3 |
| mxosrvr 96 0 96 |
| |
| Thu Jun 30 21:15:29 UTC 2016 |
| Checking if processes are up. |
| Checking attempt: 1; user specified max: 1. Execution time in seconds: 0. |
| |
| The SQ environment is up! |
| |
| |
| Process Configured Actual Down |
| ------- ---------- ------ ---- |
| DTM 3 3 |
| RMS 6 6 |
| DcsMaster 1 0 1 |
| DcsServer 3 0 3 |
| mxosrvr 96 0 96 |
| |
| Starting the DCS environment now |
| starting master, logging to /opt/trafodion/apache-trafodion_server-2.0.1-incubating/dcs-2.0.1/bin/../logs/dcs-trafodion-1-mast |
| er-ip-172-31-56-238.out |
| ip-172-31-56-238: starting server, logging to /opt/trafodion/apache-trafodion_server-2.0.1-incubating/dcs-2.0.1/bin/../logs/dc |
| s-trafodion-1-server-ip-172-31-56-238.out |
| ip-172-31-57-143: starting server, logging to /opt/trafodion/apache-trafodion_server-2.0.1-incubating/dcs-2.0.1/bin/../logs/dc |
| s-trafodion-3-server-ip-172-31-57-143.out |
| ip-172-31-61-110: starting server, logging to /opt/trafodion/apache-trafodion_server-2.0.1-incubating/dcs-2.0.1/bin/../logs/dc |
| s-trafodion-2-server-ip-172-31-61-110.out |
| Checking if processes are up. |
| Checking attempt: 1; user specified max: 2. Execution time in seconds: 1. |
| |
| The SQ environment is up! |
| |
| |
| Process Configured Actual Down |
| ------- ---------- ------ ---- |
| DTM 3 3 |
| RMS 6 6 |
| DcsMaster 1 1 |
| DcsServer 3 3 |
| mxosrvr 96 7 89 |
| |
| Starting the REST environment now |
| starting rest, logging to /opt/trafodion/apache-trafodion_server-2.0.1-incubating/rest-2.0.1/bin/../logs/rest-trafodion-1-rest |
| -ip-172-31-56-238.out |
| |
| |
| |
| Zookeeper listen port: 2181 |
| DcsMaster listen port: 23400 |
| |
| Configured Primary DcsMaster: "ip-172-31-56-238.ec2.internal" |
| Active DcsMaster : "ip-172-31-56-238" |
| |
| Process Configured Actual Down |
| --------- ---------- ------ ---- |
| DcsMaster 1 1 |
| DcsServer 3 3 |
| mxosrvr 96 94 2 |
| |
| |
| You can monitor the SQ shell log file : /opt/trafodion/apache-trafodion_server-2.0.1-incubating/logs/sqmon.log |
| |
| |
| Startup time 0 hour(s) 2 minute(s) 19 second(s) |
| Apache Trafodion Conversational Interface 2.0.1 |
| Copyright (c) 2015-2016 Apache Software Foundation |
| >> |
| --- SQL operation complete. |
| >> |
| |
| End of MXCI Session |
| |
| ***INFO: Installation setup completed successfully. |
| |
| ****************************** |
| TRAFODION INSTALLATION END |
| ******************************</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>Switch to the Trafodion Runtime User and check the status of Trafodion.</p> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ sudo su - trafodion |
| $ sqcheck |
| Checking if processes are up. |
| Checking attempt: 1; user specified max: 2. Execution time in seconds: 0. |
| |
| The SQ environment is up! |
| |
| |
| Process Configured Actual Down |
| ------- ---------- ------ ---- |
| DTM 3 3 |
| RMS 6 6 |
| DcsMaster 1 1 |
| DcsServer 3 3 |
| mxosrvr 96 96 |
| $</code></pre> |
| </div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="paragraph"> |
| <p>Trafodion is now running on your Hadoop cluster. Please refer to the <a href="#activate">Activate</a> chapter for |
| basic instructions on how to verify the Trafodion management and how to perform basic management |
| operations.</p> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="introduction">3. Introduction</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Trafodion is a Hadoop add-on service that provides transactional SQL on top of HBase. Typically, you |
| use Trafodion as the database for applications that require Online Transaction Processing (OLTP), |
| Operational Data Store (ODS), and/or strong reporting capabilities. You access Trafodion using |
| standard JDBC and ODBC APIs.</p> |
| </div> |
| <div class="paragraph"> |
| <p>You may choose whether to add Trafodion to an existing Hadoop environment or to create a standalone |
| Hadoop environment specifically for Hadoop.</p> |
| </div> |
| <div class="paragraph"> |
| <p>This guide assumes that a Hadoop environment exists upon which your provisioning Trafodion. Refer to |
| <a href="#requirements-hadoop-software">Hadoop Software</a> for information about what Hadoop software is required |
| Trafodion.</p> |
| </div> |
| <div class="sect2"> |
| <h3 id="introduction-security-considerations">3.1. Security Considerations</h3> |
| <div class="paragraph"> |
| <p>The following users and principals need be considered for Trafodion:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><strong>Provisioning User</strong>: A Linux-level user that performs the Trafodion provisioning tasks. This user ID |
| requires <code>sudo</code> access and passwordless ssh among the nodes where Trafodion is installed. In addition, |
| this user ID requires access to Hadoop distribution, HDFS, and HBase administrative users to change |
| respective environment’s configuration settings per Trafodion requirements. Refer to |
| <a href="#requirements-trafodion-provisioning-user">Trafodion Provisioning User</a> for more information |
| about the requirements and usage associated with this user ID.</p> |
| </li> |
| <li> |
| <p><strong>Runtime User</strong>: A Linux-level user under which the Trafodion software runs. This user ID must be registered |
| as a user in the Hadoop Distributed File System (HDFS) to store and access objects in HDFS, HBase, and Hive. |
| In addition, this user ID requires passwordless access among the nodes where Trafodion is installed. |
| Refer to <a href="#requirements-trafodion-runtime-user">Trafodion Runtime User</a> for more information about this user ID.</p> |
| </li> |
| <li> |
| <p><strong>Trafodion Database Users</strong>: Trafodion users are managed by Trafodion security features (grant, revoke, etc.), |
| which can be integrated with LDAP if so desired. These users are referred to as <strong>database users</strong> and |
| do not have direct access to the operating system. Refer to <a href="#enable-security-ldap">LDAP</a> for |
| details on enabling LDAP for authenticating database users. |
| Refer to <a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html#register_user_statement">Register User</a>, |
| <a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html#grant_statement">Grant</a>, and other SQL statements |
| in the <a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html">Trafodion SQL Reference Manual</a> for |
| more information about managing Trafodion Database Users. |
| <br> |
| <br> |
| If your environment has been provisioned with Kerberos, then the following additional information is required.</p> |
| </li> |
| <li> |
| <p><strong>KDC admin principal</strong>: Trafodion requires administrator access to Kerberos to create principals |
| and keytabs for the <code>trafodion</code> user, and to look-up principal names for HDFS and HBase keytabs. Refer to |
| <a href="#enable-security-kerberos">Kerberos</a> for more information about the requirements and usage associated with this principal.</p> |
| </li> |
| <li> |
| <p><strong>HBase keytab location</strong>: Trafodion requires administrator access to HBase to grant required privileges to the <code>trafodion</code> user. Refer to |
| <a href="#enable-security-kerberos">Kerberos</a> for more information about the requirements and usage associated with this keytab.</p> |
| </li> |
| <li> |
| <p><strong>HDFS keytab location</strong>: Trafodion requires administrator access to HDFS to create directories that store files needed to perform SQL requests |
| such as data loads and backups. Refer to |
| <a href="#enable-security-kerberos">Kerberos</a> for more information about the requirements and usage associated with this keytab. |
| <br> |
| <br> |
| If your environment is using LDAP for authentication, then the following additional information is required.</p> |
| </li> |
| <li> |
| <p><strong>LDAP username for database root access</strong>: When Trafodion is installed, it creates a predefined database user referred to as the DB__ROOT user. |
| In order to connect to the database as database root, there must be a mapping between the database user DB__ROOT and an LDAP user. Refer to |
| <a href="#enable-security-ldap">LDAP</a> for more information about this option.</p> |
| </li> |
| <li> |
| <p><strong>LDAP search user name</strong>: Trafodion optionally requests an LDAP username and password in order to perform LDAP operations |
| such as LDAP search. Refer to |
| <a href="#enable-security-ldap">LDAP</a> for more information about this option.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="introduction-provisioning-options">3.2. Provisioning Options</h3> |
| <div class="paragraph"> |
| <p>Trafodion ships with a set of scripts that takes care of many of the installation and upgrade |
| tasks associated with the Trafodion software and its requirements. The main features include:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><strong>Trafodion installer</strong>: Performs installation and upgrade for Trafodion</p> |
| </li> |
| <li> |
| <p><strong>Trafodion uninstaller</strong>: Uninstalls Trafodion</p> |
| </li> |
| <li> |
| <p><strong>Trafodion security installer</strong>: Enables security features including Kerberos and LDAP for an existing Trafodion installation</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>Currently, the Trafodion Installer is able to install Trafodion on select Cloudera and Hortonworks Hadoop distributions, and for select vanilla Hadoop installations. |
| The Trafodion Installer limitations are noted as they apply in the different chapters below. For example, the Trafodion Installer |
| is less capable on SUSE than it is on RedHat/CentOS; you have to install the prerequisite software packages outside the Trafodion Installer.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The Trafodion Installer automates many of the tasks required to install/upgrade Trafodion, spanning from downloading and |
| installing required software packages and making required changes to your Hadoop environment via creating |
| the Trafodion runtime user ID to installing and starting Trafodion. It is, therefore, highly recommend that |
| you use the Trafodion Installer for initial installation and upgrades of Trafodion. These steps are referred to as |
| "Script-Based Provisioning" in this guide. Refer to <a href="#introduction-trafodion-installer">Trafodion Installer</a> that provides |
| usage information.</p> |
| </div> |
| <div class="paragraph"> |
| <p>If, for any reason, you choose not to use the Trafodion Installer, then separate chapters provide |
| step-by-step recipes for the tasks required to install/upgrade Trafodion. These steps are referred to as |
| <strong>Recipe-Based Provisioning</strong> in this guide. It is assumed that you are well-versed in Linux and Hadoop |
| administrative tasks if using Recipe-Based Provisioning.</p> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="introduction-provisioning-activities">3.3. Provisioning Activities</h3> |
| <div class="paragraph"> |
| <p>Trafodion provisioning is divided into the following main activities:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><strong><a href="#requirements">Requirements</a></strong>: Activities and documentation required to install the Trafodion software. |
| These activities include tasks such as understanding hardware and operating system requirements, |
| Hadoop requirements, what software packages that need to be downloaded, configuration settings that need to be changed, |
| and user ID requirements.</p> |
| </li> |
| <li> |
| <p><strong><a href="#prepare">Prepare</a></strong>: Activities to prepare the operating system and the Hadoop ecosystem to run |
| Trafodion. These activities include tasks such as installing required software packages, configure |
| the Trafodion Installation User, gather information about the Hadoop environment, and the modify configuration |
| for different Hadoop services.</p> |
| </li> |
| <li> |
| <p><strong><a href="#install">Install</a></strong>: Activities related to installing the Trafodion software. These activities |
| include tasks such as unpacking the Trafodion tar files, creating the Trafodion Runtime User, |
| creating Trafodion HDFS directories, installing the Trafodion software, and enabling security features.</p> |
| </li> |
| <li> |
| <p><strong><a href="#upgrade">Upgrade</a></strong>: Activities related to the upgrading the Trafodion software. These activities |
| include tasks such as shutting down Trafodion and installing a new version of the Trafodion software. |
| The upgrade tasks vary depending on the differences between the current and new release of |
| Trafodion. For example, an upgrade may or may not include an upgrade of the Trafodion metadata.</p> |
| </li> |
| <li> |
| <p><strong><a href="#activate">Activate</a></strong>: Activities related to starting the Trafodion software. These actives |
| include basic management tasks such as starting and checking the status of the Trafodion components and performing basic smoke tests.</p> |
| </li> |
| <li> |
| <p><strong><a href="#remove">Remove</a></strong>: Activities related to removing Trafodion from your Hadoop cluster.</p> |
| </li> |
| <li> |
| <p><strong><a href="#enable-security">Enable Security</a></strong>: Activities related to enabling security features on an already installed |
| Trafodion installation. These activities include tasks such as adding Kerberos principals and keytabs, |
| and setting up the LDAP configuration files.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="introduction-provisioning-master-node">3.4. Provisioning Master Node</h3> |
| <div class="paragraph"> |
| <p>All provisioning tasks are performed from a single node in the cluster, which must be part |
| of the Hadoop environment you’re adding Trafodion to. This node is referred to as the |
| "<strong>Provisioning Master Node</strong>" in this guide.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The Trafodion Provisioning User must have access to all other nodes from the Provisioning |
| Master Node in order to perform provisioning tasks on the cluster.</p> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="introduction-trafodion-installer">3.5. Trafodion Installer</h3> |
| <div class="paragraph"> |
| <p>The Trafodion Installer is a set of scripts automates most of the tasks requires to install/upgrade Trafodion. |
| You download the Trafodion Installer tar file from the Trafodion <a href="http://trafodion.incubator.apache.org/download.html">download</a> page. |
| Next, you unpack the tar file.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ mkdir $HOME/trafodion-installer |
| $ cd $HOME/trafodion-downloads |
| $ tar -zxf apache-trafodion-installer-1.3.0-incubating-bin.tar.gz -C $HOME/trafodion-installer |
| $</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| <div class="paragraph"> |
| <p>The Trafodion Installer supports two different modes:</p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p><strong>Guided Setup</strong>: Prompts for information as it works through the installation/upgrade process. This mode is recommended for new users.</p> |
| </li> |
| <li> |
| <p><strong>Automated Setup</strong>: Required information is provided in a pre-formatted bash-script configuration file, which is provided |
| via a command argument when running the Trafodion Installer thereby suppressing all prompts. There is one exception, |
| if Kerberos is enabled on the cluster, then you will always be prompted for the KDC admin password. We do not store the |
| KDC admin password as part of installation anywhere.</p> |
| <div class="paragraph"> |
| <p>A template of the configuration file is available here within the installer directory: <code>trafodion_config_default</code>. |
| Make a copy of the file in your directory and populate the needed information.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Automated Setup is recommended since it allows you to record the required provisioning information ahead of time. |
| Refer to <a href="#introduction-trafodion-automated-setup">Automated Setup</a> for information about how to |
| populate this file.</p> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="sect3"> |
| <h4 id="introduction-trafodion-installer-usage">3.5.1. Usage</h4> |
| <div class="paragraph"> |
| <p>The following shows help for the Trafodion Installer.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">./trafodion_install --help |
| |
| This script will install Trafodion. It will create a configuration |
| file (if one has not been created), setup of the environment needed |
| for Trafodion, configure HBase with Hbase-trx and co-processors needed, |
| and install a specified Trafodion build. |
| |
| Options: |
| --help Print this message and exit |
| --accept_license If provided, the user agrees to accept all the |
| provisions in the Trafodion license. This allows |
| for automation by skipping the display and prompt of |
| the Trafodion license. |
| --config_file If provided, all install prompts will be |
| taken from this file and not prompted for.</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect3"> |
| <h4 id="introduction-trafodion-installer-install-vs-upgrade">3.5.2. Install vs. Upgrade</h4> |
| <div class="paragraph"> |
| <p>The Trafodion Installer automatically detects whether you’re performing an install |
| or an upgrade by looking for the Trafodion Runtime User in the <code>/etc/passwd</code> file.</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>If the user ID doesn’t exist, then the Trafodion Installer runs in install mode.</p> |
| </li> |
| <li> |
| <p>If the user ID exists, then the Trafodion Installer runs in upgrade mode.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="introduction-trafodion-installer-guided-setup">3.5.3. Guided Setup</h4> |
| <div class="paragraph"> |
| <p>By default, the Trafodion Installer runs in Guided Setup mode, which means |
| that it prompts you for information during the install/upgrade process.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Refer to the following sections for examples:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><a href="#install-guided-install">Guided Install</a></p> |
| </li> |
| <li> |
| <p><a href="#upgrade-guided-upgrade">Guided Upgrade</a></p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="introduction-trafodion-installer-automated-setup">3.5.4. Automated Setup</h4> |
| <div class="paragraph"> |
| <p>The <code>--config_file</code> option runs the Trafodion in Automated Setup mode.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Before running the Trafodion Installer with this option, you do the following:</p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Copy the <code>trafodion_config_default</code> file.</p> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">cp trafodion_config_default my_config</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>Edit the new file using information you collect in the |
| <a href="#prepare-gather-configuration-information">Gather Configuration Information</a> |
| section in the <a href="#prepare">Prepare</a> chapter.</p> |
| </li> |
| <li> |
| <p>Run the Trafodion Installer in Automated Setup Mode</p> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">./trafodion_installer --config_file my_config</code></pre> |
| </div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| Your Trafodion Configuration File contains the password for the Trafodion Runtime User |
| and for the Distribution Manager. Therefore, we recommend that you secure the file in a manner |
| that matches the security policies of your organization. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| If you are installing Trafodion on a version of Hadoop that has been instrumented with Kerberos, |
| you will be asked for a password associated with a Kerberos administrator. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="sect4"> |
| <h5 id="_example_creating_a_trafodion_configuration_file">Example: Creating a Trafodion Configuration File</h5> |
| <div class="paragraph"> |
| <p>Using the instructions in <a href="#prepare-gather-configuration-information">Gather Configuration Information</a> |
| in the <a href="#prepare">Prepare</a> chapter, you record the following information.</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 30%;"> |
| <col style="width: 50%;"> |
| <col style="width: 20%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">ID</th> |
| <th class="tableblock halign-left valign-top">Information</th> |
| <th class="tableblock halign-left valign-top">Setting</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>ADMIN</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Administrator user name for Apache Ambari or Cloudera Manager.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">admin</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>ADMIN_PRINCIPAL</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Kerberos principal for the KDC admin user including the realm.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>BACKUP_DCS_NODES</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">List of nodes where to start the backup DCS Master components.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>CLOUD_CONFIG</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether you’re installing Trafodion on a cloud environment.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">N</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>CLOUD_TYPE</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">What type of cloud environment you’re installing Trafodion on.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>CLUSTER_NAME</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The name of the Hadoop Cluster.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Cluster 1</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>DB_ROOT_NAME</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">LDAP name used to connect as database root user</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">trafodion</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_BUILD</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Tar file containing the DCS component.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_PRIMARY_MASTER_NODE</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The node where the primary DCS should run.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_SERVER_PARM</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Number of concurrent client sessions per node.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">8</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>ENABLE_HA</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether to run DCS in high-availability (HA) mode.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">N</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>EPEL_RPM</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Location of EPEL RPM. Specify if you don’t have access to the Internet.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>FLOATING_IP</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">IP address if running DCS in HA mode.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HADOOP_TYPE</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The type of Hadoop distribution you’re installing Trafodion on.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">cloudera</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HBASE_GROUP</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Linux group name for the HBASE administrative user.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">hbase</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HBASE_KEYTAB</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Kerberos service keytab for HBase admin principal.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Default based on distribution</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HBASE_USER</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Linux user name for the HBASE administrative user.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">hbase</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HDFS_KEYTAB</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Kerberos service keytab for HDFS admin principal.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Default based on distribution</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HDFS_USER</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Linux user name for the HDFS administrative user.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">hdfs</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HOME_DIR</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Root directory under which the <code>trafodion</code> home directory should be created.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">/home</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>INIT_TRAFODION</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether to automatically initialize the Trafodion database.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Y</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>INTERFACE</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Interface type used for $FLOATING_IP.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>JAVA_HOME</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Location of Java 1.7.0_65 or higher (JDK).</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">/usr/java/jdk1.7.0_67-cloudera</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>KDC_SERVER</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Location of Kerberos server for admin access</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_CERT</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Full path to TLS certificate.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_HOSTS</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">List of nodes where LDAP Identity Store servers are running.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_ID</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">List of LDAP unique identifiers.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_LEVEL</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">LDAP Encryption Level.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_PASSWORD</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Password for LDAP_USER.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_PORT</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Port used to communicate with LDAP Identity Store.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_SECURITY</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether to enable LDAP authentication.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">N</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_USER</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">LDAP Search user name.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LOCAL_WORKDIR</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The directory where the Trafodion Installer is located.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">/home/centos/trafodion-installer/installer</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>MANAGEMENT_ENABLED</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether your installation uses separate management nodes.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">N</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>MANAGEMENT_NODES</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The FQDN names of management nodes, if any.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>MAX_LIFETIME</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Kerberos ticket lifetime for Trafodion principal</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">24hours</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>NODE_LIST</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The FQDN names of the nodes where Trafodion will be installed.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">trafodion-1 trafodion-2</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>PASSWORD</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Administrator password for Apache Ambari or Cloudera Manager.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">admin</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>RENEW_LIFETIME</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Kerberos ticket renewal lifetime for Trafodion principal</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">7days</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>REST_BUILD</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Tar file containing the REST component.</p></td> |
| <td class="tableblock halign-left valign-top"></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>SECURE_HADOOP</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Indicates whether Hadoop has Kerberos enabled</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Based on whether Kerberos is enabled for your Hadoop installation</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_HOME</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Target directory for the Trafodion software.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">/home/trafodion/apache-trafodion-1.3.0-incubating-bin</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>START</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether to start Trafodion after install/upgrade.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Y</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>SUSE_LINUX</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether your installing Trafodion on SUSE Linux.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_PACKAGE</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The location of the Trafodion installation package tar file or core installation tar file.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">/home/centos/trafodion-download/apache-trafodion-1.3.0-incubating-bin.tar.gz</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_KEYTAB</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Kerberos keytab for <code>trafodion</code> principal.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Default keytab based on distribution</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_KEYTAB_DIR</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Location of Kerberos keytab for the <code>trafodion</code> principal.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Default location based on distribution</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_USER</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The Trafodion runtime user ID. Must be <code>trafodion</code> in this release.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">trafodion</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_USER_PASSWORD</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The password used for the <code>trafodion:trafodion</code> user ID.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">traf123</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>URL</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">FQDN and port for the Distribution Manager’s REST API.</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">trafodion-1.apache.org:7180</p></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="paragraph"> |
| <p>Next, you edit <code>my_config</code> to contain the following:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">#!/bin/bash |
| # @@@ START COPYRIGHT @@@ |
| # |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| # |
| # @@@ END COPYRIGHT @@@ |
| |
| #==================================================== |
| # Trafodion Configuration File |
| # This file contains default values for the installer. |
| |
| # Users can also edit this file and provide values for all parameters |
| # and then specify this file on the run line of trafodion_install. |
| # Example: |
| # ./trafodion_install --config_file <Trafodion-config-file> |
| # WARNING: This mode is for advanced users! |
| # |
| #===================================================== |
| |
| |
| #===================================================== |
| #Must be set to 'true' if on a SUSE linux system. If on another type of system |
| #this must be set to false. |
| |
| export SUSE_LINUX="false" |
| |
| # The working directory where Trafodion installer untars files, etc. |
| # do not change this unless you really know what you are doing |
| export TRAF_WORKDIR="/usr/lib/trafodion" |
| |
| # This is the directory where the installer scripts were untarred to |
| export LOCAL_WORKDIR="/home/centos/trafodion-installer/installer" |
| |
| # The maximum number of dcs servers, i.e. client connections |
| export DCS_SERVERS_PARM="8" |
| |
| # "true" if this is an upgrade |
| export UPGRADE_TRAF="false" |
| |
| # Trafodion userid, This is the userid the Trafodion instance will run under |
| export TRAF_USER="trafodion" |
| |
| # Trafodion userid's password |
| export TRAF_USER_PASSWORD="traf123" |
| |
| # a blank separated list of nodes in your cluster |
| # node names should include full domain names |
| #This can not be left blank! |
| export NODE_LIST="trafodion-1 trafodion-2" |
| |
| # count of nodes in node list |
| export node_count="2" |
| |
| # another list of the same nodes in NODE_LIST but specified in a pdsh usable format |
| # i.e. "-w centos-cdh[1-6]" or "-w node1 -w node2 -w node3" |
| export MY_NODES="-w trafodion-[1-2]" |
| |
| # the directory prefix for the trafodion userid's $HOME directory |
| # i.e. /opt/home, not /opt/home/trafodion |
| export HOME_DIR="/home" |
| |
| #JAVA HOME must be a JDK. Must include FULL Path. Must be 1.7.0_65 or higher. |
| |
| export JAVA_HOME="/usr/java/jdk1.7.0_67-cloudera" |
| |
| # If your machine doesn't have external internet access then you must |
| # specify the location of the EPEL rpm, otherwise leave blank and it |
| # will be installed from the internet |
| export EPEL_RPM="" |
| |
| # full path of the Trafodion package tar file |
| export TRAF_PACKAGE="/home/centos/trafodion-download/apache-trafodion-1.3.0-incubating-bin.tar.gz" |
| |
| # if TRAF_PACKAGE wasn't specified then these two values must be specified |
| # TRAF_BUILD is the trafodion_server tar file |
| # DCS_BUILD is the DCS tar file |
| # REST_BUILD is the REST tar file |
| export TRAF_BUILD="" |
| export DCS_BUILD="" |
| export REST_BUILD="" |
| # Either "cloudera" or "hortonworks" (all lowercase) |
| export HADOOP_TYPE="cloudera" |
| |
| # The URL for Cloudera/Hortonworks REST API (i.e. node1.host.com:8080) |
| export URL="trafodion-1.apache.org:7180" |
| |
| # Cloudera/Hortonworks UI admin's userid and password |
| export ADMIN="admin" |
| export PASSWORD="admin" |
| |
| # hadoop cluster name |
| export CLUSTER_NAME="" |
| |
| # the Hadoop HDFS userid |
| export HDFS_USER="hdfs" |
| |
| # the Hadoop HBase userid and group |
| export HBASE_USER="hbase" |
| export HBASE_GROUP="hbase" |
| |
| # The hadoop HBase service name |
| export HBASE="hbase" |
| |
| # full path of where to install Trafodion to |
| # Example is used below. If $HOME_DIR or $TRAF_USER have been changed |
| # then this will need to be changed. |
| # On an upgrade, it is recommend to choose a different directory. |
| # First time install : /home/trafodion/traf |
| # On Upgrade: /home/trafodion/traf_<date> |
| # By doing this the previous version will remain and allow for an easier rollback. |
| export TRAF_HOME="/home/trafodion/apache-trafodion-1.3.0-incubating-bin" |
| |
| # Start Trafodion after install completes |
| export START="Y" |
| |
| # initialize trafodion after starting |
| export INIT_TRAFODION="Y" |
| |
| # full path to the sqconfig file |
| # Default is to leave as is and this file will be created. |
| export SQCONFIG="" |
| |
| #----------------- security configuration information ----------------- |
| #Enter in Kerberos details if Kerberos is enabled on your cluster |
| |
| #Indicate Kerberos is enabled |
| export SECURE_HADOOP="N" |
| |
| #Location of Kerberos server for admin access |
| export KDC_SERVER="" |
| |
| #Kerberos Admin principal used to create Trafodion principals and keytabs |
| #Please include realm, for example: trafadmin/admin@MYREALM.COM |
| export ADMIN_PRINCIPAL="" |
| |
| #Keytab for HBase admin user, used to grant Trafodion user CRWE privilege |
| export HBASE_KEYTAB="" |
| |
| #Keytab for HDFS admin user, used to create data directories for Trafodion |
| export HDFS_KEYTAB="" |
| |
| #Kerberos ticket defaults for the Trafodion user |
| export MAX_LIFETIME="24hours" |
| export RENEW_LIFETIME="7days" |
| |
| #Trafodion keytab information |
| export TRAF_KEYTAB="" |
| export TRAF_KEYTAB_DIR="" |
| |
| #Enter in LDAP configuration information |
| #Turn on authentication - MUST have existing LDAP configured. |
| export LDAP_SECURITY="Y" |
| |
| #Name of LDAP Config file |
| export LDAP_AUTH_FILE="traf_authentication_config_`hostname -s`" |
| |
| #LDAP name to map to database user DB__ROOT |
| DB_ROOT_NAME="trafodion" |
| #----------------- end security configuration ----------------- |
| |
| export CONFIG_COMPLETE="true"</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Once completed, run the Trafodion Installer with the <code>--config_file</code> option.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Refer to the following sections for examples:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><a href="#install-automated-install">Automated Install</a></p> |
| </li> |
| <li> |
| <p><a href="#upgrade-automated-upgrade">Automated Upgrade</a></p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="introduction-trafodion-provisioning-directories">3.6. Trafodion Provisioning Directories</h3> |
| <div class="paragraph"> |
| <p>Trafodion stores its provisioning information in the following directories on each node in the cluster:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><code>/etc/trafodion</code>: Configuration information.</p> |
| </li> |
| <li> |
| <p><code>/usr/lib/trafodion</code>: Copies of the files required by the installer.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="requirements">4. Requirements</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Trafodion requires an x86 version of Linux.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The current release of Trafodion has been tested with:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>64-bit Red Hat Enterprise Linux (RHEL) or CentOS 6.5, 6.6, and 6.7</p> |
| </li> |
| <li> |
| <p>Cloudera CDH 5.4</p> |
| </li> |
| <li> |
| <p>Hortonworks HDP 2.3</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>Other OS releases may work, too. The Trafodion project is currently working on better support for more distribution and non-distribution versions of Hadoop.</p> |
| </div> |
| <div class="sect2"> |
| <h3 id="requirements-general-cluster-and-os-requirements-and-recommendations">4.1. General Cluster and OS Requirements and Recommendations</h3> |
| <div class="paragraph"> |
| <p>64-bit x86 instruction set running a Linux distribution is required. Further, Trafodion assumes an environment |
| based on the requirements of the tested Hadoop distributions/services.</p> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-cluster-requirements-and-recommendations">4.1.1. Hardware Requirements and Recommendations</h4> |
| <div class="sect4"> |
| <h5 id="requirements-single-node-cluster">Single-Node Cluster</h5> |
| <div class="paragraph"> |
| <p>It is possible to run Trafodion on a single-node sandbox environment. Typically, any sandbox running a Hadoop distribution |
| can be used. A typical single-node configuration uses 4-8 cores with 16 GB of memory, and 20 GB free disk space.</p> |
| </div> |
| </div> |
| <div class="sect4"> |
| <h5 id="requirements-multi-node-cluster">Multi-Node Cluster</h5> |
| <div class="paragraph"> |
| <p>For multi-node end-user clusters, your typical HBase environment should suffice for Trafodion. |
| Typically, memory configuration range between 64-128 GB per node with minimum requirement of 16 GB. |
| The cluster size can span from 1 to <em>n</em> nodes; a minimum of two nodes is recommended. |
| A minimum of two cores is required regardless of whether you’re deploying Trafodion on a bare-metal or virtual environment.</p> |
| </div> |
| <div style="page-break-after: always;"></div> |
| <div class="paragraph"> |
| <p>Recommended configurations:</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 40%;"> |
| <col style="width: 60%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Attribute</th> |
| <th class="tableblock halign-left valign-top">Guidance</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">Processors per Node</p></th> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• Small: 2 cores<br> |
| • Medium: 4 cores<br> |
| • Large: 8+ cores</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">Memory per Node</p></th> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• Small: 16 GB<br> |
| • Medium: 64 GB<br> |
| • Large: 128 GB</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">Concurrency:Nodes</p></th> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• Two Small Nodes: Four concurrent queries<br> |
| • Two Medium Nodes: 64 concurrent queries<br> |
| • Two Large Nodes: 256 concurrent queries</p> |
| </div></div></td> |
| </tr> |
| </tbody> |
| </table> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-os-requirements-and-recommendations">4.1.2. OS Requirements and Recommendations</h4> |
| <div class="paragraph"> |
| <p>Please verify these requirements on each node you will install Trafodion on:</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 20%;"> |
| <col style="width: 40%;"> |
| <col style="width: 40%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Function</th> |
| <th class="tableblock halign-left valign-top">Requirement</th> |
| <th class="tableblock halign-left valign-top">Verification Guidance</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Linux</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>64-bit version of Red Hat 6.5 or later, or SUSE SLES 11.3 or later.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>sshd</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>The <code>ssh</code> daemon is running on each node in the cluster.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• <code>ps aux | grep sshd</code><br> |
| • <code>sudo netstat -plant | grep :22</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>ntpd</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>The <code>ntp</code> daemon is running and synchronizing time on each node in the cluster.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• <code>ps aux | grep ntp</code><br> |
| • <code>ntpq -p</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>FQDN</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• <code>/etc/hosts</code> is set up for fully-qualified node names (FQDN).<br> |
| • <code>/etc/resolv.conf</code> is configured to use a name server.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• <code>hostname --fqdn</code> shows the fully-qualified node name, if any.<br> |
| • The fully-qualified node name is part of the <code>/etc/hosts</code> file.<br> |
| • <code>host -T <FQDN></code> (responds if using a DNS server, times out otherwise)<br> |
| • Simply ssh among nodes using <code>ssh <FQDN></code>.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Port Availability</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>The Linux Kernel Firewall (<code>iptables</code>) has either been disabled or <a href="#ip-ports">ports required by Trafodion</a> have been opened.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• <code>lsmod | grep ip_tables</code> checks whether <code>iptables</code> is loaded. If not, no further checking is needed.<br> |
| • <code>sudo iptables -nL | grep <port></code> checks the configuration of a port. An empty response indicates no rule for the port, which often means |
| the port is <strong>not</strong> open.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>passwordless ssh</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>The user name used to provision Trafodion must have passwordless ssh access to all nodes.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>ssh to the nodes, ensure that no password prompt appears.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>sudo privileges</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>The user name used to provision Trafodion must sudo access to a number of root functions .</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>sudo echo "test"</code> on each node.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>bash</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Available for shell-script execution.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>bash --version</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>java</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Available to run the Trafodion software. Same version as HBase is using.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>java --version</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>perl</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Available for script execution.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>perl --version</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>python</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Available for script execution.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>python --version</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>yum</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Available for installs, updates, and removal of software packages.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>yum --version</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>rpm</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Available for installs, updates, and removal of software packages.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>rpm --version</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>scp</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Available to copy files among nodes in the cluster.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>scp --help</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>curl</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Available to transfer data with URL syntax.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>curl --version</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>wget</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Available to download files from the Web.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>wget --version</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>pdsh</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Available to run shell commands in parallel.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>pdsh -V</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>pdcp</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Available to copy files among nodes in parallel. part of the <code>pdsh</code> package.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>pdcp -V</code></p> |
| </div></div></td> |
| </tr> |
| </tbody> |
| </table> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-ip-ports">4.1.3. IP Ports</h4> |
| <div class="paragraph"> |
| <p>The following table lists the default ports used by the different Trafodion components plus the configuration file and configuration attribute associated with each port setting.</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 10%;"> |
| <col style="width: 20%;"> |
| <col style="width: 20%;"> |
| <col style="width: 10%;"> |
| <col style="width: 5%;"> |
| <col style="width: 10%;"> |
| <col style="width: 25%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Default Port</th> |
| <th class="tableblock halign-left valign-top">Configuration File</th> |
| <th class="tableblock halign-left valign-top">Configuration Entry</th> |
| <th class="tableblock halign-left valign-top">Required</th> |
| <th class="tableblock halign-left valign-top">Range</th> |
| <th class="tableblock halign-left valign-top">Protocol</th> |
| <th class="tableblock halign-left valign-top">Comment</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">4200</p></th> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>rest-site.xml</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>trafodion.rest.port</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Yes</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">REST</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Trafodion REST Server.</p></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">4201</p></th> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>rest-site.xml</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>trafodion.rest.https.port</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Yes</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HTTPS</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Trafodion REST Server (HTTPS).</p></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">23400</p></th> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs-site.xml</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs.master.port</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Yes</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><em>n</em></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">binary</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Start of Trafodion DCS port range. (37800 for Trafodion 1.1)</p></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">24400</p></th> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs-site.xml</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs.master.info.port</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Yes</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">DCS master web GUI. (40010 for Trafodion 1.1)</p></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">24410</p></th> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs-site.xml</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dcs.server.info.port</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Yes</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><em>n</em></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Start of range for DCS server web GUIs. (40030 for Trafodion 1.1)</p></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">50030</p></th> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>mapred-site.xml</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>mapred.job.tracker.http.address</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">MapReduce Job Tracker web GUI.</p></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">50070</p></th> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hdfs-site.xml</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dfs.http.address</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HDFS Name Node web GUI.</p></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">50075</p></th> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hdfs-site.xml</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dfs.datanode.http.address</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HDFS Data Node web GUI.</p></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">50090</p></th> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hdfs-site.xml</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dfs.secondary.http.address</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HDFS Secondary Name Node web GUI.</p></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">60010</p></th> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase-site.xml</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.master.info.port</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HBase Master web GUI.</p></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">60030</p></th> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase-site.xml</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.info.port</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HTTP</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HBase Region Server web GUI.</p></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="paragraph"> |
| <p>There are two port ranges used by Trafodion.</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>23400 is a range, to allow multiple mxosrvr processes on each node. Allow a range of a few ports, |
| enough to cover all the servers per node that are listed in the "servers" file in the DCS configuration directory.</p> |
| </li> |
| <li> |
| <p>24410 is a range as well, enough to cover the DCS servers per node, usually 1 or 2.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>On top of the ports identified above, you also need the ports required by your Hadoop distribution. For example:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><a href="http://www.cloudera.com/content/www/en-us/documentation/enterprise/latest/topics/cdh_ig_ports_cdh5.html"><em>Cloudera Ports</em></a></p> |
| </li> |
| <li> |
| <p><a href="http://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.3.0-Win/bk_HDP_Install_Win/content/ref-79239257-778e-42a9-9059-d982d0c08885.1.html"><em>Hortonworks Ports</em></a></p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>If you have Kerberos or LDAP enabled, then ports required by these products need to be opened as well.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Although not all the ports will be used on every node of the cluster, you need to open most of them for all the nodes in the cluster that |
| have Trafodion, HBase, or HDFS servers on them.</p> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="requirements-prerequisite-software">4.2. Prerequisite Software</h3> |
| <div class="sect3"> |
| <h4 id="requirements-hadoop-software">4.2.1. Hadoop Software</h4> |
| <div class="paragraph"> |
| <p>Trafodion runs as an add-on service on Hadoop distributions. The following Hadoop services and their dependencies must be installed and running |
| on the cluster where you intend to install Trafodion:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Hadoop Distributed File System (HDFS)</p> |
| </li> |
| <li> |
| <p>YARN with MapReduce version 2</p> |
| </li> |
| <li> |
| <p>ZooKeeper</p> |
| </li> |
| <li> |
| <p>HBase</p> |
| </li> |
| <li> |
| <p>Hive</p> |
| </li> |
| <li> |
| <p>Apache Ambari (Hortonworks) or Cloudera Manager (Cloudera) with associated embedded databases.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>The following distributions have been tested with Trafodion.<sup>1</sup></p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 25%;"> |
| <col style="width: 15%;"> |
| <col style="width: 10%;"> |
| <col style="width: 50%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Distribution</th> |
| <th class="tableblock halign-left valign-top">Version</th> |
| <th class="tableblock halign-left valign-top">HBase Version</th> |
| <th class="tableblock halign-left valign-top">Installation Documentation</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Cloudera Distribution Including Apache Hadoop (CDH)</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">5.4</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1.0</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><a href="http://www.cloudera.com/downloads/manager/5-4-0.html">CHD 5.4 Installation</a></p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Hortonworks Data Platform (HDP)</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">2.3</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">1.1</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><a href="http://hortonworks.com/products/data-center/hdp/">HDP 2.3 Installation</a></p></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Future releases of Trafodion will move away from distribution-specific integration. Instead, Trafodion will be tested with |
| specific version of the Hadoop, HDFS, HBase, and other services/products only.</p> |
| </li> |
| <li> |
| <p>When possible, install using <strong>parcels</strong> to simply the installation process.</p> |
| </li> |
| </ol> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| Trafodion does not yet support installation on a non-distribution version of Hadoop; that is, |
| Hadoop downloaded from the Apache web site. This restriction will be lifted in a later release of |
| Trafodion. |
| </td> |
| </tr> |
| </table> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-software-packages">4.2.2. Software Packages</h4> |
| <div class="paragraph"> |
| <p>In addition to the software packages required to run different Hadoop services listed above (for example, <code>Java</code>), |
| Trafodion requires supplementary software to be installed on the cluster before it is installed. These are Linux |
| tools that are not typically packaged as part of the core Linux distribution.</p> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| For RedHat/CentOS, the Trafodion Installer automatically attempts get a subset of these packages over the Internet. |
| If the cluster’s access to the Internet is disabled, then you need to manually download the packages and make them available |
| for installation. You need to build and install <code>log4c++</code> manually. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 20%;"> |
| <col style="width: 45%;"> |
| <col style="width: 35%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Package</th> |
| <th class="tableblock halign-left valign-top">Usage</th> |
| <th class="tableblock halign-left valign-top">Installation</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">EPEL</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Add-on packages to completed the Linux distribution.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>Download |
| <a href="http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch">Fedora RPM</a></pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">pdsh</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Parallelize shell commands during install and Trafodion runtime utilities.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install pdsh</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">log4cxx</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Message logging.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>Manual process<sup>1</sup></pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">sqlite</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Internal configuration information managed by the Trafodion Foundation component.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install sqlite</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">expect</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Not used?</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install expect</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">perl-DBD-SQLite</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Allows Perl scripts to connect to SQLite.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install perl-DBD-SQLite</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">perl-Params-Validate</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Validates method/function parameters in Perl scripts.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install perl-Params-Validate</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">perl-Time-HiRes</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">High resolution alarm, sleep, gettimeofday, interval timers in Perl scripts.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install perl-Time-HiRes</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">protobuf</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Data serialization.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install protobuf</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">xerces-c</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">C++ XML parsing.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install xerces-c</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">gzip</p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Data compress/decompress.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install gzip</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">rpm-build<sup>2</sup></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Build binary and source software packages.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install rpm-build</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">apr-devel<sup>2</sup></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Support files used to build applications using the APR library.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install apr-devel</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">apr-util-devel<sup>2</sup></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Support files used to build applications using the APR utility library.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install apr-util-devel</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">doxygen<sup>2</sup></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Generate documentation from annotated C++ sources.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install doxygen</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">gcc<sup>2</sup></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">GNU Compiler Collection</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install gcc</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">gcc_c++<sup>2</sup></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">GNU C++ compiler.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>yum install gcc_c++</pre></div></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p><code>log4c++</code> was recently withdrawn from public repositories. Therefore, you will need to build the <code>log4c++</code> RPM |
| on your system and then install the RPM using the procedure described in <a href="#log4cplusplus_installation">log4c++ Installation</a>.</p> |
| </li> |
| <li> |
| <p>Software package required to build <code>log4c++</code>. Not required otherwise. These packages are <strong>not</strong> installed by the Trafodion Installer in this release.</p> |
| </li> |
| </ol> |
| </div> |
| <div class="paragraph"> |
| <p>The Trafodion Installer requires Internet access to install the required software packages.</p> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="requirements-trafodion-user-ids-and-their-privileges">4.3. Trafodion User IDs and Their Privileges</h3> |
| <div class="sect3"> |
| <h4 id="requirements-trafodion-runtime-user">4.3.1. Trafodion Runtime User</h4> |
| <div class="paragraph"> |
| <p>The <code>trafodion:trafodion</code> user ID is created as part of the installation process. The default password is: <code>traf123</code>.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Trafodion requires that either HDFS ACL support or Kerberos is enabled. The Trafodion Installer will enable HDFS ACL and Kerberos support. Refer to <a href="#enable-security-kerberos">Kerberos</a> for more information about the requirements and usage of Kerberos in Trafodion. |
| Refer to <a href="https://hbase.apache.org/book.html#security">Apache HBase™ Reference Guide</a> for security in HBase.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Also, Trafodion requires <code>sudo</code> access to <code>ip</code> and <code>arping</code> so that floating or elastic IP addresses can be moved from one node to |
| another in case of node failures.</p> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| Do <strong>not</strong> create the <code>trafodion:trafodion</code> user ID in advance. The Trafodion Installer uses the presence of this user ID to determine |
| whether you’re doing an installation or upgrade. |
| </td> |
| </tr> |
| </table> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-trafodion-provisioning-user">4.3.2. Trafodion Provisioning User</h4> |
| <div class="paragraph"> |
| <p>Typically, the Trafodion Installer is used for Trafodion installations. It requires access to the user IDs documented below.</p> |
| </div> |
| <div class="sect4"> |
| <h5 id="requirements-linux-installation-user">Linux Installation User</h5> |
| <div class="paragraph"> |
| <p>The user ID that performs the Trafodion installation steps. Typically, this User ID runs the Trafodion Installer.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Requirements</strong>:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>User name or group cannot be <code>trafodion</code>.</p> |
| </li> |
| <li> |
| <p>Passwordless ssh access to all nodes in the cluster.</p> |
| </li> |
| <li> |
| <p>Internet access to download software packages.</p> |
| </li> |
| <li> |
| <p><code>requiretty</code> must be disabled in <code>/etc/sudoers</code>.</p> |
| </li> |
| <li> |
| <p><code>sudo</code><sup>1</sup> access to:</p> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Download and install software packages.</p> |
| </li> |
| <li> |
| <p>Modify <code>/etc/sudoers.d</code> (allow the <code>trafodion</code> user to modify floating IP: <code>ip</code> and <code>arping</code>).</p> |
| </li> |
| <li> |
| <p>Create the <code>trafodion</code> user ID and group.</p> |
| </li> |
| <li> |
| <p>Install Trafodion software into the HBase environment.</p> |
| </li> |
| <li> |
| <p>Run Java version command on each node in the cluster.</p> |
| </li> |
| <li> |
| <p>Run Hadoop version command on each node in the cluster.</p> |
| </li> |
| <li> |
| <p>Run HBase version command on each node in the cluster.</p> |
| </li> |
| <li> |
| <p>Create directories and files in:</p> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><code>/etc</code></p> |
| </li> |
| <li> |
| <p><code>/usr/lib</code></p> |
| </li> |
| <li> |
| <p><code>/var/log</code></p> |
| </li> |
| </ul> |
| </div> |
| </li> |
| <li> |
| <p>Invoke <code>su</code> to execute commands as other users; for example, <code>trafodion</code>.</p> |
| </li> |
| <li> |
| <p>Edit <code>sysctl.conf</code> and activate changes using <code>sysctl -p</code>:</p> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Modify kernel limits.</p> |
| </li> |
| <li> |
| <p>Reserve IP ports.</p> |
| </li> |
| </ul> |
| </div> |
| </li> |
| </ul> |
| </div> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p><sup>1</sup> <code>sudo</code> is <strong>required</strong> in the current release of Trafodion. This restriction may be relaxed in later releases. |
| Alternative mechanisms for privileged access (such as running as <code>root</code> or <code>sudo</code> alternative commands) are not supported.</p> |
| </div> |
| </div> |
| <div class="sect4"> |
| <h5 id="requirements-distribution-manager-user">Distribution Manager User</h5> |
| <div class="paragraph"> |
| <p>A user ID that can change the configuration using Apache Ambari or Cloudera Manager. The Trafodion Installer makes REST |
| request to perform configuration and control functions to the distribution manager using this user ID.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Requirements</strong>:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Administrator user name and password.</p> |
| </li> |
| <li> |
| <p>URL to Distribution Manager’s REST API.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <div class="sect4"> |
| <h5 id="requirements-hdfs-administrator-user">HDFS Administrator User</h5> |
| <div class="paragraph"> |
| <p>The HDFS super user. Required to create directories and change security settings, as needed. |
| The Trafodion Installer uses <code>su</code> to run commands under this user ID.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Requirements</strong>:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>HDFS Administrator user name.</p> |
| </li> |
| <li> |
| <p>Write access to home directory on the node where the Distribution Manager is running.</p> |
| </li> |
| <li> |
| <p>For Kerberos enabled installations, location of the keytab for the HDFS service principal.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <div class="sect4"> |
| <h5 id="requirements-hbase-administrator-user">HBase Administrator User</h5> |
| <div class="paragraph"> |
| <p>The HBase super user. Required to change directory ownership in HDFS. For Kerberos enabled installations, the HBase super user is needed to grant the <code>trafodion</code> user create, read, write, and execute privileges.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Requirements</strong>:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>HBase Administrator user name and group.</p> |
| </li> |
| <li> |
| <p>Read access to <code>hbase-site.xml</code>.</p> |
| </li> |
| <li> |
| <p>For Kerberos enabled installations, location of the keytab for the HBase service principal.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <div class="sect4"> |
| <h5 id="requirements-kerberos-administrator-user">Kerberos Administrator User</h5> |
| <div class="paragraph"> |
| <p>The Kerberos adminstrator. Required to create Trafodion principals and keytabs on a cluster where Kerberos is enabled.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Requirements</strong>:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Kerberos Administrator admin name including the realm.</p> |
| </li> |
| <li> |
| <p>Kerberos Administrator password</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="requirements-required-configuration-changes">4.4. Required Configuration Changes</h3> |
| <div class="paragraph"> |
| <p>Trafodion requires changes to a number of different areas of your system configuration: operating system, HDFS, and HBase.</p> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| These changes are performed by the Trafodion Installer, if used. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-operating-system-changes">4.4.1. Operating System Changes</h4> |
| <div class="paragraph"> |
| <p><code>/etc/security/limits.d/trafodion.conf</code> on each node in the cluster must contain the following settings:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text"># Trafodion settings |
| trafodion soft core unlimited |
| trafodion hard core unlimited |
| trafodion soft memlock unlimited |
| trafodion hard memlock unlimited |
| trafodion soft nofile 32768 |
| trafodion hard nofile 65536 |
| trafodion soft nproc 100000 |
| trafodion hard nproc 100000</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-zookeeper-changes">4.4.2. ZooKeeper Changes</h4> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| These changes require a restart of ZooKeeper on all nodes in the cluster. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p>Trafodion requires the following changes to <code>zoo.cfg</code>:</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 30%;"> |
| <col style="width: 40%;"> |
| <col style="width: 30%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Setting</th> |
| <th class="tableblock halign-left valign-top">New Value</th> |
| <th class="tableblock halign-left valign-top">Purpose</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>maxClientCnxns</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>0</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Tell ZooKeeper to impose no limit to the number of connections to enable better Trafodion concurrency.</p> |
| </div></div></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| If Kerberos is enabled, it is not possible to secure the Trafodion data in ZooKeeper at this time. |
| </td> |
| </tr> |
| </table> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-hdfs-changes">4.4.3. HDFS Changes</h4> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| These changes require a restart of HDFS on all nodes in the cluster. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p>Trafodion requires the following changes to the HDFS environment:</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 60%;"> |
| <col style="width: 40%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Action</th> |
| <th class="tableblock halign-left valign-top">Purpose</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• Create <code>/hbase-staging</code> directory. <br> |
| • Change owner to HBase Administrator.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• Create <code>/bulkload</code> directory. <br> |
| • Change owner to <code>trafodion</code>.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Used to stage data when processing the Trafodion |
| <a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html#load_statement">LOAD INTO table</a> |
| statement and as a temporary directory to create links to actual HFile for snapshot scanning.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• Create <code>/lobs</code> directory. <br> |
| • Change owner to <code>trafodion</code>.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• Create <code>/apps/hbase/data/archive</code><sup>1</sup>. <br> |
| • Change owner to: <code>hbase:hbase</code> (Cloudera) or <code>hbase:hdfs</code> (Hortonworks)<br> |
| • Give the <code>trafodion</code> user RWX access to <code>/apps/hbase/data/archive</code><br> |
| • Set default user of <code>/apps/hbase/data/archive</code> to <code>trafodion</code><br> |
| • Recursively change <code>setafcl</code> of <code>/apps/hbase/data/archive</code> to RWX</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div></div></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>These steps are performed <strong>after</strong> HDFS ACLs have been enabled.</p> |
| </li> |
| </ol> |
| </div> |
| <div class="paragraph"> |
| <p>The following changes are required in <code>hdfs-site.xml</code>:</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 30%;"> |
| <col style="width: 40%;"> |
| <col style="width: 30%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Setting</th> |
| <th class="tableblock halign-left valign-top">New Value</th> |
| <th class="tableblock halign-left valign-top">Purpose</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dfs.namenode.acls.enabled</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Enable HDFS POSIX Access Control Lists (ACLs).</p> |
| </div></div></td> |
| </tr> |
| </tbody> |
| </table> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-hbase-changes">4.4.4. HBase Changes</h4> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| These changes require a restart of ZooKeeper and HBase on all nodes in the cluster. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p>Trafodion requires that the following changes to the HBase environment:</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 25%;"> |
| <col style="width: 40%;"> |
| <col style="width: 35%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Action</th> |
| <th class="tableblock halign-left valign-top">Affected Directories</th> |
| <th class="tableblock halign-left valign-top">Purpose</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Install/replace Trafodion’s version of <code>hbase-trx</code></p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• <code>/usr/lib/hbase/lib/</code><br> |
| • <code>/usr/share/cmf/lib/plugins/</code> (Cloudera)<br> |
| • <code>/usr/hdp/current/hbase-regionserver/lib/</code> (Hortonworks)</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Trafodion transaction management relies on an enhanced version of <code>hbase-trx</code>.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Install/Replace Trafodion utility jar file.</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>• <code>/usr/lib/hbase/lib/</code><br> |
| • <code>/usr/share/cmf/lib/plugins/</code> (Cloudera)<br> |
| • <code>/usr/hdp/current/hbase-regionserver/lib</code> (Hortonworks)</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>TODO: Add purpose here.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>For Kerberos enabled clusters, grant <code>trafodion</code> user privileges</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>not applicable</p> |
| </div></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>privileges: create, read, write, and execute access</p> |
| </div></div></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="paragraph"> |
| <p>The following changes are required in <code>hbase-site.xml</code>. Please refer to the |
| <a href="https://hbase.apache.org/book.html">Apache HBase™ Reference Guide</a> for additional descriptions of these settings.</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 30%;"> |
| <col style="width: 40%;"> |
| <col style="width: 30%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Setting</th> |
| <th class="tableblock halign-left valign-top">New Value</th> |
| <th class="tableblock halign-left valign-top">Purpose</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.master. |
| distributed.log.splitting</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>false</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Do not use the HBase Split Log Manager. Instead, the HMaster controls all log-splitting activities.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.coprocessor. |
| region.classes</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop. |
| hbase.coprocessor. |
| transactional.TrxRegionObserver, |
| org.apache.hadoop. |
| hbase.coprocessor. |
| transactional.TrxRegionEndpoint, |
| org.apache.hadoop. |
| hbase.coprocessor. |
| AggregateImplementation</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Install Trafodion coprocessor classes.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.hregion.impl</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop. |
| hbase.regionserver. |
| transactional.TransactionalRegion</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Trafodion needs to be able to read the Write Ahead Log from a coprocessor using the getScanner method. This method |
| is protected in standard HBase. This change overloads the getScanner method to be public thereby allowing coprocessor code to use it.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver. |
| region.split.policy</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop. |
| hbase.regionserver. |
| ConstantSizeRegionSplitPolicy</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Tell HBase to use the ConstantSizeRegionSplitPolicy for region splitting. |
| This setting causes region splitting to occur only when the maximum file size is reached.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot. |
| enabled</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Enable the HBase Snapshot feature. Used for Trafodion backup and restore.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.bulkload. |
| staging.dir</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase-staging</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Use <code>/hbase-staging</code> as the bulk load staging directory.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.region. |
| transactional.tlog</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>The HBase Regions requests that the Transaction Manager re-drives in-doubt transactions.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot. |
| master.timeoutMillis</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>HMaster timeout when waiting for RegionServers involved in the snapshot operation.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot. |
| region.timeout</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>RegionServer timeout when waiting for snapshot to be created.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.client. |
| scanner.timeout.period</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Time limit to perform a scan request.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver. |
| lease.period</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Clients must report within this time limit or they are considered dead by HBase.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.namenode. |
| java.heapsize<sup>1</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>1073741824 (1GB)</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Java Heap Size for the HDFS NameNode.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.secondary.namenode. |
| java.heapsize<sup>1</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>1073741824 (1GB)</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Java Heap Size for the HDFS Secondary NameNode.</p> |
| </div></div></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Applies to Cloudera distributions only.</p> |
| </li> |
| </ol> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="requirements-recommended-configuration-changes">4.5. Recommended Configuration Changes</h3> |
| <div class="paragraph"> |
| <p>The following configuration changes are recommended but not required.</p> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| The Trafodion Installer does <strong>not</strong> make these changes. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-recommended-security-changes">4.5.1. Recommended Security Changes</h4> |
| <div class="paragraph"> |
| <p>The <code>trafodion</code> user ID should not be given other <code>sudo</code> privileges than what’s specified in this manual. Also, we |
| recommend that this user ID is locked (<code>sudo passwd -l trafodion</code>) once the installation/upgrade activity has been completed. |
| Users that need issue commands as the <code>trafodion</code> ID should do so using <code>sudo</code>; for example, <code>sudo -u trafodion -i</code>.</p> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-recommended-hdfs-configuration-changes">4.5.2. Recommended HDFS Configuration Changes</h4> |
| <div class="paragraph"> |
| <p>These settings are configured in the <code>hadoop-env.sh</code> file.</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 40%;"> |
| <col style="width: 20%;"> |
| <col style="width: 40%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Property</th> |
| <th class="tableblock halign-left valign-top">Recommended Setting</th> |
| <th class="tableblock halign-left valign-top">Guidance</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>DataNode Java Heap Size</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">2 GB</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Use this setting for a large configuration.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>NameNode Java Heap Size</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">2 GB</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Use this setting for a large configuration.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>Secondary NameNode Java Heap Size</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">2 GB</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Use this setting for a large configuration.</p> |
| </div></div></td> |
| </tr> |
| </tbody> |
| </table> |
| </div> |
| <div class="sect3"> |
| <h4 id="requirements-recommended-hbase-configuration-changes">4.5.3. Recommended HBase Configuration Changes</h4> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 30%;"> |
| <col style="width: 20%;"> |
| <col style="width: 50%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Configuration Property</th> |
| <th class="tableblock halign-left valign-top">Recommended Setting</th> |
| <th class="tableblock halign-left valign-top">Guidance</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.rpc.timeout</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">10 minutes</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>This setting depends on the tables' size. Sixty (60) seconds is the default. |
| Increase this value for big tables. Make it the same value as <code>hbase.client.scanner.timeout.period</code>. We have found |
| that increasing the setting to six-hundred (600) seconds will prevent many of the timeout-related errors we encountered, |
| such as <code>OutOfOrderNextException</code> errors.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.client.scanner.timeout.period</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">10 minutes</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>Similar to the <code>hbase.rpc.timeout</code> setting. Sixty (60) seconds is the |
| default. Depending on the size of a user table, we have experienced timeout failures on count(*) and update statistics commands |
| from this setting. The underlying issue is the length of the execution of the coprocessor within HBase. |
| <br> |
| NOTE: HBase uses the smaller of <code>hbase.rpc.timeout</code> and <code>hbase.client.scanner.timeout.period</code> to calculate the scanner timeout.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot.master.timeoutMillis and hbase.snapshot.region.timeout</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">10 minutes</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>HBase’s default setting is 60000 milliseconds. |
| If you experience timeout issues with HBase snapshots when you use the Trafodion Bulk Loader or other statements, |
| you can set the value for these two HBase properties to 10 minutes (600,000 milliseconds).</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.hregion.max.filesize</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">107374182400 bytes</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>HBase’s default setting is 10737418240 (10 GB). We have increased the setting to |
| 107374182400 (100 GB), which reduces the number of HStoreFiles per table and appears to reduce disruptions to active transactions from |
| region splitting.</p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.hstore.blockingStoreFiles</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">10</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><a href="http://gbif.blogspot.com/2012/07/optimizing-writes-in-hbase.html" class="bare">http://gbif.blogspot.com/2012/07/optimizing-writes-in-hbase.html</a></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.handler.count</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><num></p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p>This setting should match the number of concurrent sessions (mxosrvr). The default is 10.</p> |
| </div></div></td> |
| </tr> |
| </tbody> |
| </table> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="prepare">5. Prepare</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>You need to prepare your Hadoop environment before installing Trafodion.</p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p><a href="#prepare-install-optional-workstation-software">Install Optional Workstation Software</a></p> |
| </li> |
| <li> |
| <p><a href="#configure-installation-user-id">Configure Installation User ID</a></p> |
| </li> |
| <li> |
| <p><a href="#prepare-disable-requiretty">Disable requiretty</a></p> |
| </li> |
| <li> |
| <p><a href="#prepare-verify-os-requirements-and-recommendations">Verify OS Requirements and Recommendations</a></p> |
| </li> |
| <li> |
| <p><a href="#prepare-configure-kerberos">Configure Kerberos</a></p> |
| </li> |
| <li> |
| <p><a href="#prepare-configure-ldap-identity-store">Configure LDAP Identity Store</a></p> |
| </li> |
| <li> |
| <p><a href="#prepare-gather-configuration-information">Gather Configuration Information</a></p> |
| </li> |
| <li> |
| <p><a href="#prepare-install-required-software-packages">Install Required Software Packages</a></p> |
| </li> |
| <li> |
| <p><a href="#prepare-perform-recipe-based-provisioning-tasks">Perform Recipe-Based Provisioning Tasks</a></p> |
| </li> |
| </ol> |
| </div> |
| <div class="sect2"> |
| <h3 id="prepare-install-optional-workstation-software">5.1. Install Optional Workstation Software</h3> |
| <div class="paragraph"> |
| <p>If you are using a Windows workstation, then the following optional software helps installation process. |
| We recommended that you pre-install the software before continuing with the Trafodion installation:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>putty and puttygen (download from <a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html">PuTTY web site</a>)</p> |
| </li> |
| <li> |
| <p>VNC client (download from <a href="http://www.realvnc.com">RealVNC web site</a>)</p> |
| </li> |
| <li> |
| <p>Firefox or Chrome browser</p> |
| </li> |
| <li> |
| <p>SFTP client to transfer files from your workstation to the Linux server: WinSCP or FileZilla</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="configure-installation-user-id">5.2. Configure Installation User ID</h3> |
| <div class="paragraph"> |
| <p>Trafodion installation requires a user ID with these attributes:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><code>sudo</code> access per the requirements documented in <a href="#requirements-linux-installation-user">Linux Installation User</a>.</p> |
| </li> |
| <li> |
| <p>passwordless ssh to all nodes on the cluster where Trafodion will be installed.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| You may need to request permission from your cluster-management team to obtain this type of access. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p>The following example shows how to set up your user ID to have "passwordless ssh" abilities.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Do the following on the Provision Master Node:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">echo -e 'y\n' | ssh-keygen -t rsa -N "" -f $HOME/.ssh/id_rsa |
| cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys |
| echo localhost $(cat /etc/ssh/ssh_host_rsa_key.pub) >> $HOME/.ssh/known_hosts |
| echo "NoHostAuthenticationForLocalhost=yes" >> $HOME/.ssh/config |
| chmod 600 $HOME/.ssh/config |
| chmod 600 $HOME/.ssh/authorized_keys |
| chmod 700 $HOME/.ssh/</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>After running these commands, do the following:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>If necessary, create the <code>$HOME/.ssh</code> directory on the other nodes in your cluster and secure it private to yourself (<code>chmod 700</code>).</p> |
| </li> |
| <li> |
| <p>If necessary, create the <code>$HOME/.ssh/authorized_keys</code> file on the other nodes in your cluster. Secure it with <code>chmod 600 $HOME/.ssh/authorized_keys</code>.</p> |
| </li> |
| <li> |
| <p>Copy the content of the <code>$HOME/.ssh/id_rsa.pub</code> file on the Provisioning Master Node and append the to the |
| <code>$HOME/.ssh/authorized_keys</code> file on the other nodes in your cluster.</p> |
| </li> |
| <li> |
| <p><code>ssh</code> to the other nodes in the cluster. Answer <code>y</code> to the prompt asking you whether to continue the connection. |
| This adds the node to the <code>$HOME/.ssh/known_hosts</code> file completing the passwordless ssh setup.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="prepare-disable-requiretty">5.3. Disable requiretty</h3> |
| <div class="paragraph"> |
| <p>You need to disable <code>requiretty</code> in <code>/etc/sudoers</code> on all nodes in the cluster |
| to ensure that <code>sudo</code> commands can be run from inside the installation scripts.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Comment out the <code>Defaults requiretty</code> setting in the <code>/etc/sudoers</code> file to |
| ensure that the <code>requiretty</code> option is NOT being used.</p> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="prepare-verify-os-requirements-and-recommendations">5.4. Verify OS Requirements and Recommendations</h3> |
| <div class="paragraph"> |
| <p>Please ensure that the <a href="#requirements-os-requirements-and-recommendations">OS Requirements and Recommendations</a> |
| are met for each node in the cluster where you intend to install Trafodion.</p> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect2"> |
| <h3 id="prepare-configure-kerberos">5.5. Configure Kerberos</h3> |
| <div class="paragraph"> |
| <p>If your Hadoop installation has enabled Kerberos, then Trafodion needs to have Kerberos enabled. If not, |
| then Trafodion will not run. If you plan to enable Kerberos in Trafodion, then you need to have access to a KDC (Kerberos Key Distribution |
| Center) and administration credentials so you can create the necessary Trafodion principals and keytabs.</p> |
| </div> |
| <div class="paragraph"> |
| <p>If you wish to manually set up and activate Kerberos principals and keytabs, then refer to the section on |
| <a href="#enable-security-kerberos">Kerberos</a>.</p> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="prepare-configure-ldap-identity-store">5.6. Configure LDAP Identity Store</h3> |
| <div class="paragraph"> |
| <p>If you plan to enable security features in Trafodion, then you need to have an LDAP identity store available to perform authentication. |
| The Trafodion Installer prompts you to set up an authentication configuration file that points to an LDAP server (or servers), |
| which enables security (that is, authentication and authorization) in the Trafodion database.</p> |
| </div> |
| <div class="paragraph"> |
| <p>If you wish to manually set up the authentication configuration file and enable security, then refer to the section on |
| <a href="#enable-security-ldap">LDAP</a>.</p> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="prepare-gather-configuration-information">5.7. Gather Configuration Information</h3> |
| <div class="paragraph"> |
| <p>You need to gather/decide information about your environment to aid installation Trafodion, both for the Trafodion Installer |
| and for recipe-based provisioning. (Listed in alphabetical order to make it easier to find information when referenced in the install and upgrade instructions.)</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 25%;"> |
| <col style="width: 25%;"> |
| <col style="width: 15%;"> |
| <col style="width: 35%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">ID<sup>1</sup></th> |
| <th class="tableblock halign-left valign-top">Information</th> |
| <th class="tableblock halign-left valign-top">Default</th> |
| <th class="tableblock halign-left valign-top">Notes</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>ADMIN</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Administrator user name for Apache Ambari or Cloudera Manager.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>admin</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">A user that can change configuration and restart services via the |
| distribution manager’s REST API.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>ADMIN_PRINCIPAL<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Kerberos admin principal to manage principals and keytabs</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Required if Kerberos is enabled.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>BACKUP_DCS_NODES</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">List of nodes where to start the backup DCS Master components.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Blank separated FQDN list. Not needed if $ENABLE_HA = N.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>CLOUD_CONFIG</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether you’re installing Trafodion on a cloud environment.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">N = bare-metal or VM installation.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>CLOUD_TYPE</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">What type of cloud environment you’re installing Trafodion on.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">{ AWS | OpenStack | Other }. Not applicable for bare-metal or VM installation.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>CLUSTER_NAME</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The name of the Hadoop Cluster.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">From Apache Ambari or Cloudera Manager.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>DB_ROOT_NAME<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">LDAP name used to connect as database root user</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>trafodion</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Required when LDAP is enabled.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_BUILD</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Tar file containing the DCS component.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Not needed if using a Trafodion package installation tar file.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_PRIMARY_MASTER_NODE</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The node where the primary DCS should run.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The DCS Master handles JDBC and ODBC connection requests.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>DCS_SERVER_PARM</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Number of concurrent client sessions per node.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>16</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">This number specifies the concurrent sessions per node to be supported. Each session could require up to 1GB of physical memory. The number can be changed post-installation. For more information, |
| refer to the <a href="http://trafodion.incubator.apache.org/docs/client_install/index.html">Trafodion Client Installation Guide</a>.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>ENABLE_HA</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether to run DCS in high-availability (HA) mode.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">You need the floating IP address, the interface, and the backup nodes for DCS Master if enabling this feature.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>EPEL_RPM</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Location of EPEL RPM.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Specify if you don’t have access to the Internet. |
| Downloaded automatically by the Trafodion Installer.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>FLOATING_IP</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">IP address if running DCS in HA mode.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Not needed if $ENABLE_HA = N. An FQDN name or IP address.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HADOOP_TYPE</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The type of Hadoop distribution you’re installing Trafodion on.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Lowercase. cloudera or hadoop.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HBASE_GROUP</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Linux group name for the HBASE administrative user.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Required in order to provide access to select HDFS directories to this user ID.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HBASE_KEYTAB<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HBase credentials used to grant Trafodion CRWE privileges</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>based on distribution</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Required if Kerberos is enabled.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HBASE_USER</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Linux user name for the HBASE administrative user.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Required in order to provide access to select HDFS directories to this user ID.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HDFS_KEYTAB<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">HDFS credentials used to set privileges on HDFS directories. .</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>based on distribution</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Required if Kerberos is enabled.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HDFS_USER</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Linux user name for the HDFS administrative user.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hdfs</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The Trafodion Installer uses <code>sudo su</code> to make HDFS |
| configuration changes under this user.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>HOME_DIR</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Root directory under which the <code>trafodion</code> home directory should be created.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>/home</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Example</strong><br> |
| <br> |
| If the home directory of the <code>trafodion</code> user is |
| <code>/opt/home/trafodion</code>, then specify the root directory as <code>/opt/home</code>.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>INIT_TRAFODION</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether to automatically initialize the Trafodion database.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Does not apply to Recipe-Based Provisioning. Applies if $START=Y only.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>INTERFACE</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Interface type used for $FLOATING_IP.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Not needed if $ENABLE_HA = N.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>JAVA_HOME</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Location of Java 1.7.0_65 or higher (JDK).</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>$JAVA_HOME setting</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Fully qualified path of the JDK. For example: |
| <code>/usr/java/jdk1.7.0_67-cloudera</code></p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>KDC_SERVER<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Location of host where Kerberos server exists</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Required if Kerberos enabled.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_CERT<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Full path to TLS certificate.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Required if $LDAP_LEVEL = 1 or 2.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_HOSTS<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">List of nodes where LDAP Identity Store servers are running.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Blank separated. FQDN format.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_ID<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">List of LDAP unique identifiers.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Blank separated.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_LEVEL<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">LDAP Encryption Level.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>0</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">0: Encryption not used, 1: SSL, 2: TLS</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_PASSWORD<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Password for LDAP_USER.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">If LDAP_USER is required only.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_PORT<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Port used to communicate with LDAP Identity Store.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Examples: 389 for no encryption or TLS, 636 for SSL.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_SECURITY<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether to enable simple LDAP authentication.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">If Y, then you need to provide LDAP_HOSTS.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LDAP_USER<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">LDAP Search user name.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Required if you need additional LDAP functionally such as LDAPSearch. If so, must provide LDAP_PASSWORD, too.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LOCAL_WORKDIR</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The directory where the Trafodion Installer is located.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Full path, no environmental variables.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>MANAGEMENT_ENABLED</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether your installation uses separate management nodes.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Y if using separate management nodes for Apache Ambari or Cloudera Manager.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>MANAGEMENT_NODES</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The FQDN names of management nodes, if any.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Provide a blank-separated list of node names.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>MAX_LIFETIME<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Kerberos ticket lifetime for Trafodion principal</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>24hours</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Can be specified when Kerberos is enabled.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>NODE_LIST</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The FQDN names of the nodes where Trafodion will be installed.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Provide a blank-separated list of node names. The Trafodion |
| Provisioning ID must have passwordless and <code>sudo</code> access to these nodes.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>PASSWORD</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Administrator password for Apache Ambari or Cloudera Manager.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>admin</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">A user that can change configuration and restart services via the |
| distribution manager’s REST API.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>RENEW_LIFETIME<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Number times Kerberos ticket is for the Trafodion principal</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>7days</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Can be specified when Kerberos is enabled.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>REST_BUILD</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Tar file containing the REST component.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Not needed if using a Trafodion package installation tar file.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>SECURE_HADOOP<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Indicates whether Hadoop has enabled Kerberos</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>Y only if Kerberos enabled</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Based on whether Kerberos is enabled for your Hadoop installation</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_HOME</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Target directory for the Trafodion software.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>$HOME_DIR/trafodion</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Trafodion is installed in this directory on all nodes in <code>$NODE_LIST</code>.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>START</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether to start Trafodion after install/upgrade.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>N</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Does not apply to Recipe-Based Provisioning.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>SUSE_LINUX</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Whether your installing Trafodion on SUSE Linux.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>false</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Auto-detected by the Trafodion Installer.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_KEYTAB<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Name to use when specifying Trafodion keytab</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>based on distribution</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Required if Kerberos is enabled.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_KEYTAB_DIR<sup>2</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Location of {project_name} keytab</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>based on distribution</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Required if Kerberos is enabled.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_PACKAGE</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The location of the Trafodion installation package tar file or core installation tar file.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The package file contains the Trafodion server, |
| DCS, and REST software while the core installation file contains the Trafodion server software only. If you’re using a core installation file, then you need to |
| record the location of the DCS and REST installation tar files, too. Normally, you perform Trafodion provisioning using a Trafodion package installation tar file.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_USER</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The Trafodion runtime user ID.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>trafodion</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Must be <code>trafodion</code> in this release.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>TRAF_USER_PASSWORD</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The password used for the <code>trafodion:trafodion</code> user ID.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>traf123</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Must be 6-8 characters long.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>URL</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">FQDN and port for the Distribution Manager’s REST API.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>None</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Include <code>http://</code> or <code>https://</code> as applicable. Specify in the form: |
| <code><IP-address>:<port></code> or <code><node name>:<port></code> Example: <code><a href="https://susevm-1.yourcompany.local:8080" class="bare">https://susevm-1.yourcompany.local:8080</a></code></p></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>The ID matches the environmental variables used in the Trafodion Installation configuration file. Refer to <a href="#install-trafodion-installer">Trafodion Installer</a> |
| for more information.</p> |
| </li> |
| <li> |
| <p>Refer to <a href="#enable-security">Enable Security</a> for more information about these security settings.</p> |
| </li> |
| </ol> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect2"> |
| <h3 id="prepare-install-required-software-packages">5.8. Install Required Software Packages</h3> |
| <div class="sect3"> |
| <h4 id="prepare-download-and-install-packages">5.8.1. Download and Install Packages</h4> |
| <div class="paragraph"> |
| <p>This step is required if you’re:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Installing Trafodion on SUSE.</p> |
| </li> |
| <li> |
| <p>Using Recipe-Based Provisioning.</p> |
| </li> |
| <li> |
| <p>Can’t download the required software packages using the Internet.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>If none of these situations exist, then we highly recommend that you use the Trafodion Installer.</p> |
| </div> |
| <div class="paragraph"> |
| <p>You perform this step as a user with <code>root</code> or <code>sudo</code> access.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Install the packages listed in <a href="#requirements-software-packages">Software Packages</a> above on all nodes in the cluster.</p> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="prepare-download-trafodion-binaries">5.9. Download Trafodion Binaries</h3> |
| <div class="paragraph"> |
| <p>You download the Trafodion binaries from the Trafodion <a href="http://trafodion.incubator.apache.org/download.html">Download</a> page. |
| Download the following packages:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Trafodion Installer (if planning to use the Trafodion Installer)</p> |
| </li> |
| <li> |
| <p>Trafodion Server</p> |
| </li> |
| </ul> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| You can download and install the Trafodion Clients once you’ve installed and activated Trafodion. Refer to the |
| <a href="http://trafodion.incubator.apache.org/docs/client_install/index.html">Trafodion Client Install Guide</a> for instructions. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ mkdir $HOME/trafodion-download |
| $ cd $HOME/trafodion-download |
| $ # Download the Trafodion Installer binaries |
| $ wget http://apache.cs.utah.edu/incubator/trafodion/trafodion-1.3.0.incubating/apache-trafodion-installer-1.3.0-incubating-bin.tar.gz |
| Resolving http://apache.cs.utah.edu... 192.168.1.56 |
| Connecting to http://apache.cs.utah.edu|192.168.1.56|:80... connected. |
| HTTP request sent, awaiting response... 200 OK |
| Length: 68813 (67K) [application/x-gzip] |
| Saving to: "apache-trafodion-installer-1.3.0-incubating-bin.tar.gz" |
| |
| 100%[=====================================================================================================================>] 68,813 124K/s in 0.5s |
| |
| 2016-02-14 04:19:42 (124 KB/s) - "apache-trafodion-installer-1.3.0-incubating-bin.tar.gz" saved [68813/68813]</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ # Download the Trafodion Server binaries |
| $ wget http://apache.cs.utah.edu/incubator/trafodion/trafodion-1.3.0.incubating/apache-trafodion-1.3.0-incubating-bin.tar.gz |
| Resolving http://apache.cs.utah.edu... 192.168.1.56 |
| Connecting to http://apache.cs.utah.edu|192.168.1.56|:80... connected. |
| HTTP request sent, awaiting response... 200 OK |
| Length: 214508243 (205M) [application/x-gzip] |
| Saving to: "apache-trafodion-1.3.0-incubating-bin.tar.gz" |
| |
| 100%[=====================================================================================================================>] 214,508,243 3.90M/s in 55s |
| |
| 2016-02-14 04:22:14 (3.72 MB/s) - "apache-trafodion-1.3.0-incubating-bin.tar.gz" saved [214508243/214508243] |
| |
| $ ls -l |
| total 209552 |
| -rw-rw-r-- 1 centos centos 214508243 Jan 12 20:10 apache-trafodion-1.3.0-incubating-bin.tar.gz |
| -rw-rw-r-- 1 centos centos 68813 Jan 12 20:10 apache-trafodion-installer-1.3.0-incubating-bin.tar.gz |
| $</code></pre> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="prepare-preparation-for-recipe-based-provisioning">5.10. Preparation for Recipe-Based Provisioning</h3> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| This step should be skipped if you plan to use the Trafodion Installer |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="sect3"> |
| <h4 id="prepare-modify-os-settings">5.10.1. Modify OS Settings</h4> |
| <div class="paragraph"> |
| <p>Ensure that the <code>/etc/security/limits.d/trafodion.conf</code> on each node contains the limits settings required by Trafodion. |
| Refer to <a href="#requirements-operating-system-changes">Operating System Changes</a> for the required settings.</p> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="prepare-modify-zookeeper-configuration">5.10.2. Modify ZooKeeper Configuration</h4> |
| <div class="paragraph"> |
| <p>Do the following:</p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Modify the ZooKeeper configuration as follows:</p> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 40%;"> |
| <col style="width: 60%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Attribute</th> |
| <th class="tableblock halign-left valign-top">Setting</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>maxClientCnxns</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>0</pre></div></td> |
| </tr> |
| </tbody> |
| </table> |
| </li> |
| <li> |
| <p>Restart ZooKeeper to activate the new configuration setting.</p> |
| </li> |
| </ol> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="prepare-modify-hdfs-configuration">5.10.3. Modify HDFS Configuration</h4> |
| <div class="paragraph"> |
| <p>Do the following:</p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Modify the HDFS configuration as follows:</p> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 40%;"> |
| <col style="width: 60%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Attribute</th> |
| <th class="tableblock halign-left valign-top">Setting</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dfs.namenode.acls.enabled</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td> |
| </tr> |
| </tbody> |
| </table> |
| </li> |
| <li> |
| <p>Restart HDFS to activate the new configuration setting.</p> |
| </li> |
| </ol> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="prepare-modify-hbase-configuration">5.10.4. Modify HBase Configuration</h4> |
| <div class="paragraph"> |
| <p>Do the following:</p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Modify the HBase configuration as follows:</p> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 40%;"> |
| <col style="width: 60%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Attribute</th> |
| <th class="tableblock halign-left valign-top">Setting</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.coprocessor.region.classes<sup>b</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop.hbase.coprocessor.transactional.TrxRegionObserver,org.apache.hadoop.hbase.coprocessor.transactional.TrxRegionEndpoint, |
| org.apache.hadoop.hbase.coprocessor.AggregateImplementation</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.hregion.impl</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop.hbase.regionserver.transactional.TransactionalRegion</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.region.split.policy</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>org.apache.hadoop.hbase.regionserver.ConstantSizeRegionSplitPolicy</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot.enabled</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.bulkload.staging.dir</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase-staging</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.region.transactional.tlog</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>true</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot.master.timeoutMillis</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.snapshot.region.timeout</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.client.scanner.timeout.period</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.regionserver.lease.period</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>600000</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.namenode.java.heapsize<sup>a</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>1073741824</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>hbase.secondary.namenode.java.heapsize<sup>a</sup></pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>1073741824</pre></div></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="paragraph"> |
| <p>a) Applies to Cloudera distributions only.</p> |
| </div> |
| <div class="paragraph"> |
| <p>b) Do not overwrite any coprocessors that may already exist.</p> |
| </div> |
| </li> |
| <li> |
| <p>Restart HBase to activate the new configuration setting.</p> |
| </li> |
| </ol> |
| </div> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="install">6. Install</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>This chapter describes how to use the Trafodion Installer to install Trafodion. You use the Trafodion Provisioning ID |
| to run the Trafodion Installer.</p> |
| </div> |
| <div class="sect2"> |
| <h3 id="install-unpack-installer">6.1. Unpack Installer</h3> |
| <div class="paragraph"> |
| <p>You should already have downloaded the Trafodion Binaries per the instructions in the |
| <a href="#prepare-download-trafodion-binaries">Download Trafodion Binaries</a> in the <a href="#prepare">Prepare</a> |
| chapter. If not, please do so now.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The first step in the installation process is to unpack the Trafodion Installer tar file.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ mkdir $HOME/trafodion-installer |
| $ cd $HOME/trafodion-downloads |
| $ tar -zxf apache-trafodion-installer-1.3.0-incubating-bin.tar.gz -C $HOME/trafodion-installer |
| $</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect2"> |
| <h3 id="install-guided-install">6.2. Guided Install</h3> |
| <div class="paragraph"> |
| <p>The Trafodion Installer prompts you for the information you collected in the |
| <a href="#prepare-gather-configuration-information">Gather Configuration Information</a> step in the <a href="#prepare">Prepare</a> chapter.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The following example shows a guided install of Trafodion on a two-node Cloudera Hadoop cluster that does not have Kerberos nor LDAP installed.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Run the Trafodion Installer in guided mode.</p> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ cd $HOME/trafodion-installer/installer |
| $ ./trafodion_install |
| |
| ****************************** |
| TRAFODION INSTALLATION START |
| ****************************** |
| |
| ***INFO: testing sudo access |
| ***INFO: Log file located at /var/log/trafodion/trafodion_install_2016-02-15-04-45-30.log |
| ***INFO: Config directory: /etc/trafodion |
| ***INFO: Working directory: /usr/lib/trafodion |
| |
| ******************************* |
| Trafodion Configuration Setup |
| ******************************* |
| |
| ***INFO: Please press [Enter] to select defaults. |
| |
| Enter trafodion password, default is [traf123]: traf123 |
| Enter list of nodes (blank separated), default []: trafodion-1 trafodion-2 |
| Enter Trafodion userid's home directory prefix, default is [/home]: /home |
| Specify full path to EPEL RPM (including .rpm), default is None: |
| ***INFO: Will attempt to download RPM if EPEL is not installed on all nodes. |
| Specify location of Java 1.7.0_65 or higher (JDK), default is []: /usr/java/jdk1.7.0_67-cloudera |
| Enter full path (including .tar or .tar.gz) of trafodion tar file []: /home/centos/trafodion-download/apache-trafodion-1.3.0-incubating-bin.tar.gz |
| Enter Hadoop admin username, default is [admin]: |
| Enter Hadoop admin password, default is [admin]: |
| Enter Hadoop external network URL:port (no 'http://' needed), default is []: trafodion-1.apache.org:7180 |
| Enter HDFS username, default is [hdfs]: |
| Enter HBase username, default is [hbase]: |
| Enter HBase group, default is [hbase]: |
| Enter directory to install trafodion to, default is [/home/trafodion/apache-trafodion-1.3.0-incubating-bin]: |
| Total number of client connections per node, default [16]: 8 |
| Enable simple LDAP security (Y/N), default is N: N |
| ***INFO: Configuration file: /etc/trafodion/trafodion_config |
| ***INFO: Trafodion configuration setup complete |
| |
| ************************************ |
| Trafodion Configuration File Check |
| ************************************ |
| |
| |
| The authenticity of host 'trafodion-1 (10.1.30.71)' can't be established. |
| RSA key fingerprint is 83:96:d4:5e:c1:b8:b1:62:8d:c6:78:a7:7f:1f:6a:d7. |
| Are you sure you want to continue connecting (yes/no)? yes |
| ***INFO: Testing sudo access on node trafodion-1 |
| ***INFO: Testing sudo access on node trafodion-2 |
| ***INFO: Testing ssh on trafodion-1 |
| ***INFO: Testing ssh on trafodion-2 |
| ***INFO: Getting list of all cloudera nodes |
| ***INFO: Getting list of all cloudera nodes |
| ***INFO: cloudera list of nodes: trafodion-1 trafodion-2 |
| ***INFO: Testing ssh on trafodion-1 |
| ***INFO: Testing ssh on trafodion-2 |
| ***INFO: Testing sudo access on trafodion-1 |
| ***INFO: Testing sudo access on trafodion-2 |
| ***DEBUG: trafodionFullName=trafodion_server-1.3.0.tgz |
| ***INFO: Trafodion version = 1.3.0 |
| ***DEBUG: HBase's java_exec=/usr/java/jdk1.7.0_67-cloudera/bin/java |
| |
| ****************************** |
| TRAFODION SETUP |
| ****************************** |
| |
| ***INFO: Starting Trafodion environment setup (2016-02-15-07-09-58) |
| === 2016-02-15-07-09-58 === |
| # @@@ START COPYRIGHT @@@ |
| # |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| . |
| . |
| . |
| and hold each Contributor harmless for any liability incurred by, |
| or claims asserted against, such Contributor by reason of your |
| accepting any such warranty or additional liability. |
| |
| END OF TERMS AND CONDITIONS |
| |
| BY TYPING "ACCEPT" YOU AGREE TO THE TERMS OF THIS AGREEMENT:ACCEPT |
| ***INFO: testing sudo access |
| ***INFO: Checking all nodes in specified node list |
| trafodion-1 |
| trafodion-2 |
| ***INFO: Total number of nodes = 2 |
| ***INFO: Starting Trafodion Package Setup (2016-02-15-07-11-09) |
| ***INFO: Installing required packages |
| ***INFO: Log file located in /var/log/trafodion |
| ***INFO: ... pdsh on node trafodion-1 |
| ***INFO: ... pdsh on node trafodion-2 |
| ***INFO: Checking if log4cxx is installed ... |
| ***INFO: Checking if sqlite is installed ... |
| ***INFO: Checking if expect is installed ... |
| ***INFO: Installing expect on all nodes |
| . |
| . |
| . |
| ***INFO: modifying limits in /usr/lib/trafodion/trafodion.conf on all nodes |
| ***INFO: create Trafodion userid "trafodion" |
| ***INFO: Trafodion userid's (trafodion) home directory: /home/trafodion |
| ***INFO: testing sudo access |
| Generating public/private rsa key pair. |
| Created directory '/home/trafodion/.ssh'. |
| Your identification has been saved in /home/trafodion/.ssh/id_rsa. |
| Your public key has been saved in /home/trafodion/.ssh/id_rsa.pub. |
| The key fingerprint is: |
| 4b:b3:60:38:c9:9d:19:f8:cd:b1:c8:cd:2a:6e:4e:d0 trafodion@trafodion-1 |
| The key's randomart image is: |
| +--[ RSA 2048]----+ |
| | | |
| | . | |
| | . . . | |
| | o * X o | |
| | . E X S | |
| | . o + + | |
| | o . o | |
| | o.. | |
| | oo | |
| +-----------------+ |
| ***INFO: creating .bashrc file |
| ***INFO: Setting up userid trafodion on all other nodes in cluster |
| ***INFO: Creating known_hosts file for all nodes |
| trafodion-1 |
| trafodion-2 |
| ***INFO: trafodion user added successfully |
| ***INFO: Trafodion environment setup completed |
| ***INFO: creating sqconfig file |
| ***INFO: Reserving DCS ports |
| |
| ****************************** |
| TRAFODION MODS |
| ****************************** |
| |
| ***INFO: Cloudera installed will run traf_cloudera_mods98 |
| ***INFO: Detected JAVA version 1.7 |
| ***INFO: copying hbase-trx-cdh5_3-1.3.0.jar to all nodes |
| ***INFO: Cloudera Manager is on trafodion-1 |
| ***INFO: Detected JAVA version 1.7 |
| ***INFO: copying hbase-trx-cdh5_3-1.3.0.jar to all nodes |
| ***INFO: Cloudera Manager is on trafodion-1 |
| % Total % Received % Xferd Average Speed Time Time Time Current |
| . |
| . |
| . |
| ***INFO: Hadoop restart completed successfully |
| ***INFO: waiting for HDFS to exit safemode |
| Safe mode is OFF |
| ***INFO: Setting HDFS ACLs for snapshot scan support |
| ***INFO: Trafodion Mods ran successfully. |
| |
| ****************************** |
| TRAFODION START |
| ****************************** |
| |
| /usr/lib/trafodion/installer/.. |
| ***INFO: Log file location /var/log/trafodion/trafodion_install_2016-02-15-07-08-07.log |
| ***INFO: traf_start |
| ****************************************** |
| ****************************************** |
| ****************************************** |
| ****************************************** |
| /home/trafodion/apache-trafodion-1.3.0-incubating-bin |
| ***INFO: untarring build file /usr/lib/trafodion/apache-trafodion-1.3.0-incubating-bin/trafodion_server-1.3.0.tgz to /home/trafodion/apache-trafodion-1.3.0-incubating-bin |
| . |
| . |
| . |
| ******* Generate public/private certificates ******* |
| |
| Cluster Name : Cluster%201 |
| Generating Self Signed Certificate.... |
| *********************************************************** |
| Certificate file :server.crt |
| Private key file :server.key |
| Certificate/Private key created in directory :/home/trafodion/sqcert |
| *********************************************************** |
| |
| *********************************************************** |
| Updating Authentication Configuration |
| *********************************************************** |
| Creating folders for storing certificates |
| |
| ***INFO: copying /home/trafodion/sqcert directory to all nodes |
| ***INFO: copying install to all nodes |
| ***INFO: starting Trafodion instance |
| Checking orphan processes. |
| Removing old mpijob* files from /home/trafodion/apache-trafodion-1.3.0-incubating-bin/tmp |
| |
| Removing old monitor.port* files from /home/trafodion/apache-trafodion-1.3.0-incubating-bin/tmp |
| |
| Executing sqipcrm (output to sqipcrm.out) |
| Starting the SQ Environment (Executing /home/trafodion/apache-trafodion-1.3.0-incubating-bin/sql/scripts/gomon.cold) |
| Background SQ Startup job (pid: 7276) |
| . |
| . |
| . |
| Zookeeper is listening on port 2181 |
| DcsMaster is listening on port 23400 |
| |
| Process Configured Actual Down |
| --------- ---------- ------ ---- |
| DcsMaster 1 1 |
| DcsServer 2 2 |
| mxosrvr 8 8 |
| |
| |
| You can monitor the SQ shell log file : /home/trafodion/apache-trafodion-1.3.0-incubating-bin/logs/sqmon.log |
| |
| |
| Startup time 0 hour(s) 1 minute(s) 9 second(s) |
| Apache Trafodion Conversational Interface 1.3.0 |
| Copyright (c) 2015 Apache Software Foundation |
| >> initialize trafodion; |
| --- SQL operation complete. |
| >> |
| |
| End of MXCI Session |
| |
| ***INFO: Installation completed successfully. |
| |
| ********************************* |
| TRAFODION INSTALLATION COMPLETE |
| ********************************* |
| |
| $</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>Switch to the Trafodion Runtime User and check the status of Trafodion.</p> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ sudo su - trafodion |
| $ sqcheck |
| Checking if processes are up. |
| Checking attempt: 1; user specified max: 2. Execution time in seconds: 0. |
| |
| The SQ environment is up! |
| |
| |
| Process Configured Actual Down |
| ------- ---------- ------ ---- |
| DTM 2 2 |
| RMS 4 4 |
| MXOSRVR 8 8 |
| |
| $</code></pre> |
| </div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="paragraph"> |
| <p>Trafodion is now running on your Hadoop cluster. Please refer to the <a href="#activate">Activate</a> chapter for |
| basic instructions on how to verify the Trafodion management and how to perform basic management |
| operations.</p> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect2"> |
| <h3 id="install-automated-install">6.3. Automated Install</h3> |
| <div class="paragraph"> |
| <p>The <code>--config_file</code> option runs the Trafodion in Automated Setup mode. Refer to <a href="#introduction-trafodion-installer">Trafodion Installer</a> |
| in the <a href="#introduction">Introduction</a> chapter for instructions of how you edit your configuration file.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Edit your config file using the information you collected in the <a href="#prepare-gather-configuration-information">Gather Configuration Information</a> |
| step in the <a href="#prepare">Prepare</a> chapter.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The following example shows an automated install of Trafodion on a two-node Hortonworks Hadoop cluster that does not have Kerberos nor LDAP enabled.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Run the Trafodion Installer in Automated Setup mode.</p> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ cd $HOME/trafodion-installer/installer |
| $ ./trafodion_install --config_file my |
| ****************************** |
| TRAFODION INSTALLATION START |
| ****************************** |
| |
| ***INFO: testing sudo access |
| ***INFO: Log file located at /var/log/trafodion/trafodion_install_2016-02-16-21-12-03.log |
| ***INFO: Config directory: /etc/trafodion |
| ***INFO: Working directory: /usr/lib/trafodion |
| |
| ************************************ |
| Trafodion Configuration File Check |
| ************************************ |
| |
| |
| ***INFO: Testing sudo access on node trafodion-1 |
| ***INFO: Testing sudo access on node trafodion-2 |
| ***INFO: Testing ssh on trafodion-1 |
| ***INFO: Testing ssh on trafodion-2 |
| ***INFO: Getting list of all hortonworks nodes |
| ***INFO: Getting list of all hortonworks nodes |
| ***INFO: hortonworks list of nodes: trafodion-1 trafodion-2 |
| ***INFO: Testing ssh on trafodion-1 |
| ***INFO: Testing ssh on trafodion-2 |
| ***INFO: Testing sudo access on trafodion-1 |
| ***INFO: Testing sudo access on trafodion-2 |
| ***DEBUG: trafodionFullName=trafodion_server-1.3.0.tgz |
| ***INFO: Trafodion version = 1.3.0 |
| ***DEBUG: HBase's java_exec=/usr/jdk64/jdk1.7.0_67/bin/java |
| |
| ****************************** |
| TRAFODION SETUP |
| ****************************** |
| |
| ***INFO: Starting Trafodion environment setup (2016-02-16-21-12-31) |
| === 2016-02-16-21-12-31 === |
| # @@@ START COPYRIGHT @@@ |
| # |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| . |
| . |
| . |
| 9. Accepting Warranty or Additional Liability. While redistributing |
| the Work or Derivative Works thereof, You may choose to offer, and |
| charge a fee for, acceptance of support, warranty, indemnity, or |
| other liability obligations and/or rights consistent with this |
| License. However, in accepting such obligations, You may act only |
| on Your own behalf and on Your sole responsibility, not on behalf |
| of any other Contributor, and only if You agree to indemnify, defend, |
| and hold each Contributor harmless for any liability incurred by, |
| or claims asserted against, such Contributor by reason of your |
| accepting any such warranty or additional liability. |
| |
| END OF TERMS AND CONDITIONS |
| |
| BY TYPING "ACCEPT" YOU AGREE TO THE TERMS OF THIS AGREEMENT: ***INFO: testing sudo access |
| ***INFO: Checking all nodes in specified node list |
| trafodion-1 |
| trafodion-2 |
| ***INFO: Total number of nodes = 2 |
| ***INFO: Starting Trafodion Package Setup (2016-02-16-21-12-35) |
| ***INFO: Installing required packages |
| ***INFO: Log file located in /var/log/trafodion |
| ***INFO: ... EPEL rpm |
| ***INFO: ... pdsh on node trafodion-1 |
| ***INFO: ... pdsh on node trafodion-2 |
| ***INFO: Checking if log4cxx is installed ... |
| ***INFO: Checking if sqlite is installed ... |
| ***INFO: Checking if expect is installed ... |
| . |
| . |
| . |
| ***INFO: trafodion user added successfully |
| ***INFO: Trafodion environment setup completed |
| ***INFO: creating sqconfig file |
| ***INFO: Reserving DCS ports |
| |
| ****************************** |
| TRAFODION MODS |
| ****************************** |
| |
| ***INFO: Hortonworks installed will run traf_hortonworks_mods98 |
| ***INFO: Detected JAVA version 1.7 |
| ***INFO: copying hbase-trx-hdp2_2-1.3.0.jar to all nodes |
| PORT=:8080 |
| . |
| . |
| . |
| Starting the REST environment now |
| starting rest, logging to /home/trafodion/apache-trafodion-1.3.0-incubating-bin/rest-1.3.0/bin/../logs/rest-trafodion-1-rest-trafodion-1.out |
| SLF4J: Class path contains multiple SLF4J bindings. |
| SLF4J: Found binding in [jar:file:/home/trafodion/apache-trafodion-1.3.0-incubating-bin/rest-1.3.0/lib/slf4j-log4j12-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class] |
| SLF4J: Found binding in [jar:file:/usr/hdp/2.2.9.0-3393/hadoop/lib/slf4j-log4j12-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class] |
| SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation. |
| SLF4J: Actual binding is of type [org.slf4j.impl.Log4jLoggerFactory] |
| |
| |
| DcsMaster is not started. Please start DCS using 'dcsstart' command... |
| |
| Process Configured Actual Down |
| --------- ---------- ------ ---- |
| DcsMaster 1 0 1 |
| DcsServer 2 0 2 |
| mxosrvr 8 8 |
| |
| |
| You can monitor the SQ shell log file : /home/trafodion/apache-trafodion-1.3.0-incubating-bin/logs/sqmon.log |
| |
| |
| Startup time 0 hour(s) 1 minute(s) 9 second(s) |
| Apache Trafodion Conversational Interface 1.3.0 |
| Copyright (c) 2015 Apache Software Foundation |
| >> initialize trafodion; |
| --- SQL operation complete. |
| >> |
| |
| End of MXCI Session |
| |
| ***INFO: Installation completed successfully. |
| |
| ********************************* |
| TRAFODION INSTALLATION COMPLETE |
| ********************************* |
| |
| $</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>Switch to the Trafodion Runtime User and check the status of Trafodion.</p> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ sudo su - trafodion |
| $ sqcheck |
| Checking if processes are up. |
| Checking attempt: 1; user specified max: 2. Execution time in seconds: 0. |
| |
| The SQ environment is up! |
| |
| |
| Process Configured Actual Down |
| ------- ---------- ------ ---- |
| DTM 2 2 |
| RMS 4 4 |
| MXOSRVR 8 8 |
| |
| $</code></pre> |
| </div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="paragraph"> |
| <p>Trafodion is now running on your Hadoop cluster. Please refer to the <a href="#activate">Activate</a> chapter for |
| basic instructions on how to verify the Trafodion management and how to perform basic management |
| operations.</p> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="upgrade">7. Upgrade</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>This chapter describes how to use the Trafodion Installer to upgrade Trafodion. You use the Trafodion Provisioning ID |
| to run the Trafodion Installer.</p> |
| </div> |
| <div class="sect2"> |
| <h3 id="upgraded-download-updated-trafodion-binaries">7.1. Download Updated Trafodion Binaries</h3> |
| <div class="paragraph"> |
| <p>You perform this step as the Trafodion Provisioning User.</p> |
| </div> |
| <div class="paragraph"> |
| <p>You download the updated Trafodion binaries from the Trafodion <a href="http://trafodion.incubator.apache.org/download.html">Download</a> page. |
| Download the following packages:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Trafodion Installer (if planning to use the Trafodion Installer)</p> |
| </li> |
| <li> |
| <p>Trafodion Server</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>Refer to <a href="#prepare-download-trafodion-binaries">Download Trafodion Binaries</a> in the <a href="#prepare">Prepare</a> chapter for examples.</p> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="upgrade-unpack-installer">7.2. Unpack Installer</h3> |
| <div class="paragraph"> |
| <p>You perform this step as the Trafodion Provisioning User.</p> |
| </div> |
| <div class="paragraph"> |
| <p>You unpack the updated Trafodion Installer into a new directory.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ mkdir $HOME/trafodion-installer-2.0 |
| $ cd $HOME/trafodion-downloads |
| $ tar -zxf apache-trafodion-installer-2.0.0-incubating-bin.tar.gz -C $HOME/trafodion-installer |
| $</code></pre> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="upgrade-stop-tradodion">7.3. Stop Trafodion</h3> |
| <div class="paragraph"> |
| <p>You perform this step as the Trafodion Runtime User.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ sudo su trafodion |
| $ sqstop |
| Shutting down the REST environment now |
| stopping rest. |
| Shutting down the DCS environment now |
| stopping master. |
| trafodion-1: stopping server. |
| trafodion-2: stopping server. |
| stopped $zlobsrv0 |
| stopped $zlobsrv1 |
| Shutting down (normal) the SQ environment! |
| Wed Feb 17 05:12:40 UTC 2016 |
| Processing cluster.conf on local host trafodion-1 |
| [$Z000KAE] Shell/shell Version 1.0.1 Apache_Trafodion Release 1.3.0 (Build release [1.3.0-0-g5af956f_Bld2], date 20160112_1927) |
| ps</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">[$Z000KAE] %ps |
| [$Z000KAE] NID,PID(os) PRI TYPE STATES NAME PARENT PROGRAM |
| [$Z000KAE] ------------ --- ---- ------- ----------- ----------- --------------- |
| [$Z000KAE] 000,00064198 000 WDG ES--A-- $WDG000 NONE sqwatchdog |
| [$Z000KAE] 000,00064199 000 PSD ES--A-- $PSD000 NONE pstartd |
| [$Z000KAE] 000,00064212 001 GEN ES--A-- $TSID0 NONE idtmsrv |
| [$Z000KAE] 000,00064242 001 DTM ES--A-- $TM0 NONE tm |
| [$Z000KAE] 000,00065278 001 GEN ES--A-- $ZSC000 NONE mxsscp |
| [$Z000KAE] 000,00065305 001 SSMP ES--A-- $ZSM000 NONE mxssmp |
| [$Z000KAE] 000,00001219 001 GEN ES--A-- $Z0000ZU NONE mxosrvr |
| [$Z000KAE] 000,00001235 001 GEN ES--A-- $Z00010A NONE mxosrvr |
| [$Z000KAE] 000,00001279 001 GEN ES--A-- $Z00011J NONE mxosrvr |
| [$Z000KAE] 000,00001446 001 GEN ES--A-- $Z00016B NONE mxosrvr |
| [$Z000KAE] 000,00024864 001 GEN ES--A-- $Z000KAE NONE shell |
| [$Z000KAE] 001,00025180 000 PSD ES--A-- $PSD001 NONE pstartd |
| [$Z000KAE] 001,00025179 000 WDG ES--A-- $WDG001 NONE sqwatchdog |
| [$Z000KAE] 001,00025234 001 DTM ES--A-- $TM1 NONE tm |
| [$Z000KAE] 001,00025793 001 GEN ES--A-- $ZSC001 NONE mxsscp |
| [$Z000KAE] 001,00025797 001 SSMP ES--A-- $ZSM001 NONE mxssmp |
| [$Z000KAE] 001,00026587 001 GEN ES--A-- $Z010LPM NONE mxosrvr |
| [$Z000KAE] 001,00026617 001 GEN ES--A-- $Z010LQH NONE mxosrvr |
| [$Z000KAE] 001,00026643 001 GEN ES--A-- $Z010LR8 NONE mxosrvr |
| [$Z000KAE] 001,00026644 001 GEN ES--A-- $Z010LR9 NONE mxosrvr |
| shutdown |
| [$Z000KAE] %shutdown |
| exit |
| Issued a 'shutdown normal' request |
| |
| Shutdown in progress |
| |
| # of SQ processes: 0 |
| SQ Shutdown (normal) from /home/trafodion Successful |
| Wed Feb 17 05:12:47 UTC 2016 |
| $</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect2"> |
| <h3 id="upgrade-guided-upgrade">7.4. Guided Upgrade</h3> |
| <div class="paragraph"> |
| <p>You perform this step as the Trafodion Provisioning User.</p> |
| </div> |
| <div class="paragraph"> |
| <p>As in the case with an installation, the Trafodion Installer prompts you for the information you collected in the |
| <a href="#prepare-gather-configuration-information">Gather Configuration Information</a> step in the <a href="#prepare">Prepare</a> chapter. |
| Some of the prompts are populated with the current values.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The following example shows a guided upgrade of Trafodion on a two-node Cloudera Hadoop cluster without Kerberos nor LDAP enabled.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Run the updated Trafodion Installer in Guided Setup mode to perform the upgrade. Change information |
| at prompts as applicable.</p> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ cd $HOME/trafodion-installer-2.0/installer |
| $ ./trafodion_install |
| ****************************** |
| TRAFODION INSTALLATION START |
| ****************************** |
| |
| ***INFO: testing sudo access |
| ***INFO: Log file located at /var/log/trafodion/trafodion_install_2016-02-17-08-15-33.log |
| ***INFO: Config directory: /etc/trafodion |
| ***INFO: Working directory: /usr/lib/trafodion |
| |
| ******************************* |
| Trafodion Configuration Setup |
| ******************************* |
| |
| ***INFO: Please press [Enter] to select defaults. |
| |
| Enter trafodion password, default is [traf123]: |
| Enter list of nodes (blank separated), default []: trafodion-1.apache.org trafodion-2.apache.org |
| Specify location of Java 1.7.0_65 or higher (JDK), default is [/usr/java/jdk1.7.0_67-cloudera]: |
| Enter full path (including .tar or .tar.gz) of trafodion tar file []: /home/centos/trafodion-download/apache-trafodion-2.0.0-incubating-bin.tar.gz |
| Enter Hadoop admin username, default is [admin]: |
| Enter Hadoop admin password, default is [admin]: |
| Enter Hadoop external network URL:port (no 'http://' needed), default is []: trafodion-1.apache.org:7180 |
| Enter HDFS username, default is [hdfs]: |
| Enter HBase username, default is [hbase]: |
| Enter HBase group, default is [hbase]: |
| Enter directory to install trafodion to, default is [/home/trafodion/apache-trafodion-1.3.0-incubating-bin]: /home/centos/apache-trafodion-2.0.0-incubating-bin |
| Start Trafodion after install (Y/N), default is Y: |
| Total number of client connections per node, default [16]: 8 |
| Enable simple LDAP security (Y/N), default is N: |
| ***INFO: Configuration file: /etc/trafodion/trafodion_config |
| ***INFO: Trafodion configuration setup complete |
| |
| ************************************ |
| Trafodion Configuration File Check |
| ************************************ |
| |
| |
| ***INFO: Testing sudo access on node trafodion-1 |
| ***INFO: Testing sudo access on node trafodion-2 |
| ***INFO: Testing ssh on trafodion-1 |
| ***INFO: Testing ssh on trafodion-2 |
| ***INFO: Getting list of all cloudera nodes |
| ***INFO: Getting list of all cloudera nodes |
| ***INFO: cloudera list of nodes: trafodion-1 trafodion-2 |
| ***INFO: Testing ssh on trafodion-1 |
| ***INFO: Testing ssh on trafodion-2 |
| ***INFO: Testing sudo access on trafodion-1 |
| ***INFO: Testing sudo access on trafodion-2 |
| ***INFO: Checking cloudera Version |
| ***INFO: nameOfVersion=cdh5.3.0 |
| ***INFO: HADOOP_PATH=/usr/lib/hbase/lib |
| ***INFO: Trafodion scanner will not be run. |
| ***DEBUG: trafodionFullName=trafodion_server-1.3.0.tgz |
| ***INFO: Trafodion version = 1.3.0 |
| ***DEBUG: HBase's java_exec=/usr/java/jdk1.7.0_67-cloudera/bin/java |
| |
| ****************************** |
| TRAFODION SETUP |
| ****************************** |
| |
| ***INFO: Installing required RPM packages |
| ***INFO: Starting Trafodion Package Setup (2016-02-17-08-16-11) |
| ***INFO: Installing required packages |
| ***INFO: Log file located in /var/log/trafodion |
| ***INFO: ... pdsh on node trafodion-1 |
| ***INFO: ... pdsh on node trafodion-2 |
| ***INFO: Checking if log4cxx is installed ... |
| ***INFO: Checking if sqlite is installed ... |
| ***INFO: Checking if expect is installed ... |
| ***INFO: Checking if perl-DBD-SQLite* is installed ... |
| ***INFO: Checking if protobuf is installed ... |
| ***INFO: Checking if xerces-c is installed ... |
| ***INFO: Checking if perl-Params-Validate is installed ... |
| ***INFO: Checking if perl-Time-HiRes is installed ... |
| ***INFO: Checking if gzip is installed ... |
| ***INFO: creating sqconfig file |
| ***INFO: Reserving DCS ports |
| |
| ****************************** |
| TRAFODION MODS |
| ****************************** |
| |
| ***INFO: Cloudera installed will run traf_cloudera_mods98 |
| ***INFO: Detected JAVA version 1.7 |
| ***INFO: copying hbase-trx-cdh5_3-1.3.0.jar to all nodes |
| ***INFO: Cloudera Manager is on trafodion-1 |
| . |
| . |
| . |
| Zookeeper is listening on port 2181 |
| DcsMaster is listening on port 23400 |
| |
| Process Configured Actual Down |
| --------- ---------- ------ ---- |
| DcsMaster 1 1 |
| DcsServer 2 2 |
| mxosrvr 8 8 |
| |
| |
| You can monitor the SQ shell log file : /home/trafodion/apache-trafodion-2.0.0-incubating-bin/logs/sqmon.log |
| |
| |
| Startup time 0 hour(s) 1 minute(s) 9 second(s) |
| Apache Trafodion Conversational Interface 1.3.0 |
| Copyright (c) 2015 Apache Software Foundation |
| >> |
| |
| End of MXCI Session |
| |
| ***INFO: Installation completed successfully. |
| |
| ********************************* |
| TRAFODION INSTALLATION COMPLETE |
| ********************************* |
| |
| $</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>Switch to the Trafodion Runtime User and check the status of Trafodion.</p> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ sudo su - trafodion |
| $ sqcheck |
| Checking if processes are up. |
| Checking attempt: 1; user specified max: 2. Execution time in seconds: 0. |
| |
| The SQ environment is up! |
| |
| |
| Process Configured Actual Down |
| ------- ---------- ------ ---- |
| DTM 2 2 |
| RMS 4 4 |
| MXOSRVR 8 8 |
| |
| $</code></pre> |
| </div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="paragraph"> |
| <p>Trafodion is now running on your Hadoop cluster. Please refer to the <a href="#activate">Activate</a> chapter for |
| basic instructions on how to verify the Trafodion management and how to perform basic management |
| operations.</p> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect2"> |
| <h3 id="upgrade-automated-upgrade">7.5. Automated Upgrade</h3> |
| <div class="paragraph"> |
| <p>You perform this step as the Trafodion Provisioning User.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The <code>--config_file</code> option runs the Trafodion in Automated Setup mode. Refer to <a href="#introduction-trafodion-installer">Trafodion Installer</a> |
| in the <a href="#introduction">Introduction</a> chapter for instructions of how you edit your configuration file.</p> |
| </div> |
| <div class="paragraph"> |
| <p>At a minimum, you need to change the following settings:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><code>LOCAL_WORKDIR</code></p> |
| </li> |
| <li> |
| <p><code>TRAF_PACKAGE</code></p> |
| </li> |
| <li> |
| <p><code>TRAF_HOME</code></p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ cd $HOME/trafodion-configuration |
| $ cp my_config my_config_2.0 |
| $ # Pre edit content |
| |
| export LOCAL_WORKDIR="/home/centos/trafodion-installer/installer" |
| export TRAF_PACKAGE="/home/centos/trafodion-download/apache-trafodion-1.3.0-incubating-bin.tar.gz" |
| export TRAF_HOME="/home/trafodion/apache-trafodion-1.3.0-incubating-bin" |
| |
| $ # Use your favorite editor to modify my_config_2.0 |
| $ emacs my_config_2.0 |
| $ # Post edit changes |
| |
| export LOCAL_WORKDIR="/home/centos/trafodion-installer-2.0/installer" |
| export TRAF_PACKAGE="/home/centos/trafodion-download/apache-trafodion-2.0.0-incubating-bin.tar.gz" |
| export TRAF_HOME="/home/trafodion/apache-trafodion-2.0.0-incubating-bin"</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>The following example shows an upgrade of Trafodion on a two-node Hortonworks Hadoop cluster using |
| Automated Setup mode without Kerberos nor LDAP enabled.</p> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| The Trafodion Installer performs the same configuration changes as it does for an installation, |
| including restarting Hadoop services. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p>Run the updated Trafodion Installer using the modified my_config_2.0 file.</p> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ cd $HOME/trafodion-installer-2.0/installer |
| $ ./trafodion_install --config_file $HOME/trafodion-configuration/my_config_2.0 |
| ****************************** |
| TRAFODION INSTALLATION START |
| ****************************** |
| |
| ***INFO: Testing sudo access on node trafodion-1 |
| ***INFO: Testing sudo access on node trafodion-2 |
| ***INFO: Testing ssh on trafodion-1 |
| ***INFO: Testing ssh on trafodion-2 |
| ***INFO: Getting list of all hortonworks nodes |
| ***INFO: Getting list of all hortonworks nodes |
| ***INFO: hortonworks list of nodes: trafodion-1 trafodion-2 |
| ***INFO: Testing ssh on trafodion-1 |
| ***INFO: Testing ssh on trafodion-2 |
| ***INFO: Testing sudo access on trafodion-1 |
| ***INFO: Testing sudo access on trafodion-2 |
| ***INFO: Trafodion scanner will not be run. |
| ***DEBUG: trafodionFullName=trafodion_server-2.0.0.tgz |
| ***INFO: Trafodion version = 2.0.0 |
| ***DEBUG: HBase's java_exec=/usr/jdk64/jdk1.7.0_67/bin/java |
| |
| ****************************** |
| TRAFODION SETUP |
| ****************************** |
| |
| ***INFO: Installing required RPM packages |
| ***INFO: Starting Trafodion Package Setup (2016-02-17-05-33-29) |
| ***INFO: Installing required packages |
| ***INFO: Log file located in /var/log/trafodion |
| ***INFO: ... pdsh on node trafodion-1 |
| ***INFO: ... pdsh on node trafodion-2 |
| ***INFO: Checking if log4cxx is installed ... |
| . |
| . |
| . |
| DcsMaster is not started. Please start DCS using 'dcsstart' command... |
| |
| Process Configured Actual Down |
| --------- ---------- ------ ---- |
| DcsMaster 1 0 1 |
| DcsServer 2 0 2 |
| mxosrvr 8 8 |
| |
| |
| You can monitor the SQ shell log file : /home/trafodion/apache-trafodion-2.0.0-incubating-bin/logs/sqmon.log |
| |
| |
| Startup time 0 hour(s) 1 minute(s) 9 second(s) |
| Apache Trafodion Conversational Interface 1.3.0 |
| Copyright (c) 2015 Apache Software Foundation |
| >>Metadata Upgrade: started |
| |
| Version Check: started |
| Metadata is already at Version 1.1. |
| Version Check: done |
| |
| Metadata Upgrade: done |
| |
| |
| --- SQL operation complete. |
| >> |
| |
| End of MXCI Session |
| |
| ***INFO: Installation completed successfully. |
| |
| ********************************* |
| TRAFODION INSTALLATION COMPLETE |
| ********************************* |
| |
| $</code></pre> |
| </div> |
| </div> |
| </li> |
| <li> |
| <p>Switch to the Trafodion Runtime User and check the status of Trafodion.</p> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ sudo su - trafodion |
| $ sqcheck |
| Checking if processes are up. |
| Checking attempt: 1; user specified max: 2. Execution time in seconds: 0. |
| |
| The SQ environment is up! |
| |
| |
| Process Configured Actual Down |
| ------- ---------- ------ ---- |
| DTM 2 2 |
| RMS 4 4 |
| MXOSRVR 8 8 |
| |
| $</code></pre> |
| </div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div class="paragraph"> |
| <p>Trafodion is now running on your Hadoop cluster. Please refer to the <a href="#activate">Activate</a> chapter for |
| basic instructions on how to verify the Trafodion management and how to perform basic management |
| operations.</p> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="activate">8. Activate</h2> |
| <div class="sectionbody"> |
| <div class="sect2"> |
| <h3 id="activate-manage-trafodion">8.1. Manage Trafodion</h3> |
| <div class="paragraph"> |
| <p>You use the Trafodion runtime user ID to perform Trafodion management operations.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The following table provides an overview of the different Trafodion management scripts.</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 40%;"> |
| <col style="width: 20%;"> |
| <col style="width: 20%;"> |
| <col style="width: 20%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Component</th> |
| <th class="tableblock halign-left valign-top">Start</th> |
| <th class="tableblock halign-left valign-top">Stop</th> |
| <th class="tableblock halign-left valign-top">Status</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><strong>All of Trafodion</strong></p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>sqstart</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>sqstop</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>sqcheck</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><strong>RMS Server</strong></p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>rmsstart</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>rmsstop</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>rmscheck</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><strong>REST Server</strong></p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>reststart</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>reststop</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>-</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><strong>LOB Server</strong></p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>lobstart</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>lobstop</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>-</pre></div></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><strong>DCS (Database Connectivity Services)</strong></p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dcsstart</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dcsstop</pre></div></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>dcscheck</pre></div></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="paragraph"> |
| <p><strong>Example: Start Trafodion</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">cd $TRAF_HOME/sql/scripts |
| sqstart |
| sqcheck</code></pre> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="activate-validate-trafodion-installation">8.2. Validate Trafodion Installation</h3> |
| <div class="paragraph"> |
| <p>You can use sqlci (part of the base product) or trafci (requires separate install; see the |
| <a href="http://trafodion.incubator.apache.org/docs/client_install/index.html">Trafodion Client Installation Guide</a>) to validate your installation.</p> |
| </div> |
| <div class="sect3"> |
| <h4 id="_smoke_test">8.2.1. Smoke Test</h4> |
| <div class="paragraph"> |
| <p>A simple smoke test to validate that Trafodion is functioning.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">get schemas; |
| create table table1 (a int); |
| invoke table1; |
| insert into table1 values (1), (2), (3), (4); |
| select * from table1; |
| drop table table1; |
| exit;</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">$ sqlci |
| Apache Trafodion Conversational Interface 1.3.0 |
| Copyright (c) 2015 Apache Software Foundation |
| >>get schemas; |
| |
| Schemas in Catalog TRAFODION |
| ============================ |
| |
| SEABASE |
| _MD_ |
| _LIBMGR_ |
| _REPOS_ |
| |
| --- SQL operation complete. |
| >>create table table1 (a int); |
| |
| --- SQL operation complete. |
| >>invoke table1; |
| |
| -- Definition of Trafodion table TRAFODION.SEABASE.TABLE1 |
| -- Definition current Mon Feb 15 07:42:02 2016 |
| |
| ( |
| SYSKEY LARGEINT NO DEFAULT NOT NULL NOT DROPPABLE |
| NOT SERIALIZED |
| , A INT DEFAULT NULL SERIALIZED |
| ) |
| |
| --- SQL operation complete. |
| >>insert into table1 values (1), (2), (3), (4); |
| |
| --- 4 row(s) inserted. |
| >>select * from table1; |
| |
| A |
| ----------- |
| |
| 1 |
| 2 |
| 3 |
| 4 |
| |
| --- 4 row(s) selected. |
| >>drop table table1; |
| |
| --- SQL operation complete. |
| >>exit; |
| $</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| <div class="paragraph"> |
| <p>Assuming no errors, your installation has been successful. Next, do the following:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Install the Trafodion client software. Refer to the <a href="http://trafodion.incubator.apache.org/docs/client_install/index.html">Trafodion Client Installation Guide</a>.</p> |
| </li> |
| <li> |
| <p>Use Trafodion. Refer to the <a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html">Trafodion SQL Reference Manual.</a></p> |
| </li> |
| <li> |
| <p>Review other Trafodion documentation. Refer to the <a href="http://trafodion.apache.org/documentation.html">Trafodion documentation</a>.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="activate-troubleshooting-tips">8.3. Troubleshooting Tips</h3> |
| <div class="paragraph"> |
| <p>If you are not able to start up the environment or if there are problems running sqlci or trafci, then verify that the all the processes are up and running.</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><code>sqcheck</code> should indicate all processes are running.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>If processes are not running as expected, then:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><code>sqstop</code> to shut down Trafodion. If some Trafodion processes do not terminate cleanly, then run <code>ckillall</code>.</p> |
| </li> |
| <li> |
| <p><code>sqstart</code> to restart Trafodion.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>If problems persist please review logs:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p><code>$TRAF_HOME/logs</code>: Trafodion logs.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="remove">9. Remove</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>You use the Trafodion Provisioning User for these instructions.</p> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| You do not need to use the <code>trafodion_uninstaller</code> script if upgrading Trafodion. Instead, use the <code>trafodion_install</code> script, |
| which automatically upgrades the version of Trafodion. Please refer to the <a href="#install">Install</a> chapter for further instructions. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p>Run the commands from the first node of the cluster. Do not run them from a machine that is not part of the Trafodion cluster.</p> |
| </div> |
| <div class="sect2"> |
| <h3 id="_stop_trafodion">9.1. Stop Trafodion</h3> |
| <div class="paragraph"> |
| <p>Do the following:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">su trafodion |
| cd $TRAF_HOME/sql/scripts or cds |
| sqstop |
| exit</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">[admin@trafodion-1 ~]$ su trafodion |
| [trafodion@trafodion-1 scripts]$ cds |
| [trafodion@trafodion-1 scripts]$ sqstop |
| Shutting down the REST environment now |
| stopping rest. |
| Shutting down the DCS environment now |
| stopping master. |
| trafodion-1: stopping server. |
| trafodion-2: stopping server. |
| stopped $zlobsrv0 |
| stopped $zlobsrv1 |
| Shutting down (normal) the SQ environment! |
| Mon Feb 15 07:49:18 UTC 2016 |
| Processing cluster.conf on local host trafodion-1 |
| . |
| . |
| .</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">[$Z000HDS] 001,00024772 001 GEN ES--A-- $Z010K7S NONE mxosrvr |
| [$Z000HDS] 001,00024782 001 GEN ES--U-- $ZLOBSRV1 NONE mxlobsrvr |
| shutdown |
| [$Z000HDS] %shutdown |
| exit |
| Issued a 'shutdown normal' request |
| |
| Shutdown in progress |
| |
| # of SQ processes: 0 |
| SQ Shutdown (normal) from /home/trafodion/apache-trafodion-1.3.0-incubating-bin/sql/scripts Successful |
| Mon Feb 15 07:49:26 UTC 2016 |
| [trafodion@trafodion-1 scripts]$ exit |
| [admin@trafodion-1 ~]$</code></pre> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="_run_code_trafodion_uninstaller_code">9.2. Run <code>trafodion_uninstaller</code></h3> |
| <div class="paragraph"> |
| <p>The <code>trafodion_uninstaller</code> completely removes Trafodion.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">[admin@trafodion-1 ~]$ cd $HOME/trafodion-installer/installer |
| [admin@trafodion-1 installer]$ ./trafodion_uninstaller |
| Do you want to uninstall Trafodion (Everything will be removed)? (Y/N) y |
| ***INFO: testing sudo access |
| ***INFO: NOTE, rpms that were installed will not be removed. |
| ***INFO: stopping Trafodion instance |
| SQ environment is not up. |
| Going to execute ckillall |
| |
| Can't find file /home/trafodion/.vnc/trafodion-1:1.pid |
| You'll have to kill the Xvnc process manually |
| |
| ***INFO: restoring linux system files that were changed |
| ***INFO: removing hbase-trx* from Hadoop directories |
| pdsh@trafodion-1: trafodion-1: ssh exited with exit code 1 |
| pdsh@trafodion-1: trafodion-2: ssh exited with exit code 1 |
| pdsh@trafodion-1: trafodion-1: ssh exited with exit code 1 |
| pdsh@trafodion-1: trafodion-2: ssh exited with exit code 1 |
| ***INFO remove the Trafodion userid and group |
| ***INFO: removing all files from /home/trafodion/apache-trafodion-1.3.0-incubating-bin |
| ***INFO: removing all files from /usr/lib/trafodion and /var/log/trafodion |
| ***INFO: removing all files from /etc/trafodion |
| ***INFO: Trafodion uninstall complete. |
| [admin@trafodion-1 installer]$</code></pre> |
| </div> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="enable-security">10. Enable Security</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>Trafodion supports user authentication with LDAP, integrates with Hadoop’s Kerberos environment and |
| supports authorization through database grant and revoke requests (privileges).</p> |
| </div> |
| <div class="paragraph"> |
| <p>If this is an initial installation, both LDAP and Kerberos can be configured by running the Trafodion installer. |
| If Trafodion is already installed, then both LDAP and Kerberos can be configured by running the Trafodion |
| security installer.</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>If Hadoop has enabled Kerberos, then Trafodion must also enable Kerberos.</p> |
| </li> |
| <li> |
| <p>If Kerberos is enabled, then LDAP must be enabled.</p> |
| </li> |
| <li> |
| <p>If LDAP is enabled, then database authorization (privilege support) is automatically enabled.</p> |
| </li> |
| <li> |
| <p>If Kerberos is not enabled, then enabling LDAP is optional.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="sect2"> |
| <h3 id="enable-security-kerberos">10.1. Configuring Trafodion for Kerberos</h3> |
| <div class="paragraph"> |
| <p>Kerberos is a protocol for authenticating a request for a service or operation. It uses the notion of a ticket to verify accessibility. |
| The ticket is proof of identity encrypted with a secret key for the particular requested service. Tickets exist for a short time and |
| then expire. Therefore, you can use the service as long as your ticket is valid (i.e. not expired). Hadoop uses Kerberos to provide |
| security for its services, as such Trafodion needs to function properly with Hadoop that have Kerberos enabled.</p> |
| </div> |
| <div class="sect3"> |
| <h4 id="_kerberos_configuration_file">10.1.1. Kerberos configuration file</h4> |
| <div class="paragraph"> |
| <p>It is assumed that Kerberos has already been set up on all the nodes by the time Trafodion is installed. |
| This section briefly discusses the Kerberos configuration file for reference.</p> |
| </div> |
| <div class="paragraph"> |
| <p>The Kerberos configuration file defaults to /etc/krb5.conf and contains, among other attributes:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">* log location: location where Kerberos errors and other information are logged |
| * KDC location: host location where the KDC (Key Distribution Center) is located |
| * admin server location: host location where the Kerberos admin server is located |
| * realm: the set of nodes that share a Kerberos database |
| * ticket defaults: contains defaults for ticket lifetimes, encoding, and other attributes</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>You need to have access to a Kerberos administrator account to enable Kerberos for Trafodion. The following is an example request that lists principals defined in the Kerberos database that can be used to test connectivity:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">kadmin -p 'kdcadmin/admin' -w 'kdcadmin123' -s 'kdc.server' -q 'listprincs' |
| * -p (principal): please replace 'kdcadmin/admin' with your admin principal |
| * -w (password): please replace 'kdadmin123' with the password for the admin principal |
| * -s (server location): please replace 'kdc.server' with your KDC admin server location |
| * -q (command): defines the command to run, in this case principals are returned</code></pre> |
| </div> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="_ticket_management">10.1.2. Ticket Management</h4> |
| <div class="paragraph"> |
| <p>When Kerberos is enabled in Trafodion, the security installation process:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Adds a Trafodion principal in Kerberos, one per node with the name trafodion/hostname@realm.</p> |
| </li> |
| <li> |
| <p>Creates a keytab for each principal and distributes the keytab to each node. The keytab name is the same for all nodes |
| and defaults to a value based on the distribution, for example: etc/trafodion/keytabs/trafodion.service.keytab.</p> |
| </li> |
| <li> |
| <p>Performs a "kinit" on all nodes in the cluster for the <code>trafodion</code> user.</p> |
| </li> |
| <li> |
| <p>Adds commands to perform "kinit" and to start the ticket renewal procedure to the <code>trafodion</code> .bashrc scripts on each node.</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>The ticket renewal service renews tickets up until the maximum number of renewals allowed. So if your ticket lifetime is |
| one day and the number of renewals is seven days, the ticket renewal service automatically renews tickets six times. Once |
| the ticket expires, it must be initialized again to continue running Trafodion. Connecting to each node as the <code>trafodion</code> |
| user initializes the ticket if one does not exist.</p> |
| </div> |
| <div class="paragraph"> |
| <p>TBD - A future update will include details on how tickets can be managed at the cluster level.</p> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="_kerberos_installation">10.1.3. Kerberos installation</h4> |
| <div class="paragraph"> |
| <p>The Trafodion installation scripts automatically determine if Kerberos is enabled on the node. If it is enabled, |
| then the environment variable SECURE_HADOOP is set to "Y".</p> |
| </div> |
| <div class="paragraph"> |
| <p>The following are questions that will be asked related to Kerberos:</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Enter KDC server address, default is []: – no default</p> |
| </li> |
| <li> |
| <p>Enter admin principal (include realm), default is []: - no default</p> |
| </li> |
| <li> |
| <p>Enter fully qualified name for HBase keytab, default is []: - Installer searches for a valid keytab based on the distribution</p> |
| </li> |
| <li> |
| <p>Enter fully qualified name for HDFS keytab, default is []: - Installer searches for a valid keytab based on the distribution</p> |
| </li> |
| <li> |
| <p>Enter max lifetime for Trafodion principal (valid format required), default is [24hours]:</p> |
| </li> |
| <li> |
| <p>Enter renew lifetime for Trafodion principal (valid format required), default is [7days]:</p> |
| </li> |
| <li> |
| <p>Enter Trafodion keytab name, default is []: - Installer determines default name based on the distribution</p> |
| </li> |
| <li> |
| <p>Enter keytab location, default is []: - Installer determins default name based on the distribution</p> |
| </li> |
| </ul> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| The Trafodion installer always asked for the KDC admin password when enabling Kerberos independent on whether running in Automated |
| of Guided mode. It does not save this password. |
| </td> |
| </tr> |
| </table> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="enable-security-ldap">10.2. Configuring LDAP</h3> |
| <div class="paragraph"> |
| <p>Trafodion does not manage user names and passwords internally but supports authentication via directory servers using |
| the OpenLDAP protocol, also known as LDAP servers. You can configure the LDAP servers during installation by answering the Trafodion |
| Installer’s prompts. To configure LDAP after installation run the Trafodion security installer directly. Installing LDAP also enables database |
| authorization (privilege support).</p> |
| </div> |
| <div class="paragraph"> |
| <p>Once authentication and authorization are enabled, Trafodion allows users to be registered in the database and allows privileges |
| on objects to be granted to users and roles (which are granted to users). Trafodion also supports component-level (or system-level) |
| privileges, such as MANAGE_USERS, which can be granted to users and roles. Refer to <a href="#enable-security-manage-users">Manage Users</a> below.</p> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| If you do not enable LDAP in Trafodion, then a client interface to Trafodion may request a user name and password, |
| but Trafodion ignores the user name and password entered in the client interface, and the session runs as the database <strong>root</strong> user, |
| <code>DB__ROOT</code>, without restrictions. If you want to restrict users, restrict access to certain users only, or restrict access to an |
| object or operation, then you must enable security, which enforces authentication and authorization. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="sect3"> |
| <h4 id="enable-security-configuring-ldap-servers">10.2.1. Configuring LDAP Servers</h4> |
| <div class="paragraph"> |
| <p>To specify the LDAP server(s) to be used for authentication, you need to configure the text file <code>.traf_authentication_config</code>, |
| located (by default) in <code>$TRAF_HOME/sql/scripts</code>. This file is a flat file, organized as a series of attribute/value pairs. |
| Details on all the attributes and values accepted in the authentication configuration file and how to configure alternate locations |
| can be found in <a href="#enable-security-traf-authentication-config">.traf_authentication_config</a> below.</p> |
| </div> |
| <div class="paragraph"> |
| <p>A sample template file is located in <code>$TRAF_HOME/sql/scripts/traf_authentication_config</code>.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Attributes and values in the authentication configuration file are separated with a colon immediately following the attribute name. |
| In general, white space is ignored but spaces may be relevant in some values. Attribute names are always case insensitive. Multiple |
| instances of an attribute are specified by repeating the attribute name and providing the new value. For attributes with only one |
| instance, if the attribute is repeated, the last value provided is used.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">Attribute1: valueA |
| Attribute2: valueB |
| Attribute1: valueC</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>If <code>Attribute1</code> has only one instance, <code>valueC</code> is used, otherwise, <code>valueA</code> and <code>valueC</code> are both added to the list of values for <code>Attribute1</code>.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Attributes are grouped into sections; this is for future enhancements. Attributes are declared in the <code>LOCAL</code> section, unless otherwise specified.</p> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| Section names, attribute names, and the general layout of the authentication configuration file are subject to change in future versions |
| of Trafodion and backward compatibility is not guaranteed. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p>Specification of your directory server(s) requires at a minimum:</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 15%;"> |
| <col style="width: 55%;"> |
| <col style="width: 30%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Setting</th> |
| <th class="tableblock halign-left valign-top">Description</th> |
| <th class="tableblock halign-left valign-top">Example</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">LDAP Host Name(s)</p></th> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">One or more names of hosts that support the OpenLDAP protocol must be specified. Trafodion attempts to connect to all |
| provided host names during the authentication process. The set of user names and passwords should be identical on all hosts to avoid unpredictable |
| results. The attribute name is <code>LDAPHostName</code>.</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>LDAPHostName: ldap.company.com</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">LDAP Port Number</p></th> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Port number of the LDAP server. Typically this is 389 for servers using no encryption or TLS, and 636 for servers using SSL. |
| The attribute name is <code>LDAPPort</code>.</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>LDAPPort: 389</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">LDAP Unique Identifier</p></th> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Attribute(s) used by the directory server that uniquely identifies the user name. You may provide one or more unique |
| identifier specifiers.</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>UniqueIdentifier: uid=,ou=users,dc=com</code></p> |
| </div></div></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">Encryption Level</p></th> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">A numeric value indicating the encryption scheme used by your LDAP server. Values are:<br> |
| <br> |
| • 0: Encryption not used<br> |
| • 1: SSL<br> |
| • 2: TLS</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>LDAPSSL: 2</code><br> |
| <br> |
| If your LDAP server uses TLS you must specify a file containing the certificate used to encrypt the password. By default the Trafodion software |
| looks for this file in <code>$TRAF_HOME/cacerts</code>, but you may specify a fully qualified filename, or set the environment variable <code>CACERTS_DIR</code> to another |
| directory. To specify the file containing the certificate, you set the value of the attribute <code>TLS_CACERTFilename</code>, located in the Defaults section.<br> |
| <br> |
| <strong>Example</strong><br></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">TLS_CACERTFilename: mycert.pem |
| TLS_CACertFilename: /usr/etc/cert.pem</code></pre> |
| </div> |
| </div></div></td> |
| </tr> |
| <tr> |
| <th class="tableblock halign-left valign-top"><p class="tableblock">Search username and password</p></th> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Some LDAP servers require a known user name and password to search the directory of user names. If your environment |
| has that requirement, provide these "search" values.</p></td> |
| <td class="tableblock halign-left valign-top"><div><div class="paragraph"> |
| <p><code>LDAPSearchDN: <a href="mailto:lookup@company.com">lookup@company.com</a></code><br> |
| <code>LDAPSearchPwd: Lookup123</code></p> |
| </div></div></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="paragraph"> |
| <p>There are additional optional attributes that can be used to customize Trafodion authentication. As mentioned earlier, they are described in |
| <a href="#enable-security-traf-authentication-config">.traf_authentication_config</a> below.</p> |
| </div> |
| <div class="paragraph"> |
| <p>You can test the authentication configuration file for syntactic errors using the <code>ldapconfigcheck</code> tool. If you have loaded the Trafodion |
| environment (<code>sqenv.sh</code>), then the tool automatically checks the file at <code>$TRAF_HOME/sql/scripts/.traf_authentication_config</code>. |
| If not, you can specify the file to be checked.</p> |
| </div> |
| <div class="paragraph"> |
| <p><strong>Example</strong></p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">ldapconfigcheck -file myconfigfile |
| File myconfigfile is valid.</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>If an error is found, then the line number with the error is displayed along with the error. |
| Please refer to <a href="#enable-security-ldapconfigcheck">ldapconfigcheck</a> below for more information.</p> |
| </div> |
| <div class="admonitionblock note"> |
| <table> |
| <tr> |
| <td class="icon"> |
| <i class="fa icon-note" title="Note"></i> |
| </td> |
| <td class="content"> |
| The authentication configuration file needs to be propagated to all nodes, but there is a script that does that for you described later. |
| For now, you can test your changes on the local node. |
| </td> |
| </tr> |
| </table> |
| </div> |
| <div class="paragraph"> |
| <p>You can test the LDAP connection using the utility <code>ldapcheck</code>. To use this utility the Trafodion environment must be loaded (<code>sqenv.sh</code>), |
| but the Trafodion instance does not need to be running. To test the connection only, you can specify any user name, and a name lookup is performed |
| using the attributes in <code>.traf_authentication_config</code>.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">ldapcheck --username=fakename@company.com |
| User fakename@company.com not found</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>If <code>ldapcheck</code> reports either that the user was found or the user was not found, the connection was successful. However, if an error is reported, |
| either the configuration file is not setup correctly, or there is a problem either with your LDAP server or the connection to the server. You can |
| get additional error detail by including the <code>--verbose</code> option. Please refer to <a href="#enable-security-ldapcheck">ldapcheck</a> for more information.</p> |
| </div> |
| <div class="paragraph"> |
| <p>If you supply a password, <code>ldapcheck</code> attempts to authenticate the specified <code>username</code> and <code>password</code>. The example below shows the password |
| for illustrative purposes, but to avoid typing the password on the command line, leave the password blank (<code>--password=</code>) and the utility |
| prompts for the password with no echo.</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">ldapcheck --username=realuser@company.com --password=StrongPassword |
| Authentication successful</code></pre> |
| </div> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect3"> |
| <h4 id="enable-security-generate-trafodion-certificate">10.2.2. Generate Trafodion Certificate</h4> |
| <div class="paragraph"> |
| <p>Trafodion clients such as <code>trafci</code> encrypt the password before sending it to Trafodion. A self-signed certificate is used to encrypt the password. |
| The certificate and key are generated when the <code>sqgen</code> script is invoked. By default, the files <code>server.key</code> and <code>server.crt</code> are located |
| in <code>$HOME/sqcert</code>. If those files are not present and since Trafodion clients does not send unencrypted passwords, then you need to manually generate |
| those files. To do so, run the script <code>sqcertgen</code> located in <code>$TRAF_HOME/sql/scripts</code>. The script runs <code>openssl</code> to generate the certificate and key.</p> |
| </div> |
| <div class="paragraph"> |
| <p>To run openssl manually, follow the example:</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">openssl req -x509 -nodes -days 365 -subj '/C=US/ST=California/L=PaloAlto/CN=host.domain.com/O=Some Company/OU=Service Connection' |
| - newkey rsa:2048 -keyout server.key -out server.crt</code></pre> |
| </div> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 40%;"> |
| <col style="width: 60%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Option</th> |
| <th class="tableblock halign-left valign-top">Description</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>-x509</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Generate a self-signed certificate.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>-days <validity of certificate></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Make the certificate valid for the days specified.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>-newkey rsa:<bytes></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Generate a new private key of type RSA of length 1024 or 2048 bytes.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>-subj <certificateinfo></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Specify the information that is incorporated in the certificate. |
| Each instance in a cluster should have a unique common name(<code>CN</code>).</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>-keyout <filename></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Write the newly generated RSA private key to the file specified.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>-nodes</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">It is an optional parameter that specifies NOT to encrypt the private key. |
| If you encrypt the private key, then you must enter the password every time the private key is used by an application.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>-out <filename></pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Write the self-signed certificate to the specified file.</p></td> |
| </tr> |
| </tbody> |
| </table> |
| <div class="paragraph"> |
| <p>Both the public (<code>server.crt</code>) and private (<code>server.key</code>) files should be placed in the directory <code>$HOME/sqcert</code>. If you do not want to use |
| the <code>HOME</code> directory or if you want to use different names for the private and/or public key files, then Trafodion supports environment variables |
| to specific the alternate locations or names.</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Trafodion first checks the environment variables <code>SQCERT_PRIVKEY</code> and <code>SQCERT_PUBKEY</code>. If they are set, Trafodion uses the fully qualified filename |
| value of the environment variable.</p> |
| <div class="paragraph"> |
| <p>You can specify either one filename environment variable or both.</p> |
| </div> |
| </li> |
| <li> |
| <p>If at least one filename environment variable is not set, Trafodion checks the value of the environment variable <code>SQCERT_DIR</code>. If set, |
| then the default filename <code>server.key</code> or <code>server.crt</code> is appended to the value of the environment variable <code>SQCERT_DIR</code>.</p> |
| </li> |
| <li> |
| <p>If the filename environment variable is not set and the directory environment variable is not set, |
| then Trafodion uses the default location (<code>$HOME/sqcert</code>) and the default filename.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="enable-security-traf-authentication-config">10.2.3. Creating the LDAP configuration file</h4> |
| <div class="paragraph"> |
| <p>The <code>.traf_authentication_config</code> file is user to enable the Trafodion security features.</p> |
| </div> |
| <div class="sect4"> |
| <h5 id="_file_location">File Location</h5> |
| <div class="paragraph"> |
| <p>By default, the Trafodion authentication configuration file is located in <code>$TRAF_HOME/sql/scripts/.traf_authentication_config</code>. |
| If you want to store the configuration file in a different location and/or use a different filename, then Trafodion supports environment |
| variables to specify the alternate location/name.</p> |
| </div> |
| <div class="paragraph"> |
| <p>Trafodion firsts checks the environment variable <code>TRAFAUTH_CONFIGFILE</code>. If set, the value is used as the fully-qualified Trafodion |
| authentication configuration file.</p> |
| </div> |
| <div class="paragraph"> |
| <p>If the environment variable is not set, then Trafodion next checks the variable <code>TRAFAUTH_CONFIGDIR</code>. If set, the value is prepended to |
| <code>.traf_authentication_config</code> and used as the Trafodion authentication file.</p> |
| </div> |
| <div class="paragraph"> |
| <p>If neither is set, Trafodion defaults to <code>$TRAF_HOME/sql/scripts/.traf_authentication_config</code>.</p> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect4"> |
| <h5 id="enable-security-template">Template</h5> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text"># To use authentication in Trafodion, this file must be configured |
| # as described below and placed in $TRAF_HOME/sql/scripts and be named |
| # .traf_authentication_config. |
| # |
| # NOTE: the format of this configuration file is expected to change in the |
| # next release of Trafodion. Backward compatibility is not guaranteed. |
| # |
| SECTION: Defaults |
| DefaultSectionName: local |
| RefreshTime: 1800 |
| TLS_CACERTFilename: |
| SECTION: local |
| |
| # If one or more of the LDAPHostName values is a load balancing host, list |
| # the name(s) here, one name: value pair for each host. |
| LoadBalanceHostName: |
| |
| # One or more identically configured hosts must be specified here, |
| # one name: value pair for each host. |
| LDAPHostName: |
| |
| # Default is port 389, change if using 636 or any other port |
| LDAPPort:389 |
| |
| # Must specify one or more unique identifiers, one name: value pair for each |
| UniqueIdentifier: |
| |
| # If the configured LDAP server requires a username and password to |
| # to perform name lookup, provide those here. |
| LDAPSearchDN: |
| LDAPSearchPwd: |
| |
| # If configured LDAP server requires TLS(1) or SSL (2), update this value |
| LDAPSSL:0 |
| |
| # Default timeout values in seconds |
| LDAPNetworkTimeout: 30 |
| LDAPTimeout: 30 |
| LDAPTimeLimit: 30 |
| |
| # Default values for retry logic algorithm |
| RetryCount: 5 |
| RetryDelay: 2 |
| PreserveConnection: No |
| ExcludeBadHosts: Yes |
| MaxExcludeListSize: 3</code></pre> |
| </div> |
| </div> |
| </div> |
| <div class="sect4"> |
| <h5 id="enable-security-configuration-attributes">Configuration Attributes</h5> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 25%;"> |
| <col style="width: 20%;"> |
| <col style="width: 20%;"> |
| <col style="width: 35%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Attribute Name</th> |
| <th class="tableblock halign-left valign-top">Purpose</th> |
| <th class="tableblock halign-left valign-top">Example Value</th> |
| <th class="tableblock halign-left valign-top">Notes</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPHostName</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Host name of the local LDAP server.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>ldap.master.com</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">If more than one <code>LDAPHostName</code> entry is provided, |
| then Trafodion attempts to connect with each LDAP server before returning an authentication error. |
| Also see the description related to <code>RetryCount</code> and <code>RetryDelay</code> entries.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPPort</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Port number of the local LDAP server.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>345</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Must be numeric value. Related to <code>LDAPSSL</code> entry. |
| Standard port numbers for OpenLDAP are as follows:<br> |
| <br> |
| • Non-secure: 389<br> |
| • SSL: 636<br> |
| • TLS: 389</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPSearchDN</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">If a search user is needed, the search user distinguished name is specified here.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>cn=aaabbb, dc=demo, dc=net</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">If anonymous search is allowed on the local server, then this attribute does not need to be specified or can be specified with no value (blank). |
| To date, anonymous search is the normal approach used.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPSearchPWD</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Password for the <code>LDAPSearchDN</code> value. See that entry for details.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>welcome</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">None.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPSSL</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">A numeric value specifying whether the local LDAP server interface is unencrypted or TLS or SSL. |
| Legal values are 0 for unencrypted, 1 for SSL, and 2 for TLS. For SSL/TLS, see the section below on Encryption Support.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>0</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">None.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>UniqueIdentifier</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The directory attribute that contains the user’s unique identifier.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>uid=,ou=Users,dc=demo,dc=net</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">To account for the multiple forms of <code>DN</code> supported by a given LDAP server, specify the <code>UniqueIdentifier</code> parameter multiple times |
| with different values. During a search, each <code>UniqueIdentifier</code> is tried in the order it is listed in the configuration file.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPNetworkTimeout</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the timeout (in seconds) after which the next <code>LDAPHostName</code> entry is tried, in case of no response for a connection request. |
| This parameter is similar to <code>NETWORK_TIMEOUT</code> in <code>ldap_conf(5)</code>. Default value is 30 seconds.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>20</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The value must be a positive number or -1. Setting this to -1 results in an infinite timeout.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPTimelimit</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the time to wait when performing a search on the LDAP server for the user name. The number must be a positive integer. |
| This parameter is similar to <code>TIMELIMIT</code> in <code>ldap_conf(5)</code>. Default value is 30 seconds.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>15</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The server may still apply a lower server-side limit on the duration of a search operation.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>LDAPTimeout</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs aborts if no response is received. |
| This parameter is similar to <code>TIMEOUT</code> in <code>ldap_conf(5)</code>. Default value is 30 seconds.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>15</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">The value must be a positive number or -1. Setting this to -1 results in an infinite timeout.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>RetryCount</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Number of attempts to establish a successful LDAP connection. Default is 5 retries before returning an error.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>10</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">When a failed operation is retried, it is attempted with each configured LDAP server, until the operation is successful or the number of configured retries is exceeded.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>RetryDelay</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the number of seconds to delay between retries. Default value is 2 seconds. See description of <code>RetryCount</code>.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>1</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">None.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>PreserveConnection</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Specifies whether the connection to LDAP server is maintained (YES) or closed (NO) once the operation finishes. Default value is NO.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>YES</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">None.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>RefreshTime</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the number of seconds that must have elapsed before the configuration file is reread. Default is 1800 (30 minutes).</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>3600</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">If set to zero, the configuration file is never read. The connectivity servers must be restarted for changes to take effect if this value is zero. |
| This attribute is not specific to either configuration and must be defined in the DEFAULTS section.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS_CACERTFilename</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the location of the certificate file for the LDAP server(s). Filename can either be fully qualified or relative to <code>$CACERTS_DIR</code>.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>cert.pem</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">This attribute applies to both configurations. If a configuration does not require a certificate, then this attribute is ignored. |
| This attribute must be defined in the DEFAULTS section.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><p class="tableblock"><code>DefaultSectionName</code></p></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the configuration type that is assigned to a user by the <code>REGISTER USER</code> command if no authentication type is specified. |
| In the initial Trafodion release, only one configuration is supported.</p></td> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>LOCAL</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">This attribute must be defined in the <code>DEFAULTS</code> section. |
| If the <code>DefaultSectionName</code> attribute is specified, then a section by that name (or equivalent) must be defined in <code>.traf_ldapconfig</code>. |
| Legal values are <code>LOCAL</code> and <code>ENTERPRISE</code>. This syntax is likely to change.</p></td> |
| </tr> |
| </tbody> |
| </table> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="enable-security-ldapcheck">10.2.4. Verifying configuration and users through ldapcheck</h4> |
| <div class="sect4"> |
| <h5 id="_usage">Usage</h5> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">ldapcheck [<option>]... |
| <option> ::= --help|-h display usage information |
| --username=<LDAP-username> |
| --password[=<password>] |
| --primary Use first configuration |
| --local Use first configuration |
| --enterprise Use first configuration |
| --secondary Use second configuration |
| --remote Use second configuration |
| --cluster Use second configuration |
| --verbose Display non-zero retry counts |
| and LDAP errors</code></pre> |
| </div> |
| </div> |
| </div> |
| <div class="sect4"> |
| <h5 id="_considerations">Considerations</h5> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Aliases for primary include enterprise and local. Aliases for secondary include cluster and remote. If no configuration is specified, primary is assumed.</p> |
| </li> |
| <li> |
| <p>The equals sign is required when supplying a value to username or password.</p> |
| </li> |
| <li> |
| <p>To be prompted for a password value with no echo, specify the password argument but omit the equals sign and value.</p> |
| </li> |
| <li> |
| <p>Passwords that contain special characters may need to be escaped if the password is specified on the command line or within a script file.</p> |
| </li> |
| <li> |
| <p>If the password keyword is not specified, only the username is checked. The tool can therefore be used to test the LDAP configuration and connection |
| to the configured LDAP server(s) without knowing a valid username or password.</p> |
| </li> |
| </ul> |
| </div> |
| </div> |
| </div> |
| <div class="sect3"> |
| <h4 id="enable-security-ldapconfigcheck">10.2.5. Verifying contents of configuration file through ldapconfigcheck</h4> |
| <div class="paragraph"> |
| <p>This page describes the <code>ldapconfigcheck</code> tool, which validates the syntactic correctness of a Trafodion authentication configuration file. Trafodion does not need to be running to run the tool.</p> |
| </div> |
| <div class="sect4"> |
| <h5 id="enable-security-ldapconfigcheck-considerations">Considerations</h5> |
| <div class="paragraph"> |
| <p>If the configuration filename is not specified, then the tool looks for a file using environment variables. Those environment variables and the search order are:</p> |
| </div> |
| <div class="olist arabic"> |
| <ol class="arabic"> |
| <li> |
| <p><code>TRAFAUTH_CONFIGFILE</code></p> |
| <div class="paragraph"> |
| <p>A fully qualified name is expected.</p> |
| </div> |
| </li> |
| <li> |
| <p><code>TRAFAUTH_CONFIGDIR</code></p> |
| <div class="paragraph"> |
| <p>Filename <code>.traf_authentication_config/</code> is appended to the specified directory</p> |
| </div> |
| </li> |
| <li> |
| <p><code>TRAF_HOME</code></p> |
| <div class="paragraph"> |
| <p><code>/sql/scripts/.traf_authentication_config</code> is appended to the value of <code>TRAF_HOME</code>.</p> |
| </div> |
| </li> |
| </ol> |
| </div> |
| <div style="page-break-after: always;"></div> |
| </div> |
| <div class="sect4"> |
| <h5 id="enable-security-ldapconfigcheck-errors">Errors</h5> |
| <div class="paragraph"> |
| <p>One of the following is output when the tool is run. Only the first error encountered is reported.</p> |
| </div> |
| <table class="tableblock frame-all grid-all spread"> |
| <colgroup> |
| <col style="width: 15%;"> |
| <col style="width: 85%;"> |
| </colgroup> |
| <thead> |
| <tr> |
| <th class="tableblock halign-left valign-top">Code</th> |
| <th class="tableblock halign-left valign-top">Text</th> |
| </tr> |
| </thead> |
| <tbody> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>0</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">File <code>filename</code> is valid.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>1</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">File <code>filename</code> not found.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>2</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">File: <code>filename</code><br> |
| <br> |
| Invalid attribute name on line <strong>line-number</strong>.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>3</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">File: <code>filename</code><br> |
| <br> |
| Missing required value on line <strong>line-number</strong>.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>4</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">File: <code>filename</code><br> |
| <br> |
| Value out of range on line <strong>line-number</strong>.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>5</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">File: <code>filename</code><br> |
| <br> |
| Open of traf_authentication_config file failed.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>6</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">File: <code>filename</code><br> |
| <br> |
| Read of traf_authentication_config file failed.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>7</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">No file provided. Either specify a file parameter or verify environment variables.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>8</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">TLS was requested in at least one section, but <code>TLS_CACERTFilename</code> was not provided.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>9</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Missing host name in at least one section.<br> |
| <br> |
| Each LDAP connection configuration section must provide at least one host name.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>10</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Missing unique identifier in at least one section.<br> |
| <br> |
| Each LDAP connection configuration section must provide at least one unique identifier.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>11</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">At least one LDAP connection configuration section must be specified.</p></td> |
| </tr> |
| <tr> |
| <td class="tableblock halign-left valign-top"><div class="literal"><pre>12</pre></div></td> |
| <td class="tableblock halign-left valign-top"><p class="tableblock">Internal error parsing <code>.traf_authentication_config</code>.</p></td> |
| </tr> |
| </tbody> |
| </table> |
| </div> |
| </div> |
| </div> |
| <div class="sect2"> |
| <h3 id="enable-security-manage-users">10.3. Manage Users</h3> |
| <div class="paragraph"> |
| <p>Kerberos is enabled for installations that require a secure Hadoop environment. LDAP is enabled to enforce authentication for any |
| user connecting to Trafodion. The Trafodion database enforces privileges on the database, database schemas, database |
| objects (table, views, etc) and database operations. Privileges are enforced when authorization is enabled. When LDAP or Kerberos |
| is enabled, authorization is automatically enabled.</p> |
| </div> |
| <div class="paragraph"> |
| <p>To determine the status of authentication and authorization, bring up sqlci and perform "env;".</p> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre class="CodeRay highlight"><code data-lang="text">>>env; |
| ---------------------------------- |
| Current Environment |
| ---------------------------------- |
| AUTHENTICATION enabled |
| AUTHORIZATION enabled |
| CURRENT DIRECTORY /.../incubator-trafodion/install/installer |
| LIST_COUNT 4294967295 |
| LOG FILE |
| MESSAGEFILE /.../incubator-trafodion/core/sqf/export/ ... |
| MESSAGEFILE LANG US English |
| MESSAGEFILE VRSN {2016-06-14 22:27 LINUX:host/user} |
| SQL CATALOG TRAFODION |
| SQL SCHEMA SCH |
| SQL USER CONNECTED user not connected |
| SQL USER DB NAME SQLUSER1 |
| SQL USER ID 33367 |
| TERMINAL CHARSET ISO88591 |
| TRANSACTION ID |
| TRANSACTION STATE not in progress |
| WARNINGS on</code></pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Once authorization is enabled, there is one predefined database user called DB__ROOT associated with your specified LDAP username. |
| Please connect to the database and this user and register users that will perform database admin management. The database |
| admin can then connect and setup required users, roles, and privileges.</p> |
| </div> |
| <div class="paragraph"> |
| <p>TBD - A future update should include a pointer to the security best practices guide.</p> |
| </div> |
| <div class="paragraph"> |
| <p>To learn more about how to register users, grant object and component privileges, and manage users and roles, please see the |
| <a href="http://trafodion.incubator.apache.org/docs/sql_reference/index.html">Trafodion SQL Reference Manual</a>.</p> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="install-recipe">11. Install Recipe</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>To be written.</p> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="upgrade-recipe">12. Upgrade Recipe</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>To be written.</p> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div id="footer"> |
| <div id="footer-text"> |
| Version 2.1.0<br> |
| Last updated 2016-07-18 16:17:03 UTC |
| </div> |
| </div> |
| <script> |
| var _gaq = _gaq || []; |
| _gaq.push(['_setAccount','UA-72491210-1']); |
| _gaq.push(['_trackPageview']); |
| (function() { |
| var ga = document.createElement('script'); |
| ga.type = 'text/javascript'; |
| ga.async = true; |
| ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; |
| var s = document.getElementsByTagName('script')[0]; |
| s.parentNode.insertBefore(ga, s); |
| })(); |
| </script> |
| </body> |
| </html> |