CDP Multi-node, Multi-KDC, Multi-Cluster

This document provides you with a step by step process to deploy single Pulse instance for multiple Cloudera clusters with multiple KDCs.

Prerequisites

Ensure you have the following information for both clusters:

CM URL (https://<Alias/FQDN of the CM URL>:<CM Port>)
CM Username
CM Password
Spark History HDFS path & Spark3 History HDFS path
Kafka Version
Hbase Version
Hive Version
Hive Metastore DB Connection URL
Hive Metastore Database Name
Hive Metastore DB Username
Hive Metastore DB Password
Oozie DB Name
Oozie DB URL
Oozie DB Username
Oozie DB Password
Kerberos Keytab
krb5.conf file
Principal
Kerberos Username
cacerts/jssecacerts
YARN Scheduler Type
Kafka Interbroker protocol

To enable (TLS) HTTPS for Pulse Web UI Configuration using ad-proxy, ensure you have the following present:

Certificate File: cert.crt
Certificate Key: cert.key
CA Certificate: ca.crt (optional)
Decide whether to keep the HTTP port (Default: 4000) open or not
Decide on which port to use (default: 443)

Uninstallation of Agents

Perform the following:

To uninstall agents, you must follow the Cloudera Parcel Agent document.
You must also remove the Pulse JARs and the configurations for Hive and Tez.
The Acceldata team must then run the following commands for backup and uninstalling the existing Pulse application.

a. Create a backup directory:

Bash
    
 
mkdir -p /data01/backup
Copy

b. To backup, copy the entire config and workdirectory:

Bash
    
 
cp -R $AcceloHome/config /data01/backup/cp -R $AcceloHome/work /data01/backup/
Copy

c. Uninstall the existing Pulse setup by running the following command:

Bash
    
 
accelo uninstall local
Copy

OUTPUT

Bash
    
[root@nifihost1:data01 (ad-default)]$ accelo uninstall local✗ You're about to uninstall the local AccelData setup. This will also DELETE all persistent data from the current node. However, NONE of the remote no✔ You're about to uninstall the local AccelData setup. This will also DELETE all persistent data from the current node. However, NONE of the remote no✔ You're about to uninstall the local AccelData setup. This will also DELETE all persistent data from the current node. However, NONE of the remote noYou're about to uninstall the local AccelData setup. This will also DELETE all persistent data from the current node. However, NONE of the remote nodes will be affected. Please confirm your action [y/n]: : yWARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DBUninstalling the AccelData components from local machine ...
Copy

Logout from the terminal session.
Perform the aforementioned steps for all Pulse server nodes.

Download and Load the Binaries and Docker Images

To download and load the binaries and Docker images, perform the following:

Download the jars, hystaller, accelo binaries and docker images from the download links provided by the Acceldata team.
Move the Docker images and jars into the following directory:

Bash
    
 
mkdir -p /data01/images
Copy

Copy the binaries and tar files into the /data01/images folder:

Bash
    
 
cp </path/to/binaries/tar> /data01/images
Copy

Change the directory:

Bash
    
 
cd /data01/images
Copy

Extract the single tar file:

Bash
    
 
tar xvf <name_of_tar_file>.tar
Copy

OUTPUT

Bash
    
 
[root@nifihost1 images]# tar xvf pulse-333-beta.tar./ad-alerts.tgz./ad-connectors.tgz./ad-dashplots.tgz./ad-database.tgz./ad-deployer.tgz./ad-director.tgz./ad-elastic.tgz./ad-events.tgz./ad-fsanalyticsv2-connector.tgz./ad-gauntlet.tgz./ad-graphql.tgz./ad-hydra.tgz./ad-impala-connector.tgz./ad-kafka-0-10-2-connector.tgz./ad-kafka-connector.tgz./ad-ldap.tgz./ad-logsearch-curator.tgz./ad-logstash.tgz./ad-notifications.tgz./ad-oozie-connector.tgz./ad-pg.tgz./ad-proxy.tgz./ad-pulsemon-ui.tgz./ad-recom.tgz./ad-sparkstats.tgz./ad-sql-analyser.tgz./ad-streaming.tgz./ad-vminsert.tgz./ad-vmselect.tgz./ad-vmstorage.tgz./accelo.linux./admon./hystaller
Copy

Load the Docker images by running the following command:

Bash
    
 
ls -1 *.tgz | xargs --no-run-if-empty -L 1 docker load -i
Copy

Ensure that all the images are loaded to the server by running the following command:

Bash
    
 
docker images | grep 3.3.3
Copy

Copy the License

Place the license file provided by the Acceldata team in the work directory.

Bash
    
 
cp </path/to/license> /data01/acceldata/work
Copy

Deploy Core

Deploy the Pulse core components by running the following command:

Bash
    
 
accelo deploy core
Copy

OUTPUT

Bash
    
[root@nifihost1:acceldata (ad-default)]$ accelo deploy coreERROR: Cannot connect to DB, Because:  cannot connect to mongodbWARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DBHave you verified the acceldata config file at '/data01/acceldata/config/acceldata_spark341.conf' ? [y/n]: : y✓ accelo.yml file found and parsed✓ AcceloEvents - events.json file found and parsed✓ acceldata conf file found and parsed✓ .dist file found and parsed✓ hydra_hosts.yml file found and parsed✓ vars.yml file found and parsed✓ alerts notification.yml file found and parsed✓ actions notification.yml file found and parsed✓ alerts default-endpoints.yml file found and parsed✓ override.yml file found and parsed✓ gauntlet_mongo_spark341.yml file found and parsed✓ gauntlet_elastic.yml file found and parsedINFO: No existing AccelData networks found. Current stack 'ad-default' is missing.INFO: Trying to create a new network ..INFO: If you're setting up AccelData for the first time give 'y' to the below.Would you like to initiate DB with the config file '/data01/acceldata/config/acceldata'? [y/n]: : yCreating group monitors [================================================================================================>-------------------]  83.33%INFO: Pushing the hydra_hosts.yml to mongodbDeployment Completed [==============================================================================================>--------------------]  81.82% 28s✓ Done, Core services deployment completed.Now, you can access the AccelData APM Server at the configured port of this node.To deploy the AccelData addons, Run './accelo deploy addons'
Copy

Push the configurations for all the clusters.

Bash
    
 
accelo admin database push-config -a
Copy

Configure SSL for Connectors and Streaming

If you have TLS/SSL enforced for any of the Hadoop components in the target cluster, you must mount the Java truststore files inside the following Pulse service containers:

ad-connectors
ad-sparkstats
ad-streaming
ad-kafka-connector
ad-kafka-0-10-2-connector
ad-fsanalyticsv2-connector

For Kafka connectors, verify the version of Kafka running in the cluster, and then generate the configurations accordingly based on that version.

These are the only services that will connect to the respective Hadoop components of the cluster over the HTTPS URI.

Ensure that the permissions of these files are set to 0655 . i.e, read-able for all the users.

It is not always necessary to have both files configured for a target cluster. Sometimes, you may only have one of the files available. In such cases, you can simply use the available file and disregard the other one.

AD-CONNECTORS & AD-SPARKSTATS

Perform the following:

Generate the ad-core-connectors configuration file:

Bash
    
 
accelo admin makeconfig ad-core-connectors
Copy

Edit the file in path <$AcceloHome>/config/docker/addons/ad-core-connectors.yml and add the following lines under the volumes section of both ad-connectors and ad-sparkstats service blocks.

Bash
    
 
./config/security/cacerts:/usr/local/openjdk-8/lib/security/cacerts./config/security/jssecacerts:/usr/local/openjdk-8/lib/security/jssecacerts
Copy

If you only have the jssecacert file available and not the cacerts file, you can mount the jssecacerts file as the cacerts file inside the container as demonstrated below:

Bash
    
 
./config/security/jssecacerts:/usr/local/openjdk-8/lib/security/cacerts
Copy

AD-STREAMING

Perform the following:

Generate the ad-core configuration file:

Bash
    
 
accelo admin makeconfig ad-core
Copy

Edit the file in path <$AcceloHome>/config/docker/ad-core.yml and add the following lines under the volumes section of ad-streaming service block.

Bash
    
 
./config/security/cacerts:/usr/local/openjdk-8/lib/security/cacerts./config/security/jssecacerts:/usr/local/openjdk-8/lib/security/jssecacerts
Copy

If you only have the jssecacert file available and not the cacerts file, you can mount the jssecacerts file as the cacerts file inside the container as demonstrated below:

Bash
    
 
./config/security/jssecacerts:/usr/local/openjdk-8/lib/security/cacerts
Copy

AD-FSANALYTICSV2-CONNECTOR

Perform the following:

Generate the ad-fsanalyticsv2-connector configuration file:

Bash
    
 
accelo admin makeconfig ad-fsanalyticsv2-connector
Copy

Edit the file in path <$AcceloHome>/config/docker/addons/ad-fsanalyticsv2-connector.yml and add the following lines under the volumes section of ad-fsanalyticsv2-connector

Bash
    
 
./config/security/cacerts:/usr/local/openjdk-8/lib/security/cacerts./config/security/jssecacerts:/usr/local/openjdk-8/lib/security/jssecacerts
Copy

If you only have the jssecacert file available and not the cacerts file, you can mount the jssecacerts file as the cacerts file inside the container as demonstrated below:

Bash
    
 
./config/security/jssecacerts:/usr/local/openjdk-8/lib/security/cacerts
Copy

AD-KAFKA-CONNECTOR

Perform the following:

Generate the ad-core-connectors configuration file:

Bash
    
 
accelo admin makeconfig ad-kafka-connector
Copy

Edit the file in path <$AcceloHome>/config/docker/addons/ad-kafka-connector.yml and add the following lines under the volumes section of ad-kafka-connector

Bash
    
 
./config/security/cacerts:/usr/local/openjdk-8/lib/security/cacerts./config/security/jssecacerts:/usr/local/openjdk-8/lib/security/jssecacerts
Copy

If you only have the jssecacert file available and not the cacerts file, you can mount the jssecacerts file as the cacerts file inside the container as demonstrated below:

Bash
    
 
./config/security/jssecacerts:/usr/local/openjdk-8/lib/security/cacerts
Copy

AD-KAFKA-0-10-2-CONNECTOR

Perform the following:

Generate the ad-core-connectors configuration file:

Bash
    
 
accelo admin makeconfig ad-kafka-0-10-2-connector
Copy

Edit the file in path <$AcceloHome>/config/docker/addons/ad-kafka-0-10-2-connector.yml and add the following lines under the volumes section of ad-kafka-0-10-2-connector

Bash
    
 
./config/security/cacerts:/usr/local/openjdk-8/lib/security/cacerts./config/security/jssecacerts:/usr/local/openjdk-8/lib/security/jssecacerts
Copy

If you only have the jssecacert file available and not the cacerts file, you can mount the jssecacerts file as the cacerts file inside the container as demonstrated below:

Bash
    
 
./config/security/jssecacerts:/usr/local/openjdk-8/lib/security/cacerts
Copy

Deploy Add-ons

Bash
    
 
accelo deploy addons
Copy

OUTPUT

Bash
    
[root@nifihost1:acceldata (ad-default)]$ accelo deploy addonsWARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DBINFO: Active Cluster:  spark341? Select the components you would like to install:  Alerts (Agents MUST be configured), Core Connectors, Dashplot, Director (Agents MUST be configured), HYDRA, LogSearch, NotificationsStarting the deployment ..Completed [==============================================================================================================================] 137.50% 29s✓ Done, Addons deployment completed.​[root@pulsecdp01:~ (ad-default)]$ docker ps | grep cdp1fb489fdb8c09   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-sparkstats:3.3.3-beta        "/opt/docker/bin/spa…"   18 minutes ago   Up 18 minutes                                                                                                        ad-sparkstats_cdp1_default3cae513b8910   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-connectors:3.3.3-beta        "/opt/docker/bin/ad-…"   18 minutes ago   Up 18 minutes                                                                                                        ad-connectors_cdp1_defaultc8f128057341   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-kafka-connector:3.3.3-beta   "/opt/docker/bin/ad-…"   18 minutes ago   Up 18 minutes                                                                                                        ad-kafka-connector_cdp1_default
Copy

Bash
    
 
accelo set
Copy

Deploy the Pulse add-ons, and select the components that are needed for CDP Cluster2.

Bash
    
 
accelo deploy addons
Copy

OUTPUT

Bash
    
[root@nifihost1:acceldata (ad-default)]$ accelo deploy addonsWARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DBINFO: Active Cluster:  spark341? Select the components you would like to install:  Alerts (Agents MUST be configured), Core Connectors, Dashplot, Director (Agents MUST be configured), HYDRA, LogSearch, NotificationsStarting the deployment ..Completed [==============================================================================================================================] 137.50% 29s✓ Done, Addons deployment completed.​[root@pulsecdp01:~ (ad-default)]$ docker ps | grep cdp273fafe32a650   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-kafka-connector:3.3.3-beta   "/opt/docker/bin/ad-…"   6 hours ago      Up 6 hours                                                                                                           ad-kafka-connector_cdp2_defaultf089aca93f9f   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-sparkstats:3.3.3-beta        "/opt/docker/bin/spa…"   6 hours ago      Up 6 hours                                                                                                           ad-sparkstats_cdp2_default83d707813431   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-connectors:3.3.3-beta        "/opt/docker/bin/ad-…"   6 hours ago      Up 6 hours                                                                                                           ad-connectors_cdp2_default
Copy

Database Push Configuration

To push the configuration to the database, run the following code:

Bash
    
 
accelo admin datbase push-config -a
Copy

Updating Gauntlet in Dry Run Mode

To update Gauntlet in dry run mode, perform the following:

Check if the ad-core.yml file is present or not by running the following command:

Bash
    
 
ls -al $AcceloHome/config/docker/ad-core.yml
Copy

If the above file is not present then generate it by running the following command:

Bash
    
 
accelo admin makeconfig ad-core
Copy

Edit the ad-core.yml file by performing the following:

a. Open the file.

Bash
    
 
vi $AcceloHome/config/docker/ad-core.yml
Copy

b. Update the DRY_RUN_ENABLE environment variable in the ad-gauntlet section as shown below:

Bash
    
 
DRY_RUN_ENABLE=false
Copy

Note This makes Gauntlet delete the older elastic indices and MongoDB data.

c. The updated file must appear as shown below:

Bash
    
 
ad-gauntlet:  image: ad-gauntlet  container_name: ad-gauntlet  environment:  - MONGO_URI=ZN4v8cuUTXYvdnDJIDp+R8Z+ZsVXXjv8zDOvh8UwQXosC8vfVkGYGWGPNnX64ZVSp9yHgErQknPBAfYZ9cOG1A==  - MONGO_ENCRYPTED=true  - ELASTIC_ADDRESSES=http://ad-elastic:9200  - DRY_RUN_ENABLE=false  - CRON_TAB_DURATION=*/5 * * * *  volumes:  - /etc/localtime:/etc/localtime:ro  - /root/acceldata/config/logsearch/gauntlet_elastic.yml:/gauntlet/config/config.yml  - /root/acceldata/logs/logsearch/:/gauntlet/logs/  ulimits: {}  ports: []  depends_on: []  opts: {}  restart: ""  extra_hosts: []  network_alias: []
Copy

d. Save the file.

Restart Gauntlet service by running the following command:

Bash
    
 
accelo restart ad-gauntlet
Copy

Configure Gauntlet

To update the Gauntlet Contrab duration, perform the following:

Check if the ad-core.yml file is present or not by running the following command:

Bash
    
 
ls -al $AcceloHome/config/docker/ad-core.yml
Copy

If the above file is not present then generate it by running the following command:

Bash
    
 
accelo admin makeconfig ad-core
Copy

Edit the ad-core.yml file by performing the following:

a. Open the file

Bash
    
 
vi $AcceloHome/config/docker/ad-core.yml
Copy

b. Update the CRON_TAB_DURATION environment variable in the ad-gauntlet section as shown below:

Bash
    
 
CRON_TAB_DURATION=*/5 * * * *
Copy

Note This makes Gauntlet run every two days at midnight.

The updated file must appear as shown below:

Bash
    
 
ad-gauntlet:  image: ad-gauntlet  container_name: ad-gauntlet  environment:  - MONGO_URI=ZN4v8cuUTXYvdnDJIDp+R8Z+ZsVXXjv8zDOvh8UwQXosC8vfVkGYGWGPNnX64ZVSp9yHgErQknPBAfYZ9cOG1A==  - MONGO_ENCRYPTED=true  - ELASTIC_ADDRESSES=http://ad-elastic:9200  - DRY_RUN_ENABLE=true  - CRON_TAB_DURATION=*/5 * * * *  volumes:  - /etc/localtime:/etc/localtime:ro  - /root/acceldata/config/logsearch/gauntlet_elastic.yml:/gauntlet/config/config.yml  - /root/acceldata/logs/logsearch/:/gauntlet/logs/  ulimits: {}  ports: []  depends_on: []  opts: {}  restart: ""  extra_hosts: []  network_alias: []
Copy

c. Save the file.

Restart the Gauntlet service by running the following command:

Bash
    
 
accelo restart ad-gauntlet
Copy

Configuring Gauntlet for Multi-node and Multi-cluster Deployment

Perform the following:

To generate the Gauntlet config files, run the following command:

Bash
    
 
accelo admin database push-config -s -a
Copy

Change the directory to config/gauntlet/

Bash
    
 
cd $AcceloHome/config/gauntlet
Copy

Check if all the files are present or not for all the clusters or not:

Bash
    
[root@cdp5007:gauntlet (ad-default)]$ accelo admin database push-config -a -sIs the 'Database Service' up and running? [y/n]: : y​INFO: Working on cluster:  cl1Creating group monitors [========================================================================================================================================================================================================>----------------------------------------]  83.33%INFO: Pushing the hydra_hosts.yml to mongodbINFO: Pushing the LDAP configuration to the mongo DBDone [=====================================================================================>---------------------------------------------------------------------------------------------------------------------------------------------------------------------------]  33.33% 0sPush completed successfully!​INFO: Working on cluster:  cl2Creating group monitors [========================================================================================================================================================================================================>----------------------------------------]  83.33%INFO: Pushing the hydra_hosts.yml to mongodbINFO: Pushing the LDAP configuration to the mongo DBDone [=====================================================================================>---------------------------------------------------------------------------------------------------------------------------------------------------------------------------]  33.33% 0sPush completed successfully![root@cdp5007:gauntlet (ad-default)]$ ls -altotal 28drwxr-xr-x.  2 root root  130 Nov 24 09:58 .drwxr--r--. 14 root root 4096 Nov 24 09:56 ..-rw-r--r--.  1 root root  866 Nov 24 09:56 gauntlet_elastic_cl1.yml-rw-r--r--.  1 root root  866 Nov 24 09:56 gauntlet_elastic_cl2.yml-rw-r--r--.  1 root root 6404 Nov 24 09:58 gauntlet_mongo_cl1.yml-rw-r--r--.  1 root root 6404 Nov 24 09:58 gauntlet_mongo_cl2.yml
Copy

Modify the gauntlet_elastic_<clustername>.yml file by running the file:

Bash
    
 
vi gauntlet_elastic_<clustername>.yml
Copy

Edit the elastic address in the file for multi-node setup.

Bash
    
 
INFO: Working on cluster:  cl1version: 1elastic_servers:  - version: v8    address: "http://<Elastic Server Hostname>:<Elastic Server Port>"    basic_auth: true    username: "pulse"    #EncryptedPassword    password: "pPBrVKaoB0QsmCJZNZyYAw=="    enable_tls: false    client_certificate_path: ""    client_key_path: ""    client_ca_cert: ""
Copy

Modify the Elastic address for both the clusters.
Push the configuration to the database:

Bash
    
 
accelo admin database push-config -a
Copy

Restart the Gauntlet service:

Bash
    
 
accelo restart ad-gauntlet
Copy

Updating MongoDB Clean Up and Compaction Frequency In Hours

By default, when dry run is disabled, MongoDB cleanup and compaction will occur once a day. To adjust the frequency, perform the following:

Run the following command:

Bash
    
 
accelo config retention
Copy

Answer the following prompts, if you are unsure about the number of days you wish to retain, then proceed with the default values.

Bash
    
 
✔ How many days of data would you like to retain at Mongo DB ?: 15✔ How many days of data would you like to retain at Mongo DB for HDFS reports ?: 15✔ How many days of data would you like to retain at TSDB ?: 31
Copy

When presented with the following prompt, indicate the hours of the day when you want MongoDB cleanup and compaction to occur. The value must be a comma-separated list of hours in accordance with the 24-hour time notation.

Bash
    
✔ How often should Mongo DB clean up & compaction run, provide a comma separated string of hours (valid values are [0,23] (Ex. 8,12,15,18)?: 0,6,12,18
Copy

Execute the following command, and when Gauntlet runs the next time, MongoDB cleanup and compaction will be scheduled to run at the specified hours, once per hour:

Bash
    
 
accelo admin database push-config
Copy

Configure and Deploy FSAnlytics in the Second Pulse Server

To configure and deploy FSAnalytics in the second Pulse server, perform the following:

Create the acceldata directory by running the following command:

Bash
    
 
cd /data01/mkdir -p acceldata
Copy

Place the accelo.linux binary in the /data01/acceldata directory:

Bash
    
 
cp </path/to/accelo/binary> /data01/acceldata
Copy

Rename the accelo.linux binary to accelo

Bash
    
 
mv /data01/acceldata/accelo.linux accelochmod +x /data01/acceldata/accelo
Copy

Change the directory.

Bash
    
 
cd /data01/acceldata/accelo
Copy

Run the following command to run accelo init.

Bash
    
 
./accelo init
Copy

Provide appropriate answers when prompted.
Source the ad.sh file

Bash
    
 
source /etc/profile.d/ad.sh
Copy

To enter the Pulse version, run the init command:

Bash
    
 
./accelo init
Copy

OUTPUT

Bash
    
 
[root@nifihost1:~ (ad-default)]$ accelo initEnter the AccelData ImageTag: : 3.3.3✓ Done, AccelData Init Successful.
Copy

Note Provide the correct Pulse version number, in this case it is 3.3.3.

Run accelo info to get the initial information.

Bash
    
 
accelo info
Copy

OUTPUT

Bash
    
 
[root@nifihost1:~ (ad-default)]$ accelo infoWARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DB​​    ___   ____________________    ____  ___  _________   /   | / ____/ ____/ ____/ /   / __ \/   |/_  __/   |  / /| |/ /   / /   / __/ / /   / / / / /| | / / / /| | / ___ / /___/ /___/ /___/ /___/ /_/ / ___ |/ / / ___ |/_/  |_\____/\____/_____/_____/_____/_/  |_/_/ /_/  |_|​Accelo CLI Version:  3.3.3Accelo CLI Build Hash:  8ba4727f11e5b3f3902547585a37611b6ec74e7cAccelo CLI Build ID:  1700746329Accelo CLI Builder ID:  ZEdjMmxrYUdGdWRGOWhZMk5sYkdSaEVLCg==Accelo CLI Git Branch Hash:  TXdLaTlCVDFBdE56STNvPQo=AcceloHome:  /data01/acceldataAcceloStack:  ad-defaultAccelData Registry:  191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldataAccelData ImageTag:  3.3.3Active Cluster Name:  NotFoundAcceloConfig Mongo DB Retention days:  15AcceloConfig Mongo DB HDFS Reports Retention days:  15AccelConfig TSDB Retention days:  31dNumber of AccelData stacks found in this node:  0
Copy

Get the Pulse Master hostname and generate the Mongo URL by editing the below code:

Bash
    
 
mongodb://accel:<MONGO_PASSWORD>@<PULSE_MASTER_HOST>:27017
Copy

Encrypt the above string by running the following command and provide the string when prompted:

Bash
    
 
accelo admin encrypt
Copy

Edit the ad.sh for enabling the Pulse Standalone deployment. Add the following information, to the ad.sh.

Bash
    
 
vi /etc/profile.d/ad.sh
Copy

Replace the MONGO_URI with the encrypted string obtained from step 10.

Bash
    
 
#!/bin/shexport PULSE_SA_NODE='true'export AcceloHome='/data01/acceldata'export AcceloStack='ad-default'export PATH=${PATH}:${AcceloHome}export MONGO_URI=export MONGO_ENCRYPTED=trueexport PS1='[\u@\h:\W (ad-default)]$ '
Copy

Source the file.

Bash
    
 
source /etc/profile.d/ad.sh
Copy

Now set the cluster.

Bash
    
 
accelo set
Copy

Copy the fsanalytics directory from the Pulse Master Server present in the below location:

Bash
    
 
$AcceloHome/work/<clustername>/fsanalytics
Copy

Add the following to the below directory in the second cluster:

Bash
    
 
$AcceloHome/work/<clustername>/fsanalytics
Copy

Note Create the directory if not present.

Copy the /krb/security directory from the Pulse Master Server present in the below location:

Bash
    
 
$AcceloHome/work/<clustername>/krb/security
Copy

Add the following to the below directory in the second cluster:

Bash
    
 
$AcceloHome/work/<clustername>/krb/security
Copy

Note Create the directory if not present.

Generate the ad-fsanalyticsv2-connector.yml.

Bash
    
 
accelo admin makeconfig ad-fsanalyticsv2-connector
Copy

OUTPUT

Bash
    
 
[root@pulsecdp02:acceldata (ad-default)]$ accelo admin makeconfig ad-fsanalyticsv2-connectorWARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DB✓ Done, Configuration file generatedIMPORTANT: Please edit/verify the file '/data01/acceldata/config/docker/addons/ad-fsanalyticsv2-connector.yml'.If the addon is already up and running, use './accelo deploy addons' to remove and recreate the addon service.
Copy

Edit the file.

Bash
    
 
vi /data01/acceldata/config/docker/addons/ad-fsanalyticsv2-connector.yml
Copy

Update the following environment variables to the ad-fs-elastic:

MONGO_URI (Acceldata team will provide the right URI)
MONGO_ENCRYPTED=false
ES_HOST=<host_running_ES>
ES_PORT=19013

Bash
    
 
version: "2"services:  ad-fsanalyticsv2-connector:    image: ad-fsanalyticsv2-connector    container_name: ""    environment:    - FSANALYTICS_TREE_VISIT_LEVEL2_PARALLELISM=32    - MONGO_SECRET=Ah+MqxeIjflxE8u+/wcqWA==    - MONGO_URI=ZN4v8cuUTXYvdnDJIDp+R8Z+ZsVXXjv8zDOvh8UwQXqyScAm+LrS8Y9EWT8A8/30    - JAAS_LOGIN_CONF_LOCATION=/krb/security/krb5JAASLogin.conf    - FSANALYTICS_RUN_MODE=raw    - KRB5_CONFIG=/krb/security/krb5.conf    - FSANALYTICS_IMAGE_PARSING_PARALLELISM=32    - AD_STREAMING=DEFAULT    - KRB5_CONF_LOCATION=/krb/security/krb5.conf    - JAVA_OPTS=-XX:+UseG1GC -XX:+UseStringDeduplication    - ES_HOST=ad-fs-elastic    - ES_PORT=9200    - FSANALYTICS_ENABLE_OFFHEAP_MAP=true    - FSANALYTICS_IMAGE_PARSING_BATCHSIZE=400000    - FSANALYTICS_TREE_VISIT_LEVEL3_PARALLELISM=64    - MONGO_ENCRYPTED=true    - FSANALYTICS_TREE_VISIT_LEVEL1_PARALLELISM=8    - KERBEROS_ENABLED=true    volumes:    - /etc/localtime:/etc/localtime:ro    - /etc/hosts:/etc/hosts:ro    - /data01/acceldata/data/fsanalytics:/etc/fsanalytics    - /data01/acceldata/config/krb/security:/krb/security    - /data01/acceldata/work:/opt/docker/work    ulimits: {}    ports:    - 19027:19027    depends_on: []    opts: {}    restart: ""    extra_hosts: []    network_alias: []label: FS Analytics V2
Copy

Append below hostname entry in /etc/hosts and check if the /etc/hosts file is mounted under volume section in above created file (<ACCELO_HOME>/config/docker/addons/ad-fsanalyticsv2-connector.yml)
1. <PULSE_CORE_HOST> ad-streaming
Run the deploy add-ons command and select FSAnalytics and FSElastic.

Bash
    
 
accelo deploy addons
Copy

OUTPUT

Bash
    
[root@pulsecdp02:acceldata (ad-default)]$ accelo deploy addonsWARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DBINFO: Active Cluster:  cdp1? Select the SA components you would like to install:  FS Elastic, FS Analytics V2Enter the NameNode URI: : https://cdpss02.acceldata.dvl:8090Starting the deployment ..Deploying ad-fsanalyticsv2-connector service [=============================================================================================================>--------------------------------------------------------------------------------------------------------------]  50.00%WARN: Files/Dir not found :  /data01/acceldata/data/fs-elasticCompleted [============================================================================================================================================================================================================================================================] 100.00% 1s✓ Done, Addons deployment completed.​[root@pulsecdp02:~ (ad-default)]$ docker ps | grep cdp18cbd4cb3f25c   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-fsanalyticsv2-connector:3.3.3-beta   "/opt/docker/bin/ad-…"   2 hours ago   Up 2 hours   0.0.0.0:19027->19027/tcp, :::19027->19027/tcp                                              ad-fsanalyticsv2-connector_cdp1_default
Copy

Since the FSAnalyticsV2 Connector has a port exposed to the outside, you will need to modify the port bound to the host. To do this, open the ad-fsanalyticsv2-connector.yml file.

Bash
    
 
vi $AcceloHome/config/docker/addons/ad-fsanalyticsv2-connector.yml
Copy

Update the port section of the file.

Bash
    
 
version: "2"services:  ad-fsanalyticsv2-connector:    image: ad-fsanalyticsv2-connector    container_name: ""    environment:    - FSANALYTICS_TREE_VISIT_LEVEL2_PARALLELISM=32    - MONGO_SECRET=Ah+MqxeIjflxE8u+/wcqWA==    - MONGO_URI=ZN4v8cuUTXYvdnDJIDp+R8Z+ZsVXXjv8zDOvh8UwQXqyScAm+LrS8Y9EWT8A8/30    - JAAS_LOGIN_CONF_LOCATION=/krb/security/krb5JAASLogin.conf    - FSANALYTICS_RUN_MODE=raw    - KRB5_CONFIG=/krb/security/krb5.conf    - FSANALYTICS_IMAGE_PARSING_PARALLELISM=32    - AD_STREAMING=DEFAULT    - KRB5_CONF_LOCATION=/krb/security/krb5.conf    - JAVA_OPTS=-XX:+UseG1GC -XX:+UseStringDeduplication    - ES_HOST=ad-fs-elastic    - ES_PORT=9200    - FSANALYTICS_ENABLE_OFFHEAP_MAP=true    - FSANALYTICS_IMAGE_PARSING_BATCHSIZE=400000    - FSANALYTICS_TREE_VISIT_LEVEL3_PARALLELISM=64    - MONGO_ENCRYPTED=true    - FSANALYTICS_TREE_VISIT_LEVEL1_PARALLELISM=8    - KERBEROS_ENABLED=true    volumes:    - /etc/localtime:/etc/localtime:ro    - /etc/hosts:/etc/hosts:ro    - /data01/acceldata/data/fsanalytics:/etc/fsanalytics    - /data01/acceldata/config/krb/security:/krb/security    - /data01/acceldata/work:/opt/docker/work    ulimits: {}    ports:    - 19029:19027    depends_on: []    opts: {}    restart: ""    extra_hosts: []    network_alias: []label: FS Analytics V2
Copy

Save the file.
Set the cluster to the second cluster.

Bash
    
 
accelo set
Copy

Run the deploy add-ons command and select FSAnalyticsV2 Connector add-on.

Bash
    
 
accelo deploy addons
Copy

OUTPUT

Bash
    
[root@pulsecdp02:fsanalytics (ad-default)]$ accelo deploy addonsWARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DBINFO: Active Cluster:  cdp2? Select the SA components you would like to install:  FS Elastic, FS Analytics V2Starting the deployment ..Completed [============================================================================================================================================================================================================================================================] 100.00% 0s✓ Done, Addons deployment completed.​15b78f10be66   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-fsanalyticsv2-connector:3.3.3-beta   "/opt/docker/bin/ad-…"   2 hours ago   Up 2 hours   0.0.0.0:19029->19027/tcp, :::19029->19027/tcp                                              ad-fsanalyticsv2-connector_cdp2_default
Copy

Check if the two connectors are running or not.

Bash
    
 
docker ps
Copy

OUTPUT

Bash
    
[root@pulsecdp02:fsanalytics (ad-default)]$ docker psCONTAINER ID   IMAGE                                                                                          COMMAND                  CREATED         STATUS         PORTS                                                                                      NAMES15b78f10be66   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-fsanalyticsv2-connector:3.3.3-beta   "/opt/docker/bin/ad-…"   2 seconds ago   Up 1 second    0.0.0.0:19029->19027/tcp, :::19029->19027/tcp                                              ad-fsanalyticsv2-connector_cdp2_default8cbd4cb3f25c   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-fsanalyticsv2-connector:3.3.3-beta   "/opt/docker/bin/ad-…"   4 minutes ago   Up 4 minutes   0.0.0.0:19027->19027/tcp, :::19027->19027/tcp                                              ad-fsanalyticsv2-connector_cdp1_defaultb141fd86e4b3   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-elastic:3.3.3-beta                   "/bin/tini -- /usr/l…"   4 minutes ago   Up 4 minutes   0.0.0.0:19038->9200/tcp, :::19038->9200/tcp, 0.0.0.0:19039->9300/tcp, :::19039->9300/tcp   ad-fs-elastic_default
Copy

Check if both the containers are bound to 19027 and 19029 ports respectively.

Bash
    
 
docker ps | grep -i ad-fsanalyticsv2-connector
Copy

For running fsa load, do set the following:

Bash
    
 
accelo admin fsa load
Copy

Set the cluster to the second cluster.

Bash
    
 
accelo set
Copy

Load the second cluster using the following fsa command:

Bash
    
 
accelo admin fsa load
Copy

Enabling (TLS) HTTPS for Pulse Web UI Configuration Using ad-proxy

Deployment and Configuration

For deployment and configuration, perform the following:

Copy the cert.crt, cert.key and ca.crt (optional) files to $AcceloHome/config/proxy/certs location.
Check if the ad-core.yml file is present or not.

Bash
    
 
ls -al $AcceloHome/config/docker/ad-core.yml
Copy

If the ad-core.yml file is not present, then generate the ad-core.yml file.

Bash
    
 
accelo admin makeconfig ad-core
Copy

OUTPUT

Bash
    
[root@hostname:addons (ad-default)]$ accelo admin makeconfig ad-coreWARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DB✓ Done, Configuration file generatedIMPORTANT: Please edit/verify the file '/data01/acceldata/config/docker/ad-core.yml'.If the stack is already up and running, use './accelo admin recreate' to recreate the whole environment with the new configuration.
Copy

Modify the ad-core.yml file by performing the following:

a. Open the ad-core.yml file

Bash
    
 
vi $AcceloHome/config/docker/ad-core.yml
Copy

b. Remove the ports: field in the ad-graphql section of ad-core.yml

Bash
    
 
ports:  - 4000:4000
Copy

c. The resulted ad-graphql section must appear as shown below:

Bash
    
 
ad-graphql:    image: ad-graphql    container_name: ""    environment:    - MONGO_URI=ZN4v8cuUTXYvdnDJIDp+R8Z+ZsVXXjv8zDOvh8UwQXosC8vfVkGYGWGPNnX64ZVSp9yHgErQknPBAfYZ9cOG1A==    - MONGO_ENCRYPTED=true    - MONGO_SECRET=Ah+MqxeIjflxE8u+/wcqWA==    - UI_PORT=4000    - LDAP_HOST=ad-ldap    - LDAP_PORT=19020    - SSL_ENFORCED=false    - SSL_ENABLED=false    - SSL_KEYDIR=/etc/acceldata/ssl/    - SSL_KEYFILE=ssl.key    - SSL_CERTDIR=/etc/acceldata/ssl/    - SSL_CERTFILE=ssl.crt    - SSL_PASSPHRASE=""    - DS_HOST=ad-query-estimation    - DS_PORT=8181    - 'FEATURE_FLAGS={ "ui_regex": { "regex": "ip-([^.]+)", "index": 1 }, "rename_nav_labels":{},      "timezone": "", "experimental": true, "themes": false, "hive_const":{ "HIVE_QUERY_COST_ENABLED":      false, "HIVE_MEMORY_GBHOUR_COST": 0, "HIVE_VCORE_HOUR_COST": 0 }, "spark_const":      { "SPARK_QUERY_COST_ENABLED": false, "SPARK_MEMORY_GBHOUR_COST": 0, "SPARK_VCORE_HOUR_COST":      0 }, "queryRecommendations": false, "hostIsTrialORLocalhost": false, "data_temp_string":      "" }'    volumes:    - /etc/localtime:/etc/localtime:ro    - /etc/hosts:/etc/hosts:ro    - /data01/acceldata/work/license:/etc/acceldata/license:ro    ulimits: {}    depends_on:    - ad-db    opts: {}    restart: ""    extra_hosts: []    network_alias: []
Copy

d. Save the file.

Restart the ad-graphql container:

Bash
    
 
accelo restart ad-graphql
Copy

Ensure that the port is not exposed to the host.

Bash
    
 
docker ps
Copy

OUTPUT

Bash
    
ea4eb6fd540f   191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata/ad-graphql:3.2.1  "docker-entrypoint.s…"   9 minutes ago       Up 9 minutes   4000/tcp    ad-graphql_default
Copy

Check if there any errors in the ad-graphql container.

Bash
    
 
docker logs -f ad-graphql_default
Copy

To deploy the ad-proxy add-ons, run the following command and then select Proxy from the list and press enter.

Bash
    
 
accelo deploy addons
Copy

OUTPUT

Bash
    
 
[x]  Notifications  [x]  Oozie Connector> [x]  Proxy  [ ]  QUERY ROUTER DB  [ ]  SHARD SERVER DB  [ ]  StandAlone Connector
Copy

Check if any errors are there in the ad-proxy container.

Bash
    
 
docker logs -f ad-proxy_default
Copy

You can now access the Pulse UI using https://<pulse-server-hostname>.The default port used is 443.

Configuration

If you wish to modify the SSL port to a different value, perform the following:

Check if ad-proxy.yml file is present or not

Bash
    
 
ls -altrh $AcceloHome/config/docker/addons/ad-proxy.yml
Copy

Generate the ad-proxy.yml file if its not present.

Bash
    
 
accelo admin makeconfig ad-proxy
Copy

OUTPUT

Bash
    
 
[root@hostname:addons (ad-default)]$ accelo admin makeconfig ad-proxyWARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DB✓ Done, Configuration file generatedIMPORTANT: Please edit/verify the file '/data01/acceldata/config/docker/addons/ad-proxy.yml'.If the addon is already up and running, use './accelo deploy addons' to remove and recreate the addon service.
Copy

To modify the ad-proxy.yml file, perform the following:

a. Open the ad-proxy.yml file

Bash
    
 
vi $AcceloHome/config/docker/addons/ad-proxy.yml
Copy

b. Change the host port in the ports list to the desired port.

Bash
    
 
ports:  - <DESIRED_HOST_PORT>:443
Copy

The final file must appear as the following, if the host port is 6003:

Bash
    
 
version: "2"services:  ad-proxy:    image: ad-proxy    container_name: ""    environment: []    volumes:    - /etc/localtime:/etc/localtime:ro    - /data01/acceldata/config/proxy/traefik.toml:/etc/traefik/traefik.toml    - /data01/acceldata/config/proxy/config.toml:/etc/traefik/conf/config.toml    - /data01/acceldata/config/proxy/certs:/etc/acceldata    ulimits: {}    ports:    - 6003:443    depends_on: []    opts: {}    restart: ""    extra_hosts: []    network_alias: []label: Proxy
Copy

c. Save the file.

Restart the ad-proxy container

Bash
    
 
accelo restart ad-proxy
Copy

Ensure that there aren’t any errors:

Bash
    
 
docker logs -f ad-proxy_default
Copy

You can now access the Pulse UI using https://<pulse-server-hostname>:6003.

Setup LDAP for the Pulse User Interface

To setup LDAP for the Pulse user interface, perform the following:

Check if the ldap.conf is present or not.

Bash
    
 
ls -al $AcceloHome/config/ldap/ldap.conf
Copy

Run the configure command to generate the default ldap.confif not present already:

Bash
    
 
accelo configure ldap
Copy

Expected output must appear as shown below:

Bash
    
 
There is no ldap config file availableGenerating a new ldap config filePlease edit '$AcceloHome/config/ldap/ldap.conf' and rerun this command
Copy

Edit the file in path $AcceloHome/config/ldap/ldap.conf.

Bash
    
 
vi $AcceloHome/config/ldap/ldap.conf
Copy

Configure the file with the below properties:
1. LDAP FQDN : FQDN where LDAP server is running
  - host = [FQDN]
2. If port 389 is being used then
  - insecureNoSSL = true
3. SSL root CA Certificate
  - rootCA = [CERTIFICATE_FILE_PATH]
4. bindDN : to be used for ldap search need to be member of admin group
5. bindPW : password for entering in database, can be removed later once ldapgets enabled
6. baseDN used for user search
  - Eg: (cn=users, cn=accounts, dc=accedata, dc=io)
7. Filter used for the user search
  - Eg: (objectClass=person)
8. baseDN used for group search
  - Eg: (cn= groups, cn=accounts, dc=acceldata, dc=io)
9. Group Search: Object class used for group search
  - Eg: (objectClass= posixgroup)

Run the following command to check if the user has search entry access and group access in the LDAP directory:

Bash
    
ldapsearch -x -h <hostname> -p 389 -D "uid=admins,cn=users,dc=acceldata,dc=io" -W -b "cn=accounts,dc=acceldata,dc=io" "(&(objectClass=person)(uid=admins))"
Copy

If the file has already been generated, it will prompt for LDAP credentials to verify connectivity and configurations, as outlined in the steps below.
Run the configure command:

Bash
    
 
accelo configure ldap
Copy

You are prompted to provide the LDAP user credentials:

Bash
    
 
Checking LDAP connectionEnter LDAP username: gsEnter LDAP password: *******
Copy

If the previous step was successful, then the following message is displayed:

Bash
    
 
performing ldap search ou=users,dc=acceldata,dc=io sub (&(objectClass=inetOrgPerson)(uid=gs))username "gs" mapped to entry cn=gs,ou=users,dc=acceldata,dc=io✗ Do you want to use this configuration: y
Copy

Press 'y' and click the Enter button.
Expected output must appear as shown below:

Bash
    
 
Ok, Updating login properties.✓ Done, You can now login using LDAP.
Copy

Push the ldap config by running the below code:

Bash
    
 
accelo admin database push-config -a
Copy

Run the deploy add-on command.

Bash
    
 
accelo deploy addons
Copy

Select the LDAP from the list shown and click the Enter button:

Bash
    
 
[ ]  Job Runner  [ ]  Kafka 0.10.2 Connector  [ ]  Kafka Connector> [x]  LDAP  [ ]  Log Reduce  [ ]  LogSearch  [ ]  Memsql Connector
Copy

Expected output must appear as below:

Bash
    
Starting the deployment ..Completed [==================================================================================================] 100.00% 0s✓ Done, Addons deployment completed.
Copy

Run the restart command.

Bash
    
 
accelo restart ad-graphql
Copy

Open Pulse on the web and create default roles.
Create an ops role with the necessary permissions, and any users who logs in via LDAP will be automatically assigned to this role.

Configure Alerts Notifications

To configure alerts notifications, perform the following:

To set the active cluster, run the following command:

Bash
    
 
accelo set
Copy

Configure the alerts notifications by running the following command:

Bash
    
 
accelo config alerts notifications
Copy

OUTPUT

Bash
    
 
[root@nifihost1:acceldata (ad-default)]$ accelo config alerts notificationsEnter the JODA Timezone value (Example: Asia/Jakarta): : Asia/Kolkata? Select the metric groups you would like to enable:  druid, nifi, ntpd, anomaly, chrony, customApp? Select the notifications you would like to enable:  emailINFO: Configuring Email Notifications:Enter Email DefaultToEmailIds (comma separated list): :Enter Email DefaultSnoozeIntervalInSecs: : 0Enter Email MaxEmailThreshold: : 1✓ Done, Alerts Notifications Configuration file generated✓ Done, Alerts Notifications pushed to Pulse DB
Copy

Set the cluster2 as the active cluster.

Bash
    
 
accelo set
Copy

Configure alerts for the second cluster as shown below:

Bash
    
 
[root@nifihost1:acceldata (ad-default)]$ accelo config alerts notificationsEnter the JODA Timezone value (Example: Asia/Jakarta): : Asia/Kolkata? Select the metric groups you would like to enable:  druid, nifi, ntpd, anomaly, chrony, customApp? Select the notifications you would like to enable:  emailINFO: Configuring Email Notifications:Enter Email DefaultToEmailIds (comma separated list): :Enter Email DefaultSnoozeIntervalInSecs: : 0Enter Email MaxEmailThreshold: : 1✓ Done, Alerts Notifications Configuration file generated✓ Done, Alerts Notifications pushed to Pulse DB
Copy

Set the cluster3 as the active cluster by running the following code:

Bash
    
 
accelo set
Copy

Configure the alerts for the third cluster as shown below:

Bash
    
 
[root@nifihost1:acceldata (ad-default)]$ accelo config alerts notificationsEnter the JODA Timezone value (Example: Asia/Jakarta): : Asia/Kolkata? Select the metric groups you would like to enable:  druid, nifi, ntpd, anomaly, chrony, customApp? Select the notifications you would like to enable:  emailINFO: Configuring Email Notifications:✔ Enter Email DefaultSnoozeIntervalInSecs: : 0█mEnter Email MaxEmailThreshold: : 11█✔ Enter Email MaxEmailThreshold: : 1█✓ Done, Alerts Notifications Configuration file generated✓ Done, Alerts Notifications pushed to Pulse DB
Copy

Restart the alerts notifications.

Bash
    
 
accelo restart ad-alerts
Copy

OUTPUT

Bash
    
[root@nifihost1:spark341 (ad-default)]$ accelo restart ad-alertsWARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DB✗ You're about to restart AccelData services. This will restart all or any specified the service. However, any persistent data will be left untouched.✔ You're about to restart AccelData services. This will restart all or any specified the service. However, any persistent data will be left untouched.✔ You're about to restart AccelData services. This will restart all or any specified the service. However, any persistent data will be left untouched.You're about to restart AccelData services. This will restart all or any specified the service. However, any persistent data will be left untouched. Please confirm your action [y/n]: : yCompleted [===============================================================================================================================] 100.00% 1sRestart ad-alerts completed  ✓
Copy

Last updated on

Was this page helpful?