Configure RMI JMX for Hadoop Services in Pulse
This page describes how to enable JMX with Basic Authentication and SSL in Pulse to collect metrics from Hadoop services through secured RMI ports.
Before You Begin
- Passwords must be encrypted: Use the
accelo admin encryptcommand to encrypt passwords for all JMX configurations. - Follow the correct steps based on the authentication method: If the JMX RMI port is protected with Basic Authentication or SSL, use the specific configuration steps provided below.
Configure JMX with Basic Authentication
This section describes how to enable JMX with basic authentication in Pulse to collect metrics from Hadoop services through secured RMI ports.
Create Override File
- Create the Override Configuration File (if it doesn't exist): Navigate to your cluster's directory and create an override.yml file if one isn't already present:
touch $AcceloHome_work_<clusterName>_override.yml- Configure the
override.ymlFile:
- Open the
override.ymlfile using a text editor:
vi $AcceloHome_work_<clusterName>_override.yml- Insert the following configurations for the respective services, if they're not already included:
For Hive Metastore
jmx: hive_metastore_auth: "true" hive_metastore_username: "<HIVE METASTORE USERNAME>" hive_metastore_password: "<HIVE METASTORE PASSWORD>" hive_metastore_port: "<HIVE METASTORE JMX PORT>"For Hive Server
jmx: hive_server_auth: "true" hive_server_username: "<HIVE SERVER USERNAME>" hive_server_password: "<HIVE SERVER PASSWORD>" hive_server_port: "<HIVE SERVER JMX PORT>"For Kafka
jmx: kafka_broker_auth: "true" kafka_broker_username: "<KAFKA BROKER USERNAME>"" kafka_broker_password: "<KAFKA BROKER PASSWORD>"" kafka_broker_port: "<KAFKA BROKER JMX PORT>"For Zeppelin
jmx: zeppelin_master_auth: "true" zeppelin_master_username: "<ZEPPELIN MASTER USERNAME>"" zeppelin_master_password: "<ZEPPELIN MASTER PASSWORD>" zeppelin_master_port: "<ZEPPELIN MASTER JMX PORT>"For Zookeeper
jmx: zookeeper_server_auth: "true" zookeeper_server_username: "<ZOOKEEPER SERVER USERNAME>"" zookeeper_server_password: "<ZOOKEEPER SERVER PASSWORD>"" zookeeper_server_port: "<ZOOKEEPER SERVER PORT>"For Kafka Mirror Maker
jmx: kafka_mirror_maker_port: "<KAFKA MIRROR MAKER PORT>" kafka_mirror_maker_auth: "true" kafka_mirror_maker_username: "<KAFKA MIRROR MAKER USERNAME>" kafka_mirror_maker_password: "<KAFKA MIRROR MAKER PASSWORD>"Ranger Admin
jmx: ranger_admin_port: "33333" ranger_admin_auth: "false" ranger_admin_ssl: "false" ranger_admin_username: "<RANGER ADMIN USERNAME>" ranger_admin_password: "<RANGER ADMIN PASSWORD ENCRYPTED>"Ranger User Sync
jmx: ranger_usersync_port: "33334" ranger_usersync_auth: "true" ranger_usersync_ssl: "false" ranger_usersync_username: "<RANGER USERSYNC USERNAME>" ranger_usersync_password: "<RANGER USERSYNC PASSWORD ENCRYPTED>"Ranger Tag sync
jmx: ranger_tagsync_port: "33335" ranger_tagsync_auth: "true" ranger_tagsync_ssl: "false" ranger_tagsync_username: "<RANGER TAG SYNC USERNAME>" ranger_tagsync_password: "<RANGER TAG SYNC PASSWORD ENCRYPTED>"Ranger KMS
jmx: ranger_kms_server_port: "33336" ranger_kms_server_auth: "true" ranger_kms_server_ssl: "false" ranger_kms_server_username: "<RANGER KMS USERNAME>" ranger_kms_server_password: "<RANGER KMS PASSWORD ENCRYPTED>"c. Save your changes to the override.yml file.
d. Apply the new configuration by running the following command:
accelo reconfig clusterConfiguring SSL for JMX RMI Port
This section describes how to enable JMX with SSL in Pulse to collect metrics from Hadoop services through secured RMI ports.
Create Override File
- Create the Override Configuration File: If the
override.ymlfile doesn't exist within your cluster's workspace, create it:
touch $AcceloHome_work_<clusterName>_override.yml- Configure the
override.ymlFile:
a. Open the override.yml file for editing:
vi $AcceloHome_work_<clusterName>_override.ymlb. Add the necessary SSL configuration for each specific service if not already present. Begin with the common configuration applicable to all services:
Common Configuration for All Services
jmx: pulsejmx_use_ssl: true pulsejmx_ssl_truststore: <_PATH_TO_SERVICE_TRUSTORE_FILE> pulsejmx_ssl_truststore_password: <SERVICE TRUSTSTORE PASSWORD>For Hive Metastore
jmx: hive_metastore_ssl: "true"For Hive Server
jmx: hive_server_ssl: "true"For Zeppelin
jmx: zeppelin_master_ssl: "true"#### For Zookeeper
jmx: zookeeper_server_ssl: "true"#### For Kafka Mirror Maker
jmx: kafka_mirror_master_ssl: "true"Kafka
jmx: kafka_broker_ssl: "true"Ranger Admin
jmx: ranger_admin_ssl: "true"Ranger Tagsync
jmx: ranger_tagsync_ssl: "true"Ranger Usersync
jmx: ranger_tagsync_ssl: "true"Ranger KMS
jmx: ranger_kms_server_ssl: "true"c. Save the changes to the override.yml file.
d. Apply the new SSL configurations by running:
accelo reconfig clusterWas this page helpful?
On This Page
Configure RMI JMX for Hadoop Services in PulseBefore You BeginConfigure JMX with Basic AuthenticationCreate Override FileFor Hive MetastoreFor Hive ServerFor KafkaFor ZeppelinFor ZookeeperFor Kafka Mirror MakerRanger AdminRanger User SyncRanger Tag syncRanger KMSConfiguring SSL for JMX RMI PortCreate Override FileCommon Configuration for All ServicesFor Hive ServerFor ZeppelinKafkaRanger AdminRanger TagsyncRanger UsersyncRanger KMS