Configure RMI JMX for Hadoop Services in Pulse
You can configure RMI JMX in Pulse to collect real-time metrics from Hadoop services.
This configuration enables secure communication and supports basic authentication or SSL. Pulse can then gather JMX data from services such as Hive, Kafka, Ranger, Zeppelin, and Zookeeper.
Before You Begin
- Passwords must be encrypted: Use the
accelo admin encryptcommand to encrypt passwords for all JMX configurations. - Follow the correct steps based on the authentication method: If the JMX RMI port is protected with Basic Authentication or SSL, use the specific configuration steps provided below.
Configure JMX with Basic Authentication
- Create an override file if it does not exist.
touch $AcceloHome/work/<clusterName>/override.yml- Open the
override.ymlfile
vi $AcceloHome/work/<clusterName>/override.yml- Update the following configurations if they are not already present for the specific service.
Hive Metastore
jmx: hive_metastore_auth: "true" hive_metastore_username: "<HIVE METASTORE USERNAME>" hive_metastore_password: "<HIVE METASTORE PASSWORD>" hive_metastore_port: "<HIVE METASTORE JMX PORT>"Hive Server
jmx: hive_server_auth: "true" hive_server_username: "<HIVE SERVER USERNAME>" hive_server_password: "<HIVE SERVER PASSWORD>" hive_server_port: "<HIVE SERVER JMX PORT>"Kafka
jmx: kafka_broker_auth: "true" kafka_broker_username: "<KAFKA BROKER USERNAME>"" kafka_broker_password: "<KAFKA BROKER PASSWORD>"" kafka_broker_port: "<KAFKA BROKER JMX PORT>"Zeppelin
jmx: zeppelin_master_auth: "true" zeppelin_master_username: "<ZEPPELIN MASTER USERNAME>"" zeppelin_master_password: "<ZEPPELIN MASTER PASSWORD>" zeppelin_master_port: "<ZEPPELIN MASTER JMX PORT>"Zookeeper
jmx: zookeeper_server_auth: "true" zookeeper_server_username: "<ZOOKEEPER SERVER USERNAME>"" zookeeper_server_password: "<ZOOKEEPER SERVER PASSWORD>"" zookeeper_server_port: "<ZOOKEEPER SERVER PORT>"Kafka Mirror Maker
jmx: kafka_mirror_maker_port: "<KAFKA MIRROR MAKER PORT>" kafka_mirror_maker_auth: "true" kafka_mirror_maker_username: "<KAFKA MIRROR MAKER USERNAME>" kafka_mirror_maker_password: "<KAFKA MIRROR MAKER PASSWORD>"Ranger Admin
jmx: ranger_admin_port: "33333" ranger_admin_auth: "false" ranger_admin_ssl: "false" ranger_admin_username: "<RANGER ADMIN USERNAME>" ranger_admin_password: "<RANGER ADMIN PASSWORD ENCRYPTED>"Ranger User Sync
jmx: ranger_usersync_port: "33334" ranger_usersync_auth: "true" ranger_usersync_ssl: "false" ranger_usersync_username: "<RANGER USERSYNC USERNAME>" ranger_usersync_password: "<RANGER USERSYNC PASSWORD ENCRYPTED>"Ranger Tag sync
jmx: ranger_tagsync_port: "33335" ranger_tagsync_auth: "true" ranger_tagsync_ssl: "false" ranger_tagsync_username: "<RANGER TAG SYNC USERNAME>" ranger_tagsync_password: "<RANGER TAG SYNC PASSWORD ENCRYPTED>"Ranger KMS
jmx: ranger_kms_server_port: "33336" ranger_kms_server_auth: "true" ranger_kms_server_ssl: "false" ranger_kms_server_username: "<RANGER KMS USERNAME>" ranger_kms_server_password: "<RANGER KMS PASSWORD ENCRYPTED>"- Save the file.
- Run the reconfigure cluster command.
accelo reconfig clusterConfigure JMX with SSL
Use the same truststore for all services that expose JMX RMI ports.
If the JMX RMI port has SSL enabled, follow these steps to collect JMX data through the RMI port.
- Create an override file if it does not exist.
x
- Open the override file.
vi $AcceloHome/work/<clusterName>/override.yml- Update the following configurations if they are not already present for the specific service.
Updated the common configuration for all the services.
jmx: pulsejmx_use_ssl: true pulsejmx_ssl_truststore: </PATH/TO/SERVICE/TRUSTORE/FILE> pulsejmx_ssl_truststore_password: <SERVICE TRUSTSTORE PASSWORD>Hive Metastore
jmx: hive_metastore_ssl: "true"Hive Server
jmx: hive_server_ssl: "true"Zeppelin
jmx: zeppelin_master_ssl: "true"Zookeeper
jmx: zookeeper_server_ssl: "true"Kafka Mirror Maker
jmx: kafka_mirror_master_ssl: "true"Kafka
jmx: kafka_broker_ssl: "true"Ranger Admin
jmx: ranger_admin_ssl: "true"Ranger Tagsync
jmx: ranger_tagsync_ssl: "true"Ranger Usersync
jmx: ranger_tagsync_ssl: "true"Ranger KMS
jmx: ranger_kms_server_ssl: "true"- Save the file.
- Run the reconfig cluster command.
accelo reconfig clusterWas this page helpful?