CDP Deployment for Single KDC

This document provides a step by step process to deploy single Pulse instance for Cloudera clusters with single KDC.

Prerequisites

Keep the following information handy:

1. CM URL (https://<Alias/FQDN of the CM URL>:<CM Port>)
2. CM Username
3. CM Password
4. Spark History HDFS path & Spark3 History HDFS path
5. Kafka Version
6. Hbase Version
7. Hive Version
8. Hive Metastore DB Connection URL
9. hive metastore Database Name
10. hive metastore DB Username
11. hive metastore DB Password
12. Oozie DB Name
13. Oozie DB URL
14. Oozie DB Username
15. Oozie DB Password
16. Kerberos Keytab
17. krb5.conf file
18. Principal
19. Kerberos Username
20. cacerts/jssecacerts
21. YARN Scheduler Type
22. Kafka Interbroker protocol

Uninstallation

1. For uninstalling agents, you must follow the Cloudera Parcel Agent Uninstall doc.
2. You must also remove the Pulse JARS and the configuration for Hive and Tez.
3. Acceldata will then perform the following command for backup and uninstalling the existing Pulse.

a. Create a backup directory.

xxxxxxxxxx

mkdir -p /data01/backup

b. For backup, we can copy the whole config and work dir.

xxxxxxxxxx

cp -R $AcceloHome/config /data01/backup/

cp -R $AcceloHome/work /data01/backup/

c. Uninstall the existing Pulse setup by running the following command:

xxxxxxxxxx

accelo uninstall local

OUTPUT

[root@nifihost1:data01 (ad-default)]$ accelo uninstall local

✗ You're about to uninstall the local AccelData setup. This will also DELETE all persistent data from the current node. However, NONE of the remote no

✔ You're about to uninstall the local AccelData setup. This will also DELETE all persistent data from the current node. However, NONE of the remote no

✔ You're about to uninstall the local AccelData setup. This will also DELETE all persistent data from the current node. However, NONE of the remote no

You're about to uninstall the local AccelData setup. This will also DELETE all persistent data from the current node. However, NONE of the remote nodes will be affected. Please confirm your action [y/n]: : y

WARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DB

Uninstalling the AccelData components from local machine ...

d. Logout from the terminal session.

Download the Binaries and Docker Images and Load Them

1. Download the jars, hystaller, accelo binaries, and docker images from the download links provided by Acceldata.
2. Move the docker images and jars in the following directory:

xxxxxxxxxx

mkdir -p /data01/images

3. Copy the binaries and tar files in to the /data01/images folder.

xxxxxxxxxx

cp </path/to/binaries/tar> /data01/images

4. Change the directory.

xxxxxxxxxx

cd /data01/images

5. Extract the single tar file.

xxxxxxxxxx

tar xvf <name_of_tar_file>.tar

OUTPUT

xxxxxxxxxx

[root@nifihost1 images]# tar xvf pulse-333-beta.tar

./ad-alerts.tgz

./ad-connectors.tgz

./ad-dashplots.tgz

./ad-database.tgz

./ad-deployer.tgz

./ad-director.tgz

./ad-elastic.tgz

./ad-events.tgz

./ad-fsanalyticsv2-connector.tgz

./ad-gauntlet.tgz

./ad-graphql.tgz

./ad-hydra.tgz

./ad-impala-connector.tgz

./ad-kafka-0-10-2-connector.tgz

./ad-kafka-connector.tgz

./ad-ldap.tgz

./ad-logsearch-curator.tgz

./ad-logstash.tgz

./ad-notifications.tgz

./ad-oozie-connector.tgz

./ad-pg.tgz

./ad-pulsemon-ui.tgz

./ad-recom.tgz

./ad-sparkstats.tgz

./ad-sql-analyser.tgz

./ad-streaming.tgz

./ad-vminsert.tgz

./ad-vmselect.tgz

./ad-vmstorage.tgz

./accelo.linux

./admon

./hystaller

6. Load the Docker images by running the following command:

xxxxxxxxxx

ls -1 *.tgz | xargs --no-run-if-empty -L 1 docker load -i

7. Check if all the images are loaded into the server.

xxxxxxxxxx

docker images | grep 3.3.3

Config Cluster

1. Validate the all the hosts file.
2. Create the acceldata dir by running the following command:

xxxxxxxxxx

cd /data01/

mkdir -p acceldata

3. Copy the Spark hosts and Zookeeper hosts file in acceldata directory, by running the following command:

xxxxxxxxxx

cp </path/to/hosts_files> /data01/acceldata

4. Place the accelo binary in the /data01/acceldata directory.

xxxxxxxxxx

cp </path/to/accelo/binary> /data01/acceldata

5. Rename the accelo.linux binary to accelo.

xxxxxxxxxx

mv /data01/acceldata/accelo.linux accelo

chmod +x /data01/acceldata/accelo

6. Change the directory.

xxxxxxxxxx

cd /data01/acceldata/accelo

7. Run the following command to do accelo init :

xxxxxxxxxx

./accelo init

8. Enter the appropriate answers when prompted.
9. Source the ad.sh file.

xxxxxxxxxx

source /etc/profile.d/ad.sh

10. Run the init command to provide the Pulse version.

xxxxxxxxxx

accelo init

OUTPUT

xxxxxxxxxx

[root@nifihost1:~ (ad-default)]$ accelo init

Enter the AccelData ImageTag: : 3.3.3

✓ Done, AccelData Init Successful.

Provide the correct Pulse version, in this case it will be 3.3.3.

11. Now run accelo info command to get the initial info.

xxxxxxxxxx

accelo info

OUTPUT

xxxxxxxxxx

[root@nifihost1:~ (ad-default)]$ accelo info

WARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DB

    ___   ____________________    ____  ___  _________

   /   | / ____/ ____/ ____/ /   / __ \/   |/_  __/   |

  / /| |/ /   / /   / __/ / /   / / / / /| | / / / /| |

 / ___ / /___/ /___/ /___/ /___/ /_/ / ___ |/ / / ___ |

/_/  |_\____/\____/_____/_____/_____/_/  |_/_/ /_/  |_|

Accelo CLI Version:  3.3.3-beta

Accelo CLI Build Hash:  8ba4727f11e5b3f3902547585a37611b6ec74e7c

Accelo CLI Build ID:  1700746329

Accelo CLI Builder ID:  ZEdjMmxrYUdGdWRGOWhZMk5sYkdSaEVLCg==

Accelo CLI Git Branch Hash:  TXdLaTlCVDFBdE56STNvPQo=

AcceloHome:  /data01/acceldata

AcceloStack:  ad-default

AccelData Registry:  191579300362.dkr.ecr.us-east-1.amazonaws.com/acceldata

AccelData ImageTag:  3.3.3-beta

Active Cluster Name:  NotFound

AcceloConfig Mongo DB Retention days:  15

AcceloConfig Mongo DB HDFS Reports Retention days:  15

AccelConfig TSDB Retention days:  31d

Number of AccelData stacks found in this node:  0

12. Run the config cluster command to configure the cluster in Pulse.

xxxxxxxxxx

accelo config cluster

13. Provide appropriate answers when prompted.

[root@pulsecdp01:acceldata (ad-default)]$ accelo config cluster

INFO: Configuring the cluster ...

INFO: Using default API Version v10 for CM API

Is the 'Database Service' up and running? [y/n]: : n

WARN: Gauntlet is running in dry run mode. Disable this to delete indices from elastic and purge data from mongo DB

✔ Cloudera

Enter Your Cluster's Display Name: : cdp1

Enter Cloudera URL (with http/https): : https://cdpssl01.acceldata.dvl:7183

✔ Enter Cloudera Username: : admin█

IMPORTANT: This password will be securely encrypted and stored in this machine.

Enter Cloudera User Password: : *****

Enter the cluster name to use (MUST be all lowercase & unique): : cdp1

ERROR:  stat /data01/acceldata/.activecluster: no such file or directory

INFO: Creating Post dirs.

✔ Cluster1

INFO: Using lower case for CDP Service name API

INFO: Using lower case for CDP Service name API

INFO: Using lower case for CDP Service name API

INFO: Using lower case for CDP Service name API

INFO: Using lower case for CDP Service name API

INFO: Using lower case for CDP Service name API

INFO: Using lower case for CDP Service name API

INFO: Using lower case for CDP Service name API

INFO: Using lower case for CDP Service name API

INFO: Using lower case for CDP Service name API

Enter the installed Kafka version (ex: 0.10.2): : 0.11.0

: 0.11.0█

Enter the installed HBase service version (ex: 0.9.4): : 0.9.4

Enter the installed Hive service version (ex: 2.0.0): : 2.0.0

Enter the installed Hive service version (ex: 2.0.0): : 2.0.0

✓ Found Kerberos Realm:  ADSRE.COM

Enter the Spark History HDFS path: : /user/spark/applicationHistory

Oozie DB URL: : jdbc:postgresql://cdpssl01.acceldata.dvl:7432/oozie_oozie_server

✔ Oozie DB URL: : jdbc:postgresql://cdpssl01.acceldata.dvl:7432/oozie_oozie_server█

Enter the Oozie DB Username: : oozie_oozie_server

Enter the Oozie DB Password: : **********

Enter the Oozie DB JODA Timezone (Example: Asia/Kolkata): : Asia/Kolkata

✔ Enter the hive metastore Database Name : : hive█

✔ Hive Metastore PostgreSQL DB Connection URL: : jdbc:postgresql://cdpssl01.acceldata.dvl:7432/hive█

Enter the hive metastore DB Username : : hive

✔ Enter the hive metastore DB Password : : **********█

✔ Enter the hive metastore DB Password : : **********█

INFO: core-site.xml file has been updated

INFO: hdfs-site.xml file has been updated

---------------------------Discovered configurations----------------------------------------

✓ Cluster Type:  CDH

✓ CDH Version:  7.1.7

✓ Discovered Cluster Name:  cdp1

✓ Discovered Services:

  ✓ PULSEHYDRAAGENT

  ✓ SOLR

  ✓ SPARK_ON_YARN

  ✓ KAFKA

  ✓ LIVY

  ✓ HUE

  ✓ HIVE_ON_TEZ

  ✓ HBASE

  ✓ QUEUEMANAGER

  ✓ RANGER

  ✓ IMPALA

  ✓ ATLAS

  ✓ ZOOKEEPER

  ✓ OOZIE

  ✓ HIVE

  ✓ YARN

  ✓ HDFS

✓ Yarn RM URI:  https://cdpssl02.acceldata.dvl:8090,https://cdpssl03.acceldata.dvl:8090

✓ MapReduce Job History URI:  https://cdpssl02.acceldata.dvl:19890

✗ Yarn ATS is not enabled

✓ HDFS Namenode URI:  swebhdfs://nameservice1

✓ Hive Metastore URI:  thrift://cdpssl02.acceldata.dvl:9083

✗ Hive LLAP is not enabled

✓ Spark History Server URIs:  https://cdpssl02.acceldata.dvl:18488

✓ Impala URI:  http://cdpssl04.acceldata.dvl:25000,http://cdpssl05.acceldata.dvl:25000,http://cdpssl01.acceldata.dvl:25000

✓ Kafka Broker URI:  https://cdpssl04.acceldata.dvl:9093,https://cdpssl05.acceldata.dvl:9093,https://cdpssl03.acceldata.dvl:9093

✓ Zookeeper Server URI:  http://cdpssl01.acceldata.dvl:2181,http://cdpssl02.acceldata.dvl:2181,http://cdpssl03.acceldata.dvl:2181

Would you like to continue with the above configuration? [y/n]: : y

Is Kerberos enabled in this cluster? [y/n]: : y

✓ Found Kerberos Realm:  ADSRE.COM

Enter your Kerberos keytab username (Must have required HDFS permissions): : hdfs

INFO: min-reports is set to default value 10

INFO: Purging old config files

✓ acceldata.conf file generated successfully.

Setting up Kerberos Config

Setting up kerberos..

Enter the principal: : hdfs/cdpssl03.acceldata.dvl@ADSRE.COM

Enter full path to the Keytab file (eg: /root/hdfs.keytab): : /data01/security/kerberos_cluster1.keytab

Enter the krb5Conf file path: : /data01/security/krb5_cluster1.conf

WARN: /data01/acceldata/config/users/passwd already being generated

✓ Done, Kerberos setup completed.

INFO: Creating post config files

INFO: Writing the .dist files

INFO: Clustername : cdp1

INFO: Performing PreCheck of Files

Is HTTPS Enabled in the Cluster on UI Endpoint? [Y/N]: : Y

Enter the Java Keystore cacerts File Path: : /data01/security/cacerts

Enter the Java Keystore jsseCaCerts File Path: : /data01/security/cacerts

INFO: Setting the active cluster

WARN: Cannot find the pulse.yaml file, getting the values from acceldata.conf file

WARN[1090] cannot find the spark on yarn thriftserver service ports

WARN[1090] Atlas Server not installed

WARN[1090] Hive Server Interactive not installed

Creating hydra inventory

✔ Is the agent deployment Parcel Based? [Y/N] : : Y█

pulsecdp01.acceldata.dvl is the hostname of the Pulse Server, Is this correct? [Y/N]: : y

? Select the components you would like to install:  Impala, Metastore, Hdfs, HiveServer2, Zookeeper, Yarn, Hbase

Is Kerberos Enabled for Impala?: y

Enter the JMX Port for hive_metastore: : 8009

✔ Enter the JMX Port for zookeeper_server: : 9010█

Enter the Kafka Broker Port: : 9092

Do you want to enable Impala Agent: [Y/N]? : Y

Would you like to setup LogSearch? [y/n]: : y

? Select the logs for components that are installed/enabled in your target cluster:  kafka_server, yarn_timelinereader, impala_catalogd, yarn_timelineserver, hue_runcpserver, hive_server, oozie_jpa, ranger_audit, yarn_resourcemanager, hdfs_audit, oozie_error, hbase_regionserver, hue_error, impala_impalad, hdfs_datanode, yarn_nodemanager, mapred_historyserver, hbase_master, kafka_state_change, hdfs_namenode, kafka_server_gc, kafka_controller, kafka_err, yarn_application, kafka_log_cleaner, hive_server_interactive, oozie_audit, zookeeper, oozie_tomcat, hue_migrate, hue_access, syslog, oozie_ops, oozie_server

✓ Generated the vars.yml file successfully

INFO: /data01/acceldata/work/cdp1/fsanalytics/update_fsimage.sh - ✓ Done

INFO: /data01/acceldata/work/cdp1/fsanalytics/kinit_fsimage.sh - ✓ Done

INFO: /data01/acceldata/work/cdp1/fsanalytics/update_fsimage_csv.sh - ✓ Done

Configuring notifications

✓ Generated the notifications.yml file successfully

Configuring notifications

✓ Generated the actions notifications.yml file successfully

INFO: Please run 'accelo deploy core' to deploy APM core using this configuration.

Copy the License

Place the license file provided by Acceldata in the work directory.

xxxxxxxxxx

cp </path/to/license> /data01/acceldata/work

Deploy Core

Deploy the Pulse core components by running the following command:

OUTPUT

Configure SSL For Connectors and Streaming

If you have TLS/SSL enforced for any of the Hadoop components in the target cluster, you have to bind-mount the Java truststore files inside the containers for the following Pulse services.

1. ad-connectors
2. ad-sparkstats
3. ad-streaming
4. ad-kafka-connector
5. ad-kafka-0-10-2-connector
6. ad-fsanalyticsv2-connector

Only these services will establish connections to the corresponding Hadoop components of the cluster via the HTTPS URI.

Ensure that the permissions of these files are set to 0655 . i.e, read-able for all the users.

AD-CONNECTORS & AD-SPARKSTATS

1. Generate the ad-core-connectors configuration file if not present:

2. Edit the file in path <$AcceloHome>/config/docker/addons/ad-core-connectors.yml and add the following lines under the volumes section of both ad-connectors and ad-sparkstats service blocks.

3. If you only have the jssecacert file available and not the cacerts file, you can mount the jssecacerts file as the cacerts file inside the container, as demonstrated below:

AD-STREAMING

1. Generate the ad-core configuration file if not present:

2. Edit the file in path <$AcceloHome>/config/docker/ad-core.yml and add the following lines under the volumes section of ad-streaming service block.

3. If you only have the jssecacert file available and not the cacerts file, you can mount the jssecacerts file as the cacerts file inside the container, as demonstrated below:

AD-FSANALYTICSV2-CONNECTOR

1. Generate the ad-fsanalyticsv2-connector configuration file if not present:

2. Edit the file in path <$AcceloHome>/config/docker/addons/ad-fsanalyticsv2-connector.yml and add the following lines under the volumes section of ad-fsanalyticsv2-connector.

3. If you only have the jssecacert file available and not the cacerts file, you can mount the jssecacerts file as the cacerts file inside the container, as demonstrated below:

AD-KAFKA-CONNECTOR

1. Generate the ad-core-connectors configuration file if not present:

2. Edit the file in path <$AcceloHome>/config/docker/addons/ad-kafka-connector.yml and add the following lines under the volumes section of ad-kafka-connector.

3. If you only have the jssecacert file available and not the cacerts file, you can mount the jssecacerts file as the cacerts file inside the container, as demonstrated below:

AD-KAFKA-0-10-2-CONNECTOR

1. Generate the ad-core-connectors configuration file if not present:

2. Edit the file in path <$AcceloHome>/config/docker/addons/ad-kafka-0-10-2-connector.yml and add the following lines under the volumes section of ad-kafka-0-10-2-connector.

3. If you only have the jssecacert file available and not the cacerts file, you can mount the jssecacerts file as the cacerts file inside the container, as demonstrated below:

Deploy Addons

Run the following command to deploy the Pulse addons, and then select the components that are needed for Spark standalone:

OUTPUT

Configure Alerts Notifications

1. For setting the active cluster, run the following command:

2. Configure the alerts notifications.

OUTPUT

3. Set the cluster2 as the active cluster.

4. Configure the alerts for the second cluster.

5. Set the cluster3 as the active cluster.

6. Configure the alerts for the third cluster.

7. Restart the alerts notifications.

OUTPUT

Database Push Configuration

Run the following command to push config to db:

Configure Gauntlet

Updating the Gauntlet Crontab Duration

1. Check if the ad-core.yml file is present or not by running the following command:

2. If the above file is not present, then generate it by running the following command:

3. Edit the ad-core.yml file.

a. Open the file.

b. Update the CRON_TAB_DURATION env variable in the ad-gauntlet section.

This makes gauntlet run every two days at midnight.

c. The updated file will look something like this:

d. Save the file.

4. Restart gauntlet service by running the following command:

Updating the Gauntlet Dry Run Mode

1. Check if the ad-core.yml file is present or not by running the following command:

2. If the above file is not present, then generate it by running the following command:

3. Edit the ad-core.yml file.

a. Open the file.

b. Update the DRY_RUN_ENABLE env variable in the ad-gauntlet section.

This will make the gauntlet delete the older elastic indices and MongoDB data.

c. The updated file will look something like this:

d. Save the file.

4. Restart gauntlet service by running the following command:

Configuring Gauntlet for Multi Node and Multi Cluster Deployment

1. Run the following command to generate the gauntlet config files:

2. Change the dir to config/gauntlet/ .

3. Check if all the files are present or not for all the clusters or not.

4. Modify the gauntlet_elastic_<clustername>.yml file.

5. Edit the elastic address in the file for multi node setup.

6. Modify the elastic address for both clusters.
7. Push the config to database.

8. Restart the gauntlet service.

Updating MongoDB Cleanup and Compaction Frequency in Hours

By default, when dry run is disabled MongoDB cleanup and compaction will run once a day. To configure the frequency, follow the steps listed below:

1. Run the following command:

2. Answer the prompts. If you’re unsure about how many days you wish to retain, then proceed with the default values.

3. When the following prompt comes up, specify the hours of the day during which you would like MongoDB clean up and compaction to run. The value must be a CSV of hours as per the 24 hour time notation.

4. Run the following command. When gauntlet runs the next time, MongoDB clean up and compaction will run at the specified hours, once per hour.

Enabling (TLS) HTTPS for Pulse Web UI Configuration

For details about the configuration, see Enable Native SSL/TLS for Pulse Web UI.

Set Up LDAP for Pulse UI

For details about the configuration, see Set up LDAP for Pulse UI.