Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configuring Ambari for Non-Root user #167

Open
wants to merge 11 commits into
base: master
Choose a base branch
from
Open

Configuring Ambari for Non-Root user #167

wants to merge 11 commits into from

Conversation

lhoss
Copy link
Contributor

@lhoss lhoss commented Aug 30, 2019
edited
Loading

Impl. for feature request #119
By default the server and agent are (still) run as root user.

To activate the new feature, and run both services under a new user ambari (deployment of the OS user is also done, incl. the extensive sudoers rules required), add following group vars

ambari_server_user: ambari
ambari_agent_user: ambari

I successfully tested with a deployment with following config (overrides vs the default all) on one 32GB AWS node :

ambari_version: '2.7.3.0'                                 # must be the 4-part full version number
hdp_version: '3.1.0.0'                                    # must be the 4-part full version number
hdf_version: '3.3.1.0'                                    # must be the 4-part full version number
hdp_build_number: 'auto'                                  # the HDP build number from docs.hortonworks.com (if set to 'auto', Ansible will try to get it from the repository)
hdf_build_number: 'auto'                                  # the HDF build number from docs.hortonworks.com (if set to 'auto', Ansible will try to get it from the repository)
hdpsearch_version: '4.0.0'                                # must be the full version number
hdpsearch_build_number: '400'                             # the HDP Search build number from docs.hortonworks.com (hardcoded to 100 for the moment)

java: 'openjdk'                                          # can be set to 'embedded', 'openjdk' or 'oraclejdk'

database: 'postgres'                                      # can be set to 'embedded', 'postgres', 'mysql' or 'mariadb'

#security: 'mit-kdc'                                       # can be set to 'none', 'mit-kdc' or 'active-directory'
security: none

#############################
## blueprint configuration ##
#############################

blueprint_name: '{{ cluster_name }}_blueprint'            # the name of the blueprint as it will be stored in Ambari
blueprint_file: 'blueprint_dynamic.j2'                    # the blueprint JSON file - 'blueprint_dynamic.j2' is a Jinja2 template that generates the required JSON

blueprint_dynamic_clients:
      - 'ZOOKEEPER_CLIENT'
      - 'HDFS_CLIENT'
      - 'YARN_CLIENT'
      - 'MAPREDUCE2_CLIENT'
      - 'TEZ_CLIENT'
      - 'PIG'
      - 'SQOOP'
      - 'HIVE_CLIENT'
      - 'OOZIE_CLIENT'
      - 'INFRA_SOLR_CLIENT'
      - 'SPARK2_CLIENT'
      - 'HBASE_CLIENT'
      - 'ATLAS_CLIENT'

blueprint_dynamic:                                        # properties for the dynamic blueprint - these are only used by the 'blueprint_dynamic.j2' template to generate the JSON
  - host_group: "hdp-master"
    clients: "{{ blueprint_dynamic_clients }}"
    services:
      - ZOOKEEPER_SERVER
      - NAMENODE
      - SECONDARY_NAMENODE
      - RESOURCEMANAGER
      - APP_TIMELINE_SERVER
      - YARN_REGISTRY_DNS
      - TIMELINE_READER
      - HBASE_MASTER
      - HIVE_SERVER
      - HIVE_METASTORE
      - OOZIE_SERVER
      - HISTORYSERVER
      - SPARK2_JOBHISTORYSERVER
      - RANGER_ADMIN
      - ATLAS_SERVER
      - KNOX_GATEWAY
      - ZEPPELIN_MASTER
      - AMBARI_SERVER
      - INFRA_SOLR
      - HST_SERVER
      - ACTIVITY_ANALYZER
      - ACTIVITY_EXPLORER
      - HST_AGENT
      - METRICS_COLLECTOR
      - METRICS_GRAFANA
      - METRICS_MONITOR
      - REGISTRY_SERVER
      - NIFI_REGISTRY_MASTER
      - RANGER_KMS_SERVER
      - RANGER_USERSYNC
  # - host_group: "hdp-slave"
  #   clients: "{{ blueprint_dynamic_clients }}"
  #   services:
      - DATANODE
      - NODEMANAGER
      - METRICS_MONITOR
      - HST_AGENT
      - HBASE_REGIONSERVER
      - NIFI_MASTER
      - KAFKA_BROKER
      # NEW test SOLR (this is not the same as INFRA_SOLR)
      - SOLR_SERVER

ps: Initial test with ambari_version: '2.7.4.0' failed , see bug #166

@lhoss lhoss mentioned this pull request Aug 30, 2019
Open
@lhoss
Copy link
Contributor Author

lhoss commented Sep 2, 2019
edited
Loading

@alexandruanghel this new feature is now done and tested.
Let me know if/where (in the README) we can document the 2 new variables

@lhoss lhoss mentioned this pull request Sep 2, 2019
Open
@lhoss
Copy link
Contributor Author

lhoss commented Oct 4, 2019

@alexandruanghel this new feature is now better tested (incl. many deployments at a customer), after I added some fixes

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@lhoss