Remote mirroring between two secured MapR cluster
AIM
To setup remote mirroring between two secured MapR cluster.
(In the example given below both source and destination cluster has single
node.)
In source Cluster:
Cluster name:
ajames
Securing the source
cluster
/opt/mapr/server/configure.sh -C <source_cluster> -Z <source_cluster>
-N ajames -secure -genkeys
Check the cluster conf
to verify cluster is secured
[root@c51-4 ~]# cat
/opt/mapr/conf/mapr-clusters.conf
ajames secure=true <source_cluster>:7222
Change the permission
of ‘ssl_keystore’ to 600
chmod 600 ssl_keystore
Start the zookeeper
and warden services
service mapr-zookeeper start
service mapr-warden start
Login as mapr user
su mapr
Generate the
maprlogin password
maprlogin password
maprcli node list -columns svc
[mapr@c51-4 conf]$ maprcli node list
-columns svc
service hostname ip
webserver,cldb,fileserver,hoststats c51-4 <source_cluster>
In destination Cluster:
Cluster name:
ajames2
Securing the destination
cluster
/opt/mapr/server/configure.sh -C <destination_cluster>
-Z <destination_cluster> -N ajames2 -secure -genkeys
Check the cluster conf
to verify cluster is secured
[root@c51-4 ~]# cat
/opt/mapr/conf/mapr-clusters.conf
ajames2 secure=true <destination_cluster>:7222
Change the permission
of ‘ssl_keystore’ to 600
chmod 600 ssl_keystore
Start the zookeeper
and warden services
service mapr-zookeeper start
service mapr-warden start
Login as mapr user
su mapr
Generate the
maprlogin password
maprlogin password
[mapr@c51-5 root]$ maprcli node list -columns svc
service hostname ip
webserver,cldb,fileserver,hoststats c51-5
<destination_cluster>
In source cluster:
Merging ssl_truststore
Copy the ssl_truststore from source cluster to ‘/tmp’ of
destination cluster.
scp /opt/mapr/conf/ssl_truststore root@<destination_cluster>:/tmp/
In destination cluster
As ‘root’ user
cd /tmp
chown mapr:mapr ssl_truststore
As ‘mapr’ user
/opt/mapr/server/manageSSLKeys.sh merge /tmp/ssl_truststore
/opt/mapr/conf/ssl_truststore
cd /opt/mapr/conf
Add ‘ajames
secure=true <source_cluster>:7222’ (details of source cluster) in
vim mapr-clusters.conf
cat mapr-clusters.conf
ajames2 secure=true <destination_cluster>:7222
ajames secure=true <source_cluster>:7222
Restart the ‘webserver’
maprcli node services -action restart -name webserver -nodes
<destination_cluster>
In the source cluster
cd /opt/mapr/conf
Add ‘ajames2
secure=true <destination_cluster>:7222’ (details of source cluster) in
vim mapr-clusters.conf
cat mapr-clusters.conf
ajames secure=true <source_cluster>:7222
ajames2 secure=true <destination_cluster>:7222
Restart the ‘webserver’
maprcli node services -action restart -name webserver -nodes
<source_cluster>
In source cluster:
Create the ‘crosscluster’
ticket
maprcli security getmaprclusterticket -clusterusername mapr
-inmaprserverticketfile /opt/mapr/conf/maprserverticket -ticketfile
/opt/mapr/conf/maprclusterticket
In destination cluster:
Copy and append the
ticket to the destination cluster in maprserverticket
maprlogin password -cluster ajames
Check whether both
clusters are accessible from the destination cluster
hadoop fs -ls /mapr/ajames
[mapr@c51-5 root]$ hadoop fs -ls
/mapr/ajames
Found 8 items
drwxr-xr-x - mapr mapr 0 2016-07-25 19:28 /mapr/ajames/apps
drwxr-xr-x - mapr mapr 0 2016-07-25 19:27 /mapr/ajames/hbase
drwxr-xr-x - mapr mapr 0 2016-07-25 19:29 /mapr/ajames/opt
drwxrwxrwx - mapr mapr 0 2016-07-25 19:27 /mapr/ajames/tmp
drwxr-xr-x - mapr mapr 0 2016-07-25 19:29 /mapr/ajames/user
drwxr-xr-x - mapr mapr 1 2016-07-25 19:28 /mapr/ajames/var
hadoop fs -ls /mapr/ajames2
[mapr@c51-5 root]$ hadoop fs -ls
/mapr/ajames2
Found 9 items
drwxr-xr-x - mapr mapr 0 2016-07-25 21:09 /mapr/ajames2/apps
drwxr-xr-x - mapr mapr 0 2016-07-25 21:09
/mapr/ajames2/hbase
drwxr-xr-x - mapr mapr 0 2016-07-25 21:11 /mapr/ajames2/opt
drwxrwxrwx - mapr mapr 0 2016-07-25 21:09 /mapr/ajames2/tmp
drwxr-xr-x - mapr mapr 0 2016-07-25 21:11 /mapr/ajames2/user
drwxr-xr-x - mapr mapr 1 2016-07-25 21:10 /mapr/ajames2/var
In source cluster:
Create a volume at
source cluster ‘test1’
Create a file in the volume
hadoop fs -touchz /test/abc.txt
In destination cluster:
From destination
cluster create the remote mirror from CLI
Example: maprcli volume create -name testmirror -path /testmirror
-type mirror -source test@ajames -quota 50G -advisoryquota 40G -schedule 3
-mirrorschedule 3 -topology /data
Login to MCS and start mirroring to test the same.