To deploy your HDP instance, you need to prepare your deployment environment:
The clocks of all the nodes in your cluster must be able to synchronize with each other. If your system does not have access to the Internet, set up a master node as an NTP xserver. Use the following instructions to enable NTP for your cluster:
Configure NTP clients. Execute the following command on all nodes in your cluster:
For RHEL/CentOS/Oracle Linux:
yum install ntp
For SLES:
zypper install ntp
For Ubuntu and Debian:
apt-get install ntp
Enable the service. Execute the following command on all the nodes in your cluster.
For RHEL/CentOS/Oracle Linux:
chkconfig ntpd on
For SLES, Ubuntu, and Debian:
chkconfig ntp on
Start the NTP. Execute the following command on all the nodes in your cluster.
For RHEL/CentOS/Oracle Linux:
/etc/init.d/ntpd start
For SLES:
/etc/init.d/ntp start
For Ubuntu and Debian:
/etc/init.d/ntp start
If you want to use the existing NTP server in your environment, configure the firewall on the local NTP server to enable UDP input traffic on port 123 and replace 192.168.1.0/24 with the ip addresses in the cluster. For example on RHEL hosts you would use:
# iptables -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 123 -j ACCEPT
Then, restart iptables. Execute the following command on all the nodes in your cluster:
# service iptables restart
Finally, configure clients to use the local NTP server. Edit the /etc/ntp.conf and add the following line:
server $LOCAL_SERVER_IP OR HOSTNAME
All hosts in your system must be configured for DNS and Reverse DNS.
Note | |
---|---|
If you are unable to configure DNS and Reverse DNS, you must add the name of every server in your cluster to the hosts file on each server in the cluster. |
Use the following instructions to check DNS for all the servers in your cluster:
Perform forward lookup checking. For example, for the localdomain domain that contains a server with name host01 and the IP address 192.168.0.10, execute the following command:
nslookup host01
A message similar to the following example is returned:
Name: host01.localdomain Address: 192.168.0.10
Perform reverse lookup checking. For example, for the localdomain domain that contains a server with name host01 and the IP address 192.168.0.10, execute the following command:
nslookup 192.168.0.10
A message similar to the following example is returned:
10.0.168.192.in-addr.arpa name = host01.localdomain.
For all nodes of the cluster, add the "IP address-host name" key-value pair to the /etc/hosts file. For example:
192.168.0.11 host01
If you do not receive valid responses as shown in Steps 1 and 2, set up a DNS zone in your cluster or configure host files on each host of the cluster using one of the following options:
Option I: Edit the hosts file on each node of the cluster.
The following instructions use these example values:
domain name: “localdomain”
nameserver: “host01”/192.168.0.11
hosts: “host02”/192.168.0.12, “host02”/192.168.0.12
Option II: Configure DNS using BIND nameserver.
The following instructions use these example values:
domain name: “localdomain”
nameserver: “host01”/192.168.0.11
hosts: “host02”/192.168.0.12, “host02”/192.168.0.12
Install BIND packages:
yum install bind yum install bind-libs yum install bind-utils
Initiate service:
chkconfig named on
Configure files as shown below. The example values listed above are used in the following configurations. Replace these example values with values from your deployment environment.
Edit /etc/resolv.conf (for all nodes in cluster) and add the following lines:
domain localdomain search localdomain nameserver 192.168.0.11
Edit /etc/named.conf (for all nodes in cluster) and add the following lines:
listen-on port 53 { any; };//by default it is opened only for localhost ...zone "localdomain" { type master; notify no; allow-query { any; }; file "named-forw.zone"; }; zone "0.168.192.in-addr.arpa" { type master; notify no; allow-query { any; }; file "named-rev.zone"; };
Edit named-forw.zone as shown in the following sample forward zone configuration file:
$TTL 3D @ SOAhost01.localdomain.root.localdomain (201306030;3600;3600;3600;3600) NS host01 ; Nameserver Address localhost IN A 127.0.0.1 host01 IN A 192.168.0.11 host02 IN A 192.168.0.12 host03 IN A 192.168.0.13
Edit the named-rev.zone as shown in the following sample reverse zone configuration file:
$TTL 3D @ SOA host01.localdomain.root.localdomain. (201306031;28800;2H;4W;1D); NS host01.localdomain.; Nameserver Address 11 IN PTR host01.localdomain. 12 IN PTR host02.localdomain. 13 IN PTR host03.localdomain.
Restart the bind service.
/etc/init.d/named restart
Add rules to the firewall.
iptables -A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW --dport 53 -j ACCEPT service iptables save service iptables restart
Alternatively, you can also allow traffic over DNS port (53) using the system-config-firewall utility.
The Security-Enhanced (SE) Linux feature should be disabled during the installation process.
Check the state of SELinux. On all the host machines, execute the following command:
getenforce
If the command returns disabled or permissive as the response, no further actions are required. If the result is enabled, proceed to Step 2.
Disable SELinux either temporarily for each session or permanently.
Option I: Disable SELinux temporarily by executing the following command:
setenforce 0
Option II: Disable SELinux permanently in the /etc/sysconfig/selinux file by changing the value of SELINUX field to permissive or disabled. Restart your system.
Certain ports must be open and available during installation. The easiest way to do this is to temporarily disable iptables. If the security protocols at your installation do not allow you to disable iptables, you can proceed with them on, as long as all of the relevant ports are open and available. See "Configuring Ports" in the HDP Reference Guide for more information.
On all RHEL/CentOS host machines, execute the following commands to disable iptables:
chkconfig iptables off
service iptables stop
On Ubuntu and Debian host machines, execute the following command to disable iptables:
service ufw stop
Restart iptables after your setup is complete.
Important | |
---|---|
If you leave iptables enabled and do not set up the necessary ports, the cluster installation will fail. |