Designating a Storm Client Node
At this point in the configuration process there is no notion of a Storm client node (you won’t be able to select “client” via Ambari).
To specify a Storm client node, choose one of the following two approaches, described in the following subsections:
Dedicate or use an existing independent gateway node as a storm client
Use one of your existing storm nodes (such as nimbus, supervisors, or drpc) as a client. Choose this option if you prefer not to add a gateway node for Storm.
Dedicate or Use an Existing Gateway Node
To dedicate or use an existing gateway node (edge node):
Install the storm package on the node:
sudo yum install storm_<version>
For example, for HDP 2.4:
sudo yum install storm_2_4*
Create a file at
/etc/storm/conf/client_jaas.conf
, and add the following entry to it:StormClient { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true renewTicket=true serviceName="nimbus" };
Add the following settings to the
/etc/storm/conf/storm.yaml
configuration file:nimbus.seeds: <nimbus-host-array> nimbus.thrift.port: 6667 java.security.auth.login.config: "/etc/storm/conf/client_jaas.conf" storm.thrift.transport: "org.apache.storm.security.auth.kerberos.KerberosSaslTransportPlugin"
where
<nimbus-host-array>
is an array of hostnames running Nimbus. (The value should come from/etc/storm/conf/storm.yaml
.) For example:nimbus.seeds: ["c6401.ambari.apache.org", "c6402.ambari.apache.org"]
Use an Existing Storm Node
To use one of your existing Storm nodes (such as nimbus, supervisors, or drpc) as a Storm client node, complete the following steps for every user who requires Storm access (for example, to run Storm commands or deploy topologies):
Create a
.storm
directory in the user's home directory. For example, userjohn
should have a directory called/home/john/.storm/
.Add the following settings to the
/etc/storm/conf/storm.yaml
configuration file:nimbus.seeds: <nimbus-host-array> nimbus.thrift.port: 6667 java.security.auth.login.config: "/etc/storm/conf/client_jaas.conf" storm.thrift.transport: "org.apache.storm.security.auth.kerberos.KerberosSaslTransportPlugin"
where
<nimbus-host-array>
is an array of hostnames running Nimbus (the value should come from/etc/storm/conf/storm.yaml
). For example:nimbus.seeds: ["c6401.ambari.apache.org", "c6402.ambari.apache.org"]
As mentioned earlier, repeat these steps for every user who requires Storm access.
Running Storm Commands
After configuring the client/gateway node, run kinit
(with the principal's
keytab) before issuing Storm commands.