Adding a Host to the Cluster
Minimum Required Role: Full Administrator
You can add one or more hosts to your cluster using the Add Hosts wizard, which installs the Oracle JDK, CDH, and Cloudera Manager Agent software. After the software is installed and the Cloudera Manager Agent is started, the Agent connects to the Cloudera Manager Server and you can use the Cloudera Manager Admin Console to manage and monitor CDH on the new host.
The Add Hosts wizard does not create roles on the new host; once you have successfully added the host(s) you can either add roles, one service at a time, or apply a host template, which can define role configurations for multiple roles.
Use one of the following methods to add a new host:
Using the Add Hosts Wizard to Add Hosts
You can use the Add Hosts wizard to install CDH, Impala, and the Cloudera Manager Agent on a host.
Disable TLS Encryption or Authentication
- From the Administration tab, select Settings.
- Select the Security category.
- Disable all levels of TLS that are currently enabled by clearing the following options: Use TLS Encryption for Agents, and Use TLS Authentication of Agents to Server.
- Click Save Changes to save the settings.
- Log in to the Cloudera Manager Server host.
- Restart the Cloudera Manager Server with the following command:
sudo service cloudera-scm-server restart
The changes take effect after the restart.
Alternate Method of installing Cloudera Manager Agent without Disabling TLS
- Copy the repository configuration file from an existing host in the cluster to the new host. For example:
OS Command RHEL $ sudo scp mynode.example.com:/etc/yum.repos.d/cloudera-manager.repo /etc/yum.repos.d/cloudera-manager.repo
SLES $ sudo scp mynode.example.com:/etc/zypp/zypper.conf/cloudera-cm.repo /etc/zypp/zypper.conf/cloudera-cm.repo
Ubuntu or Debian $ sudo scp mynode.example.com:/etc/apt/sources.list.d/cloudera.list /etc/apt/sources.list.d/cloudera.list
- Remove cached package lists and other transient data by running the following command:
OS Command RHEL $ sudo yum clean all
SLES $ sudo zypper clean --all
Ubuntu or Debian $ sudo apt-get clean
- Install the Oracle JDK package from the Cloudera Manager repository. Install the same version as is used on other cluster hosts. Both JDK 1.7 and 1.8 are supported:
- JDK 1.7
OS Command RHEL $ sudo yum install oracle-j2sdk1.7
SLES $ sudo zypper install oracle-j2sdk1.7
Ubuntu or Debian $ sudo apt-get install oracle-j2sdk1.7
- JDK 1.8
JDK 1.8 is not available in Cloudera's public repositories. You must download it from Oracle and install the JDK manually. See Installing the Oracle JDK
- JDK 1.7
- Set up the TLS certificates using the same procedure that was used to set them up on other cluster hosts. See Configuring Cloudera Manager Clusters for TLS/SSL. If you have set up a custom truststore (For example, /usr/java/jdk1.7.0_67-cloudera/jre/lib/security/jssecacerts, copy that file from an existing host to the same location on the new host.
- Install the Cloudera Manager Agent:
OS Command RHEL $ sudo yum install cloudera-manager-agent
SLES $ sudo zypper install cloudera-manager-agent
Ubuntu or Debian $ sudo apt-get install cloudera-manager-agent
- Copy the Cloudera Manager Agent configuration file from an existing cluster host that is already configured for TLS to the same location on the new host. For example:
$ sudo scp mynode.example.com:/etc/cloudera-scm-agent/config.ini /etc/cloudera-scm-agent/config.ini
- Create and secure the file containing the password used to protect the private key of the Agent:
- Use a text editor to create a file called agentkey.pw that contains the password. Save the file in the /etc/cloudera-scm-agent directory.
- Change ownership of the file to root:
$ sudo chown root:root /etc/cloudera-scm-agent/agentkey.pw
- Change the permissions of the file:
$ sudo chmod 440 /etc/cloudera-scm-agent/agentkey.pw
- The password used in the echo command is the private key that was created when TLS was initially configured for the cluster (see Export the Private Key to a File).
- The path to the agentkey.pw should match the path specified by the client_keypw_file property in the Agent's config.ini file.
- Start the Agent on the new host:
$ sudo service cloudera-scm-agent start
- Log in to Cloudera Manager and go to page and verify that the new host is recognized by Cloudera Manager.
Using the Add Hosts Wizard
- Click the Hosts tab.
- Click the Add New Hosts button.
- Follow the instructions in the wizard to install the Oracle JDK and Cloudera Manager Agent packages and start the Agent.
- In the Specify hosts for your CDH Cluster installation page, you can search for new hosts to add under the New Hosts tab. However, if you have hosts that are already known to Cloudera Manager but have no roles assigned, (for example, a host that was previously in your cluster but was then removed) these will appear under the Currently Managed Hosts tab.
- You will have an opportunity to add (and start) role instances to your newly-added hosts using a host template.
- You can select an existing host template, or create a new one.
- To create a new host template, click the + Create... button. This will open the Create New Host Template pop-up. See Host Templates for details on how you select the role groups that define the roles that should run on a host. When you have created the template, it will appear in the list of host templates from which you can choose.
- Select the host template you want to use.
- By default Cloudera Manager will automatically start the roles specified in the host template on your newly added hosts. To prevent this, uncheck the option to start the newly-created roles.
- When the wizard is finished, you can verify the Agent is connecting properly with the Cloudera Manager Server by clicking the Hosts tab and checking the health status for the new host. If the Health Status is Good and the value for the Last Heartbeat is recent, then the Agent is connecting properly with the Cloudera Manager Server.
If you did not specify a host template during the Add Hosts wizard, then no roles will be present on your new hosts until you add them. You can do this by adding individual roles under the Instances tab for a specific service, or by using a host template. See Role Instances for information about adding roles for a specific service. See Host Templates to create a host template that specifies a set of roles (from different services) that should run on a host.
Enable TLS Encryption or Authentication
If you previously enabled TLS security on your cluster, you must re-enable the TLS options on the Administration page and also configure TLS on each new host after using the Add Hosts wizard. Otherwise, you can ignore this step. For instructions, see Configuring Cloudera Manager Clusters for TLS/SSL.
Enable TLS/SSL for CDH Components
If you have previously enabled TLS/SSL on your cluster, and you plan to start these roles on this new host, make sure you install a new host certificate to be configured from the same path and naming convention as the rest of your hosts. Since the new host and the roles configured on it are inheriting their configuration from the previous host, ensure that the keystore or truststore passwords and locations are the same on the new host. For instructions on configuring TLS/SSL, see Configuring TLS/SSL Encryption for CDH Services.
Enable Kerberos
- Install the packages required to kinit on the new host (see the list in Before you Begin Using the Wizard).
- If you have set up Cloudera Manager to manage krb5.conf, it will automatically deploy the file on the new host. Note that Cloudera Manager will deploy
krb5.conf only if you use the Kerberos wizard. If you have used the API, you will need to manually perform the commands that the wizard calls.
If Cloudera Manager does not manage krb5.conf, you must manually update the file at /etc/krb5.conf.
Adding a Host by Installing the Packages Using Your Own Method
- Install the Oracle JDK, CDH, and Cloudera Manager Agent packages using your own method. For instructions on installing these packages, see Installation Path B - Installation Using Cloudera Manager Parcels or Packages.
- After installation is complete, start the Cloudera Manager Agent. For instructions, see Starting, Stopping, and Restarting Cloudera Manager Agents.
- After the Agent is started, you can verify the Agent is connecting properly with the Cloudera Manager Server by clicking the Hosts tab and checking the health status for the new host. If the Health Status is Good and the value for the Last Heartbeat is recent, then the Agent is connecting properly with the Cloudera Manager Server.
- If you have enabled TLS security on your cluster, you must enable and configure TLS on each new host. Otherwise, ignore this step.
- Enable and configure TLS on each new host by specifying 1 for the use_tls property in the /etc/cloudera-scm-agent/config.ini configuration file.
- Configure the same level(s) of TLS security on the new hosts by following the instructions in Configuring Cloudera Manager Clusters for TLS/SSL.
-
If you have previously enabled TLS/SSL on your cluster, and you plan to start these roles on this new host, make sure you install a new host certificate to be configured from the same path and naming convention as the rest of your hosts. Since the new host and the roles configured on it are inheriting their configuration from the previous host, ensure that the keystore or truststore passwords and locations are the same on the new host. For instructions on configuring TLS/SSL, see Configuring TLS/SSL Encryption for CDH Services.
-
If you have previously enabled Kerberos on your cluster:
- Install the packages required to kinit on the new host (see the list in Before you Begin Using the Wizard).
- If you have set up Cloudera Manager to manage krb5.conf, it will automatically deploy the file on the new host. Note that Cloudera Manager will deploy
krb5.conf only if you use the Kerberos wizard. If you have used the API, you will need to manually perform the commands that the wizard calls.
If Cloudera Manager does not manage krb5.conf, you must manually update the file at /etc/krb5.conf.