Page History

...

If the ssh localhost command prompts for a password, then passwordless ssh is not set up correctly. The following examples set up passwordless ssh using id_rsa keys. You can choose the method that best represents your environment.

If the ssh localhost command prompts for a passphrase, then you need to run an ssh-agent. (See below.)

If you already have an existing set of ssh keys

Simply copy both the id_rsa.pub and id_rsa to your ~/.ssh directory.c. Then, do the following to modify your ssh environment.

Code Block

language	bash
title	Example: Add ssh keys

cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/id_rsa
echo "NoHostAuthenticationForLocalhost=yes" >>~/.ssh/config
chmod go-w ~/.ssh/config
chmod 755 ~/.ssh; chmod 640 ~/.ssh/authorized_keys;

If you need to create your keys first

Do the following:

Code Block

language	bash
title	Example: Generate ssh Keys

rm -rf ~/.ssh
ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/id_rsa.pub
echo "NoHostAuthenticationForLocalhost=yes" >>~/.ssh/config
chmod go-w ~/.ssh/config
chmod 755 ~/.ssh; chmod 640 ~/.ssh/authorized_keys;

Start a ssh agent

An ssh agent remembers the passphrase. Do the following:

Code Block

language	bash
title	Example: Start ssh Agent

$ eval $(ssh-agent)
Agent pid 22167
$ ssh-agent
Enter passphrase for /home/centos/.ssh/id_rsa:
Identity added: /home/centos/.ssh/id_rsa (/home/centos/.ssh/id_rsa)
$ ssh localhost
Last login: Thu Jan 26 06:07:55 2017 from ::1
$ exit
$

System Limits

Please check that the system limits in your environment are appropriate for Apache Trafodion. If they are not, then you will need to increase the limits or Trafodion cannot start.

Use the following command to check your system limits:

Code Block

language	bash

ulimit -a

The recommended settings are as follows:

Code Block

language	bash
title	Recommended Limit Settings

core file size             (blocks, -c) 1000000
data seg size              (kbytes, -d) unlimited
scheduling priority        (-e) 0
file size                  (blocks, -f) unlimited
pending signals            (-i) 515196
max locked memory          (kbytes, -l) 49595556
max memory size            (kbytes, -m) unlimited
open files                 (-n) 32000
pipe size                  (512 bytes, -p) 8
POSIX message queues       (bytes, -q) 819200
real-time priority         (-r) 0
stack size                 (kbytes, -s) 10240
cpu time                   (seconds, -t) unlimited
max user processes         (-u) 267263
virtual memory             (kbytes, -v) unlimited
file locks                 (-x) unlimited

To change your limits settings, you typically edit /etc/security/limits.conf and reboot the server.

Code Block

language	bash
title	Example: /etc/security/limits.conf settings

# Changes added for the Trafodion Test Environment
*                -       core            1000000
*                -       nproc           267263
*                -       nofile          32000
*                -       sigpending      267263
*                -       memlock         267263
*                -       stack           10240

Tip

title	TIP

Some CentOS/RedHat versions define nproc limits in /etc/security/limits.d/90-nproc.conf, too. If so, you can simply delete this file before rebooting the server.

Verify Network Setup

Hadoop services typically require a functional resolution fully-qualified network domain name (FQDN) to function properly. The FQDN network configuration is located in /etc/hosts while name resolution is configured using /etc/resolv.conf.

Find FQDN

The hostname utility allows you to find the short name as well as the FQDN for your server.

Code Block

language	bash
title	Find FQDN

$ # Get current hostname
$ hostname
box01

$ # Get fully-qualified domain name for server
$ hostname --fqdn
box01.trafodion.org
$

Test FQDN

The ssh utility allows you to test whether the configured correctly.

Code Block

language	bash
title	Example: Failed FQDN Resolution

$ ssh box01.trafodion.org
# Command hangs, ctrl-c to break
$

Modify FQDN Resolution

Info

title	NOTE

Some of the steps in this subsection requires root access to change configurations and run utilities.

Name resolution is performed per the configuration in /etc/resolv.conf while /etc/hosts configures the FQDN.

Code Block

language	bash
title	Example: Incompatible /etc/resolve.conf <-> /etc/hosts settings

$ # Check FQDN resolution (fail example)
$ host -T
Host box01.trafodion.org not found: 5(REFUSED)
# Examine issue
$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.1.1
$ cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.0.2.15   box01.trafodion.org box01

In this example, the name server is in a different domain than box01.trafodion.org.

Code Block

language	bash
title	Example: Check Network Interface Configuration

$ # Check interface configuration
$ sudo ifconfig
eth3      Link encap:Ethernet  HWaddr 08:00:27:D0:B7:40
          inet6 addr: fe80::a00:27ff:fed0:b740/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1703 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3778 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:195684 (191.0 KiB)  TX bytes:1290492 (1.2 MiB)

eth4      Link encap:Ethernet  HWaddr 08:00:27:A5:29:28
          inet addr:192.168.1.12  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fea5:2928/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:282605 errors:0 dropped:0 overruns:0 frame:0
          TX packets:148931 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:290384816 (276.9 MiB)  TX bytes:18066069 (17.2 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:263 errors:0 dropped:0 overruns:0 frame:0
          TX packets:263 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:41810 (40.8 KiB)  TX bytes:41810 (40.8 KiB)

The server is running on an 192.168.1.x network. Therefore, this example shows an issue with the /etc/hosts configuration. Correct the setting as root editing the /etc/hosts. In this example, the eth4 address is 192.168.1.12 yielding the following result.

Code Block

language	bash
title	Example: Verify FQDN Resolution Changes

$ cat /etc/hosts
127.0.0.1    localhost localhost.localdomain localhost4 localhost4.localdomain4
::1          localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.12 box01.trafodion.org box01
$ ssh box01.trafodion.org
The authenticity of host 'box01.trafodion.org (192.168.1.12)' can't be established.
RSA key fingerprint is 88:f7:90:fe:35:76:10:92:cf:6d:c4:60:ca:b9:43:9f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'box01.trafodion.org,192.168.1.12' (RSA) to the list of known hosts.
Last login: Tue Jan 26 13:41:58 2016 from localhost
$ exit
$ ssh box01
The authenticity of host 'box01 (192.168.1.12)' can't be established.
RSA key fingerprint is 88:f7:90:fe:35:76:10:92:cf:6d:c4:60:ca:b9:43:9f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'box01' (RSA) to the list of known hosts.
Last login: Tue Jan 26 14:07:09 2016 from box01.trafodion.org
$ exit
$

Repeat for each server in your environment to ensure proper FQDN resolution before installing Hadoop.

Install Hadoop and Trafodion

...

Space shortcuts

Page tree

Versions Compared

Old Version 22

New Version 23

Key

If you already have an existing set of ssh keys

If you need to create your keys first

Start a ssh agent

System Limits

Verify Network Setup

Find FQDN

Test FQDN

Modify FQDN Resolution

Install Hadoop and Trafodion