Page History

...

IMPORTANT: Some of the values specified in this article need to be substituted with your info, like IP addresses and hostnames. Such values are enclosed with brackers <like that>. Please make sure replace them with your info. 

Prerequisites:

• Centos 6

• In order to ease install make sure that your main interface is named eth0. If it is not, you need to adjust some Ambari services configuration accordingly (e.g. ElasticSearch)

• Single-node: At least 48 GB RAM, 8 cores and 400 GB HDD. Multi-node: At least 32 GB RAM, 4 cores and 200 GB HDD for smooth performance.

• (optional) Disable PackageKit if it is installed, if it is not, just ignore this point:

  Code Block
  sed -i 's/enabled=1/enabled=0/g' /etc/yum/pluginconf.d/refresh-packagekit.conf

...

• Disable IPv6, leaving it enabled may force service to bind to IPv6 addresses only and thus resulting in inability to connect to it (source link):

  Code Block
  sysctl -w net.ipv6.conf.all.disable_ipv6=1sysctl1 sysctl -w net.ipv6.conf.default.disable_ipv6=1echo1 echo -e "\n# Disable IPv6\nnet.ipv6.conf.all.disable_ipv6 = 1\nnet.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf

• Disable Transparent Hugepage. Add "transparent_hugepage=never" to the end of the kernel line in grub.conf and reboot. (Ambari demands it, do we need to comply?):

  Code Block
  transparent_hugepage=never

  After reboot check that changes were applied (make sure that word "never" is selected in square-brackets):

  Code Block
  # cat /sys/kernel/mm/transparent_hugepage/enabled always madvise [never]

Metron install pre-preparation

On all nodes Install pre-requisites for Ambari:

yum install epel-release -yyumy
yum update -yyumy
yum install git wget curl rpm scp tar unzip bzip2 wget createrepo reposync yum-utils ntp python-pip -y

...

pip install --upgrade pippippip
pip install --upgrade setuptools

...

echo 'export JAVA_HOME=$(readlink -f /usr/bin/java | sed "s_/jre/bin/java__")' > /etc/profile.d/java_18.shchmodsh
chmod +x /etc/profile.d/java_18.sh

...

wget http://apache.volia.net/maven/maven-3/3.3.9/binaries/apache-maven-3.3.9-bin.tar.gztargz
tar -zxf apache-maven-3.3.9-bin.tar.gz; 
mv apache-maven-3.3.9 /opt/export 
PATH=/opt/apache-maven-3.3.9/bin:$PATHecho$PATH
echo 'export PATH=/opt/apache-maven-3.3.9/bin:$PATH' > /etc/profile.d/maven.shchmodsh
chmod +x /etc/profile.d/maven.sh

...

yum install docker-io -yservicey
service docker start

Build Metron code:

yum install npm -y

Build Metron code:

On On main node clone Metron repository:

...

If you install Metron on single node (not multi-node as advised) you need to modify ElasticSearch config templates to use only configuration specified below. Config templates are located in incubator-metron/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/ELASTICSEARCH/2.3.3/package/templates/

cluster.name: metronnetworkmetron
network.host: ["_eth0:ipv4_","_local:ipv4_"]
discovery.zen.ping.unicast.hosts: [ <single_node_hostname> ]
path.data: /opt/lmm/es_dataindexdata
index.number_of_replicas: 0

Fix Kibana install file (it shoild should be fixed in METRON-641:

sed -i 's@{}/kibana@{0}/kibana@g' incubator-metron/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/KIBANA/4.5.1/package/scripts/kibana_master.py

Build Metron with HDP 2.5 profile:

cd incubator-metronmvnmetron
mvn clean install -DskipTests -PHDP-2.5.0.0cd0
cd metron-deployment/packaging/docker/rpm-dockermvndocker
mvn clean install -DskipTests -PHDP-2.5.0.0

On all nodes create localrepo directory and copy RPMs from Ambari node there:

mkdir /localrepocplocalrepo
cp -rp /root/incubator-metron/metron-deployment/packaging/docker/rpm-docker/RPMS/noarch/* /localrepo/

...

scp /localrepo/* <replace_with_node_ip>:/localrepo/

On If passwordless ssh has not yet been set up within the cluster, then in main node generate key and add it to trusted:

cat /dev/zero | ssh-keygen -q -N "" 2>/dev/null

Add this key to all the slave nodes:

sshnullssh-copy-id -i ~/.ssh/id_rsa.pub <replace_with_master_node_ip>chmod 700 ~/.ssh

Add this key to all the slave nodes:

ip>

ssh-copy-id -i ~/.ssh/id_rsa.pub <replace_with_node_ip>

Ambari 2.4 with HDP 2.5 install

Inspired by: http://docs.hortonworks.com/HDPDocuments/Ambari-2.4.1.0/bk_ambari-installation/content/ch_Getting_Ready.html

On all nodes disable security:

...

Adjust limits to secure level (inspired by link):

ulimit -n 

...

32768
ulimit -u 65536
echo -e "* - nofile 32768\n* - nproc 65536" >> /etc/security/limits.conf

Enable time sync, disable firewall and SElinux:

chkconfig ntpd on
service ntpd start
chkconfig iptables off
/etc/init.d/iptables stop
setenforce 0

Make sure each node can resolve every other node's hostname or add hostname of each node to /etc/hosts on every node. For example add following lines in /etc/hosts of each node:

...

On main node download and setup Ambari repo :(you may replace the "2.4.1.0" with a newer Ambari version number):

wget -nv http://public-repo-1.hortonworks.com/ambari/centos6/2.x/updates/2.4.13.0/ambari.repo -O /etc/yum.repos.d/ambari.repo

...

# yum repolist | grep HDPambari
HDPUpdates-ambari-2.4.5                  HDP1.0 ambari-2.54.1.0 - Updates

Install and setup Ambari server:

yum install ambari-server -y
ambari-server                                        200
HDP-UTILS-1.1.0.21       HDP-UTILS-1.1.0.21                                   51

Install and setup Ambari server:

yum install ambari-server -yambari-server setup -s

setup -s

Add Metron service to Ambari by running Add Metron service to Ambari by running mpack command (make sure to specify correct path to mpack in --mpack=):

...

ambari-server start

And go to Ambari UI, Access the Ambari UI by going to the following URL in a web browser (use admin / admin as user / pass):

http://<replace_with_master_node_ip>:8080/#/installer/step0

...

Customize Services: Following are the list of service that need to be configured:configured:

Set rest of the configuration values to recommended by Ambari or the one you desire (like DB passwords) and perform install.

After install configuration

Fix ElasticSearch permission (it will crash right after start in Ambari) (unless it is already fixed as reported in METRON-642):

...

"es.ip": "{{ es_url }}",

to:

"es.ip": "<replace_with_elasticsearch_master_hostname>",

"es.port": "9300", 

chown -Rh elasticsearch:elasticsearch /etc/elasticsearch

As it will be owned by root by default and will drop error:

Fix path to ES log file in Java parameter 

Set rest of the configuration values to recommended by Ambari or the one you desire (like DB passwords) and perform install.

After install configuration

Fix ElasticSearch permission (it will crash right after start in Ambari) (unless it is already fixed as reported in METRON-642):

chown -Rh elasticsearch:elasticsearch /etc/elasticsearch

As it will be owned by root by default and will drop error:

Fix path to ES log file in Java parameter (unless it is already fixed as reported in METRON-642)::

sed -i 's@elasticsearchelasticsearch@elasticsearch/elasticsearch@g' /etc/sysconfig/elasticsearch

It is ok if some service will not able to start, check the errors and start them all manually.

...

::

sed -i 's@elasticsearchelasticsearch@elasticsearch/elasticsearch@g' /etc/sysconfig/elasticsearch

It is ok if some service will not able to start, check the errors and start them all manually.

TROUBLESHOOTING

Ignore the error Storm UI shown on the screenshot below if you've built your Metron code with HDP-2.5.0.0 profile (in Maven):

Image Added

It appears because your Kafka Topic was not created or contains no data. Setup streaming and make sure your Kafka topic (from which topology should read data) exists.

If you have GUI installed on your server you should run following, before running git clone command:

...

cd /usr/lib/python2.6/site-packages/resource_monitoring/
python psutil/build.py

And re-try.

...

yum install java-1.8.0-openjdk java-1.8.0-openjdk-devel -y

 echo -e "elasticsearch - memlock unlimited\nstorm - nproc 257597" >> /etc/security/limits.conf