...
Code Block |
---|
POST /api/v1/clusters/myExistingCluster/hosts ... [ Request Body is above Multiple Host Add Host Template ] ... 202 - Accepted { "href" : "http://c6401.ambari.apache.org:8080/api/v1/clusters/myExistingCluster/requests/1", "Requests" : { "id" : 1, "status" : "Pending" } } |
Blueprint Example : Provisioning Multi-Node HDP 2.3 Cluster to use KERBEROS
The blueprint below could be used to setup a cluster containing three host groups with KERBEROS security. Overriding default kerberos descriptor is not necessary however specifying a few Kerberos specific properties in kerberos-env and krb5-conf is a must to setup services to use Kerberos.
Code Block |
---|
{
"configurations" : [
{
"kerberos-env": {
"properties_attributes" : { },
"properties" : {
"realm" : "AMBARI.APACHE.ORG",
"kdc_type" : "mit-kdc",
"kdc_host" : "(kerberos_server_name)",
"admin_server_host" : "(kerberos_server_name)",
"encryption_types": "aes des3-cbc-sha1 rc4 des-cbc-md5",
"ldap_url" : "",
"container_dn" : ""
}
}
},
{
"krb5-conf": {
"properties_attributes" : { },
"properties" : {
"domains" : "AMBARI.APACHE.ORG",
"manage_krb5_conf" : "true"
}
}
}
],
"host_groups" : [
{
"name" : "host_group_1",
"configurations" : [ ],
"components" : [
{
"name" : "ZOOKEEPER_CLIENT"
},
{
"name" : "ZOOKEEPER_SERVER"
},
{
"name" : "NAMENODE"
},
{
"name" : "HDFS_CLIENT"
},
{
"name" : "DATANODE"
}
],
"cardinality" : "1"
},
{
"name" : "host_group_2",
"configurations" : [ ],
"components" : [
{
"name" : "ZOOKEEPER_SERVER"
},
{
"name" : "KERBEROS_CLIENT"
},
{
"name" : "SECONDARY_NAMENODE"
},
{
"name" : "DATANODE"
}
],
"cardinality" : "1"
},
{
"name" : "host_group_3",
"configurations" : [ ],
"components" : [
{
"name" : "ZOOKEEPER_CLIENT"
},
{
"name" : "ZOOKEEPER_SERVER"
},
{
"name" : "KERBEROS_CLIENT"
},
{
"name" : "HDFS_CLIENT"
},
{
"name" : "DATANODE"
}
],
"cardinality" : "1"
}
],
"Blueprints" : {
"stack_name" : "HDP",
"stack_version" : "2.3",
"security" : {
"type" : "KERBEROS"
}
}
}
|
The Cluster Creation Template below could be used to setup a cluster containing hosts with KERBEROS security using the Blueprint from above. Overriding default kerberos descriptor is not necessary however specifying kdc.admin credentials is a must.
Code Block |
---|
{
"blueprint": "kerberosBlueprint",
"default_password": "admin",
"host_groups": [
{
"hosts": [
{ "fqdn": "ambari-agent-1" }
],
"name": "host_group_1",
"configurations" : [ ]
},
{
"hosts": [
{ "fqdn": "ambari-agent-2" }
],
"name": "host_group_2",
"configurations" : [ ]
},
{
"hosts": [
{ "fqdn": "ambari-agent-3" }
],
"name": "host_group_3",
"configurations" : [ ]
}
],
"credentials" : [
{
"alias" : "kdc.admin.credential",
"principal" : "admin/admin",
"key" : "admin",
"type" : "TEMPORARY"
}
],
"security" : {
"type" : "KERBEROS"
},
"Clusters" : {"cluster_name":"kerberosCluster"}
}
|
Blueprint Support for High Availability Clusters
Support for deploying HA clusters for HDFS, Yarn, and HBase has been added in Ambari 2.0. Please see the following link for more information:
...