HPE Ezmeral Data Fabric 6.1.x is In Maintenance and transitions to "End of Maintenance" in June 2024. Please see the latest documentation.

About MapR 6.1
This site contains the main documentation for Version 6.1 of the MapR Converged Data Platform, including installation, configuration, administration, and reference information.
6.1 Installation
This section contains information about installing and upgrading MapR software. It also contains information about how to migrate data and applications from an Apache Hadoop cluster to a MapR cluster.
6.1 MapR Data Platform
MapR Data Platform is the industry-leading data platform for AI and analytics that solves enterprise business needs.
6.1 Administration
This section describes how to manage the nodes and services that make up a cluster.
- Administering Users and Clusters
  Lists topics that help manage a MapR cluster.
- Administering Nodes
  Provides a synopsis of managing nodes in a cluster.
- Administering Volumes
  This section provide information about how to organize and manage data using volumes, a unique feature of MapR clusters.
- Administering Files and Directories
- Administering Tables
  Administration of the MapR Database is done primarily via the command line (maprcli) or with the Managed Control System (MCS). Regardless of whether the MapR Database table is used for binary files or JSON documents, the same types of commands are used with slightly different parameter options. MapR Database administration is associated with tables, columns and column families, and table regions.
- Administering Streams
- Administering MapR Gateways
  A MapR gateway mediates one-way communication between a source MapR cluster and a destination cluster. You can replicate MapR Database tables (binary and JSON) and MapR Event Store For Apache Kafka streams. MapR gateways also apply updates from JSON tables to their secondary indexes and propagate Change Data Capture (CDC) logs.
- Administering Services
  - Managing Services
    Synopsis on managing services.
  - Setting Up Central Configuration from the Command-Line
    Describes the concept of a central location where customized MapR configuration files for MapR services are stored.
  - Viewing CLDB Information
    Describes how to view CLDB information from the CLDB page, and provides an explanation of each field that the page displays.
  - Managing Drill
    Provides a short description on managing Drill services.
  - Managing the MapR NFS Service
    Provides an overview of managing the NFS service on a licensed cluster.
  - Managing MapR Data Platform POSIX Clients
    Provides a brief synopsis of MapR Data Platform POSIX clients.
  - Managing the MAST Gateway
  - Configuring NodeManager Restart
  - Managing Jobs and Applications
    - Job Scheduling
      - Hadoop 2.x Fair Scheduler
      - Hadoop 2.x Capacity Scheduler
        Capacity Scheduler Features
        Setting Up ResourceManager to Use CapacityScheduler
        Setting Up Queues
        Setting Up a Hierarchy of Queues
        Changing Queue Configuration
        Queue Access Control Lists
        Describes how to restrict access to queues using Access Control Lists (ACLs).
      - Label-based Scheduling
    - Submitting Jobs and Applications to the Cluster
    - Configuration Files for Jobs and Applications
      Lists the locations of the MapReduce configuration files.
    - YARN Container Resources
      Provides an overview of YARN.
- Monitoring the Cluster
  This section describes how to monitor the health and performance of a MapR cluster.
- Configuring Security
  Describes how to configure security and manage secure clusters.
- Managing Secure Clusters
  Provides procedures that will enable you to use MapR clusters securely.
- Administering the MapR Data Access Gateway
  The MapR Data Access Gateway is a service that acts as a proxy and gateway for translating requests between lightweight client applications and the MapR cluster. This section describes considerations when upgrading the service, how to modify configuration settings, and how to administer and manage the service.
- Planning for High Availability
- Administrator's Reference
  This section contains in-depth reference information for the administrator.
- Troubleshooting Cluster Administration
  Lists the common errors and their solutions.
- Best Practices for Backing Up MapR Information
  Lists the best practices and performance considerations to follow when backing up MapR information.
6.1 Development
This section contains information related to application development for Ezmeral ecosystem components and MapR Data Platform products, including the file system, Database (Key-Value and JSON), and Event Streams.
Other Docs
This section contains release-independent information, including: MapR Installer documentation, Ecosystem release notes, interoperability matrices, security vulnerabilities, and links to other MapR version documentation.
Glossary
Definitions for commonly used terms in MapR Converged Data Platform environments.

Queue Access Control Lists

Describes how to restrict access to queues using Access Control Lists (ACLs).

Queue Access Control List (ACL)s allow administrators to control who may take actions on particular queues. They are configured with the following properties:

yarn.scheduler.capacity.root.support.acl_submit_applications
yarn.scheduler.capacity.root.support.acl_administer_queue

You can set these properties for each queue. Currently, the only supported administrative action is killing an application. Anyone who has permission to administer a queue may also submit applications to it. These properties take values in a format such as user1,user2 group1,group2 or group1,group2. An action on a queue is permitted if its user or group is in the ACL of that queue, or in the ACL of any of that queue's ancestors. So if queue2 is inside queue1, and user1 is in queue1's ACL, and user2 is in queue2's ACL, then both users may submit to queue2.

The root queue's ACLs are "*" by default. Since ACL are passed down, by default, everyone may submit to, and kill applications from every queue. To restrict access, change the root queue's ACLs to something other than *.

By default, the yarn.admin.acl property in yarn-site.xml is also set to *, which means that any user can be the administrator. If queue ACLs are enabled, you also need to set the yarn.admin.acl property to the correct admin user for the YARN cluster. For example:

<property>
<name>yarn.admin.acl</name> > 
<value>mapr</value> > 
</property>

If you do not set this property correctly, users can kill YARN jobs even when they do not have access to the queues for those jobs.