configure.sh
Describes the syntax and parameters of the configure.sh
script that
you run for a number of tasks including setting up MapR client nodes, and configuring services
for a node.
configure.sh
script must always be run as
root
.You run configure.sh
to set up a MapR cluster node, or to set up a
MapR client node for communication with one or more clusters. You
can also run configure.sh
to update the configuration of a node. For
example, you can use configure.sh
to change the services running on a node, or specify the user that runs MapR
services.
configure.sh
script is named
configure.bat
. The script requires the -c
parameter and
does not accept the -Z
parameter, but otherwise works similarly as on a
Linux client. Steps Performed by configure.sh
configure.sh
performs the following steps, each time you run it:-
Updates /opt/mapr/conf/mapr-clusters.conf with the cluster name. It creates or
modifies a line in
/opt/mapr/conf/mapr-clusters.conf
containing a cluster name followed by a list of CLDB nodes. New entries are added tomapr-clusters.conf
when the cluster name passed to the-N
parameter is different from the existing cluster name in that file. - Checks that the node has at least 4GB of RAM, and that the /tmp and /opt partitions each have at least 1 GB of free space. If these conditions are not met, the script asks for confirmation before continuing.
-
Disables standard NFS daemons. If the node has the
mapr-nfs
role, the script disables the standard Linux NFS daemon, since both NFS processes cannot run on the same node. -
Updates additional *.conf and *.xml files related to the cluster and the services
running on the node. For example,
yarn-site.xml
,warden.conf
, andcldb.conf
may be updated based on input toconfigure.sh
. -
On cluster nodes, it creates a group named shadow, adds the MapR user to this
group, and then enables members of the shadow group to view the
/etc/shadow file. Read access to the
/etc/shadow
file enables MapR users to authenticate with the MapR cluster. -
Starts newly installed services. Automatically starts new services, if Warden is
running at the time you run
configure.sh
. -
All changes to configuration options or system files are logged to
/opt/mapr/logs/configure.log. You can use the
-L
parameter to specify a different log file name.
When you include disk-setup options (-D
or -F
) on
nodes with the mapr-fileserver
role, the script performs the following
additional steps:
-
Runs disksetup to create the disktab file.
configure.sh
takes the values that you specify in the-disk-opts
option, and passes the value to disksetup. For example, if you include-disk-opts FW5
when you runconfigure.sh
,configure.sh
runsdisksteup -F -W5
. If disksetup fails,configure.sh
exits with an error. -
Starts Zookeeper and Warden. When the
configure.sh
script starts services, the messagestarting <servicename>
is echoed to the standard output to enable the user to see which services are starting. When Warden starts, the Warden and ZooKeeper services are added to theinittab
file as the first availableinittab
IDs, enabling these services to restart automatically on failure.You can specify the
-no-autostart
option to prevent the script from starting Zookeeper or Warden when you runconfigure.sh
with the-F
or-D
options.
Syntax
/opt/mapr/server/configure.sh
-C <cldb_list>
-Z <zookeeper_list>
-EZ <ext_zookeeper_list>
[<parameters>]
/opt/mapr/server/configure.sh
-C <cldb_list>
[ -M <cldb_mh_list ...> ]
-Z <zookeeper_list>
[<parameters>]
/opt/mapr/server/configure.sh
-c
[ -R ]
[<parameters>]
/opt/mapr/server/configure.sh
-R
[ -c ]
[<parameters>]
Options
-C
- Use the
-C
option for CLDB servers that only have a single IP address. This option takes a comma-separated list of the CLDB nodes that this machine uses to connect to the MapR cluster. The list is in the following format:hostname[:port_no][,hostname[:port_no]...]
-c
- Specifies client setup. The
-C
option is required, while the-Z
option is optional. See set up a MapR client node for communication with one or more clusters. -EZ
- The
-EZ
option is optional when configuring the cluster, and is not applicable when configuring a client. This option takes a comma-separated list of the external IP addresses of the ZooKeeper nodes in the cluster. The list is in the following format:hostname[:port_no][,hostname[:port_no] ...]
-M
- Use the
-M
option only for multihomed CLDB servers that have more than one IP address. This option takes a comma-separated list of the multihomed CLDB nodes that this machine uses to connect to the MapR cluster. The list is in the following format:hostname[:port_no][,[hostname[:port_no]...]]
-R
- After initial node configuration, specifies that
configure.sh
should use the previously configured ZooKeeper and CLDB nodes. The-C
and-Z
parameters are not required when you specify-R
. When-R
is specified, the CLDB credentials are read frommapr-clusters.conf
, while the ZooKeeper credentials are read fromwarden.conf
. Use the-R
option when you make changes to the services configured on a node without changing the CLDB and ZooKeeper nodes. Specify the--noRecalcMem
parameter to skip recalculating memory settings when refreshing roles.NOTE This parameter impacts the JMX parameters in/opt/mapr/conf/env_override.sh
in the following ways:- When you set
MAPR_JMXLOCALBINDING
totrue
, running/opt/mapr/server/configure.sh -R
setsMAPR_JMXAUTH
tofalse
, since JMX is only accessible from the local machine and does not require authentication. - When you set
MAPR_JMXLOCALBINDING
tofalse
but setMAPR_JMXLOCALHOST
totrue
, running/opt/mapr/server/configure.sh -R
setsMAPR_JMXAUTH
totrue
andMAPR_JMXSSL
tofalse
, since JMX is only accessible from the local network and does not require secure authentication. - When you set
MAPR_JMXLOCALBINDING
tofalse
but setMAPR_JMXREMOTEHOST
totrue
, running/opt/mapr/server/configure.sh -R
setsMAPR_JMXAUTH
totrue
andMAPR_JMXSSL
totrue
, since JMX is now accessible remotely and requires secure authentication.
- When you set
-Z
- The
-Z
option is required unless you specify the-c
(lowercase), or the-R
option. The-Z
option takes a comma-separated list of the ZooKeeper nodes in the cluster. The list is in the following format:hostname[:port_no][,hostname[:port_no]...]
Parameters
-certdomain
- Specifies a DNS domain for generated SSL wildcard certificates. This domain overrides the default DNS domain.
--create-user | -a
- Creates a local user to run MapR services, using the user
specified either with the
-u
parameter, or from the environment variable $MAPR_USER. -D
- Specifies a comma-delimited list of
disks to use with the MapR filesystem. With the
-D
option, you cannot specify partitions. By default, theconfigure.sh
script automatically starts cluster services, after the configuration finishes successfully. If you do not want cluster services to be restarted, include the-no-autostart
option along with the-D
option. -d
- The host and port of the MySQL database to use for storing MapR Metrics data.
-dare
- Enables on-disk encryption at the cluster-level. When run on the first CLDB
node with the
-genkeys
option, the utility generates the data-at-rest encryption master key file at/opt/mapr/conf/dare.master.key
. -defaultdb
- Sets the default database (HBase or MapR Database) to which
the HBase clients connect. If you do not explicitly configure this option, it defaults
to
hbase
(HBase) when you havemapr-hbase-regionserver
ormapr-hbase-master
installed on the node. Otherwise, it defaults tomaprdb
(MapR Database). You can also change the database setting usinghbase-site.xml
or the HBase client connection. For more information, see Configure the Default Database for HBase Clients. -disk-opts
- Denotes disksetup formatting options. Do not
include spaces or commas between the disksetup options. For example, you can specify
-disk-opts FW5
to format the disks (F), and configure five disks per storage pool (W5). -dp
- Specifies the password for logging into the MySQL database used for storing MapR Metrics data.
-ds
- Specifies the name of the database schema to use for the MySQL database used for storing MapR Metrics data. The default schema name is metrics.
-du
- Specifies the username for logging into the MySQL database used for storing MapR Metrics data.
-EC
- Specifies a host or hosts that contain the Hive Metastore. Use this parameter and the
‑hiveMetastoreHost
argument to configure an ecosystem component, such as Drill, to communicate with the Hive Metastore. Use the following format to specify a list of hosts:hostname[:port_no][,hostname[:port_no]...]
See the
-EC
parameter example later on this page. If you do not specify a host port number, Drill uses the default Hive Metastore port number (9083) for every host. -EP
- Specifies an option that is passed directly to an ecosystem
configure.sh
script. These commands follow the form‑EP<ecosystem component name> <option>
. In general,‑EP
options are not documented, and should be used only if the documentation specifically instructs you to use them.In MapR 6.0 and later, some ecosystem components have their ownconfigure.sh
scripts. The serverconfigure.sh
script or a user, can pass options directly to the ecosystem component by using the‑EP
syntax. For example, in the following command:/opt/mapr/server/configure.sh -R -EPkibana '-kibanaPort 5610'
-EPkibana '-kibanaPort 5610'
changes the default port for Kibana to 5610.As ecosystem components are updated more frequently than MapR Core (which contains the server
configure.sh
script), implementing someconfigure.sh
functions through an ecosystemconfigure.sh
script can accelerate the introduction of new features. -ES
- Specifies a comma-separated list of host names or IP addresses that identify the
Elasticsearch nodes. The Elasticsearch nodes can either be part of the current MapR cluster, or part of a different MapR cluster. Do not use this option
when you configure a node for the first time. Use this option along with the
-R
parameter.The list is in the following format:hostname/IPaddress[:port_no][,hostname/IPaddress[:port_no]...]
NOTE The default Elasticsearch port is9200
. If you want to use a different port, specify the port number when you list the Elasticsearch nodes. -ESDB
- Specifies a non-default location for writing index data on Elasticsearch nodes.
To configure an index location, you only need to include this parameter on
Elasticsearch nodes.
Elasticsearch requires a lot of disk space. Therefore, a separate filesystem for the index is recommended. It is not recommended to store index data under the
For more information, see Log Aggregation and Storage./
or the/var
file system. -F
- Specifies a path to a text file that lists
the disks and partitions to use with the MapR filesystem. By default,
the
configure.sh
script automatically starts cluster services after the configuration finishes successfully. If you do not want cluster services to be restarted, include the-no-autostart
option along with the-F
option. -f
- Specifies that the node should be configured without performing the system prerequisite check.
-forceSecurityDefaults
- Instructs
configure.sh
to undo any custom security settings for a cluster, and reconfigure security to the default MapR values for-unsecure
or-secure
. You must specify either the-secure
or the-unsecure
option. Using the-forceSecurityDefaults
option removes the/opt/mapr/conf/.customSecure
file. Use the following syntax:/opt/mapr/server/configure.sh -forceSecurityDefaults [ -unsecure | -secure ] -C <CLDB_node> -Z <ZK_node>
For more information, see Customizing Security in MapR.
IMPORTANT It is possible that the-forceSecurityDefaults
operation might not undo all custom security settings sinceconfigure.sh
cannot know all of the custom settings that were implemented. Therefore, you might have to edit some configuration files and settings to restore the cluster to full functionality. -G
- The group ID to use when creating $MAPR_USER with the
-create-user
or-a
option; corresponds to the-g
or-gid
option of theuseradd
command in Linux. -g
- The group name under which MapR services run.
-genkeys
- Generates needed keys and certificates for the initial CLDB node in a secure
cluster. If specified with the
-dare
option, the-genkeys
option generates a master key at/opt/mapr/conf/dare.master.key
on the first CLDB node. Without the master key, you cannot start the cluster, nor can you access the data. -H
- Specifies the HTTPS port number for connecting to the CLDB node. The default
port is
7443
. -HS
- Specifies the IP or hostname of the node in the cluster that performs the
HistoryServer role. This parameter is required only when a node in the cluster performs
the HistoryServer role. In MapR 5.1 and later, this parameter is
expanded to support the Mesos DNS-style name with format for Job History. The format is
<myriad-fwk-name>.mesos. For example, if the
-MF
parameter is myriadA, the name is:jobhistory.myriadA.mesos
. --isvm
- Specifies the virtual machine setup. Required when
configure.sh
is run on a cluster node, that is on a virtual machine. This option configures the script to use less memory. -J
- Specifies the JMX port for the CLDB. Default:
7220
-K | -kerberosEnable
- Indicates that Kerberos security has been enabled. Kerberos security is disabled by default.
-L
- Specifies a log file. If not specified,
configure.sh
logs errors to/opt/mapr/logs/configure.log
. --logHTTPFS
- Specifies the hostname to enable centralized logging using
fluentd
. -MCL
- Specifies the top-level directory where all the staging data as well as shuffle data is written for a specific Myriad framework. Used when multiple clusters are implementing Myriad.
-MP
- Specifies the name of the Myriad framework that is displayed in the Mesos UI.
-MHA
- Enables Myriad high availability.
-M7
- Deprecated as of MapR 4.0.1.
-maprpam
- When specified, the
configure.sh
script installs the MapR version of Pluggable Authentication Modules (PAM). This option is ignored if-S
is not set. -N
-
Specifies the cluster name. If you do not specify a name,
configure.sh
applies a default name (my.cluster.com) to the cluster. Whenever you runconfigure.sh
, be aware of the existing cluster name or names inmapr-clusters.conf
and specify the-N
parameter accordingly. If you specify a name that does not exist, a new line is created inmapr-clusters.conf
and is treated as a configuration for a separate cluster.Subsequent runs of
configure.sh
without the-N
parameter operate on this default cluster. If you specify a name when you first runconfigure.sh
, you can modify the CLDB and ZooKeeper settings corresponding to the named cluster by specifying the same name and runningconfigure.sh
again. Whenever you need to re-runconfigure.sh
on a given cluster (to add or rename nodes, for example), be sure to specify the same cluster name that you used when you ranconfigure.sh
for the first time. -no-autostart
- Specifies that the script should not start Zookeeper or Warden when you run
configure.sh
. -no-auto-permission-update
- Pass this option to prevent MapR from silently altering
permissions in
/etc/shadow
. -nocerts
- When specified, the
configure.sh
script does not generate SSL certificates even when the-genkeys
option is specified. -noDB
- Specifies that MapR Database is not in use.
-noRecalcMem
- Skips recalculating memory settings when refreshing roles. Can be used only with the
-R
option. -OT
- Specifies a comma-separated list of host names or IP addresses that identify the
OpenTSDB nodes. The OpenTSDB nodes can be part of the current MapR cluster or
part of a different MapR cluster. Do not use this option
when you configure a node for the first time. Use this option along with the
-R
parameter. The Warden service must be running when you useconfigure.sh -R -OT
.Use the following format to list the hostnames:hostname/IP address[:port_no][,hostname/IP address[:port_no]...]
NOTE The default OpenTSDB port is4242
. If you want to use a different port, specify the port number when you list the OpenTSDB nodes. -on-prompt-cont
- Specify:
y
to automatically respond Yes to all prompts.n
to automatically respond No to all prompts.
-P
- Specifies the Kerberos instance that is used to form a CLDB Kerberos principal in the
form of
mapr/<instance-name>@<realm-name>
. Enclose this value in quotes ("). This value is ignored if Kerberos security is not enabled. -QS
- Use the
-QS
option to configure the OJAI Distributed Query Service. See Configure the OJAI Distributed Query Service. -RM
-
In MapR 5.1, this parameter is expanded to support the Mesos DNS-style hostname for Myriad configuration. The Mesos-style hostname is
<application name>.marathon.mesos
. When starting ResourceManager from Marathon, the.<application name> rm
, for example, isrm.marathon.mesos
.In MapR 4.0.2, this parameter is not required unless you want to configure manual or automatic failover; zero configuration failover is enabled by default. In MapR 4.0.1, this parameter specifies the nodes in the cluster with the ResourceManager role.
List the nodes in the following format:
hostname[,hostname]...]
For more information, see ResourceManager High Availability.
-S | -secure
- Specifies that this cluster is a secure cluster, and configures security on the
platform and on all ecosystem components that support security. Default:
insecure
. -syschk
- Configures the system checks to be enabled or disabled. Value: Y/N.
-TL
- Specifies the single node on which the timeline server is installed for the
Hive-on-Tez user interface. When you install Tez manually, you must also install the
timeline server and run
configure.sh -TL <timeline_server_node>
on all nodes to indicate where the timeline server resides. -U
- The user ID to use when creating $MAPR_USER with either the
--create-user
or-a
option; corresponds to the-u
or--uid
option of theuseradd
command in Linux. -u
- The user name under which MapR services run.
-unsecure
- Specifies that this cluster is not secure. Default:
unsecure
. -v
- In addition to logging information, also prints to
stdout
.
Examples
-
Add a node (not CLDB or ZooKeeper) to a cluster that is running the CLDB and ZooKeeper
on three nodes:
On the new node, run the following command:
/opt/mapr/server/configure.sh -C nodeA,nodeB,nodeC -Z nodeA,nodeB,nodeC
-
Configure a client to work with cluster my.cluster.com, which has one CLDB at
nodeA:
On a Linux client, run the following command:
/opt/mapr/server/configure.sh -N my.cluster.com -c -C nodeA
On a Windows 7 client, run the following command:
C:\opt\mapr\server\configure.bat -N my.cluster.com -c -C nodeA
-
Add a second cluster to the configuration:
On a node in the second cluster your.cluster.com, run the following command:
/opt/mapr/server/configure.sh -C nodeZ -N your.cluster.com -Z <zkNodeA,zkNodeB,zkNodeC>
-
Add CLDB servers with multiple IP addresses to a cluster:
In this example, the cluster my.cluster.com has CLDB servers at nodeA, nodeB, nodeC, and nodeD. The CLDB servers nodeB and nodeD have two NICs each at eth0 and eth1.
On a node in the cluster
my.cluster.com
, run the following command:/opt/mapr/server/configure.sh -N my.cluster.com -C nodeAeth0,nodeCeth0 -M \ nodeBeth0,nodeBeth1 -M nodeDeth0,nodeDeth1 -Z zknodeA
- Start a cluster in secure mode using configure.sh
In this example, the cluster
my.cluster.com
has two CLDB servers at nodeA and nodeB. The ZooKeeper node for this cluster is at nodeC. To start the cluster in secure mode, run the following command on nodeA:/opt/mapr/server/configure.sh -N my.cluster.com -C nodeA,nodeB -Z nodeC -secure \ -genkeys -F <disklist file>
This command creates the
ssl_truststore
,ssl_keystore
,maprserverticket
, andcldb.key
files. Copy these files from nodeA's/opt/mapr/conf
directory to nodeB's/opt/mapr/conf
directory.On nodeB, change the permissions on the
ssl_keystore
,maprserverticket
, andcldb.key
files to 600 (themapr
user) by using the following command:chmod 600 ssl_keystore maprserverticket cldb.key
On the
ssl_truststore
file, change the permissions to 644 (world readable):chmod 644 ssl_truststore
On nodeB, run the following command:
/opt/mapr/server/configure.sh -N mycluster.com -C nodeA,nodeB -Z nodeC -secure -F \ <disklist file>
- Configure the Drill storage plugin to communicate with a Hive Metastore:
This example uses the
-EC
parameter to configure the Drill storage plugin to communicate with a Hive Metastore located onnodeA
:/opt/mapr/server/configure.sh -EC '-hiveMetastoreHost nodeA'
-
Configure HSM:
A sample session transcript using the
/opt/mapr/server/configure.sh
script with DARE enabled is as follows. The portions in bold relate to the common HSM features, while the portions in italics relate to the DARE-specific features:# /opt/mapr/server/configure.sh -secure -genkeys -N test96.cluster.com -C perfnode96.lab:7222 -Z perfnode96.lab:5181 -F disks.txt -dare -hsm -hsmip 10.10.30.129 -hsmlabel "SafeNet KeySecure" -hsmsopin 12345678 -hsmclientcert /root/safenet-keysecure/client.pem -hsmcacert /root/safenet-keysecure/CA.pem -hsmclientkey /root/safenet-keysecure/key.pem create /opt/mapr/conf/conf.old CLDB node list: perfnode96.lab:7222 Zookeeper node list: perfnode96.lab:5181 External Zookeeper node list: Node setup configuration: cldb fileserver hadoop-util zookeeper Log can be found at: /opt/mapr/logs/configure.log Initializing HSM with label SafeNet KeySecure Generated random user PIN B$V5g%$2#%8Kc6SL Obtained cluster name test96.cluster.com from mapr-clusters.conf Enabling MapR HSM on cluster test96.cluster.com Successfully generated Core KEK, UUID CF9FE63E85EF233B583972FB6265DB33067E8DBBB300297FF8F562DFCF7EA904 Successfully generated Common KEK, UUID 32A903E6D0DF67FDBCD953A33FC2547F50D35C18666E2A0A0B5CF749FBF84D6A Successfully set encrypted CLDB key in KMIP configuration Successfully set encrypted DARE key in KMIP configuration ############################################################################## # NOTE: The DARE master key for data at rest encryption is protected by the # # HSM. All keys in the HSM, including the DARE master key, should be safely # # backed up. Without the DARE master key, cluster cannot be started and data # # cannot be accessed. # ############################################################################## Creating 100 year self signed certificate with subjectDN='CN=*.lab' Configuring hadoop-util /dev/sdb added. /dev/sdc added. /dev/sdd added. Zookeeper found on this node, and it is not running. Starting Zookeeper Warden is not running. Starting mapr-warden. Warden will then start all other configured services on this node ... Starting cldb ... Starting fileserver ... Starting hadoop-util To further manage the system, use "maprcli", or connect browser to https://{webserver host name}:8443/ To stop and start this node, use "systemctl start/stop mapr-warden " No need to set label returning from SetDiskLabel
Troubleshooting configure.sh
When you run configure.sh
with the -OT
option for the
first time, you might encounter an error message such as directory /opt/mapr/conf/proxy
is not owned by root. You must ignore this transient error message. If you repeatedly
see this error during client operations, then re-run configure.sh
with the
-R
option.