HPE Ezmeral Data Fabric 6.2 is In Maintenance and transitions to "End of Maintenance" in June 2024. Please see the latest documentation.

About Release 6.2
This site contains documentation for HPE Ezmeral Data Fabric release 6.2 including installation, configuration, administration, and reference content, as well as content for the associated bundled ecosystem components and drivers.
6.2 Installation
This section contains information about installing and upgrading HPE Ezmeral Data Fabric software. It also contains information about how to migrate data and applications from an Apache Hadoop cluster to a HPE Ezmeral Data Fabric cluster.
- Planning the Cluster
  Describes information and factors used in planning your cluster.
- Installing Core and Ecosystem Components
  Describes how to install HPE Ezmeral Data Fabric software and ecosystem components with or without the Installer.
- Installing the File Migration Service on the Edge Cluster
  Describes how to install the File Migration service on CentOS nodes.
- Installing the HPE Ezmeral Data Fabric File Store
  Describes how to install File Store software with or without the Installer.
- Installing Kubernetes Interfaces for Data Fabric
  This section describes how to plan for and install the Container Storage Interface (CSI) Storage Plugin and the Kubernetes Interfaces for Data Fabric FlexVolume Driver.
  - Container Storage Interface (CSI) Storage Plugin
    This section describes how to plan for, install, and upgrade the Container Storage Interface (CSI) Storage Plugin.
  - MapR Data Fabric for Kubernetes FlexVolume Driver
    Serves as a pointer on how to plan for, install, and upgrade data-fabric for Kubernetes.
    - Planning
      Points to information you should review before installing or using the data-fabric for Kubernetes FlexVolume driver.
    - Installing
      This section describes the steps you must take to prepare for installation and install the configuration files for the HPE Ezmeral Data Fabric for Kubernetes FlexVolume driver.
    - Upgrading
      This section describes how to upgrade the plug-in and dynamic provisioner, or upgrade Pods with attached volumes.
- Upgrading Core or EEP Components
  Depending on your current configuration, you may choose to upgrade the release version (core), ecosystem components, clients, or monitoring components.
- Setting Up Clients and Services
  Describes how to set up and use interfaces to an HPE Ezmeral Data Fabric cluster from a client computer.
- Setting Up the Control System
  Describes how to configure and access the Control System.
- Migrating to the HPE Ezmeral Data Fabric
  Provides instructions for migrating business-critical data and applications from an Apache Hadoop cluster to an HPE Ezmeral Data Fabric cluster.
- Applying a Patch
  You can apply a patch by using the Installer, by using the command line (a manual process), or by using an Installer Stanza.
6.2 Data Fabric
HPE Ezmeral Data Fabric is the industry-leading data platform for AI and analytics that solves enterprise business needs.
6.2 Administration
This section describes how to manage the nodes and services that make up a cluster.
6.2 Development
This section contains information related to application development for Ezmeral ecosystem components and HPE Ezmeral Data Fabric products, including the file system, Database (Key-Value and JSON), and Event Streams.
Other Docs
This section contains release-independent information, including: Installer documentation, Ecosystem release notes, interoperability matrices, security vulnerabilities, and links to other data-fabric version documentation.
Glossary
Definitions for commonly used terms in MapR Converged Data Platform environments.

Pod Security Policies and the HPE Ezmeral Data Fabric for Kubernetes

If your Kubernetes administrator has turned on Pod Security Policies, you must create a PSP for the HPE Ezmeral Data Fabric for Kubernetes. You should use your organization's best practices for writing a PSP, but you must enable several parameters in the PSP for your maprkdf service account:

volumes:
    - 'hostPath'
    - 'flexVolume'
allowedHostPaths:
    - pathPrefix: "/opt"
    - pathPrefix: "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/"
    - pathPrefix: "/etc/kubernetes"
    - pathPrefix: "/etc/localtime"
 allowedFlexVolumes:
    - driver: mapr.com/maprfs

Here is an example of a PSP that would work:

# Copyright (c) 2009 & onwards. MapR Tech, Inc., All rights reserved
apiVersion: extensions/v1beta1
kind: PodSecurityPolicy
metadata:
  name: mapr-kdf-psp
spec:
  volumes:
    - 'configMap'
    - 'emptyDir'
    - 'projected'
    - 'secret'
    - 'downwardAPI'
    - 'persistentVolumeClaim'
    - 'hostPath'
    - 'flexVolume'
  allowedHostPaths:
    - pathPrefix: "/opt"
    - pathPrefix: "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/"
    - pathPrefix: "/etc/kubernetes"
    - pathPrefix: "/etc/localtime"
  allowedFlexVolumes:
    - driver: mapr.com/maprfs
  runAsUser:
    rule: 'RunAsAny'
  seLinux:
    rule: 'RunAsAny'
  supplementalGroups:
    rule: 'RunAsAny'
  fsGroup:
    rule: 'RunAsAny'

You enable a PSP for a ServiceAccount as part of a ClusterRole that is bound to the ServiceAccount. See Using RBAC Authorization. For example, add the mapr-kdf-psp to a ClusterRole like this:

- apiGroups: ['extensions']
    resources: ['podsecuritypolicies']
    verbs:     ['use']
    resourceNames:
    - mapr-kdf-psp