About Release 7.1
This site contains documentation for HPE Ezmeral Data Fabric release 7.1, including installation, configuration, administration, and reference content, as well as content for the associated ecosystem components and drivers.
7.1 Installation
This section contains information about installing and upgrading HPE Ezmeral Data Fabric software. It also contains information about how to migrate data and applications from an Apache Hadoop cluster to a HPE Ezmeral Data Fabric cluster.
7.1 Data Fabric
HPE Ezmeral Data Fabric is the industry-leading data platform for AI and analytics that solves enterprise business needs.
7.1 Administration
This section describes how to manage the nodes and services that make up a cluster.
- Administering Users and Clusters
  Lists topics that help manage a data-fabric cluster.
- Administering Nodes
  Provides a synopsis of managing nodes in a cluster.
- Administering Volumes
  This section provide information about how to organize and manage data using volumes, a unique feature of HPE Ezmeral Data Fabric clusters.
- Administering Files and Directories
- Administering Tables
  Administration of the HPE Ezmeral Data Fabric Database is done primarily via the command line (maprcli) or with the Managed Control System (MCS). Regardless of whether the HPE Ezmeral Data Fabric Database table is used for binary files or JSON documents, the same types of commands are used with slightly different parameter options. HPE Ezmeral Data Fabric Database administration is associated with tables, columns and column families, and table regions.
- Administering Streams
- Administering Data Fabric Gateways
  A HPE Ezmeral Data Fabric gateway mediates one-way communication between a source HPE Ezmeral Data Fabric cluster and a destination cluster. You can replicate HPE Ezmeral Data Fabric Database tables (binary and JSON) and HPE Ezmeral Data Fabric Streams streams. HPE Ezmeral Data Fabric gateways also apply updates from JSON tables to their secondary indexes and propagate Change Data Capture (CDC) logs.
- Administering Services
- Monitoring the Cluster
  This section describes how to monitor the health and performance of a MapR cluster.
- Configuring Security
  Describes how to configure security and manage secure clusters.
- Managing Secure Clusters
  Provides procedures that will enable you to use MapR clusters securely.
- Administering the Data Access Gateway
  The HPE Ezmeral Data Fabric Data Access Gateway is a service that acts as a proxy and gateway for translating requests between lightweight client applications and the HPE Ezmeral Data Fabric cluster. This section describes considerations when upgrading the service, how to modify configuration settings, and how to administer and manage the service.
- Planning for High Availability
- Administrator's Reference
  This section contains in-depth reference information for the administrator.
  - maprcli and REST API Syntax
    This section provides information about the HPE Ezmeral Data Fabric command API. Most commands can be run on the command-line interface (CLI), or by making REST requests programmatically or in a browser.
    - Overview
      Each command reference page includes the command syntax, a table that describes the parameters, and examples of command usage.
    - acerole validate
      Verifies given user roles for ACEs exists in the /opt/mapr/conf/m7_permissions_roles_refimpl.conf file.
    - acl
      Describes the acl commands used to access control lists (ACLs).
    - alarm
      Describes the alarm commands that perform functions related to system alarms.
    - audit
      Describes commands used to audit operations related to cluster management and data access.
    - blacklist
      Describes commands used to include users in the denylist and to list users who are in the denylist.
      - denylist user
        Denies a user on a specific cluster.
      - blacklist listusers
        Lists users who are denied on a specific cluster.
    - cluster
      Manages cluster features, gateways, and cluster-wide settings.
    - config
      Lists configuration values for the data-fabric cluster.
    - dashboard info
      Displays a summary of information about the cluster.
    - dialhome
    - disk
      Lists disk parameters.
    - dump
      Returns key information about volumes, containers, storage pools, and MapR cluster services for debugging and troubleshooting.
    - entity
      Manages entities (users and groups).
    - fid
      Displays information about HPE Ezmeral Data Fabric Database or file-system components that are identified by a FID.
    - file
      Lets you perform tiering operations at the file level.
    - filefilter
      Creates and modifies filters to restrict certain file types from being stored on specified volumes.
    - job
      Manages Hadoop jobs running on the cluster.
    - license
      Manages MapR licenses.
    - label
      Manages registration and modification of labels.
    - nfsmgmt
      Refreshes NFS exports and server cache.
    - nfs4mgmt
      Manages NFSv4 server.
    - node
      Manages nodes in the cluster
    - rlimit
      Manages resource usage limits for the cluster.
    - schedule
      Manages schedules.
    - security
    - service list
      Lists all services on the specified node, the memory allocated for each service, the state of each service, and log path for each service.
    - setloglevel
      Sets log level on individual services.
    - stream
      Manages stream functionality.
    - s3domain
      Commands for managing HPE Ezmeral Object Store domains.
    - s3keys
      Commands for managing HPE Ezmeral Object Store access and secret keys.
    - table
      Performs functions related to HPE Ezmeral Data Fabric Database tables.
    - tier
      Lets you create, modify, remove, and retrieve list of tiers and tiering rules.
    - trace
      Lets you view and modify the trace buffer, and the trace levels for the system modules.
    - urls
      Displays the status page URL for the specified service.
    - virtualip
      Manages virtual IP addresses for NFS nodes.
    - volume
      Manages volumes, snapshots and mirrors.
  - MinIO Client (mc) Commands
    Lists mc commands that you can use to perform operations, such as creating and editing buckets and accounts in HPE Ezmeral Data Fabric Object Store.
  - Utilities
    Contains information about various scripts and utilities, that help setup, maintain, and monitor clusters.
  - Configuration Files
    This section contains reference information about various configuration files.
  - Alarms Reference
    The pages in this section provide details about all of the types of alarms.
  - HPE Ezmeral Data Fabric Environment
    This section provides information associated with the Data Fabric environment.
- Troubleshooting Cluster Administration
  Lists the common errors and their solutions.
- Best Practices for Backing Up HPE Ezmeral Data Fabric Information
  Lists the best practices and performance considerations to follow when backing up HPE Ezmeral Data Fabric information.
7.1 Development
This section contains information related to application development for Ezmeral ecosystem components and HPE Ezmeral Data Fabric products, including the file system, Database (Key-Value and JSON), and Event Streams.
Other Docs
This section contains release-independent information, including: Installer documentation, Ecosystem release notes, interoperability matrices, security vulnerabilities, and links to other data-fabric version documentation.
Glossary
Definitions for commonly used terms in MapR Converged Data Platform environments.

denylist user

Denies a user on a specific cluster.

This action cancels all existing tickets for the specified user. There is no REST equivalent command. For information about denying, see How Tickets Work.

Syntax

CLI

maprcli denylist user 
    -name <user name> 
   [ -denylisttime <millis from epoch> or <MM/DD/YYYY> ]
   [ -cluster <cluster name> ]

REST

N/A

Parameters

Parameter	Description
name	Username to deny.
denylisttime	Invalidates all user's tickets that were raised prior to the specified date (in the format <MM/DD/YYYY>). Alternatively, you can specify the time in milliseconds from epoch time (the number of milliseconds that have elapsed since Jan 1, 1970 midnight UTC).
cluster	Name of the cluster from which to deny the user.

Example

Deny the rogueuser user name from the cluster my.cluster.com:

CLI

maprcli denylist user -name rogueuser -cluster my.cluster.com

Deny the rogueuser user's tickets that were raised prior to 1st September 2020 from the cluster my.cluster.com:

CLI

maprcli denylist user -name rogueuser -cluster my.cluster.com -denylisttime 09/01/2020

Deny the rogueuser user's tickets that were raised prior to 1605418200155 milliseconds from epoch, from the cluster my.cluster.com:

CLI

maprcli denylist user -name rogueuser -cluster my.cluster.com -denylisttime 1605418200155

The value 1605418200155 corresponds to the time November 15th 2020, 11:00:00 am IST+05:30. Therefore, all rogueuser tickets that were raised prior to November 15th 2020, 11:00:00 am IST+05:30 are denied.

Related Log File

The log file /opt/mapr/logs/cldbaudit.log.json contains the log of the deny operation including the updated deny time. For example:

{"timestamp":{"$date":"2020-11-13T08:37:36.524Z"},"resource":"mapruser4","operation":"blacklist",
             "username":"root","uid":0,"clientip":"10.10.50.42","properties":
             [{"property":"denylisttime","oldvalue":"1605254599376","newvalue":"1605875766173"}],
             "status":0}{"timestamp":{"$date":"2020-11-13T08:37:45.020Z"},"resource":"cluster",
             "operation":"listBlacklist","username":"root","uid":0,
             "clientip":"10.10.50.42","status":0}

Here the old deny list time was 1605254599376 milliseconds (November 13, 2020 1:33:19 PM IST) and is now updated to 1605875766173 milliseconds (Friday, November 20, 2020 6:06:06 PM IST).