You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hawq.apache.org by yo...@apache.org on 2016/09/29 17:22:59 UTC

[45/50] [abbrv] incubator-hawq-docs git commit: enhance passwordless ssh instructions

enhance passwordless ssh instructions

- include passwdless ssh instructions in system requirement section
- add appropriate xrefs to these instructions where appropriate
  (expanding cluster, ambari mgmt)
- include cloud.cfg config info in AWS doc


Project: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/commit/433de8e0
Tree: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/tree/433de8e0
Diff: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/diff/433de8e0

Branch: refs/heads/master
Commit: 433de8e0835dbe52c7bb86e75a94a0aeb1ba337b
Parents: 29a7f42
Author: Lisa Owen <lo...@pivotal.io>
Authored: Mon Sep 12 11:44:34 2016 -0700
Committer: Lisa Owen <lo...@pivotal.io>
Committed: Wed Sep 28 09:34:02 2016 -0700

----------------------------------------------------------------------
 admin/ClusterExpansion.html.md.erb           |  4 +-
 admin/ambari-admin.html.md.erb               |  8 +++-
 install/aws-config.html.md.erb               |  5 ++-
 requirements/system-requirements.html.md.erb | 45 +++++++++++++++++++++++
 4 files changed, 58 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/blob/433de8e0/admin/ClusterExpansion.html.md.erb
----------------------------------------------------------------------
diff --git a/admin/ClusterExpansion.html.md.erb b/admin/ClusterExpansion.html.md.erb
index 87b811c..f7d3856 100644
--- a/admin/ClusterExpansion.html.md.erb
+++ b/admin/ClusterExpansion.html.md.erb
@@ -20,7 +20,7 @@ There are several recommendations to keep in mind when modifying the size of you
 
 ## <a id="task_hawq_expand"></a>Adding a New Node to an Existing HAWQ Cluster 
 
-The following procedure describes the steps required to add a node to an existing HAWQ cluster.
+The following procedure describes the steps required to add a node to an existing HAWQ cluster.  First ensure that the new node has been configured per the instructions in [Apache HAWQ System Requirements](/20/requirements/system-requirements.html) and [Select HAWQ Host Machines](/20/install/select-hosts.html).
 
 For example purposes in this procedure, we are adding a new node named `sdw4`.
 
@@ -71,6 +71,8 @@ For example purposes in this procedure, we are adding a new node named `sdw4`.
         $ hawq ssh-exkeys -e hawq_hosts -x new_hosts
         ```
 
+    8.  (Optional) Turn off temporary password-based authentication as described in [Apache HAWQ System Requirements](/20/requirements/system-requirements.html#topic_pwdlessssh).
+
     8.  After setting up passwordless ssh, you can execute the following hawq command to check the target machine's configuration.
 
         ```shell

http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/blob/433de8e0/admin/ambari-admin.html.md.erb
----------------------------------------------------------------------
diff --git a/admin/ambari-admin.html.md.erb b/admin/ambari-admin.html.md.erb
index ddd986a..5c98dc0 100644
--- a/admin/ambari-admin.html.md.erb
+++ b/admin/ambari-admin.html.md.erb
@@ -159,7 +159,9 @@ There are several recommendations to keep in mind when modifying the size of you
 -  Note that for hash distributed tables, expanding the cluster will not immediately improve performance since hash distributed tables use a fixed number of virtual segments. In order to obtain better performance with hash distributed tables, you must redistribute the table to the updated cluster by either the [ALTER TABLE](/20/reference/sql/ALTER-TABLE.html) or [CREATE TABLE AS](/20/reference/sql/CREATE-TABLE-AS.html) command.
 -  If you are using hash tables, consider updating the `default_hash_table_bucket_number` server configuration parameter to a larger value after expanding the cluster but before redistributing the hash tables.
 
-### Procedure
+### Procedure
+First ensure that the new node(s) has been configured per the instructions in [Apache HAWQ System Requirements](/20/requirements/system-requirements.html) and [Select HAWQ Host Machines](/20/install/select-hosts.html).
+
 1.  If you have any user-defined function (UDF) libraries installed in your existing HAWQ cluster, install them on the new node(s) that you want to add to the HAWQ cluster.
 2.  Access the Ambari web console at http://ambari.server.hostname:8080, and login as the "admin" user. \(The default password is also "admin".\)
 3.  Click **HAWQ** in the list of installed services.
@@ -200,7 +202,9 @@ There are several recommendations to keep in mind when modifying the size of you
 21.  If you are using hash distributed tables and wish to take advantage of the performance benefits of using a larger cluster, redistribute the data in all hash-distributed tables by using either the [ALTER TABLE](/20/reference/sql/ALTER-TABLE.html) or [CREATE TABLE AS](/20/reference/sql/CREATE-TABLE-AS.html) command. You should redistribute the table data if you modified the `default_hash_table_bucket_number` configuration parameter.
 
     **Note:** The redistribution of table data can take a significant amount of time.
-22.  (Optional.) If you changed the **Exchange SSH Keys** property value before adding the host(s), change the value back to `false` after Ambari exchanges keys with the new hosts. This prevents Ambari from exchanging keys with all hosts every time the HAWQ master is started or restarted.
+22.  (Optional.) If you changed the **Exchange SSH Keys** property value before adding the host(s), change the value back to `false` after Ambari exchanges keys with the new hosts. This prevents Ambari from exchanging keys with all hosts every time the HAWQ master is started or restarted.
+
+23.  (Optional.) Turn off temporary password-based authentication as described in [Apache HAWQ System Requirements](/20/requirements/system-requirements.html#topic_pwdlessssh).
 
 #### <a id="manual-config-steps"></a>Manually Updating the HAWQ Configuration
 If you need to expand your HAWQ cluster without restarting the HAWQ service, follow these steps to manually apply the new HAWQ configuration. (Use these steps *instead* of following Step 7 in the above procedure.):

http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/blob/433de8e0/install/aws-config.html.md.erb
----------------------------------------------------------------------
diff --git a/install/aws-config.html.md.erb b/install/aws-config.html.md.erb
index 32675fe..8bbb9b4 100644
--- a/install/aws-config.html.md.erb
+++ b/install/aws-config.html.md.erb
@@ -102,8 +102,11 @@ $ ssh -i my-test.pem user1@192.0.2.0
 
 After launching your HAWQ instance, you will connect to and configure the instance. The  *Instances* page of the EC2 Console lists the running instances and their associated network access information.
 
-Before installing HAWQ, set up the EC2 instances as you would local host server machines. Configure the host operating system, configure host network information (for example, update the `/etc/hosts` file), set operating system parameters, and install operating system packages. For information about how to prepare your operating system environment for HAWQ, see [Select HAWQ Host Machines](../install/select-hosts.html).
+Before installing HAWQ, set up the EC2 instances as you would local host server machines. Configure the host operating system, configure host network information (for example, update the `/etc/hosts` file), set operating system parameters, and install operating system packages. For information about how to prepare your operating system environment for HAWQ, see [Apache HAWQ System Requirements](../requirements/system-requirements.html) and [Select HAWQ Host Machines](../install/select-hosts.html).
 
+###Passwordless SSH Configuration<a id="topic_pwdlessssh_cc"></a>
+
+HAWQ hosts will be configured during the installation process to use passwordless SSH for intra-cluster communications. Temporary password-based authentication must be enabled on each HAWQ host in preparation for this configuration. Password authentication is typically disabled by default in cloud images. Update the cloud configuration in `/etc/cloud/cloud.cfg` to enable password authentication in your AMI(s). Set `ssh_pwauth: True` in this file. If desired, disable password authentication after HAWQ installation by setting the property back to `False`.
   
 ##References<a id="topic_hgz_zwy_bv"></a>
 

http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/blob/433de8e0/requirements/system-requirements.html.md.erb
----------------------------------------------------------------------
diff --git a/requirements/system-requirements.html.md.erb b/requirements/system-requirements.html.md.erb
index cf9214d..c61ba3d 100644
--- a/requirements/system-requirements.html.md.erb
+++ b/requirements/system-requirements.html.md.erb
@@ -173,6 +173,51 @@ If this system uses YARN for resource management, you would set `yarn.nodemanage
 
 If this system uses the default HAWQ resource manager, you would set `hawq_rm_memory_limit_perseg` = `RAM - NON_HAWQ_MEMORY` = 8 GB - 7GB = 1.
 
+## <a id="topic_pwdlessssh"></a>Passwordless SSH Configuration
+
+HAWQ hosts will be configured to use passwordless SSH for intra-cluster communications during the installation process. Temporary password-based authentication must be enabled on each HAWQ host in preparation for this configuration.
+
+1. Install the SSH server if not already configured on the HAWQ system:
+    
+    ``` shell
+    $ yum list installed | grep openssh-server
+    $ yum -y install openssh-server
+    ```
+    
+2. Update the host's SSH configuration to allow password-based authentication. Edit the SSH config file and change the `PasswordAuthentication` configuration value from `no` to `yes`:
+    
+    ``` shell
+    $ sudo vi /etc/ssh/sshd_config
+    ```
+    
+    ```
+    PasswordAuthentication yes
+    ```
+
+3. Restart SSH:
+    
+    ``` shell
+    $ sudo /etc/init.d/sshd restart
+    ```
+
+*After installation is complete*, you may choose to turn off the temporary password-based authentication configured in the previous steps:
+
+1. Open the SSH `/etc/ssh/sshd_config` file in a text editor and update/uncomment the following configuration options.
+    
+    ```
+    RSAAuthentication yes
+    PasswordAuthentication no
+    PubkeyAuthentication yes
+    AuthorizedKeyFile  .ssh/authorized_keys
+    ```
+
+2.  Restart SSH:
+    
+    ``` shell
+    $ sudo /etc/init.d/sshd restart
+    ```
+�
+
 ## <a id="topic_bsm_hhv_2v"></a>Disk Requirements
 
 -   2GB per host for HAWQ installation.�