From c034443e6cadd631d1803fff11e326ac1a8adc61 Mon Sep 17 00:00:00 2001 From: proposalbot Date: Thu, 7 Sep 2023 15:03:43 +0000 Subject: [PATCH] Changes to mrs_umn from docs/doc-exports#861 (MRS UMN 20230907 version 1.Some c Reviewed-by: Pruthi, Vineet Co-authored-by: proposalbot Co-committed-by: proposalbot --- umn/source/change_history.rst | 440 +++++++++--------- .../creating_a_custom_cluster.rst | 194 ++++---- ...party_software_using_bootstrap_actions.rst | 4 +- ...certificate_file_is_invalid_or_damaged.rst | 10 +- ...me_certificate_file_is_about_to_expire.rst | 10 +- ...012_flume_certificate_file_has_expired.rst | 10 +- ...certificate_file_is_invalid_or_damaged.rst | 10 +- ...rserver_certificate_is_about_to_expire.rst | 10 +- ...torserver_certificate_file_has_expired.rst | 10 +- .../security_overview/user_account_list.rst | 2 + .../adding_a_bootstrap_action.rst | 2 +- 11 files changed, 392 insertions(+), 310 deletions(-) diff --git a/umn/source/change_history.rst b/umn/source/change_history.rst index 1f389e7..1c6c70a 100644 --- a/umn/source/change_history.rst +++ b/umn/source/change_history.rst @@ -5,219 +5,227 @@ Change History ============== -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| Release Date | What's New | -+===================================+======================================================================================================================================================+ -| 2023-07-27 | Modified the following content: | -| | | -| | Modified the ALM-45431 alarm title. For details, see :ref:`ALM-45431 Improper ClickHouse Instance Distribution for Topology Allocation `. | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-05-04 | Modified the following content: | -| | | -| | - Added MRS 3.2.0-LTS.1. For details, see :ref:`Creating a Custom Cluster `. | -| | - Added description of CDL and IoTDB technical principles, For details, see :ref:`CDL ` and :ref:`IoTDB `. | -| | - Added instructions for backing up and restoring CDL and IoT database data. | -| | | -| | - :ref:`Backing Up CDL Data ` | -| | - :ref:`Backing Up IoTDB Metadata ` | -| | - :ref:`Backing Up IoTDB Service Data ` | -| | - :ref:`Restoring CDL Data ` | -| | - :ref:`Restoring IoTDB Metadata ` | -| | - :ref:`Restoring IoTDB Service Data ` | -| | | -| | - Supported online patch pushing and update. For details, see :ref:`Patch Update `. | -| | - Added and updated some alarms of MRS 3.2.0-LTS.1. | -| | | -| | - :ref:`ALM-12012 NTP Service Is Abnormal ` | -| | - :ref:`ALM-12037 NTP Server Abnormal ` | -| | - :ref:`ALM-12103 Executor Resource Exception ` | -| | - :ref:`ALM-12104 Abnormal Knox Resources ` | -| | - :ref:`ALM-12172 Failed to Report Metrics to Cloud Eye ` | -| | - :ref:`ALM-12190 Number of Knox Connections Exceeds the Threshold ` | -| | - :ref:`ALM-19021 Handler Usage of RegionServer Exceeds the Threshold ` | -| | - :ref:`ALM-23001 Loader Service Unavailable ` | -| | - :ref:`ALM-23003 Loader Task Execution Failure ` | -| | - :ref:`ALM-23004 Loader Heap Memory Usage Exceeds the Threshold ` | -| | - :ref:`ALM-23005 Loader Non-Heap Memory Usage Exceeds the Threshold ` | -| | - :ref:`ALM-23006 Loader Direct Memory Usage Exceeds the Threshold ` | -| | - :ref:`ALM-23007 Garbage Collection (GC) Time of the Loader Process Exceeds the Threshold ` | -| | - :ref:`ALM-38011 User Connection Usage on Broker Exceeds the Threshold ` | -| | - :ref:`ALM-45000 HetuEngine Service Unavailable ` | -| | - :ref:`ALM-45001 Faulty HetuEngine Compute Instances ` | -| | - :ref:`ALM-45429 Table Metadata Synchronization Failed on the Added ClickHouse Node ` | -| | - :ref:`ALM-45430 Permission Metadata Synchronization Failed on the Added ClickHouse Node ` | -| | - :ref:`ALM-45431 Improper ClickHouse Instance Distribution for Topology Allocation ` | -| | - :ref:`ALM-45432 ClickHouse User Synchronization Process Fails ` | -| | - :ref:`ALM-45433 ClickHouse AZ Topology Exception ` | -| | - :ref:`ALM-45434 A Single Replica Exists in the ClickHouse Data Table ` | -| | - :ref:`ALM-45585 IoTDB Service Unavailable ` | -| | - :ref:`ALM-45586 IoTDBServer Heap Memory Usage Exceeds the Threshold ` | -| | - :ref:`ALM-45587 IoTDBServer GC Duration Exceeds the Threshold ` | -| | - :ref:`ALM-45588 IoTDBServer Direct Memory Usage Exceeds the Threshold ` | -| | - :ref:`ALM-45589 ConfigNode Heap Memory Usage Exceeds the Threshold ` | -| | - :ref:`ALM-45590 ConfigNode GC Duration Exceeds the Threshold ` | -| | - :ref:`ALM-45591 ConfigNode Direct Memory Usage Exceeds the Threshold ` | -| | - :ref:`ALM-45592 IoTDBServer RPC Execution Duration Exceeds the Threshold ` | -| | - :ref:`ALM-45593 IoTDBServer Flush Execution Duration Exceeds the Threshold ` | -| | - :ref:`ALM-45594 IoTDBServer Intra-Space Merge Duration Exceeds the Threshold ` | -| | - :ref:`ALM-45595 IoTDBServer Cross-Space Merge Duration Exceeds the Threshold ` | -| | - :ref:`ALM-45615 CDL Service Unavailable ` | -| | - :ref:`ALM-45616 CDL Job Execution Exception ` | -| | - :ref:`ALM-45617 Data Queued in the CDL Replication Slot Exceeds the Threshold ` | -| | - :ref:`ALM-45635 FlinkServer Job Execution Failure ` | -| | - :ref:`ALM-45636 FlinkServer Job Checkpoints Keep Failing ` | -| | - :ref:`ALM-45636 Flink Job Checkpoints Keep Failing ` | -| | - :ref:`ALM-45637 FlinkServer Task Is Continuously Under Back Pressure ` | -| | - :ref:`ALM-45638 Number of Restarts After FlinkServer Job Failures Exceeds the Threshold ` | -| | - :ref:`ALM-45638 Number of Restarts After Flink Job Failures Exceeds the Threshold ` | -| | - :ref:`ALM-45640 FlinkServer Heartbeat Interruption Between the Active and Standby Nodes ` | -| | - :ref:`ALM-45641 Data Synchronization Exception Between the Active and Standby FlinkServer Nodes ` | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2022-11-01 | Modified the following content: | -| | | -| | - Added some FAQ. For details, see :ref:`FAQ `. | -| | - Updated the screenshots in some sections in :ref:`FusionInsight Manager Operation Guide (Applicable to 3.x) `. | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2022-9-29 | Modified the following content: | -| | | -| | Added MRS 3.1.2-LTS.3. For details, see :ref:`Creating a Custom Cluster `. | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2021-06-30 | Modified the following content: | -| | | -| | Added MRS 3.1.0-LTS.1. For details, see :ref:`Creating a Custom Cluster `. | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2020-03-12 | Accepted for RM-1305 and RM-2779. | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2020-03-09 | Modified the following content: | -| | | -| | Added MRS 1.9.2. For details, see :ref:`Creating a Custom Cluster `. | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2020-02-22 | Modified the following content: | -| | | -| | - Added MRS 2.1.0. For details, see :ref:`Creating a Custom Cluster `. | -| | - Supported scale-out of nodes with new specifications. For details, see :ref:`Manually Scaling Out a Cluster `. | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-07-03 | Modified the following content: | -| | | -| | :ref:`Creating a Custom Cluster ` | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-10-09 | Accepted in OTC 3.2. | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-09-10 | Modified the following content: | -| | | -| | :ref:`Sample Scripts ` | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-08-30 | - Added the following content: | -| | | -| | - :ref:`Installing Third-Party Software Using Bootstrap Actions ` | -| | - :ref:`Introduction to Bootstrap Actions ` | -| | - :ref:`Preparing the Bootstrap Action Script ` | -| | - :ref:`View Execution Records ` | -| | - :ref:`Adding a Bootstrap Action ` | -| | - :ref:`Sample Scripts ` | -| | | -| | - Modified the following content: | -| | | -| | - :ref:`Creating a Custom Cluster ` | -| | - :ref:`Creating a Cluster ` | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-05-29 | - Modified the following content: | -| | | -| | - :ref:`Creating a Cluster ` | -| | - :ref:`Creating a Custom Cluster ` | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-03-16 | - Added the following content: | -| | | -| | - :ref:`Manually Scaling In a Cluster ` | -| | - :ref:`Configuring an Auto Scaling Rule ` | -| | - :ref:`Configuring Message Notification ` | -| | - :ref:`ALM-12014 Device Partition Lost ` | -| | - :ref:`ALM-12015 Device Partition File System Read-Only ` | -| | - :ref:`ALM-12043 DNS Parsing Duration Exceeds the Threshold ` | -| | - :ref:`ALM-12045 Read Packet Dropped Rate Exceeds the Threshold ` | -| | - :ref:`ALM-12046 Write Packet Dropped Rate Exceeds the Threshold ` | -| | - :ref:`ALM-12047 Read Packet Error Rate Exceeds the Threshold ` | -| | - :ref:`ALM-12048 Write Packet Error Rate Exceeds the Threshold ` | -| | - :ref:`ALM-12049 Read Throughput Rate Exceeds the Threshold ` | -| | - :ref:`ALM-12050 Write Throughput Rate Exceeds the Threshold ` | -| | - :ref:`ALM-12051 Disk Inode Usage Exceeds the Threshold ` | -| | - :ref:`ALM-12052 Usage of Temporary TCP Ports Exceeds the Threshold ` | -| | - :ref:`ALM-12053 File Handle Usage Exceeds the Threshold ` | -| | - :ref:`ALM-12054 The Certificate File Is Invalid ` | -| | - :ref:`ALM-12055 The Certificate File Is About to Expire ` | -| | - :ref:`ALM-18008 Heap Memory Usage of Yarn ResourceManager Exceeds the Threshold ` | -| | - :ref:`ALM-18009 Heap Memory Usage of MapReduce JobHistoryServer Exceeds the Threshold ` | -| | - :ref:`ALM-20002 Hue Service Unavailable ` | -| | - :ref:`ALM-43001 Spark Service Unavailable ` | -| | - :ref:`ALM-43006 Heap Memory Usage of the JobHistory Process Exceeds the Threshold ` | -| | - :ref:`ALM-43007 Non-Heap Memory Usage of the JobHistory Process Exceeds the Threshold ` | -| | - :ref:`ALM-43008 Direct Memory Usage of the JobHistory Process Exceeds the Threshold ` | -| | - :ref:`ALM-43009 JobHistory GC Time Exceeds the Threshold ` | -| | - :ref:`ALM-43010 Heap Memory Usage of the JDBCServer Process Exceeds the Threshold ` | -| | - :ref:`ALM-43011 Non-Heap Memory Usage of the JDBCServer Process Exceeds the Threshold ` | -| | - :ref:`ALM-43012 Direct Memory Usage of the JDBCServer Process Exceeds the Threshold ` | -| | - :ref:`ALM-43013 JDBCServer GC Time Exceeds the Threshold ` | -| | | -| | - Modified the following content: | -| | | -| | - :ref:`Creating a Cluster ` | -| | - :ref:`Uploading Data and Programs ` | -| | - :ref:`Creating a Job ` | -| | - :ref:`Cluster List ` | -| | - :ref:`Checking the Cluster Status ` | -| | - :ref:`Creating a Custom Cluster ` | -| | - :ref:`Viewing Basic Cluster Information ` | -| | - :ref:`Manually Scaling Out a Cluster ` | -| | - :ref:`Importing and Exporting Data ` | -| | - :ref:`Viewing Information of a Historical Cluster ` | -| | - :ref:`Accessing MRS Manager MRS 2.1.0 or Earlier) ` | -| | - :ref:`Changing the Password of an Operation User ` | -| | - :ref:`Initializing the Password of a System User ` | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-01-31 | Modified the following contents: | -| | | -| | - :ref:`Accessing MRS Manager MRS 2.1.0 or Earlier) ` | -| | - :ref:`Creating a Custom Cluster ` | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-11-08 | - Added the following content: | -| | | -| | - :ref:`Web UIs of Open Source Components ` | -| | | -| | - Modified the following contents: | -| | | -| | - :ref:`Creating a Cluster ` | -| | - :ref:`Creating a Custom Cluster ` | -| | - :ref:`Viewing Basic Cluster Information ` | -| | - :ref:`Manually Scaling Out a Cluster ` | -| | - :ref:`Viewing the Alarm List ` | -| | - :ref:`Viewing Information of a Historical Cluster ` | -| | - :ref:`Viewing Job Configuration and Logs ` | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-06-09 | - Added the following content: | -| | | -| | - :ref:`Viewing Information of a Historical Cluster ` | -| | - :ref:`Configuring Cross-Cluster Mutual Trust Relationships ` | -| | - :ref:`Configuring Users to Access Resources of a Trusted Cluster ` | -| | | -| | - Modified the following contents: | -| | | -| | - :ref:`Uploading Data and Programs ` | -| | - :ref:`Creating a Job ` | -| | - :ref:`Creating a Custom Cluster ` | -| | - :ref:`Installing a Client (Version 3.x or Later) ` | -| | - :ref:`Installing a Client (Versions Earlier Than 3.x) ` | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-04-06 | - Added the following content: | -| | | -| | - :ref:`Accessing MRS Manager MRS 2.1.0 or Earlier) ` | -| | - :ref:`MRS Multi-User Permission Management ` | -| | | -| | - Modified the following contents: | -| | | -| | - :ref:`Creating a Custom Cluster ` | -| | - :ref:`Manually Scaling Out a Cluster ` | -| | - :ref:`Viewing Basic Cluster Information ` | -| | - :ref:`Viewing and Manually Clearing an Alarm ` | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-02-20 | This issue is the first official release. | -+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+ ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| Release Date | What's New | ++===================================+====================================================================================================================================================================================================================+ +| 2023-09-08 | Modified the following content: | +| | | +| | - Updated available cluster versions. For details, see :ref:`Creating a Custom Cluster `. | +| | - Added the description about system disk encryption parameters. For details, see :ref:`Creating a Custom Cluster `. | +| | - Modified the constraints of adding a bootstrap action. For details, see :ref:`Adding a Bootstrap Action `. | +| | - Add the description that the password of user **omm** is radomly generated. For details, see :ref:`User Account List `. | +| | - Optimized Flume alarm description. For details, see :ref:`ALM-24010 Flume Certificate File Is Invalid or Damaged ` to :ref:`ALM-24015 Flume MonitorServer Certificate File Has Expired `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-07-27 | Modified the following content: | +| | | +| | Modified the ALM-45431 alarm title. For details, see :ref:`ALM-45431 Improper ClickHouse Instance Distribution for Topology Allocation `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-05-04 | Modified the following content: | +| | | +| | - Added MRS 3.2.0-LTS.1. For details, see :ref:`Creating a Custom Cluster `. | +| | - Added description of CDL and IoTDB technical principles, For details, see :ref:`CDL ` and :ref:`IoTDB `. | +| | - Added instructions for backing up and restoring CDL and IoT database data. | +| | | +| | - :ref:`Backing Up CDL Data ` | +| | - :ref:`Backing Up IoTDB Metadata ` | +| | - :ref:`Backing Up IoTDB Service Data ` | +| | - :ref:`Restoring CDL Data ` | +| | - :ref:`Restoring IoTDB Metadata ` | +| | - :ref:`Restoring IoTDB Service Data ` | +| | | +| | - Supported online patch pushing and update. For details, see :ref:`Patch Update `. | +| | - Added and updated some alarms of MRS 3.2.0-LTS.1. | +| | | +| | - :ref:`ALM-12012 NTP Service Is Abnormal ` | +| | - :ref:`ALM-12037 NTP Server Abnormal ` | +| | - :ref:`ALM-12103 Executor Resource Exception ` | +| | - :ref:`ALM-12104 Abnormal Knox Resources ` | +| | - :ref:`ALM-12172 Failed to Report Metrics to Cloud Eye ` | +| | - :ref:`ALM-12190 Number of Knox Connections Exceeds the Threshold ` | +| | - :ref:`ALM-19021 Handler Usage of RegionServer Exceeds the Threshold ` | +| | - :ref:`ALM-23001 Loader Service Unavailable ` | +| | - :ref:`ALM-23003 Loader Task Execution Failure ` | +| | - :ref:`ALM-23004 Loader Heap Memory Usage Exceeds the Threshold ` | +| | - :ref:`ALM-23005 Loader Non-Heap Memory Usage Exceeds the Threshold ` | +| | - :ref:`ALM-23006 Loader Direct Memory Usage Exceeds the Threshold ` | +| | - :ref:`ALM-23007 Garbage Collection (GC) Time of the Loader Process Exceeds the Threshold ` | +| | - :ref:`ALM-38011 User Connection Usage on Broker Exceeds the Threshold ` | +| | - :ref:`ALM-45000 HetuEngine Service Unavailable ` | +| | - :ref:`ALM-45001 Faulty HetuEngine Compute Instances ` | +| | - :ref:`ALM-45429 Table Metadata Synchronization Failed on the Added ClickHouse Node ` | +| | - :ref:`ALM-45430 Permission Metadata Synchronization Failed on the Added ClickHouse Node ` | +| | - :ref:`ALM-45431 Improper ClickHouse Instance Distribution for Topology Allocation ` | +| | - :ref:`ALM-45432 ClickHouse User Synchronization Process Fails ` | +| | - :ref:`ALM-45433 ClickHouse AZ Topology Exception ` | +| | - :ref:`ALM-45434 A Single Replica Exists in the ClickHouse Data Table ` | +| | - :ref:`ALM-45585 IoTDB Service Unavailable ` | +| | - :ref:`ALM-45586 IoTDBServer Heap Memory Usage Exceeds the Threshold ` | +| | - :ref:`ALM-45587 IoTDBServer GC Duration Exceeds the Threshold ` | +| | - :ref:`ALM-45588 IoTDBServer Direct Memory Usage Exceeds the Threshold ` | +| | - :ref:`ALM-45589 ConfigNode Heap Memory Usage Exceeds the Threshold ` | +| | - :ref:`ALM-45590 ConfigNode GC Duration Exceeds the Threshold ` | +| | - :ref:`ALM-45591 ConfigNode Direct Memory Usage Exceeds the Threshold ` | +| | - :ref:`ALM-45592 IoTDBServer RPC Execution Duration Exceeds the Threshold ` | +| | - :ref:`ALM-45593 IoTDBServer Flush Execution Duration Exceeds the Threshold ` | +| | - :ref:`ALM-45594 IoTDBServer Intra-Space Merge Duration Exceeds the Threshold ` | +| | - :ref:`ALM-45595 IoTDBServer Cross-Space Merge Duration Exceeds the Threshold ` | +| | - :ref:`ALM-45615 CDL Service Unavailable ` | +| | - :ref:`ALM-45616 CDL Job Execution Exception ` | +| | - :ref:`ALM-45617 Data Queued in the CDL Replication Slot Exceeds the Threshold ` | +| | - :ref:`ALM-45635 FlinkServer Job Execution Failure ` | +| | - :ref:`ALM-45636 FlinkServer Job Checkpoints Keep Failing ` | +| | - :ref:`ALM-45636 Flink Job Checkpoints Keep Failing ` | +| | - :ref:`ALM-45637 FlinkServer Task Is Continuously Under Back Pressure ` | +| | - :ref:`ALM-45638 Number of Restarts After FlinkServer Job Failures Exceeds the Threshold ` | +| | - :ref:`ALM-45638 Number of Restarts After Flink Job Failures Exceeds the Threshold ` | +| | - :ref:`ALM-45640 FlinkServer Heartbeat Interruption Between the Active and Standby Nodes ` | +| | - :ref:`ALM-45641 Data Synchronization Exception Between the Active and Standby FlinkServer Nodes ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2022-11-01 | Modified the following content: | +| | | +| | - Added some FAQ. For details, see :ref:`FAQ `. | +| | - Updated the screenshots in some sections in :ref:`FusionInsight Manager Operation Guide (Applicable to 3.x) `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2022-9-29 | Modified the following content: | +| | | +| | Added MRS 3.1.2-LTS.3. For details, see :ref:`Creating a Custom Cluster `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2021-06-30 | Modified the following content: | +| | | +| | Added MRS 3.1.0-LTS.1. For details, see :ref:`Creating a Custom Cluster `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2020-03-12 | Accepted for RM-1305 and RM-2779. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2020-03-09 | Modified the following content: | +| | | +| | Added MRS 1.9.2. For details, see :ref:`Creating a Custom Cluster `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2020-02-22 | Modified the following content: | +| | | +| | - Added MRS 2.1.0. For details, see :ref:`Creating a Custom Cluster `. | +| | - Supported scale-out of nodes with new specifications. For details, see :ref:`Manually Scaling Out a Cluster `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-07-03 | Modified the following content: | +| | | +| | :ref:`Creating a Custom Cluster ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-10-09 | Accepted in OTC 3.2. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-09-10 | Modified the following content: | +| | | +| | :ref:`Sample Scripts ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-08-30 | - Added the following content: | +| | | +| | - :ref:`Installing Third-Party Software Using Bootstrap Actions ` | +| | - :ref:`Introduction to Bootstrap Actions ` | +| | - :ref:`Preparing the Bootstrap Action Script ` | +| | - :ref:`View Execution Records ` | +| | - :ref:`Adding a Bootstrap Action ` | +| | - :ref:`Sample Scripts ` | +| | | +| | - Modified the following content: | +| | | +| | - :ref:`Creating a Custom Cluster ` | +| | - :ref:`Creating a Cluster ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-05-29 | - Modified the following content: | +| | | +| | - :ref:`Creating a Cluster ` | +| | - :ref:`Creating a Custom Cluster ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-03-16 | - Added the following content: | +| | | +| | - :ref:`Manually Scaling In a Cluster ` | +| | - :ref:`Configuring an Auto Scaling Rule ` | +| | - :ref:`Configuring Message Notification ` | +| | - :ref:`ALM-12014 Device Partition Lost ` | +| | - :ref:`ALM-12015 Device Partition File System Read-Only ` | +| | - :ref:`ALM-12043 DNS Parsing Duration Exceeds the Threshold ` | +| | - :ref:`ALM-12045 Read Packet Dropped Rate Exceeds the Threshold ` | +| | - :ref:`ALM-12046 Write Packet Dropped Rate Exceeds the Threshold ` | +| | - :ref:`ALM-12047 Read Packet Error Rate Exceeds the Threshold ` | +| | - :ref:`ALM-12048 Write Packet Error Rate Exceeds the Threshold ` | +| | - :ref:`ALM-12049 Read Throughput Rate Exceeds the Threshold ` | +| | - :ref:`ALM-12050 Write Throughput Rate Exceeds the Threshold ` | +| | - :ref:`ALM-12051 Disk Inode Usage Exceeds the Threshold ` | +| | - :ref:`ALM-12052 Usage of Temporary TCP Ports Exceeds the Threshold ` | +| | - :ref:`ALM-12053 File Handle Usage Exceeds the Threshold ` | +| | - :ref:`ALM-12054 The Certificate File Is Invalid ` | +| | - :ref:`ALM-12055 The Certificate File Is About to Expire ` | +| | - :ref:`ALM-18008 Heap Memory Usage of Yarn ResourceManager Exceeds the Threshold ` | +| | - :ref:`ALM-18009 Heap Memory Usage of MapReduce JobHistoryServer Exceeds the Threshold ` | +| | - :ref:`ALM-20002 Hue Service Unavailable ` | +| | - :ref:`ALM-43001 Spark Service Unavailable ` | +| | - :ref:`ALM-43006 Heap Memory Usage of the JobHistory Process Exceeds the Threshold ` | +| | - :ref:`ALM-43007 Non-Heap Memory Usage of the JobHistory Process Exceeds the Threshold ` | +| | - :ref:`ALM-43008 Direct Memory Usage of the JobHistory Process Exceeds the Threshold ` | +| | - :ref:`ALM-43009 JobHistory GC Time Exceeds the Threshold ` | +| | - :ref:`ALM-43010 Heap Memory Usage of the JDBCServer Process Exceeds the Threshold ` | +| | - :ref:`ALM-43011 Non-Heap Memory Usage of the JDBCServer Process Exceeds the Threshold ` | +| | - :ref:`ALM-43012 Direct Memory Usage of the JDBCServer Process Exceeds the Threshold ` | +| | - :ref:`ALM-43013 JDBCServer GC Time Exceeds the Threshold ` | +| | | +| | - Modified the following content: | +| | | +| | - :ref:`Creating a Cluster ` | +| | - :ref:`Uploading Data and Programs ` | +| | - :ref:`Creating a Job ` | +| | - :ref:`Cluster List ` | +| | - :ref:`Checking the Cluster Status ` | +| | - :ref:`Creating a Custom Cluster ` | +| | - :ref:`Viewing Basic Cluster Information ` | +| | - :ref:`Manually Scaling Out a Cluster ` | +| | - :ref:`Importing and Exporting Data ` | +| | - :ref:`Viewing Information of a Historical Cluster ` | +| | - :ref:`Accessing MRS Manager MRS 2.1.0 or Earlier) ` | +| | - :ref:`Changing the Password of an Operation User ` | +| | - :ref:`Initializing the Password of a System User ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-01-31 | Modified the following contents: | +| | | +| | - :ref:`Accessing MRS Manager MRS 2.1.0 or Earlier) ` | +| | - :ref:`Creating a Custom Cluster ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-11-08 | - Added the following content: | +| | | +| | - :ref:`Web UIs of Open Source Components ` | +| | | +| | - Modified the following contents: | +| | | +| | - :ref:`Creating a Cluster ` | +| | - :ref:`Creating a Custom Cluster ` | +| | - :ref:`Viewing Basic Cluster Information ` | +| | - :ref:`Manually Scaling Out a Cluster ` | +| | - :ref:`Viewing the Alarm List ` | +| | - :ref:`Viewing Information of a Historical Cluster ` | +| | - :ref:`Viewing Job Configuration and Logs ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-06-09 | - Added the following content: | +| | | +| | - :ref:`Viewing Information of a Historical Cluster ` | +| | - :ref:`Configuring Cross-Cluster Mutual Trust Relationships ` | +| | - :ref:`Configuring Users to Access Resources of a Trusted Cluster ` | +| | | +| | - Modified the following contents: | +| | | +| | - :ref:`Uploading Data and Programs ` | +| | - :ref:`Creating a Job ` | +| | - :ref:`Creating a Custom Cluster ` | +| | - :ref:`Installing a Client (Version 3.x or Later) ` | +| | - :ref:`Installing a Client (Versions Earlier Than 3.x) ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-04-06 | - Added the following content: | +| | | +| | - :ref:`Accessing MRS Manager MRS 2.1.0 or Earlier) ` | +| | - :ref:`MRS Multi-User Permission Management ` | +| | | +| | - Modified the following contents: | +| | | +| | - :ref:`Creating a Custom Cluster ` | +| | - :ref:`Manually Scaling Out a Cluster ` | +| | - :ref:`Viewing Basic Cluster Information ` | +| | - :ref:`Viewing and Manually Clearing an Alarm ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-02-20 | This issue is the first official release. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ diff --git a/umn/source/configuring_a_cluster/creating_a_custom_cluster.rst b/umn/source/configuring_a_cluster/creating_a_custom_cluster.rst index 965dddb..7058240 100644 --- a/umn/source/configuring_a_cluster/creating_a_custom_cluster.rst +++ b/umn/source/configuring_a_cluster/creating_a_custom_cluster.rst @@ -59,7 +59,7 @@ Software Configurations | | | | | The default name is **mrs**\ \_\ *xxxx*. *xxxx* is a random collection of letters and digits. | +-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Cluster Version | Currently, MRS 1.6.3, 1.7.2, 1.9.2, 2.1.0, 3.1.0-LTS.1, 3.1.2-LTS.3 , and 3.2.0-LTS.1 are supported. The latest version of MRS is used by default. | + | Cluster Version | Currently, MRS 3.1.2-LTS.x , and 3.2.0-LTS.x are supported. The default value displayed on the UI varies depending on the version. | +-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Cluster Type | The cluster types are as follows: | | | | @@ -252,89 +252,115 @@ Hardware Configurations .. table:: **Table 4** MRS cluster advanced configuration topology - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Parameter | Description | - +===================================+====================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================+ - | Tag | For details, see :ref:`Adding a Tag to a Cluster `. | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Hostname Prefix | Enter the prefix for the computer hostname of an ECS in the cluster. | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Auto Scaling | Auto scaling can be configured only after you specify Task node specifications in the **Configure Hardware** step. For details about how to configure Task node specifications, see :ref:`Configuring an Auto Scaling Rule `. | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Agency | By binding an agency, ECSs or BMSs can manage some of your resources. Determine whether to configure an agency based on the actual service scenario. | - | | | - | | For example, you can configure an agency of the ECS type to automatically obtain the AK/SK to access OBS. For details, see :ref:`Configuring a Storage-Compute Decoupled Cluster (Agency) `. | - | | | - | | The **MRS_ECS_DEFAULT_AGENCY** agency has the OBSOperateAccess permission of OBS and the CESFullAccess (for users who have enabled fine-grained policies), CES Administrator, and KMS Administrator permissions in the region where the cluster is located. | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Alarm | If the alarm function is enabled, the cluster maintenance personnel can be notified in a timely manner to locate faults when the cluster runs abnormally or the system is faulty. | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Rule Name | Name of the rule for sending alarm messages. The value can contain only digits, letters, hyphens (-), and underscores (_). | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Topic Name | Select an existing topic or click **Create Topic** to create a topic. To deliver messages published to a topic, you need to add a subscriber to the topic. For details, see :ref:`Adding Subscriptions to a Topic `. | - | | | - | | A topic serves as a message sending channel, where publishers and subscribers can interact with each other. | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Logging | Whether to collect logs when cluster creation fails. | - | | | - | | After the logging function is enabled, system logs and component run logs are automatically collected and saved to the OBS file system in scenarios such as cluster creation failures and scale-out or scale-in failures for O&M personnel to quickly locate faults. The log information is retained for a maximum of seven days. | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Kerberos Authentication | Whether to enable Kerberos authentication when logging in to Manager. | - | | | - | | - |image5|: If **Kerberos Authentication** is disabled, common users can use all functions of an MRS cluster. You are advised to disable Kerberos authentication in single-user scenarios. | - | | - |image6|: If **Kerberos Authentication** is enabled, common users cannot use the file and job management functions of an MRS cluster and cannot view cluster resource usage or the job records for Hadoop and Spark. To use more cluster functions, the users must contact the Manager administrator to assign more permissions. You are advised to enable Kerberos authentication in multi-user scenarios. | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Username | Name of the administrator of Manager. **admin** is used by default. | - | | | - | | For versions earlier than MRS 1.7.2, this parameter needs to be configured only when **Kerberos Authentication** is enabled: |image7| | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Password | Password of the Manager administrator | - | | | - | | The following requirements must be met: | - | | | - | | - Must contain 8 to 26 characters. | - | | - Must contain at least four of the following: | - | | | - | | - Lowercase letters | - | | - Uppercase letters | - | | - Digits | - | | - Have at least one of the following special characters: !?,.: -_{} [ ]@ $% ^ + = / | - | | | - | | - Cannot be the same as the username or the username spelled backwards. | - | | | - | | Password Strength: The colorbar in red, orange, and green indicates weak, medium, and strong password, respectively. | - | | | - | | For versions earlier than MRS 1.7.2, this parameter needs to be configured only when **Kerberos Authentication** is enabled: |image8| | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Confirm Password | Enter the password of the Manager administrator again. | - | | | - | | For versions earlier than MRS 1.7.2, this parameter needs to be configured only when **Kerberos Authentication** is enabled: |image9| | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Login Mode | - Password | - | | | - | | You can log in to ECS nodes using a password. | - | | | - | | A password must meet the following requirements: | - | | | - | | #. Must be a string and 8 to 26 characters long. | - | | #. The password must contain at least four types of the following characters: uppercase letters, lowercase letters, digits, and special characters (``! ?,.: -_{} [ ]@ $% ^ + = /``). | - | | #. The password cannot be the username or the reverse username. | - | | | - | | - Key Pair | - | | | - | | Key pairs are used to log in to ECS nodes of the cluster. Select a key pair from the drop-down list. Select "I acknowledge that I have obtained private key file *SSHkey-xxx* and that without this file I will not be able to log in to my ECS." If you have never created a key pair, click **View Key Pair** to create or import a key pair. And then, obtain a private key file. | - | | | - | | A key pair, also called an SSH key, consists of a public key and a private key. You can create an SSH key and download the private key for authenticating remote login. For security, a private key can only be downloaded once. Keep it secure. | - | | | - | | Use an SSH key in either of the following two methods: | - | | | - | | #. Creating an SSH key: After you create an SSH key, a public key and a private key are generated. The public key is stored in the system, and the private key is stored in the local ECS. When you log in to an ECS, the public and private keys are used for authentication. | - | | #. Importing an SSH key: If you have obtained the public and private keys, import the public key into the system. When you log in to an ECS, the public and private keys are used for authentication. | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Secure Communications | MRS clusters provision, manage, and use big data components through the management console. Big data components are deployed in a user's VPC. If the MRS management console needs to directly access big data components deployed in the user's VPC, you need to enable the corresponding security group rules after you have obtained user authorization. This authorization process is called secure communications. For details, see :ref:`Communication Security Authorization `. | - | | | - | | If the secure communications function is not enabled, MRS clusters cannot be created. | - +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Parameter | Description | + +===================================+================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================+ + | Tag | For details, see :ref:`Adding a Tag to a Cluster `. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Hostname Prefix | Enter the prefix for the computer hostname of an ECS in the cluster. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Auto Scaling | Auto scaling can be configured only after you specify Task node specifications in the **Configure Hardware** step. For details about how to configure Task node specifications, see :ref:`Configuring an Auto Scaling Rule `. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Agency | By binding an agency, ECSs or BMSs can manage some of your resources. Determine whether to configure an agency based on the actual service scenario. | + | | | + | | For example, you can configure an agency of the ECS type to automatically obtain the AK/SK to access OBS. For details, see :ref:`Configuring a Storage-Compute Decoupled Cluster (Agency) `. | + | | | + | | The **MRS_ECS_DEFAULT_AGENCY** agency has the OBSOperateAccess permission of OBS and the CESFullAccess (for users who have enabled fine-grained policies), CES Administrator, and KMS Administrator permissions in the region where the cluster is located. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | System Disk Encryption | Whether to encrypt data in the system disk mounted to the cluster. This function is disabled by default. To use this function, you must have the Security Administrator and KMS Administrator permissions. | + | | | + | | The keys used to encrypt system disks are provided by Key Management Service (KMS). You do not need to build and maintain the key management infrastructure. | + | | | + | | You can choose whether to enable system disk encryption by configuring this parameter. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | System Disk Key ID | This parameter is available only when **System Disk Encryption** is enabled. The parameter indicates the key ID corresponding to the selected key name. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | System Disk Key Name | This parameter is mandatory when **System Disk Encryption** is enabled. Select the name of the key used to encrypt the system disk. By default, the default master key named **evs/default** is selected. You can select another master key from the drop-down list. If disks are encrypted using a CMK, which is then disabled or scheduled for deletion, the disks can no longer be read from or written to, and data on these disks may never be restored. Exercise caution when performing this operation. | + | | | + | | Click **View Key List** to enter a page where you can create and manage keys. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Data Disk Encryption | Whether to encrypt data in the data disk mounted to the cluster. This function is disabled by default. To use this function, you must have the Security Administrator and KMS Administrator permissions. | + | | | + | | The keys used to encrypt data disks are provided by Key Management Service (KMS). You do not need to build and maintain the key management infrastructure. | + | | | + | | Click **Data Disk Encryption** to enable or disable the data disk encryption function. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Data Disk Key ID | This parameter is displayed only when the **Data Disk Encryption** function is enabled. This parameter indicates the key ID corresponding to the selected key name. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Data Disk Key Name | This parameter is mandatory when the **Data Disk Encryption** function is enabled. Select the name of the key used to encrypt the data disk. By default, the default master key named **evs/default** is selected. You can select another master key from the drop-down list. | + | | | + | | If disks are encrypted using a CMK, which is then disabled or scheduled for deletion, the disks can no longer be read from or written to, and data on these disks may never be restored. Exercise caution when performing this operation. | + | | | + | | Click **View Key List** to enter a page where you can create and manage keys. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Alarm | If the alarm function is enabled, the cluster maintenance personnel can be notified in a timely manner to locate faults when the cluster runs abnormally or the system is faulty. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Rule Name | Name of the rule for sending alarm messages. The value can contain only digits, letters, hyphens (-), and underscores (_). | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Topic Name | Select an existing topic or click **Create Topic** to create a topic. To deliver messages published to a topic, you need to add a subscriber to the topic. For details, see :ref:`Adding Subscriptions to a Topic `. | + | | | + | | A topic serves as a message sending channel, where publishers and subscribers can interact with each other. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Logging | Whether to collect logs when cluster creation fails. | + | | | + | | After the logging function is enabled, system logs and component run logs are automatically collected and saved to the OBS file system in scenarios such as cluster creation failures and scale-out or scale-in failures for O&M personnel to quickly locate faults. The log information is retained for a maximum of seven days. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Kerberos Authentication | Whether to enable Kerberos authentication when logging in to Manager. | + | | | + | | - |image5|: If **Kerberos Authentication** is disabled, common users can use all functions of an MRS cluster. You are advised to disable Kerberos authentication in single-user scenarios. | + | | - |image6|: If **Kerberos Authentication** is enabled, common users cannot use the file and job management functions of an MRS cluster and cannot view cluster resource usage or the job records for Hadoop and Spark. To use more cluster functions, the users must contact the Manager administrator to assign more permissions. You are advised to enable Kerberos authentication in multi-user scenarios. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Username | Name of the administrator of Manager. **admin** is used by default. | + | | | + | | For versions earlier than MRS 1.7.2, this parameter needs to be configured only when **Kerberos Authentication** is enabled: |image7| | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Password | Password of the Manager administrator | + | | | + | | The following requirements must be met: | + | | | + | | - Must contain 8 to 26 characters. | + | | - Must contain at least four of the following: | + | | | + | | - Lowercase letters | + | | - Uppercase letters | + | | - Digits | + | | - Have at least one of the following special characters: !?,.: -_{} [ ]@ $% ^ + = / | + | | | + | | - Cannot be the same as the username or the username spelled backwards. | + | | | + | | Password Strength: The colorbar in red, orange, and green indicates weak, medium, and strong password, respectively. | + | | | + | | For versions earlier than MRS 1.7.2, this parameter needs to be configured only when **Kerberos Authentication** is enabled: |image8| | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Confirm Password | Enter the password of the Manager administrator again. | + | | | + | | For versions earlier than MRS 1.7.2, this parameter needs to be configured only when **Kerberos Authentication** is enabled: |image9| | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Login Mode | - Password | + | | | + | | You can log in to ECS nodes using a password. | + | | | + | | A password must meet the following requirements: | + | | | + | | #. Must be a string and 8 to 26 characters long. | + | | #. The password must contain at least four types of the following characters: uppercase letters, lowercase letters, digits, and special characters (``! ?,.: -_{} [ ]@ $% ^ + = /``). | + | | #. The password cannot be the username or the reverse username. | + | | | + | | - Key Pair | + | | | + | | Key pairs are used to log in to ECS nodes of the cluster. Select a key pair from the drop-down list. Select "I acknowledge that I have obtained private key file *SSHkey-xxx* and that without this file I will not be able to log in to my ECS." If you have never created a key pair, click **View Key Pair** to create or import a key pair. And then, obtain a private key file. | + | | | + | | A key pair, also called an SSH key, consists of a public key and a private key. You can create an SSH key and download the private key for authenticating remote login. For security, a private key can only be downloaded once. Keep it secure. | + | | | + | | Use an SSH key in either of the following two methods: | + | | | + | | #. Creating an SSH key: After you create an SSH key, a public key and a private key are generated. The public key is stored in the system, and the private key is stored in the local ECS. When you log in to an ECS, the public and private keys are used for authentication. | + | | #. Importing an SSH key: If you have obtained the public and private keys, import the public key into the system. When you log in to an ECS, the public and private keys are used for authentication. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Secure Communications | MRS clusters provision, manage, and use big data components through the management console. Big data components are deployed in a user's VPC. If the MRS management console needs to directly access big data components deployed in the user's VPC, you need to enable the corresponding security group rules after you have obtained user authorization. This authorization process is called secure communications. For details, see :ref:`Communication Security Authorization `. | + | | | + | | If the secure communications function is not enabled, MRS clusters cannot be created. | + +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ Failed to Create a Cluster -------------------------- diff --git a/umn/source/configuring_a_cluster/installing_third-party_software_using_bootstrap_actions.rst b/umn/source/configuring_a_cluster/installing_third-party_software_using_bootstrap_actions.rst index d9c2c71..a2dd5ec 100644 --- a/umn/source/configuring_a_cluster/installing_third-party_software_using_bootstrap_actions.rst +++ b/umn/source/configuring_a_cluster/installing_third-party_software_using_bootstrap_actions.rst @@ -5,9 +5,7 @@ Installing Third-Party Software Using Bootstrap Actions ======================================================= -This operation applies to MRS 3.\ *x* or earlier clusters. - -In MRS 3.\ *x*, bootstrap actions cannot be added during cluster creation. +This operation applies to clusters earlier than MRS 3.x. Prerequisites ------------- diff --git a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24010_flume_certificate_file_is_invalid_or_damaged.rst b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24010_flume_certificate_file_is_invalid_or_damaged.rst index b1e8df9..8128efd 100644 --- a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24010_flume_certificate_file_is_invalid_or_damaged.rst +++ b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24010_flume_certificate_file_is_invalid_or_damaged.rst @@ -78,11 +78,19 @@ Procedure 7. Run the following command to generate a new certificate file. Then check whether the alarm is automatically cleared one hour later. - **sh geneJKS.sh -f** *sNetty12@* **-g** *cNetty12@* + **sh geneJKS.sh -f** *Custom certificate password of the Flume role on the server* **-g** *Custom certificate password of the Flume role on the client* - If yes, go to :ref:`8 `. - If no, go to :ref:`9 `. + .. note:: + + The custom certificate passwords must meet the following complexity requirements: + + - Contain at least four types of uppercase letters, lowercase letters, digits, and special characters. + - Contain 8 to 64 characters. + - Be changed periodically (for example, every three months), and certificates and trust lists are generated again to ensure security. + 8. .. _alm-24010__li57811511185514: Check whether this alarm is generated again during periodic system check. diff --git a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24011_flume_certificate_file_is_about_to_expire.rst b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24011_flume_certificate_file_is_about_to_expire.rst index 7f7c4b1..7086e29 100644 --- a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24011_flume_certificate_file_is_about_to_expire.rst +++ b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24011_flume_certificate_file_is_about_to_expire.rst @@ -74,11 +74,19 @@ Procedure Run the following command to generate a new certificate file. Then check whether the alarm is automatically cleared one hour later. - **sh geneJKS.sh -f** *sNetty12@* **-g** *cNetty12@* + **sh geneJKS.sh -f** *Custom certificate password of the Flume role on the server* **-g** *Custom certificate password of the Flume role on the client* - If yes, go to :ref:`9 `. - If no, go to :ref:`8 `. + .. note:: + + The custom certificate passwords must meet the following complexity requirements: + + - Contain at least four types of uppercase letters, lowercase letters, digits, and special characters. + - Contain 8 to 64 characters. + - Be changed periodically (for example, every three months), and certificates and trust lists are generated again to ensure security. + 8. .. _alm-24011__li6673192244411: Log in to the Flume node for which the alarm is generated as user **omm** and repeat :ref:`6 ` to :ref:`7 `. Then, check whether the alarm is automatically cleared one hour later. diff --git a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24012_flume_certificate_file_has_expired.rst b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24012_flume_certificate_file_has_expired.rst index bf359a4..1320b12 100644 --- a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24012_flume_certificate_file_has_expired.rst +++ b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24012_flume_certificate_file_has_expired.rst @@ -75,11 +75,19 @@ Procedure Run the following command to generate a new certificate file. Then check whether the alarm is automatically cleared one hour later. - **sh geneJKS.sh -f** *sNetty12@* **-g** *cNetty12@* + **sh geneJKS.sh -f** *Custom certificate password of the Flume role on the server* **-g** *Custom certificate password of the Flume role on the client* - If yes, go to :ref:`8 `. - If no, go to :ref:`7 `. + .. note:: + + The custom certificate passwords must meet the following complexity requirements: + + - Contain at least four types of uppercase letters, lowercase letters, digits, and special characters. + - Contain 8 to 64 characters. + - Be changed periodically (for example, every three months), and certificates and trust lists are generated again to ensure security. + 7. .. _alm-24012__li172496117507: Log in to the Flume node for which the alarm is generated as user **omm** and repeat :ref:`5 ` to :ref:`6 `. Then, check whether the alarm is automatically cleared one hour later. diff --git a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24013_flume_monitorserver_certificate_file_is_invalid_or_damaged.rst b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24013_flume_monitorserver_certificate_file_is_invalid_or_damaged.rst index 61baf53..5130e81 100644 --- a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24013_flume_monitorserver_certificate_file_is_invalid_or_damaged.rst +++ b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24013_flume_monitorserver_certificate_file_is_invalid_or_damaged.rst @@ -78,11 +78,19 @@ Procedure 7. Run the following command to generate a new certificate file. Then check whether the alarm is automatically cleared one hour later. - **sh geneJKS.sh -m** *sKitty12@* **-n** *cKitty12@* + **sh geneJKS.sh -m** *Custom password of the MonitorServer certificate on the server* **-n** *Custom password of the MonitorServer certificate on the client* - If yes, go to :ref:`8 `. - If no, go to :ref:`9 `. + .. note:: + + The custom certificate passwords must meet the following complexity requirements: + + - Contain at least four types of uppercase letters, lowercase letters, digits, and special characters. + - Contain 8 to 64 characters. + - Be changed periodically (for example, every three months), and certificates and trust lists are generated again to ensure security. + 8. .. _alm-24013__li57811511185514: Check whether this alarm is generated again during periodic system check. diff --git a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24014_flume_monitorserver_certificate_is_about_to_expire.rst b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24014_flume_monitorserver_certificate_is_about_to_expire.rst index 3ddd302..05f5699 100644 --- a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24014_flume_monitorserver_certificate_is_about_to_expire.rst +++ b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24014_flume_monitorserver_certificate_is_about_to_expire.rst @@ -74,11 +74,19 @@ Procedure Run the following command to generate a new certificate file. Then check whether the alarm is automatically cleared one hour later. - **sh geneJKS.sh -m** *sKitty12@* **-n** *cKitty12@* + **sh geneJKS.sh -m** *Custom password of the MonitorServer certificate on the server* **-n** *Custom password of the MonitorServer certificate on the client* - If yes, go to :ref:`9 `. - If no, go to :ref:`8 `. + .. note:: + + The custom certificate passwords must meet the following complexity requirements: + + - Contain at least four types of uppercase letters, lowercase letters, digits, and special characters. + - Contain 8 to 64 characters. + - Be changed periodically (for example, every three months), and certificates and trust lists are generated again to ensure security. + 8. .. _alm-24014__li6673192244411: Log in to the Flume node for which the alarm is generated as user **omm** and repeat :ref:`6 ` to :ref:`7 `. Then, check whether the alarm is automatically cleared one hour later. diff --git a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24015_flume_monitorserver_certificate_file_has_expired.rst b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24015_flume_monitorserver_certificate_file_has_expired.rst index 2095dc0..5f42d80 100644 --- a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24015_flume_monitorserver_certificate_file_has_expired.rst +++ b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/alarm_reference_applicable_to_mrs_3.x/alm-24015_flume_monitorserver_certificate_file_has_expired.rst @@ -75,11 +75,19 @@ Procedure Run the following command to generate a new certificate file. Then check whether the alarm is automatically cleared one hour later. - **sh geneJKS.sh -m** *sKitty12@* **-n** *cKitty12@* + **sh geneJKS.sh -m** *Custom password of the MonitorServer certificate on the server* **-n** *Custom password of the MonitorServer certificate on the client* - If yes, go to :ref:`8 `. - If no, go to :ref:`7 `. + .. note:: + + The custom certificate passwords must meet the following complexity requirements: + + - Contain at least four types of uppercase letters, lowercase letters, digits, and special characters. + - Contain 8 to 64 characters. + - Be changed periodically (for example, every three months), and certificates and trust lists are generated again to ensure security. + 7. .. _alm-24015__li172496117507: Log in to the Flume node for which the alarm is generated as user **omm** and repeat :ref:`5 ` to :ref:`6 `. Then, check whether the alarm is automatically cleared one hour later. diff --git a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/security_management/security_overview/user_account_list.rst b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/security_management/security_overview/user_account_list.rst index e55b844..0833d50 100644 --- a/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/security_management/security_overview/user_account_list.rst +++ b/umn/source/fusioninsight_manager_operation_guide_applicable_to_3.x/security_management/security_overview/user_account_list.rst @@ -50,6 +50,8 @@ System Users | Node OS user | ommdba | Random password | User that creates the system database. This user is an OS user generated on the management node and does not require a unified password. This account cannot be used for remote login. | For details, see :ref:`Changing the Password for an OS User `. | +----------------------+-------------+-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------+ | | omm | Bigdata123@ | Internal running user of the system. This user is an OS user generated on all nodes and does not require a unified password. | | +| | | | | | +| | | | In MRS 3.2.0-LTS.2 or later, the password of user **omm** is randomly generated. | | +----------------------+-------------+-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------+ Internal System Users diff --git a/umn/source/managing_clusters/bootstrap_actions/adding_a_bootstrap_action.rst b/umn/source/managing_clusters/bootstrap_actions/adding_a_bootstrap_action.rst index 13aa65e..ac29e43 100644 --- a/umn/source/managing_clusters/bootstrap_actions/adding_a_bootstrap_action.rst +++ b/umn/source/managing_clusters/bootstrap_actions/adding_a_bootstrap_action.rst @@ -7,7 +7,7 @@ Adding a Bootstrap Action Add a bootstrap action. -This operation applies to MRS 3.\ *x* or earlier clusters. +This operation applies to clusters earlier than MRS 3.\ *x*. Procedure ---------