CDP-DC的安装部署
CDP DC7.1是Cloudera与Hortonworks合并后,第一个融合CDH和HDP所有组件的on-premise并且可用于生产环境的版本,CDP Data Center主要由Cloudera Runtime构成,Cloudera Runtime由超过35个开源项目组成,当然CDP Data Center还包括其它功能如管理功能Cloudera Manager,Key Management,专业支持等,如下图所示:
Cloudera Runtime的主要组件版本如下图所示:
Component | Version |
|---|---|
Cruise Control | 2.0.100 |
Apache Hadoop | 3.1.1 |
Apache HBase | 2.2.3 |
HDFS | 3.1.1 |
Apache Hive | 3.1.3000 |
Hue | 4.5.0 |
Apache Impala | 3.2.0 |
Apache Kafka | 2.4.1 |
Apache Knox | 1.3.0 |
Apache Kudu | 1.12.0 |
Apache Oozie | 5.1.0 |
Apache Parquet | 1.10.99 |
Schema Registry | 0.8.1 |
Search | 1.0.0 |
Solr | 8.4.1 |
Apache Spark | 2.4.0 |
Apache Sqoop | 1.4.7 |
Streams Messaging Manager | 2.1.0 |
Streams Replication Manager | 1.0.0 |
Apache Tez | 0.9.1 |
YARN | 3.1.1 |
Apache Zookeeper | 3.5.5 |
Apache Zeppelin | 0.8.2 |
本文档主要描述如何在Redhat7.7安装CDP Data Center7.1。CDP Data Center的安装步骤和CDH的安装步骤一致,主要包括以下四部分:
1) 安全前置准备,包括安装操作系统、关闭防火墙、同步服务器时钟等;
2) 外部数据库如Mysql/PostgreSQL安装
3) 安装Cloudera Manager;
4) 安装Cloudera Runtime集群;
前提条件
请务必注意CDP Data Center的安装前置条件,请参考《CDP Data Center部署的前置条件》
测试环境
1) Cloudera Manager版本为7.1.1
2) Cloudera Runtime的版本为7.1.1.0
3) Redhat 7.7
4) OpenJDK 1.8.0_141
5) MariaDB 10.2
6) root用户安装
7) 5节点
前置准备
hostname及hosts配置
集群中各个节点之间能互相通信使用静态IP地址。IP地址和主机名通过/etc/hosts配置,主机名通过/etc/hostname进行配置。
以cm节点(172.31.118.74)为例:
2.1.1. hostname配置
/etc/hostname文件如下:
[root@grocery-1 ~]# cat /etc/hostname
grocery-1.vpc.cloudera.com或者你可以通过命令修改立即生效
[root@grocery-1 ~]# hostnamectl set-hostname grocery-1.vpc.cloudera.comhosts配置
/etc/hosts文件如下:
[root@grocery-1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.31.118.74 grocery-1.vpc.cloudera.com grocery-1 以上两步操作,在集群中其它节点做相应配置。确认需要安装的5台主机的hosts文件:
这里使用DNS,所有hosts文件中没有配置所有节点的IP地址。如果使用hosts文件,则需要将所有节点的IP地址配置到/etc/hosts文件中。
配置互信
在管理节点上生成密钥,并配置对所有节点的互信。
生成密钥:
[root@xuefeng-1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:RRLaFGHVSxkfwWF/gkY19oWSVSxpZvEbLyXofaW51c0 root@xuefeng-1.vpc.cloudera.com
The key's randomart image is:
+---[RSA 2048]----+
| B=o.oB@Oo|
| = o .**O*o|
| . . ..+*+oB|
| . o.. BO|
| S . =.E|
| = |
| . |
| |
| |
+----[SHA256]-----+
[root@xuefeng-1 ~]#对于需要交互输入的部分,输入回车即可(企业如果有内部要求,则按照要求进行)
将生成的密钥分发给所有节点,配置对所有节点的互信。
for i in {1..4}; do ssh-copy-id -i ~/.ssh/id_rsa.pub grocery-$i.vpc.cloudera.com ; done
交互式输入yes和对应节点的访问密码即可。
检查互信
主节点对其他节点的互信完成后,在主节点上执行一个在所有节点上都执行的命令,来进行互信验证,确认不需要输入密码可以访问其他节点。
[root@grocery-1 ~]# for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com " hostname -A" ; done
grocery-1.vpc.cloudera.com
grocery-2.vpc.cloudera.com
grocery-3.vpc.cloudera.com
grocery-4.vpc.cloudera.com
[root@grocery-1 ~]#
配置操作系统repo
如果系统已经挂载了操作系统的repo,则跳过该步。否则需要现在操作机上配置操作系统的镜像。
挂载操作系统iso文件
[ec2-user@ip-172-31-2-159 ~]$ sudo mkdir /media/DVD1
[ec2-user@ip-172-31-2-159 ~]$ sudo mount -o loop
CentOS-7-x86_64-DVD-1611.iso /media/DVD1/
配置操作系统repo
[ec2-user@ip-172-31-2-159 ~]$ sudo vim /etc/yum.repos.d/local_os.repo
[local_iso]
name=CentOS-$releasever - Media
baseurl=file:///media/DVD1
gpgcheck=0
enabled=1
[ec2-user@ip-172-31-2-159 ~]$ sudo yum repolist
2.4. 安装其他工具软件
操作节点安装以下工具软件
yum -y install createrepo wget unzip
2.5. 安装http服务
2.5.1. 安装httpd服务
[root@xuefeng-1 ~]# sudo yum -y install httpd
2.5.2. 修改配置文件
修改/etc/httpd/conf/httpd.conf配置文件,在<IfModule mime_module>中修改以下内容
AddType application/x-gzip .gz .tgz .parcel
4.保存httpd.conf的修改,并重启httpd服务
设置并启动httpd服务
[root@grocery-1 ~]# vi /etc/httpd/conf/httpd.conf
[root@grocery-1 ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@grocery-1 ~]# systemctl start httpd
[root@grocery-1 ~]#
通过浏览器访问http://grocery-1.vpc.cloudera.com/ 测试,如果可以正常访问HTTP服务即可,如下图所示。
重制OS的repo
安装完httpd后,重新制作操作系统repo,换成http的方式方便其它服务器也可以访问
[ec2-user@ip-172-31-2-159 ~]$ sudo mkdir /var/www/html/iso
[ec2-user@ip-172-31-2-159 ~]$ sudo scp -r /media/DVD1/* /var/www/html/iso/
[ec2-user@ip-172-31-2-159 ~]$ sudo vim /etc/yum.repos.d/os.repo
[osrepo]
name=os_repo
baseurl=http://grocery-1.vpc.cloudera.com/iso/
enabled=true
gpgcheck=false
[ec2-user@ip-172-31-2-159 ~]$ sudo yum repolist
OS的Repo分发
将操作系统的repo文件分发到其他机器上。
for i in {2..5}; do scp /etc/yum.repos.d/os.repo grocery-$i.vpc.cloudera.com:/etc/yum.repos.d/os.repo; done2.6. 升级软件和系统内核
使用下面的命令升级所有包同时也升级软件和系统内核。
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com " yum -y update " ; done
禁用SELinux
在所有节点执行setenforce 0 命令,此处使用批处理shell执行:
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'setenforce 0 ' ;done
修改配置文件来关闭SELinux。
#关闭selinux
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'echo "SELINUX=disabled" > /etc/selinux/config ' ;done也可以手工修改/etc/selinux/config文件如下:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
关闭防火墙
集群所有节点执行 systemctl stop命令,此处通过shell批量执行命令如下:
##关闭防火墙
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'systemctl disable firewalld' ;done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'systemctl stop firewalld.service ' ;done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'systemctl list-unit-files | grep firewalld ' ;done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'systemctl status firewalld.service' ;done
集群时钟同步
在Redhat7.x的操作系统上,已经默认的安装了chrony,我们这里先卸载chrony,然后安装ntp。使用ntp来配置各台机器的时钟同步,将cm(172.31.6.83)服务作为本地ntp服务器,其它3台服务器与其保持同步。
所有机器卸载chrony
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'yum -y remove chrony' ;done
所有机器安装ntp和ntpdate
##设置时区和时钟同步
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'yum install -y ntp ntpdate ' ;done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com ' timedatectl set-timezone Asia/Shanghai' ;done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'chkconfig --level 345 ntpd on ' ;done 
cm机器配置时钟与自己同步
如果企业有自己的时钟服务器,则都同步企业自身的时钟服务器,否则同步CM的时钟。
[root@grocery-1 ~]# vim /etc/ntp.conf
#server 0.rhel.pool.ntp.org iburst
#server 1.rhel.pool.ntp.org iburst
#server 2.rhel.pool.ntp.org iburst
#server 3.rhel.pool.ntp.org iburst
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
集群其它节点,配置找cm机器去同步
#server 0.rhel.pool.ntp.org iburst
#server 1.rhel.pool.ntp.org iburst
#server 2.rhel.pool.ntp.org iburst
#server 3.rhel.pool.ntp.org iburst
server grocery-1.vpc.cloudera.com 
重启所有机器的ntp服务
所有服务器使用ntpdate强制同步时间
[root@grocery-1 ~]# for i in {2..4}; do ssh grocery-$i.vpc.cloudera.com ' systemctl stop ntpd' ;done
[root@grocery-1 ~]# #强制和时钟服务器时间同步,排除自己
[root@grocery-1 ~]# for i in {2..4}; do ssh grocery-$i.vpc.cloudera.com ' ntpdate 10.65.51.45' ;done
24 Nov 16:12:21 ntpdate[9538]: adjust time server 10.65.51.45 offset 0.000399 sec
24 Nov 16:12:27 ntpdate[28877]: adjust time server 10.65.51.45 offset -0.000211 sec
24 Nov 16:12:33 ntpdate[28874]: adjust time server 10.65.51.45 offset -0.000204 sec
启动所有机器的ntp服务
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'systemctl enable ntpd ' ;done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'systemctl start ntpd ' ;done
#for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com ' systemctl status ntpd' ;done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com ' ntpq -p' ;done
验证始终同步
等待几分钟后,在所有节点执行ntpq -p命令,如下使用脚本批量执行
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com ' ntpq -p' ;done
左边出现*号表示同步成功。
设置swap
管理节点执行
[root@grocery-1 ~]# #设置vm.swappiness
[root@grocery-1 ~]# for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com ' echo "vm.swappiness = 1" >> /etc/sysctl.conf' ;done
[root@grocery-1 ~]# for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com ' sysctl vm.swappiness=1' ;done
vm.swappiness = 1
vm.swappiness = 1
vm.swappiness = 1
vm.swappiness = 1
[root@grocery-1 ~]# 
设置透明大页面
管理节点执行
[root@grocery-1 ~]# #设置vm.swappiness
[root@grocery-1 ~]# for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com ' echo "vm.swappiness = 1" >> /etc/sysctl.conf' ;done
[root@grocery-1 ~]# for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com ' sysctl vm.swappiness=1' ;done
vm.swappiness = 1
vm.swappiness = 1
vm.swappiness = 1
vm.swappiness = 1
[root@grocery-1 ~]# 
设置开机自关闭
将如下脚本添加到/etc/rc.d/rc.local文件中
if test -f /sys/kernel/mm/transparent_hugepage/enabled; then echo never > /sys/kernel/mm/transparent_hugepage/enabled fi
if test -f /sys/kernel/mm/transparent_hugepage/defrag; then echo never > /sys/kernel/mm/transparent_hugepage/defrag fi
同步到所有节点
[root@xuefeng-1 ~]# for i in {2..5}; do scp /etc/rc.d/rc.local grocery-$i.vpc.cloudera.com:/etc/rc.d/rc.local; done
rc.local 100% 723 3.7MB/s 00:00
rc.local 100% 723 4.0MB/s 00:00
rc.local 100% 723 3.9MB/s 00:00
rc.local 100% 723 3.9MB/s 00:00
[root@xuefeng-1 ~]#
关闭iptables
管理节点执行:
#关闭iptables
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'systemctl stop iptables' ;done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'chkconfig iptables off' ;done 
设置limits
管理节点执行:
#设置limits
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'echo "hdfs - nofile 32768" >> /etc/security/limits.conf';done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'echo "mapred - nofile 32768" >> /etc/security/limits.conf';done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'echo "hbase - nofile 32768" >> /etc/security/limits.conf';done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'echo "hdfs - noproc 32768" >> /etc/security/limits.conf';done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'echo "mapred - noproc 32768" >> /etc/security/limits.conf';done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com 'echo "hbase - noproc 32768" >> /etc/security/limits.conf';done
安装MySQL
安装MySQL官网的yum源
# 下载yum源的rpm包
wget https://dev.mysql.com/get/mysql57-community-release-el7-11.noarch.rpm# 安装rpm包
rpm -Uvh mysql57-community-release-el7-11.noarch.rpm执行如下:
# 检查是否有mysql源
[root@xuefeng-1 ~]# yum repolist enabled | grep mysql
mysql-connectors-community/x86_64 MySQL Connectors Community 131
mysql-tools-community/x86_64 MySQL Tools Community 100
mysql57-community/x86_64 MySQL 5.7 Community Server 384
[root@xuefeng-1 ~]#
安装MySQL5.7
yum install -y mysql-community-server
启动Mysql数据库
#首先启动MySQL
systemctl start mysqld.service#查看MySQL运行状态,运行状态如图:
systemctl status mysqld.service
此时MySQL已经开始正常运行,不过要想进入MySQL还得先找出此时root用户的密码,通过如下命令可以在日志文件中找出密码:
grep "password" /var/log/mysqld.log
[root@xuefeng-1 ~]# grep "password" /var/log/mysqld.log
2019-11-03T09:54:09.465350Z 1 [Note] A temporary password is generated for root@localhost: 3fcldi;VleaZ
[root@xuefeng-1 ~]#
修改root默认密码
如下命令进入数据库:
[root@localhost ~]# mysql -uroot -p输入初始密码,此时不能做任何事情,因为MySQL默认必须修改密码之后才能操作数据库:
mysql> set password=password("!Beijing28");这里有个问题,新密码设置的时候如果设置的过于简单会报错:
原因是因为MySQL有密码设置的规范,具体是与validate_password_policy的值有关:
MySQL完整的初始密码规则可以通过如下命令查看:
mysql> SHOW VARIABLES LIKE 'validate_password%';
+--------------------------------------+--------+
| Variable_name | Value |
+--------------------------------------+--------+
| validate_password_check_user_name | OFF |
| validate_password_dictionary_file | |
| validate_password_length | 8 |
| validate_password_mixed_case_count | 1 |
| validate_password_number_count | 1 |
| validate_password_policy | MEDIUM |
| validate_password_special_char_count | 1 |
+--------------------------------------+--------+
7 rows in set (0.00 sec)
mysql>密码的长度是由validate_password_length决定的,而validate_password_length的计算公式是:
validate_password_length = validate_password_number_count + validate_password_special_char_count + (2 * validate_password_mixed_case_count)启动并配置MySQL
1.停止Mysql服务
systemctl stop mysqld2.将旧的InnoDB日志/var/lib/mysql/ib_logfile0和/var/lib/mysql/ib_logfile1移动到备份目录
[root@xuefeng-1 ~]# pwd
/root
[root@xuefeng-1 ~]# mkdir backup
[root@xuefeng-1 ~]# mv /var/lib/mysql/ib_logfile* /root/backup/
[root@xuefeng-1 ~]#
然后修改mysql的配置文件/etc/my.cnf
vi /etc/my.cnf
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/5.7/en/server-configuration-defaults.html
[mysqld]
#设置编码为utf-8
character_set_server=utf8
init_connect='SET NAMES utf8'
#
# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M
#
# Remove leading # to turn on a very important data integrity option: logging
# changes to the binary log between backups.
# log_bin
#
# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
transaction-isolation = READ-COMMITTED
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
key_buffer_size = 32M
max_allowed_packet = 32M
thread_stack = 256K
thread_cache_size = 64
query_cache_limit = 8M
query_cache_size = 64M
query_cache_type = 1
max_connections = 550
#expire_logs_days = 10
#max_binlog_size = 100M
#log_bin should be on a disk with enough free space.
#Replace '/var/lib/mysql/mysql_binary_log' with an appropriate path for your
#system and chown the specified folder to the mysql user.
log_bin=/var/lib/mysql/mysql_binary_log
#In later versions of MySQL, if you enable the binary log and do not set
#a server_id, MySQL will not start. The server_id must be unique within
#the replicating group.
server_id=1
binlog_format = mixed
read_buffer_size = 2M
read_rnd_buffer_size = 16M
sort_buffer_size = 8M
join_buffer_size = 8M
# InnoDB settings
innodb_file_per_table = 1
innodb_flush_log_at_trx_commit = 2
innodb_log_buffer_size = 64M
innodb_buffer_pool_size = 4G
innodb_thread_concurrency = 8
innodb_flush_method = O_DIRECT
innodb_log_file_size = 512M
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
sql_mode=STRICT_ALL_TABLES
设置mysql自启动
sudo systemctl enable mysqld
sudo systemctl start mysqld
#配置数据库
sudo /usr/bin/mysql_secure_installation
[root@xuefeng-1 ~]# sudo systemctl enable mysqld
[root@xuefeng-1 ~]# sudo systemctl start mysqld
[root@xuefeng-1 ~]# #配置数据库
[root@xuefeng-1 ~]# sudo /usr/bin/mysql_secure_installation
Securing the MySQL server deployment.
Enter password for user root:
The 'validate_password' plugin is installed on the server.
The subsequent steps will run with the existing configuration
of the plugin.
Using existing password for root.
Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) : N
... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : n
... skipping.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!
[root@xuefeng-1 ~]#
创建数据库
创建安装配置CDH和CM所需要的数据库。
CREATE DATABASE scm DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
GRANT ALL ON scm.* TO 'scm'@'%' IDENTIFIED BY 'P@ssw0rd';
CREATE DATABASE amon DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
GRANT ALL ON amon.* TO 'amon'@'%' IDENTIFIED BY 'P@ssw0rd';
CREATE DATABASE rman DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
GRANT ALL ON rman.* TO 'rman'@'%' IDENTIFIED BY 'P@ssw0rd';
CREATE DATABASE hue DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
GRANT ALL ON hue.* TO 'hue'@'%' IDENTIFIED BY 'P@ssw0rd';
CREATE DATABASE hive DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
GRANT ALL ON hive.* TO 'hive'@'%' IDENTIFIED BY 'P@ssw0rd';
CREATE DATABASE ranger DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
GRANT ALL ON ranger.* TO 'rangeradmin'@'%' IDENTIFIED BY 'P@ssw0rd';
CREATE DATABASE nav DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
GRANT ALL ON nav.* TO 'nav'@'%' IDENTIFIED BY 'P@ssw0rd';
CREATE DATABASE navms DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
GRANT ALL ON navms.* TO 'navms'@'%' IDENTIFIED BY 'P@ssw0rd';
CREATE DATABASE oozie DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
GRANT ALL ON oozie.* TO 'oozie'@'%' IDENTIFIED BY 'P@ssw0rd';
Refresh;
安装jdbc驱动
从网上下载MySQL的jdbc驱动,并进行解压:
wget https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-5.1.46.tar.gztar zxvf mysql-connector-java-5.1.46.tar.gz
创建jdbc存放目录
for i in {1..5}; do ssh grocery-$i.vpc.cloudera.com " mkdir -p /usr/share/java/" ; done将jdbc拷贝到所有节点的对应目录
for i in {1..5}; do scp /root/mysql-connector-java-5.1.46/mysql-connector-java-5.1.46-bin.jar grocery-$i.vpc.cloudera.com:/usr/share/java/mysql-connector-java.jar; done
安装PostgreSQL
如果使用MariaDB,则跳过PostgreSQL的部分。
下载并安装yum源
从https://yum.postgresql.org/ 上下载PostgreSQL 10 的yum源,
从10进去后,选择对应的操作系统版本:
也可以将对应的链接保存,通过wget命令下载:
https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
安装PG的yum源
rpm -ivh pgdg-redhat-repo-latest.noarch.rpm
查看PG的yum源
ls -lrt /etc/yum.repos.d/
yum list postgresql*
安装PostgreSQL
我们这里安装PostgreSQL10的数据库版本,安装命令如下:
sudo yum -y install postgresql10-server
安装psycopg2的Python包
在Runtime 7中,Hue需要2.7.5或更高版本的psycopg2 Python软件包才能连接到PostgreSQL数据库。该psycopg2软件包会作为Cloudera Manager Agent的依赖项自动安装,但是安装的版本通常低于2.7.5。
如果要安装Runtime 7并将PostgreSQL用于Hue数据库,则必须psycopg2在所有Hue主机上安装 2.7.5或更高版本,如下所示。这些示例安装版本2.7.5:
1) 安装python-pip 软件包:
sudo yum -y install python-pip
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com " sudo yum -y install python-pip" ; done
2) 升级pip版本
pip install --upgrade pip
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com " pip install --upgrade pip " ; done
3) psycopg2使用pip以下命令安装2.7.5 :
sudo pip install psycopg2==2.7.5 --ignore-installed
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com " sudo pip install psycopg2==2.7.5 --ignore-installed " ; done
配置和启动PostgreSQL服务器
默认情况下,PostgreSQL仅接受回送接口上的连接。您必须重新配置PostgreSQL,以接受来自托管要为其配置数据库的服务的主机的完全限定域名(FQDN)的连接。如果不进行这些更改,则服务将无法连接并使用它们所依赖的数据库。
如果要更改现有数据库,请确保在继续之前停止使用该数据库的所有服务。
1) 确保将LC_ALL其设置为en_US.UTF-8并初始化数据库,如下所示:
RHEL 7:
echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf
/usr/pgsql-10/bin/postgresql-10-setup initdb
2) 启用MD5身份验证。编辑pg_hba.conf,通常在/var/lib/pgsql/data或/etc/postgresql/<version>/main中找到。
添加以下行:
host all all 127.0.0.1/32 md5如果默认pg_hba.conf文件包含以下行:
host all all 127.0.0.1/32 ident那么必须在该行之前插入上面显示的host指定md5身份验证的行。否则,运行脚本时可能会导致身份验证错误。
简单点可以允许所有机器通过md5方式访问。
您可以修改上面显示的行的内容以支持不同的配置。
3) 配置设置以确保您的系统按预期运行。在/var/lib/pgsql/data/postgresql.conf或 /var/lib/postgresql/data/postgresql.conf文件中更新这些设置。设置因群集大小和资源而异,如下所示:
• 中小型群集-将以下设置视为起点。如果资源有限,请考虑进一步减小缓冲区大小和检查点段。根据每个主机的资源利用率,可能需要进行持续的调整。例如,如果Cloudera Manager Server与其他角色在同一主机上运行,则可以接受以下值:
• max_connection-通常,允许主机上的每个数据库最大100个连接,然后添加50个额外的连接。如连接设置中所述,您可能必须增加可用于PostgreSQL的系统资源。
• shared_buffers -256MB(PG10无此参数)
• wal_buffers -8MB
• checkpoint_segments - 16(PG10无此参数)
• checkpoint_completion_target - 0.9
• listen_addresses = '*'
4) 配置PostgreSQL服务器以在启动时启动。
sudo systemctl enable postgresql-105) 重新启动PostgreSQL数据库:
sudo systemctl restart postgresql-10
2.15.5. 创建数据库
以下组件需要数据库:
• Cloudera Manager Server
• Cloudera Management Service roles:
• Reports Manager
• Hue
• Each Hive metastore
• Oozie
• Data Analytics Studio
• Ranger
必须将数据库配置为支持PostgreSQL UTF8字符集编码。
记录您输入的数据库名称,用户名和密码的值。Cloudera Manager安装向导需要此信息才能正确连接到这些数据库。
注意:
要使用DAS,请安装PostgreSQL数据库9.6版。
步骤:
1) 连接到PostgreSQL:
sudo -u postgres psql2) 从下表中为您正在使用的每个服务创建数据库:
CREATE ROLE <user> LOGIN PASSWORD '<password>';
CREATE DATABASE <database> OWNER <user> ENCODING 'UTF8';您可以为<database>, <user>和<password>使用任何所需的值。以下示例是Cloudera Manager配置设置中提供的默认名称,但是您不需要使用它们:
Table 1. Databases for Cloudera Software
Service | Service | User |
|---|---|---|
Cloudera Manager Server | scm | scm |
Activity Monitor | amon | amon |
Reports Manager | rman | rman |
Hue | hue | hue |
Hive Metastore Server | metastore | hive |
Oozie | oozie | oozie |
Data Analytics Studio | das | das |
建表语句如下:
CREATE ROLE scm LOGIN PASSWORD 'cloudera';
CREATE DATABASE scm OWNER scm ENCODING 'UTF8';
CREATE ROLE amon LOGIN PASSWORD 'cloudera';
CREATE DATABASE amon OWNER amon ENCODING 'UTF8';
CREATE ROLE rman LOGIN PASSWORD 'cloudera';
CREATE DATABASE rman OWNER rman ENCODING 'UTF8';
CREATE ROLE hue LOGIN PASSWORD 'cloudera';
CREATE DATABASE hue OWNER hue ENCODING 'UTF8';
CREATE ROLE hive LOGIN PASSWORD 'cloudera';
CREATE DATABASE metastore OWNER hive ENCODING 'UTF8';
CREATE ROLE oozie LOGIN PASSWORD 'cloudera';
CREATE DATABASE oozie OWNER oozie ENCODING 'UTF8';
CREATE ROLE das LOGIN PASSWORD 'cloudera';
CREATE DATABASE das OWNER das ENCODING 'UTF8';
CREATE ROLE rangeradmin LOGIN PASSWORD '!Beijing28';
CREATE DATABASE ranger OWNER rangeradmin ENCODING 'UTF8';
GRANT ALL PRIVILEGES ON DATABASE ranger TO rangeradmin;
安装Postgresql-jdbc驱动
1. 安装PostgreSQL连接器:
yum install postgresql-jdbc*2. 将连接器.jar文件复制到Java共享目录:
cp /usr/share/java/postgresql-jdbc.jar /usr/share/java/postgresql-connector-java.jar3. 确认.jar文件位于Java共享目录中:
ls /usr/share/java/postgresql-connector-java.jar4. 将.jar文件的访问模式更改为644:
chmod 644 /usr/share/java/postgresql-connector-java.jar完整命令如下:
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com " sudo yum -y install postgresql-jdbc* " ; done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com " cp /usr/share/java/postgresql-jdbc.jar /usr/share/java/postgresql-connector-java.jar " ; done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com " ls /usr/share/java/postgresql-connector-java.jar " ; done
for i in {1..4}; do ssh grocery-$i.vpc.cloudera.com " chmod 644 /usr/share/java/postgresql-connector-java.jar" ; done
2.16. 安装JDK
我们这里使用操作系统自带的openjdk,提前安装。也可以只安装Cloudera Manager Server节点,然后通过向导安装openJDK。
#安装openJDK1.8
for i in {1..5}; do ssh grocery-$i.vpc.cloudera.com 'yum -y install java-1.8.0-openjdk.x86_64 java-1.8.0-openjdk-headless.x86_64 java-1.8.0-openjdk-devel.x86_64' ;done
Cloudera Manager安装
4.1. 配置本地repo源
下载介质时注意选择自己需要的版本和对应的操作系统版本,下面以Cloudera Manager7.1.1和Cloudera Runtime7.1.1.0为示例。
1) 下载CM7.1.1的安装包,地址为:
https://archive.cloudera.com/cm7/7.1.1/redhat7/yum/RPMS/x86_64/cloudera-manager-agent-7.1.1-3274282.el7.x86_64.rpm
https://archive.cloudera.com/cm7/7.1.1/redhat7/yum/RPMS/x86_64/cloudera-manager-daemons-7.1.1-3274282.el7.x86_64.rpm
https://archive.cloudera.com/cm7/7.1.1/redhat7/yum/RPMS/x86_64/cloudera-manager-server-7.1.1-3274282.el7.x86_64.rpm
https://archive.cloudera.com/cm7/7.1.1/redhat7/yum/RPMS/x86_64/cloudera-manager-server-db-2-7.1.1-3274282.el7.x86_64.rpm
https://archive.cloudera.com/cm7/7.1.1/redhat7/yum/RPMS/x86_64/enterprise-debuginfo-7.1.1-3274282.el7.x86_64.rpm
https://archive.cloudera.com/cm7/7.1.1/redhat7/yum/RPMS/x86_64/openjdk8-8.0+232_9-cloudera.x86_64.rpm
https://archive.cloudera.com/cm7/7.1.1/redhat7/yum/RPM-GPG-KEY-cloudera
https://archive.cloudera.com/cm7/7.1.1/allkeys.asc批量下载命令为:
wget -nd -r -l1 --no-parent https://archive.cloudera.com/cm7/7.1.1/redhat7/yum/RPMS/x86_64/
wget https://archive.cloudera.com/cm7/7.1.1/redhat7/yum/RPM-GPG-KEY-cloudera
wget https://archive.cloudera.com/cm7/7.1.1/allkeys.asc1) 2.下载 Cloudera Runtime7.1.1的安装包,地址为:
https://archive.cloudera.com/cdh7/7.1.1.0/parcels/CDH-7.1.1-1.cdh7.1.1.p0.3266817-el7.parcel
https://archive.cloudera.com/cdh7/7.1.1.0/parcels/CDH-7.1.1-1.cdh7.1.1.p0.3266817-el7.parcel.sha256
https://archive.cloudera.com/cdh7/7.1.1.0/parcels/manifest.json
批量下载命令为:
wget -nd -r -l1 --no-parent https://archive.cloudera.com/cdh7/7.1.1.0/parcels/
4. 将Cloudera Manager安装需要的5个rpm包以及一个asc文件下载到本地,放在同一目录,执行createrepo命令生成rpm元数据。
[root@grocery-1 x86_64]# pwd
/var/www/html/cm7/7.1.1/redhat7/yum/RPMS/x86_64
[root@grocery-1 x86_64]# ls
cloudera-manager-agent-7.1.1-3274282.el7.x86_64.rpm cloudera-manager-server-db-2-7.1.1-3274282.el7.x86_64.rpm
cloudera-manager-daemons-7.1.1-3274282.el7.x86_64.rpm enterprise-debuginfo-7.1.1-3274282.el7.x86_64.rpm
cloudera-manager-server-7.1.1-3274282.el7.x86_64.rpm openjdk8-8.0+232_9-cloudera.x86_64.rpm
[root@grocery-1 x86_64]# createrepo .
Spawning worker 0 with 1 pkgs
Spawning worker 1 with 1 pkgs
Spawning worker 2 with 1 pkgs
Spawning worker 3 with 1 pkgs
Spawning worker 4 with 1 pkgs
Spawning worker 5 with 1 pkgs
Spawning worker 6 with 0 pkgs
Spawning worker 7 with 0 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@grocery-1 x86_64]#
在/var/www/html/cm7/7.1.1/redhat7/yum创建repo
4.配置Web服务器
将上述cdh7/cm7目录移动到/var/www/html目录下, 使得用户可以通过HTTP访问这些rpm包。
[root@ip-172-31-6-83 ~]# mv cdh7/ cm7/ /var/www/html/
验证浏览器能否正常访问
5.制作Cloudera Manager的repo源
[cmrepo]
name = cm_repo
baseurl = http://grocery-1.vpc.cloudera.com/cm7/7.1.1/redhat7/yum/RPMS/x86_64/
enable = true
gpgcheck = false
yum源检查,如果检查报错,则检查配置yum的配置文件和网络设置。
[root@grocery-1 x86_64]# yum repolist
Loaded plugins: amazon-id, search-disabled-repos
cmrepo | 2.9 kB 00:00:00
cmrepo/primary_db | 8.6 kB 00:00:00
repo id repo name status
cmrepo cm_repo 6
epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,300
mysql-connectors-community/x86_64 MySQL Connectors Community 153
mysql-tools-community/x86_64 MySQL Tools Community 110
mysql57-community/x86_64 MySQL 5.7 Community Server 424
rhel-7-server-rhui-rh-common-rpms/7Server/x86_64 Red Hat Enterprise Linux 7 Server - RH Common from RHUI (RPMs) 242
rhel-7-server-rhui-rpms/7Server/x86_64 Red Hat Enterprise Linux 7 Server from RHUI (RPMs) 29,082
rhui-client-config-server-7/x86_64 Custom Repositories - Red Hat Update Infrastructure 3 Client Confi 8
repolist: 43,325
[root@grocery-1 x86_64]#
安装Cloudera Manager Server
通过yum安装Cloudera Manager Server
使用软件包将Cloudera Manager安装在Cloudera Manager Server主机上。
在Cloudera Manager服务器主机上,键入以下命令以安装Cloudera Manager软件包:
sudo yum -y install cloudera-manager-daemons cloudera-manager-agent cloudera-manager-server
初始化数据库
初始化数据库的语法如下:
sudo /opt/cloudera/cm/schema/scm_prepare_database.sh [options] <databaseType> <databaseName> <databaseUser> <password>参数:
Parameter | Description |
|---|---|
<databaseType> | One of the supported database types:MariaDB: mysqlMySQL: mysqlOracle: oraclePostgreSQL: postgresql |
<databaseName> | 要使用的Cloudera Manager Server数据库的名称。对于MySQL、MariaDB和PostgreSQL数据库,如果您指定了-u 和 -p具有具有创建数据库和授予特权特权的用户凭据的选项。Cloudera Manager配置设置中提供的默认数据库名称是scm,但您不需要使用它。 |
<databaseUser> | 要创建或使用的Cloudera Manager Server数据库的用户名。Cloudera Manager配置设置中提供的默认用户名是scm,但您不需要使用它。 |
<password> | <databaseUser>创建或使用的密码。如果您不希望密码在屏幕上可见或存储在命令历史记录中,请不要指定密码,并提示您输入密码,如下所示Enter SCM password: |
选项:
Option | Description |
|---|---|
-?|--help | 显示帮助。 |
--config-path | Cloudera Manager服务器配置文件的路径。默认是 /etc/cloudera-scm-server. |
-f|--force | 如果指定,则在发生错误时脚本不会停止。 |
-h|--host | The IP address or hostname of the host where the database is installed. The default is to use localhost. |
-p|--password | The admin password for the database application. Use with the -u option. The default is no password. Do not put a space between -p and the password (for example, -phunter2). If you do not want the password visible on the screen or stored in the command history, use the -p option without specifying a password, and you are prompted to enter it as follows:Enter database password:如果您已经创建了数据库,请不要使用此选项。 |
-P|--port | 用于连接数据库的端口号。对于MariaDB,默认端口为3306,对于MySQL为3306,对于PostgreSQL为5432,对于Oracle为1521。此选项仅用于远程连接。 |
--scm-host | 安装Cloudera Manager Server的主机名。如果Cloudera Manager Server和数据库安装在同一主机上,请不要使用此选项,否则请不要使用-H 选项。 |
--scm-password-script | A script to execute whose stdout provides the password for user SCM (for the database). |
-u|--user | The admin username for the database application. Use with the -p option. Do not put a space between -u and the username (for example, -uroot). If this option is supplied, the script creates a user and database for the Cloudera Manager Server. If you have already created the database, do not use this option. |
这里执行命令如下:
[root@grocery-1 x86_64]# sudo /opt/cloudera/cm/schema/scm_prepare_database.sh mysql scm scm P@ssw0rd
JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.x86_64
Verifying that we can write to /etc/cloudera-scm-server
Creating SCM configuration file in /etc/cloudera-scm-server
Executing: /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.x86_64/bin/java -cp /usr/share/java/mysql-connector-java
.jar:/usr/share/java/oracle-connector-java.jar:/usr/share/java/postgresql-connector-java.jar:/opt/cloudera/cm/schema/../li
b/* com.cloudera.enterprise.dbutil.DbCommandExecutor /etc/cloudera-scm-server/db.properties com.cloudera.cmf.db.
Fri May 29 18:18:30 CST 2020 WARN: Establishing SSL connection without server's identity verification is not recommended.
According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit opti
on isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'fals
e'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for serve
r certificate verification.
[ main] DbCommandExecutor INFO Successfully connected to database.
All done, your SCM database is configured correctly!
[root@grocery-1 x86_64]# 
启动Cloudera Manager Server
1) 启动Cloudera Manager Server服务
systemctl start cloudera-scm-serversystemctl status cloudera-scm-server
2) 等待几分钟,以启动Cloudera Manager Server。要观察启动过程,请在Cloudera Manager Server主机上运行以下命令:
sudo tail -f /var/log/cloudera-scm-server/cloudera-scm-server.log当您看到此日志条目时,Cloudera Manager管理控制台已准备就绪:
INFO WebServerImpl:com.cloudera.server.cmf.WebServerImpl: Started Jetty server.
3) 检查端口是否监听
[root@grocery-1 html]# netstat -lnpt | grep 7180
tcp 0 0 0.0.0.0:7180 0.0.0.0:* LISTEN 12852/java 
4) 通过http:// grocery -1.vpc.cloudera.com:7180/ 访问CM
5) 使用admin/admin用户登录系统。
CDH安装
CDH集群安装向导
1) admin/admin登录到CM
这时有两个选项,一个是上传企业订阅的license,一个是使用60天试用,试用到期后无法访问Cloudera Manager的管理控制台。
我们这里先选择60天试用。弹出试用协议,如下图所示:
选择Yes,进行下一步
2) 点击“继续”,输入Basic集群的名称,也可以使用默认的”Cluster 1”:
3) 输入主机ip或者名称,点击搜索找到主机后点击继续
4) 点击“继续”
5) “CDH and other software”中选择“Parcel Repositories & Network Settings”,点击“ 更多选项”,点击“-”删除其它所有地址,输入http://grocery-1.vpc.cloudera.com/cdh7,点击“保存更改”
点击Save & Verify Configuration,验证通过,点击关闭
6) 点击“继续”,进入下一步安装jdk. 选择Install a Cloudera-provided version of OpenJDK,点击继续
我们这里使用OpenJDK,因此跳过。
7) 点击“继续”,进入下一步配置ssh账号密码,确保所有机器的root密码都一致,然后输入root的密码即可。
8) 点击“继续”,进入下一步,安装Cloudera Manager相关到各个节点
等待agent安装完毕后,自动跳转到下一步开始安装parcel
9) 点击“继续”,进入下一步安装cdh到各个节点
10) 自动进入下一步主机检查和网络检查,确保所有检查项均通过。
需要手工点击进行网络性能和主机检查。
如果有错误或者黄色警告,查看“显示检查器结果”,并逐项解决,然后“重新运行”检查,直到所有的检查都通过,否则没办法点击继续下一步。
点击完成进入服务安装向导。
集群设置安装向导
1) 选择需要安装的服务
自定义服务中可以看到所有组件,可以根据自己的需求来选择。
选择需要安装的服务,根据需要选择,这里随便选择Data Mart,也可以自定义服务
2) 点击“继续”,进入集群角色分配,一台机器作为管理节点,另外三台机器作为DataNode
注意:Cloudera Management Service中的Activity Monitor现在已经基本上不用,可以不安装该服务。Telemetry Publisher是遥感服务,用于Workload XM通信,如果没有计划使用Workload XM,则不需要安装该服务。ZooKeeper至少安装3节点,需要为奇数节点数。
3) 点击“继续”,进入下一步,测试数据库连接
测试都成功后才能点击继续。
4) 4.测试成功,点击继续。设置Ranger相关参数。这里密码都设置为P@ssw0rd
5) 点击“继续”,进入参数设置,此处使用默认参数,根据实际情况进行目录修改
6) 点击“继续”,进入各个服务启动
7) 安装成功,点击继续
如果安装的是Data Engineering版本,则截图如下:
8) 点击继续,进入安装总结页面
9) 安装成功后进入home管理界面
系统会自动恢复成没有错误的状态
组件版本检查
1) 通过Hosts->All Hosts进入All Hosts页面,然后执行Inspect All Hosts:
2) 执行完成后点击Show Inspector Results查看结果
3) 检查结果如下:
4) 产品版本信息如下:
可以看到CDP7.1.1版本包含的组件信息。
总结
- 从安装方式上来看,CDP DC7与CDH6变化不大,这也方便了CDH6的用户可以较为快速的迁移到CDP DC7,以及适应CDP DC7的安装与使用。
- 配置信息进行了简化。
- 安装向导界面有一些变化,现在可以一目了然的看到一共多少步骤,以及每个步骤是干什么。
- 安装条件前置没有任何变化,包括防火墙,Selinux关闭,ntp同步等等。可以参考Fayson之前的文章《CDH安装前置准备》
- Cloudera Manager自带的JDK直接提供的是OpenJDK1.8,同时支持OpenJDK11,而不是Oracle JDK,同样CDP DC也不再支持JDK1.7。