port = '7180'
api_version = 'v17'
api_url = api_host + ':' + port + '/api/' + api_version
api_client = cm_client.ApiClient(api_url)
role_config_group_resource = cm_client.RoleConfigGroupsResourceApi(api_client)
node_manager_base_config = role_config_group_resource.read_config(
"cluster", "yarn-NODEMANAGER-BASE", "yarn")
#for configItem in node_manager_base_config.items:
# print(configItem.name + ": " + configItem.value);
#new_config = cm_client.ApiConfig(name="yarn_nodemanager_resource_memory_mb", value="262144")
new_config = cm_client.ApiConfig(name=yarn - key, value=yarn - val)
new_config_list = cm_client.ApiConfigList([new_config])
res = role_config_group_resource.update_config("cluster",
"yarn-NODEMANAGER-BASE",
"yarn",
message="",
body=new_config_list)
res = role_config_group_resource.update_config("cluster",
"yarn-NODEMANAGER-1",
"yarn",
message="",
body=new_config_list)
res = role_config_group_resource.update_config("cluster",
"yarn-NODEMANAGER-2",
"yarn",
def create_cluster(self):
# accept trial licence
try:
self.cm_api.begin_trial()
except ApiException as exc:
if exc.status == 400 and 'Trial has been used' in exc.body:
pass # This can be ignored
else:
raise
# Install CM Agent on host
with open(self.key_file, "r") as f:
key = f.read()
self._import_paywall_credentials()
instargs = cm_client.ApiHostInstallArguments(
host_names=[self.host],
user_name='root',
private_key=key,
cm_repo_url=self.cm_repo_url,
java_install_strategy='NONE',
ssh_port=22,
passphrase='')
cmd = self.cm_api.host_install_command(body=instargs)
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to add host to the cluster')
# create MGMT/CMS
api_service = cm_client.ApiService()
api_service.roles = [
cm_client.ApiRole(type='SERVICEMONITOR'),
cm_client.ApiRole(type='HOSTMONITOR'),
cm_client.ApiRole(type='EVENTSERVER'),
cm_client.ApiRole(type='ALERTPUBLISHER')
]
self.mgmt_api.auto_assign_roles() # needed?
self.mgmt_api.auto_configure() # needed?
self.mgmt_api.setup_cms(body=api_service)
cmd = self.mgmt_api.start_command()
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to start Management Services')
# Update host-level parameter required by SMM
self.all_hosts_api.update_config(
message='Updating parameter for SMM',
body=cm_client.ApiConfigList([
cm_client.ApiConfig(
name='host_agent_safety_valve',
value=
'kafka_broker_topic_partition_metrics_for_smm_enabled=true'
)
]))
# create the cluster using the template
with open(self.template) as f:
json_str = f.read()
Response = namedtuple("Response", "data")
dst_cluster_template = self.api_client.deserialize(
response=Response(json_str),
response_type=cm_client.ApiClusterTemplate)
cmd = self.cm_api.import_cluster_template(add_repositories=True,
body=dst_cluster_template)
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to deploy cluster template')
# All parcel downloads should've already been done at this point, so we can safely remove the paywall credentials
self._reset_paywall_credentials()
if self.use_kerberos:
self._enable_kerberos()
def _enable_kerberos(self, kerberos_type, ipa_host):
# Update Kerberos configuration
config = [
cm_client.ApiConfig(name='KRB_AUTH_ENABLE', value='true'),
cm_client.ApiConfig(name='KRB_ENC_TYPES',
value='aes256-cts rc4-hmac'),
cm_client.ApiConfig(name='PUBLIC_CLOUD_STATUS',
value='ON_PUBLIC_CLOUD'),
cm_client.ApiConfig(name='SECURITY_REALM', value='WORKSHOP.COM'),
]
if kerberos_type == 'MIT':
config += [
cm_client.ApiConfig(name='KDC_ADMIN_HOST',
value=local_hostname()),
cm_client.ApiConfig(name='KDC_HOST', value=local_hostname()),
cm_client.ApiConfig(name='KDC_TYPE', value='MIT KDC'),
]
else:
config += [
cm_client.ApiConfig(name='KDC_ADMIN_HOST', value=ipa_host),
cm_client.ApiConfig(name='KDC_HOST', value=ipa_host),
cm_client.ApiConfig(name='KDC_TYPE', value='Red Hat IPA'),
cm_client.ApiConfig(name='AUTH_BACKEND_ORDER',
value='LDAP_THEN_DB'),
cm_client.ApiConfig(
name='LDAP_BIND_DN',
value=
'uid=ldap_bind_user,cn=users,cn=accounts,dc=workshop,dc=com'
),
cm_client.ApiConfig(name='LDAP_BIND_PW', value=the_pwd()),
cm_client.ApiConfig(
name='LDAP_GROUP_SEARCH_BASE',
value='cn=groups,cn=accounts,dc=workshop,dc=com'),
cm_client.ApiConfig(name='LDAP_GROUP_SEARCH_FILTER',
value='(member={0})'),
cm_client.ApiConfig(name='LDAP_TYPE', value='LDAP'),
cm_client.ApiConfig(name='LDAP_URL',
value='ldaps://' + ipa_host),
cm_client.ApiConfig(
name='LDAP_USER_SEARCH_BASE',
value='cn=users,cn=accounts,dc=workshop,dc=com'),
cm_client.ApiConfig(name='LDAP_USER_SEARCH_FILTER',
value='(uid={0})'),
]
if cm_version() < [7, 5, 3]:
# These properties were removed in OPSAPS-61384 (CM 7.5.3)
config += [
cm_client.ApiConfig(
name='LDAP_BIND_DN_MONITORING',
value=
'uid=ldap_bind_user,cn=users,cn=accounts,dc=workshop,dc=com'
),
cm_client.ApiConfig(name='LDAP_BIND_PW_MONITORING',
value=the_pwd()),
]
self.cm_api.update_config(message='Updating Kerberos config',
body=cm_client.ApiConfigList(config))
# Import Kerberos credentials
cmd = self.cm_api.import_admin_credentials(password=the_pwd(),
username=self.krb_princ)
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to import admin credentials')
cm_client.configuration.username = '******'
cm_client.configuration.password = '******'
api_client = cm_client.ApiClient("http://localhost:7180/api/v19")
cm_api = cm_client.ClouderaManagerResourceApi(api_client)
# accept trial licence
cm_api.begin_trial()
# Update Cloudera Manager config for KRB
body = cm_client.ApiConfigList()
body.items=[
cm_client.ApiConfig(name='KDC_HOST', value='YourHostname'),
cm_client.ApiConfig(name='KDC_ADMIN_HOST', value='YourHostname'),
cm_client.ApiConfig(name='KDC_TYPE', value='MIT KDC'),
cm_client.ApiConfig(name='KRB_ENC_TYPES', value='aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 arcfour-hmac-md5'),
cm_client.ApiConfig(name='SECURITY_REALM', value='CLOUDERA.COM'),
cm_client.ApiConfig(name='KRB_MANAGE_KRB5_CONF', value='true')
]
api_response = cm_api.update_config(message="KRB", body=body)
# Import KDC admin credentials
cmd = cm_api.import_admin_credentials(password='******', username='******')
wait(cmd)
# Install CM Agent on host
with open ("/root/myRSAkey", "r") as f:
def setup_cm(self, key_file, cm_repo_url, use_kerberos, use_tls,
kerberos_type, ipa_host):
# Accept trial licence
try:
self.cm_api.begin_trial()
except ApiException as exc:
if exc.status == 400 and 'Trial has been used' in exc.body:
pass # This can be ignored
else:
raise
# Install CM Agent on host
with open(key_file, "r") as f:
key = f.read()
if self.host not in [
h.hostname for h in self.hosts_api.read_hosts().items
]:
instargs = cm_client.ApiHostInstallArguments(
host_names=[self.host],
user_name='root',
private_key=key,
cm_repo_url=cm_repo_url,
java_install_strategy='NONE',
ssh_port=22,
passphrase='')
cmd = self.cm_api.host_install_command(body=instargs)
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to add host to the cluster')
# Create MGMT/CMS
try:
self.mgmt_api.read_service()
print("Cloudera Management Services already installed")
cms_exists = True
except cm_client.rest.ApiException as e:
cms_exists = False
if not cms_exists:
print("Installing Cloudera Management Services")
api_service = cm_client.ApiService()
api_service.roles = [
cm_client.ApiRole(type='SERVICEMONITOR'),
cm_client.ApiRole(type='HOSTMONITOR'),
cm_client.ApiRole(type='EVENTSERVER'),
cm_client.ApiRole(type='ALERTPUBLISHER')
]
self.mgmt_api.setup_cms(body=api_service)
cmd = self.mgmt_api.start_command()
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to start Management Services')
# Update cluster banner
c_id = cluster_id()
banner = 'Cluster ID: {}, Host: {}'.format(c_id, socket.gethostname())
header_color = HEADER_COLORS[c_id % len(HEADER_COLORS)]
self.cm_api.update_config(
message='Customizing CM header and banner',
body=cm_client.ApiConfigList([
cm_client.ApiConfig(name='CUSTOM_BANNER_HTML', value=banner),
cm_client.ApiConfig(name='CUSTOM_HEADER_COLOR',
value=header_color),
]))
# Update host-level parameter required by SMM
self.all_hosts_api.update_config(
message='Updating parameter for SMM',
body=cm_client.ApiConfigList([
cm_client.ApiConfig(
name='host_agent_safety_valve',
value=
'kafka_broker_topic_partition_metrics_for_smm_enabled=true'
)
]))
# Enable kerberos
if use_kerberos:
self._enable_kerberos(kerberos_type, ipa_host)
# Enable TLS
if use_tls:
self._enable_tls()
# Restart Mgmt Services
cmd = self.mgmt_api.restart_command()
cmd = self.wait(cmd)
specified_role_config_group = role_config_group_name_displayname_mapping[
specified_role_config_group_display_name]
if configuration in config_by_group:
structures_for_config = config_by_group[configuration]
picked_role_config_group = specified_role_config_group or _.find(
structures_for_config, lambda x: _.ends_with(x, '-BASE'))
if _.index_of(structures_for_config, picked_role_config_group) != -1:
# updating configuration
print("Updating: '" + configuration + "' for '" +
picked_role_config_group + "' config group")
updating_counter += 1
try:
new_config = cm_client.ApiConfig(name=configuration,
value=value)
new_config_list = cm_client.ApiConfigList([new_config])
res = role_config_group_resource_api.update_config(
cluster_name=cluster,
role_config_group_name=picked_role_config_group,
service_name=service,
message="",
body=new_config_list)
if (args.verbose):
print('Response: ' + res)
print("Updated: '" + configuration + "' for '" +
picked_role_config_group + "' config group")
updated_counter += 1
except ApiException as exc:
if (args.verbose):
print(exc)
java_install_strategy='NONE',
ssh_port=22,
passphrase='')
cmd = cm_api.host_install_command(body=instargs)
wait(cmd)
# Configure Hosts with property needed by SMM
host_api = cm_client.AllHostsResourceApi(api_client)
message = 'updating CM Agent safety valve for SMM'
body = cm_client.ApiConfigList(
) # ApiConfigList | Configuration changes. (optional)
body.items = [
cm_client.ApiConfig(
name="host_agent_safety_valve",
value="kafka_broker_topic_partition_metrics_for_smm_enabled=true")
]
cmd = host_api.update_config(message=message, body=body)
# create MGMT/CMS
mgmt_api = cm_client.MgmtServiceResourceApi(api_client)
api_service = cm_client.ApiService()
api_service.roles = [
cm_client.ApiRole(type='SERVICEMONITOR'),
cm_client.ApiRole(type='HOSTMONITOR'),
cm_client.ApiRole(type='EVENTSERVER'),
cm_client.ApiRole(type='ALERTPUBLISHER')
]
cm_client.configuration.username = '******'
cm_client.configuration.password = '******'
api_client = cm_client.ApiClient("http://localhost:7180/api/v40")
cm_api = cm_client.ClouderaManagerResourceApi(api_client)
# accept trial licence
cm_api.begin_trial()
# Update Cloudera Manager config for KRB
body = cm_client.ApiConfigList()
body.items=[
cm_client.ApiConfig(name='KDC_HOST', value='YourHostname'),
cm_client.ApiConfig(name='KDC_ADMIN_HOST', value='YourHostname'),
cm_client.ApiConfig(name='KDC_TYPE', value='MIT KDC'),
cm_client.ApiConfig(name='KRB_ENC_TYPES', value='aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 arcfour-hmac-md5'),
cm_client.ApiConfig(name='SECURITY_REALM', value='CLOUDERA.COM'),
cm_client.ApiConfig(name='KRB_MANAGE_KRB5_CONF', value='true')
]
api_response = cm_api.update_config(message="KRB", body=body)
# Import KDC admin credentials
cmd = cm_api.import_admin_credentials(password='******', username='******')
wait(cmd)
# Install CM Agent on host
def _enable_kerberos(self):
# Update Kerberos configuration
self.cm_api.update_config(
message='Updating Kerberos config',
body=cm_client.ApiConfigList([
cm_client.ApiConfig(name='KDC_ADMIN_HOST',
value='edge2ai-1.dim.local'),
cm_client.ApiConfig(name='KDC_HOST',
value='edge2ai-1.dim.local'),
cm_client.ApiConfig(name='KDC_TYPE', value='MIT KDC'),
cm_client.ApiConfig(name='KRB_ENC_TYPES',
value='aes256-cts rc4-hmac'),
cm_client.ApiConfig(name='PUBLIC_CLOUD_STATUS',
value='ON_PUBLIC_CLOUD'),
cm_client.ApiConfig(name='SECURITY_REALM',
value='WORKSHOP.COM'),
]))
# Import Kerberos credentials
cmd = self.cm_api.import_admin_credentials(password=self.krb_pass,
username=self.krb_princ)
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to import admin credentials')
# Configure Kerberos for the cluster
cluster_name = 'OneNodeCluster'
cmd = self.cluster_api.configure_for_kerberos(
cluster_name,
body=cm_client.ApiConfigureForKerberosArguments(
datanode_transceiver_port=1004, datanode_web_port=1006))
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to configure services for Kerberos')
# Stop cluster
cmd = self.cluster_api.stop_command(cluster_name)
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to stop cluster')
# Stop Mgmt Services
cmd = self.mgmt_api.stop_command()
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to stop management services')
# Start Mgmt Services
cmd = self.mgmt_api.start_command()
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to start management services')
# Start cluster
cmd = self.cluster_api.start_command(cluster_name)
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to start cluster')
# Deploy client config
cmd = self.cluster_api.deploy_client_config(cluster_name)
cmd = self.wait(cmd)
if not cmd.success:
raise RuntimeError('Failed to deploy client config')
