Ambari talk at Hadoop Summit, Tokyo 2016
Abstract
Apache Ambari has become an indispensable tool for operating Hadoop clusters from as small as 10s of nodes to 1000s of nodes. Ambari’s deep knowledge of the Hadoop stack allows it to deploy a cluster within minutes and manage the entire lifecycle: scaling, security, upgrades, and more. This talk will cover the central features important to cluster operators and the latest innovations from the community. We will discuss automatically deploying clusters with Blueprints, adding custom services, scaling the number of hosts as the data needs grow, adding High Availability for critical services, securing with MIT kerberos, and upgrading the Hadoop stack with features like Rolling & Express Upgrade. More advanced users will also be interested in using Ambari’s powerful REST API to automate workflows. For users and data scientists, Ambari provides LDAP sync, Role-Based Access Control to handle user permissions, and a framework to host Ambari Views such as as the newly added Views for Hive, Oozie, Capacity Scheduler, Tez, Storm, and Zeppelin. Lastly, we will cover how to monitor the health of the cluster via Alerts and troubleshoot problems by using new features like LogSearch and Ambari Metrics Systems integrated with Grafana UI.
Takumi
Nissan's Legendary Takumi: Four Master Craftsmen Who Hand-Build Every Nissan GT-R Engine
http://nissannews.com/en-US/nissan/usa/channels/nissan360/releases/nissan-s-legendary-takumi-four-master-craftsmen-who-hand-build-every-nissan-gt-r-engine
Takumi Kurosawa, Tsunemi Ooyama, Izumi Shioya and Nobumitsu Gozu
Takumi for Hadoop
Services
Config
Provision on the cloud
Metrics
Alerts
Security
Host management
Views framework
One of the most active Apache projects.
Cadence is 2-3 major releases per year, with follow up maintenance releases in the months after.
http://jsfiddle.net/mp8rqq5x/2/
Log Search : Solr, Logfeeder (similar to Logstash), and Grafana UI
Zeppelin
A web-based notebook for interactive data analytics.
Data exploration and visualization that can plugin to multiple data back ends
Role Based Access Control
Deploy: Blueprints with Host Discovery
Secure: Kerberos, LDAP syncSmart Configs: stack advisor, painful to configure a thousand related knobs. E.g, change zoozkeeper quorum then that has an effect on several services. Log folder, then affects log search.
Upgrade: Rolling and Express Upgrade, get patches
Monitor: Ambari Alerts, Ambari Metrics
Analyze, Scale, Extend: Views, Management Packs
Cloudbreak can install on Amazon EC2, MSFT Azure,
Cluster install takes 5-10 mins, mostly downloading packages, installing bits, and starting services.
Used by HDInsight (Microsoft Azure) and Hortonworks QA
Allow cluster creation or scaling to be started via the REST API prior to all/any hosts being available. As hosts register with Ambari server they will be matched to request host groups and provisioned according to the requested topology
Allow host predicates to be specified along with host count to provide more flexibility in matching hosts to host groups. This will allow for host flavors where different host groups are matched to different host flavors
Break up the current monolithic provisioning request into a request for each host operation. For example, install on host A, start on host A, install on hostB, etc. This will allow hosts to make progress even when another host encounters a failure.
Allow a host count to be specified in the cluster creation template instead of host names. This is documented in https://issues.apache.org/jira/browse/AMBARI-6275
Install a cluster with two API calls
The blueprint contains the configs, assignment of topology to host group, stack version
The creation actually assigns hosts to each host group.
The blueprint contains the configs, assignment of topology to host group, stack version
The creation actually assigns hosts to each host group.
The blueprint contains the configs, assignment of topology to host group, stack version
The creation actually assigns hosts to each host group.
The blueprint contains the configs, assignment of topology to host group, stack version
The creation actually assigns hosts to each host group.
Dynamic availability
Allow host_count to be specified instead of host_namesAs hosts register, they will be matched to the request host groups and provisioned according to to the requested topology
When specifying a host_count, a predicate can also be specified for finer-grained control
Dynamic availability
Allow host_count to be specified instead of host_namesAs hosts register, they will be matched to the request host groups and provisioned according to to the requested topology
When specifying a host_count, a predicate can also be specified for finer-grained control
3 Terabytes since units is in MB
Hadoop is a business critical data platform for enterprise. These corporations require a layered security model focusing on various aspects of security: authentication, authorization, auditing, data protection and data governance.
Kerberos: Strong Authentication for Users and Service
LDAP/AD: External User Authentication Service v/s authenticated users in Ambari DB
Services: Ranger, Atlas, Knox.
Ranger: setup security policies on who can access what. Authorization of audit files, plugins for other services like HDFS, Hive, Storm, etc.
Atlas: Data governance and track lineage of data to ensure compliance, especially in health care and financial institutions
Knox: perimeter security for HTTP and REST calls in the Hadoop Services. Works with SSL, Kerberos.
Kerberos Key Distribution Center so we can define service principals and keytabs.
Can use existing KDC (key distribution center) or install one for Hadoop
Hadoop uses a rule-based system to create mappings between service principals and their related UNIX username
As Ambari grows and organizations grow, so do security needs
Users have fine-grained roles over the cluster and individual views.
Granular authorization checks to distribute the responsibilities and privileges of authenticated users
Stack Advisor, can now ship the recommendations for a service with the service itself, instead of a monolithic stack advisor for the entire stack.
Makes it easier to integrate customer services
Express Upgrade: fasted method to upgrade the stack since upgrades an entire component in batches of 100 hosts at a time
Rolling Upgrade, one component at a time per host, which can take up to 1 min. For a 100 node cluster with
Express Upgrade: fasted method to upgrade the stack since upgrades an entire component in batches of 100 hosts at a time
Rolling Upgrade, one component at a time per host, which can take up to 1 min. For a 100 node cluster with
Express Upgrade: fasted method to upgrade the stack since upgrades an entire component in batches of 100 hosts at a time
Rolling Upgrade, one component at a time per host, which can take up to 1 min. For a 100 node cluster with
This Grafana instance is specifically for AMS, not meant to be general-purpose
If customer is already using Grafana, this is not a replacement.
Grafana will support read-only access for anonymous users, and HTTPS
Aggregates across entire cluster, filter by host, top/bottom x, functions like avg/sum/min/max, filter by date range
This is not HDP Search, it is not something that the customer has to separately license, it is an embedded Solr instance
Agent/Collection process running on each host
Written in Java
Tails all service log files
Parses logs using Grok/regex. Can merge multiple line logs, e.g. stack trace
On restart, can resume from last read line. Uses checkpoint files to maintain state
Extendable design to send logs to multiple destination type.
Currently can send logs to Solr and Kafka
upgrade individual components in the same stack version, e.g., just DN and RM in HDP 2.5.*.* with zero downtime