Running Commands on Remote Secure Clusters
Describes how to manage multiple secure clusters from one secure cluster.
About this task
You can manage a number of secure clusters by running maprcli
commands
from one cluster only, if you do not want to log into each secure cluster separately and
run maprcli commands locally on them.
For example, suppose that you needed to manage the two secure clusters A and B. One method of doing so would be to log into each cluster separately and run commands locally on each. However, it is possible to log into A only and manage both clusters from A, running commands locally for A and remotely for B. When you type the maprcli commands, you would use the -cluster parameter in those commands to specify which cluster you want the commands to run on.
One scenario in which this method can be helpful is in setting up and managing table replication between two secure clusters. You could decide whether to run all commands from a secure source cluster or a secure destination cluster.
To configure two secure clusters for management from a single secure cluster:
Procedure
- Choose which secure cluster you want to run commands from. In the rest of these steps, this cluster is referred to as the administrative cluster.
-
Configure the administrative cluster for communicating with the other clusters by
editing
mapr-clusters.conf
on each node in the cluster. See mapr-clusters.conf -
For each remote secure cluster, follow these steps.
-
Copy the
ssl_truststore
from the/opt/mapr/conf
directory of the remote secure cluster into a temporary directory on the administrative cluster. -
On the administrative cluster, merge the
ssl_truststore
of the remote cluster with thessl_truststore
of the administrative cluster by using the/opt/mapr/server/manageSSLKeys.sh
utility. For example, if you copied thessl_truststore
file of the remote secure cluster as/tmp/remote_ssl_truststore
, you would use this command to merge the files:/opt/mapr/server/manageSSLKeys.sh merge /tmp/remote_ssl_truststore /opt/mapr/conf/ssl_truststore
-
Copy the merged
ssl_truststore
file to every node on the administrative cluster.
-
Copy the
- Run the maprlogin utility from the administrative cluster to obtain maprtickets for each of the remote clusters.
Results
test-volume
from the cluster named
remotecluster2
as path /test
:
maprlogin password -cluster remotecluster2
maprcli volume mount -cluster remotecluster2 -name test-volume -path /test