This Blog assumes you have 2 clusters up and running securely
Note :-
Source Cluster - Node 10.10.70.111
Destination Cluster - Node 10.10.70.109
Steps to setup mapr-db table replication in secure environment are as below.
1) On all node in SOURCE CLUSTER verify that
maprserverticket , cldb.key , ssl_truststore, ssl_keystore are same. Run md5sum
on these file on each node to confirm.
2) On all node in DESTINATION CLUSTER verify that maprserverticket , cldb.key , ssl_truststore, ssl_keystore are same. Run md5sum on these file on each node to confirm.
3) Copy /opt/mapr/conf/ssl_truststore from DESTINATION CLUSTER to cldb node of SOURCE CLUSTER under /tmp/ and run the below command to merge ssl_truststore on SOURCE CLUSTER.
2) On all node in DESTINATION CLUSTER verify that maprserverticket , cldb.key , ssl_truststore, ssl_keystore are same. Run md5sum on these file on each node to confirm.
3) Copy /opt/mapr/conf/ssl_truststore from DESTINATION CLUSTER to cldb node of SOURCE CLUSTER under /tmp/ and run the below command to merge ssl_truststore on SOURCE CLUSTER.
Note: Ignore ssl_truststore merge step if in
case you have already done it earlier.
$ chmod 644 /opt/mapr/conf/ssl_truststore
$ /opt/mapr/server/manageSSLKeys.sh merge /tmp/ssl_truststore /opt/mapr/conf/ssl_truststore
$ chmod 444 /opt/mapr/conf/ssl_truststore
$ chmod 644 /opt/mapr/conf/ssl_truststore
$ /opt/mapr/server/manageSSLKeys.sh merge /tmp/ssl_truststore /opt/mapr/conf/ssl_truststore
$ chmod 444 /opt/mapr/conf/ssl_truststore
4) Copy the merged truststore file '/opt/mapr/conf/ssl_truststore' on all the node in SOURCE CLUSTER under /opt/mapr/conf/
5) Generate cross-cluster ticket from
DESTINATION CLUSTER , in this case i created ticket to last for 10 years.
$ maprlogin generateticket -type crosscluster -out /tmp/destination-ticket -duration 3650:0:0
Note: - It is critical to specify an appropriate value for the duration. After the ticket expires, communication between the clusters will stop. In this example, the duration of ten years is given for convenience of explanation. Use a value that is consistent with your security policies.
6) Copy file /tmp/destination-ticket from
DESTINATION CLUSTER to SOURCE CLUSTER's cldb node under /tmp.
7) At SOURCE CLUSTER append the content of file
/tmp/destination-ticket in /opt/mapr/conf/maprserverticket .
$ cat /tmp/destination-ticket >> /opt/mapr/conf/maprserverticket
8) Copy file /opt/mapr/conf/maprserverticket on
all the nodes in SOURCE CLUSTER .
9) Stop zookeeper and warden in SOURCE CLUSTER followed by starting ZK and then warden once ZK is up
10) On SOURCE CLUSTER create user ticket for user mapr for source and destination cluster .
maprlogin password -cluster
Dest
cat /tmp/maprticket_2000
Source
KV34qQ0jtmQXObJglDiZqqHHm507pbYOsHd4qIEEavC+0PGDlB/YeTBGReOxf+EleSEO78pYvNqzoqK5uK+5Gibx0v+XPEyl2UuDgBR6GUBwx4yUUxnUY7Ct4STdcHmvcyE47AVM4gXc9ivQCvkokyIvZwYiGtwVQ8rnTNrLuzuUPAH8GMbR486UgMQ8axy8QIcA2zexIT0K0Ct7Fj612UPVonXZDfnAB2yG5gEhdmxLOMPmQLm9qt6f49Pzrn96IwHGLXQtUAmfrTwrbPPPOSUshA==
Dest
4D9Z469Y3j7h3sy2CVZwQrlXDEWHCtmCENQQGFvVzoGsytXp4K3OLOf+BZhLIoTBZuu2uzmV/1SbnqYUfO9NXsxAx3Bomez9iZ3ni7Kfk9m9CTEPydl9updp8IFQZ83jQ7IERM3WgN/rouEg3T/BnwPA2+U2cnGjeeCgXH3lmopJGiYFCegXWhhn9TmKawH0Vp4f3tDBBo2nWjr1sCnBvsBXhYP6DQzA3vLdmbGWQn6d2IJRNUA0irG8MSjxzZ4E9y4S2hu4gnLYE0IXgXNoWWhawQ==
11) Create table and put some data.
$ echo "create '/user/mapr/AbiSourcet1', {NAME => 'c1', VERSIONS => 1}" | hbase shell
$ echo "put '/user/mapr/AbiSourcet1', 'r1', 'c1', '$(date)'" | hbase shell
12) Install mapr-gateway package at DESTINATION CLUSTER if not present and make SOURCE SIDE aware of G/W.
On DESTINATION CLUSTER : yum install mapr-gayeway -y ( Configure.sh and restart of cluster will be needed for warden to manage this service )
On Source Cluster : maprcli cluster gateway resolve -dstcluster Dest ( Command to verify source cluster
Source GatewayHosts can resolve Destination G/W )
mapr-clusters.conf 10.10.70.109:7660
Command to make Source cluster aware of destination G/W
On Source Cluster: $ maprcli cluster gateway set -dstcluster <des_cluster_name> -gateways <dest_gateway_hostname>
13) Now set up and start replication between a source table and replica table.
$ maprcli table replica autosetup -path
/mapr/Source/user/mapr/AbiSourcet1 -replica /mapr/Dest/user/mapr/AbiDestt1
Above command does below steps in background :
- Creates a table on the replication cluster with the required column families
- Declares the new table to be a replica of the source table with a paused replication state.
- Declares the source table as an upstream source for the replica.
- Runs the CopyTables utility to load a copy of the source data into the replica.
- Clears the paused replication state to start the replication stream.
14) Add new row in table from
source side and verify from destination side if upgrade was received on replica to make sure replication is working as expected
echo "put
'/user/mapr/AbiSourcet1', 'r4', 'c1', '$(date)'" | hbase shell