Mailing-List: contact common-user-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
Reply-To: common-user@hadoop.apache.org
Received-SPF: pass (nike.apache.org: domain of michael_segel@hotmail.com
 designates 65.55.34.209 as permitted sender)
Message-ID: <COL117-W581E64D23F004B90C325958F950@phx.gbl>
Content-Type: multipart/alternative;
	boundary="_deb5eea0-e242-4e3e-8e5c-0afd7950a8c3_"
From: Michael Segel <michael_segel@hotmail.com>
To: <common-user@hadoop.apache.org>
Subject: RE: Best practices - Large Hadoop Cluster
Date: Tue, 10 Aug 2010 18:55:28 -0500
Importance: Normal
In-Reply-To: <997223.34532.qm@web33503.mail.mud.yahoo.com>
References: 
 <982106.53616.qm@web33504.mail.mud.yahoo.com>,<8B12A3D37FC04AEB9AE98ED290EB937E@china.huawei.com>
 <COL117-W60BAEEFC6E5C76EBF31A878F950@phx.gbl>,<997223.34532.qm@web33503.mail.mud.yahoo.com>
MIME-Version: 1.0

--_deb5eea0-e242-4e3e-8e5c-0afd7950a8c3_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


Raj...

Ok=2C one of the things we have at one of my clients is the hadoop user's a=
ccount is actually a centralized account. (User's accounts are mounted as t=
hey log in to the machine.)
So you have a single account hadoop for all of the machines.

So when you set up the keys=2C they are in the ~hadoop account.

So you have a bit of work w 512 nodes=2C and yeah=2C its painful for the fi=
rst time.

Like I said=2C I don't have a cloud of 512 nodes=2C and when I am building =
the cloud of 20+ machines=2C setting up ssh is just part of the process.

If you set up hadoop as a system service=2C then does that mean when you bo=
ot the machine=2C your node goes up on its own like other services?=20
I personally don't think that's a good idea...

I haven't evaluated puppet=2C I'm pulled yet again in to other things....

So I don't have an answer.

My point was that you ca go through and add the user/password keys as part =
of the build process and while painful=2C its not that painful. (Trust me=
=2C there's worse things that can get dropped on your desk. =3B-)

-Mike


> Date: Tue=2C 10 Aug 2010 13:06:51 -0700
> From: rajvish@yahoo.com
> Subject: Re: Best practices - Large Hadoop Cluster
> To: common-user@hadoop.apache.org
>=20
> Mike
> 512 nodes=2C even a minute for each node ( ssh-ing to each node=2C typing=
 a 8=20
> character password=2C ensuring that everything looks ok) is about 8.5 hou=
rs. After=20
> that if something does not work=2C that is a different level of pain alto=
gether.=20
>=20
> Using scp to exchange keys simply does not scale.
>=20
> My question was simple=2C how do other people in the group who run large =
clusters=20
> manage this?  Brian put it better=3B Whats is the best=2C duplicatable  w=
ay of=20
> running hadoop  when the cluster is large. I agree=2C this is not a hadoo=
p=20
> question per se=2C but hadoop is really what I care about now.
>=20
> Thanks to others for useful suggestions. I will examine them and post a s=
ummary=20
> if anyone is interested.
>=20
> Raj
>=20
>=20
>=20
>=20
>=20
> ________________________________
> From: Michael Segel <michael_segel@hotmail.com>
> To: common-user@hadoop.apache.org
> Sent: Tue=2C August 10=2C 2010 11:36:14 AM
> Subject: RE: Best practices - Large Hadoop Cluster
>=20
>=20
> I'm a little confused by Raj's problem.
>=20
> If you follow the instructions outlined in the Hadoop books and everywher=
e else=20
> about setting up ssh keys=2C you shouldn't have a problem.
> I'd just ssh as the hadoop user to each of the nodes before trying to sta=
rt=20
> hadoop for the first time.
>=20
> At 512 nodes=2C I think you may run in to other issues... (I don't know=
=2C I don't=20
> have 512 machines to play with :-(  ) And puppet has been recommended a c=
ouple=20
> of times.
>=20
> Just my $0.02
>=20
> -Mike
>=20
>=20
> > Date: Tue=2C 10 Aug 2010 23:43:12 +0530
> > From: gokulm@huawei.com
> > Subject: RE: Best practices - Large Hadoop Cluster
> > To: common-user@hadoop.apache.org
> >=20
> >=20
> > Hi Raj=2C
> >=20
> >     As per my understanding the problem is with ssh password each time
> > you start/stop the cluster. You need password less startup shutdown rig=
ht.?
> >=20
> >     Here is my way of overcoming the ssh problem=20
> >=20
> >     Write a shell script as follows:
> >    =20
> >     1. Generate a ssh key from the namenode machine (where you will
> > start/stop the cluster)
> >=20
> >     2. Read each entry from the conf/slaves file and do the following
> >    =20
> >         2.1 add the key you generated in step 1 to the ssh
> > authorized_keys file of the datanode machine that you got in step 2
> > something like below script
> >             cat $HOME/.ssh/public_key_file | ssh username@host '
> > cat >> $HOME/.ssh/authorized_keys'
> >=20
> >=20
> >     3. Repeat step 2 for conf/masters also
> >=20
> >     Note: Password must be specified for the specified username@host
> > first time since the ssh command given in point 2.1 requires it.=20
> >        =20
> >     Now you can start/stop your hadoop cluster without ssh password
> > overhead
> >=20
> >=20
> >  Thanks=2C
> >   Gokul
> > =20
> >   =20
> > =20
> > ***********************************************************************=
*****
> > ***********
> >=20
> > -----Original Message-----
> > From: Raj V [mailto:rajvish@yahoo.com]=20
> > Sent: Tuesday=2C August 10=2C 2010 7:16 PM
> > To: common-user@hadoop.apache.org
> > Subject: Best practices - Large Hadoop Cluster
> >=20
> > I need to start setting up a large - hadoop cluster of 512 nodes . My
> > biggest=20
> > problem is the SSH keys. Is there a simpler way of generating and excha=
nging
> > ssh=20
> > keys among the nodes? Any best practices? If there is none=2C I could
> > volunteer to=20
> > do it=2C
> >=20
> > Raj
 		 	   		  =

--_deb5eea0-e242-4e3e-8e5c-0afd7950a8c3_--