Support Questions

msumbul1 · ‎07-13-2017

Hi, Normally which user should start the process rest-api and the metron UI? Is it root, metron or hdfs? I'm asking that because if it's root, then we are not able to create a new sensor because root doesn't have the right access to write in the folder /apps/metron/patterns (in hdfs). Only the user hdfs have the right to write their.

A work around will be to do a chmod on the parent folder, but it's not really secure.

So the question is who should run/start the process metrion UI and rest api?

Thanks, Michel

jknulst · ‎08-10-2017

@msumbul

Rest and Mgt. UI should be run as user metron. It would work with other users but then you can expect ACL issues on folders like you mention. Don't be afraid to change a few -rwx- ACL's along the way.

Metron Rest and Metron Mgt. UI can only be managed from Ambari as of the new HCP1.2.1.0 release which is now available:

HCP-1.2.1.0

In that release you'll also get proper OS level services for both. Those are then triggered from the Ambari UI.

Everything prior to that; you can daemonize the Rest and Mgt. UI with nohup, screen or even create your own services for it, but it is not supported out-of-the-box, that is just the state of the project right now. I have created both as services myself for HCP-1.1.0.0 so it can be done.

View solution in original post

asubramanian · ‎07-14-2017

Hi @msumbul, it should be metron user. If you start rest and management-ui services through Ambari, you will notice this on the Metron node:

[root@metron-12 ~]# ps -ef | grep management_ui | grep -v grep
root     29281     1  0 Jul03 ?        00:00:00 runuser -s /bin/bash metron -c node /usr/metron/0.4.0/web/expressjs/server.js -c /usr/metron/0.4.0/config/management_ui.yml
metron   29283 29281  0 Jul03 ?        00:00:00 node /usr/metron/0.4.0/web/expressjs/server.js -c /usr/metron/0.4.0/config/management_ui.yml
[root@metron-12 ~]# ps -ef | grep rest | grep -v grep
root     26859     1  0 Jul03 ?        00:00:00 runuser -s /bin/bash metron -c java  -jar /usr/metron/0.4.0/lib/metron-rest-0.4.0.jar  --spring.config.location=/usr/metron/0.4.0/config/rest_application.yml --server.port=8082 --spring.profiles.active=dev
metron   26861 26859  0 Jul03 ?        00:50:11 java -jar /usr/metron/0.4.0/lib/metron-rest-0.4.0.jar --spring.config.location=/usr/metron/0.4.0/config/rest_application.yml --server.port=8082 --spring.profiles.active=dev

msumbul1 · ‎07-14-2017

Hi @asubramanian,

Thanks for your reply.

I followed the HCP documentation and it's never mention that the user metron should run the process. Moreover in the documentation it's specify to install and run the rest-api and metron-UI manually in command line.

HCP doc

Do you have any docuementation or tutorial to run rest-api and metron-ui with ambari?

In my case, If I run the rest-api and metron-ui with metron user I will have the same problem, which is a permission denied when I try to create a new sensor, because the hdfs path is /apps/metron/patterns has 755 right access. Should I change the owner of the folder to metron?

Thanks,

Michel

fadelkam · ‎07-20-2017

Hi Michel,

I'm facing the same issue even when I'm trying to connect to Metron Management UI, it always gives me "Login failed for metron" and what is interesting is according to HCP install docs, when I test the swagger (http://:8082/swagger-ui.html#)>:8082/swagger-ui.html#) connection it asks for username and password and it keeps looping no matter what you enter. if I cancel the login pop-up I can see that it was trying to connect using org.h2.jdbc.JdbcSQLException despite that application.yml clearly is mentioned that mysql is used.

This application has no explicit mapping for /error, so you are seeing this as a fallback.

Thu Jul 20 18:18:35 EDT 2017 There was an unexpected error (type=Unauthorized, status=401). PreparedStatementCallback; bad SQL grammar [select username,password,enabled from users where username = ?]; nested exception is org.h2.jdbc.JdbcSQLException: Table "USERS" not found; SQL statement: select username,password,enabled from users where username = ? [42102-192]

Have you encountered anything like this?

Thanks,

Frank

fadelkam · ‎07-31-2017

Hi @asubramanian,

have you encountered this issue before? when trying to connect to Metron UI it always fails with no detail other than the message "Login failed for metron"

I can login to mysql using the metron metron username and pass. no issues

Also in the HCP doc it is mentioned that to make sure http://METRON_HOST:8082/swagger-ui.html#

in bk_installation pdf:

14.Make sure you can access the Swagger UI at http://host:port/swagger-ui.html#/. The exposed REST endpoints can be accessed with the Swagger UI at http://host:port/ swagger-ui.html#/. The default port is 8082 but can be changed in the $METRON_HOME/ config/application.yml file by setting "server.port" to the desired port.

when I go to the url it asks for username and password. I assume it's metron credentials. but it's keeps poping the login box. If I cancel it, the landing page looks like this:

Whitelabel Error Page

This application has no explicit mapping for /error, so you are seeing this as a fallback.

Mon Jul 31 16:55:39 EDT 2017 There was an unexpected error (type=Unauthorized, status=401). PreparedStatementCallback; bad SQL grammar [select username,password,enabled from users where username = ?]; nested exception is org.h2.jdbc.JdbcSQLException: Table "USERS" not found; SQL statement: select username,password,enabled from users where username = ? [42102-192]

I don't get it why it's complaining about h2.jdbc connection while I already change the connection detail to mysql in ../config/application.yml

Any hint would be appreciated!

Frank

jknulst · ‎08-10-2017

@Frank Kam

(Maybe you can create a separate topic for your problem as I think it is quite different from the original question.)

Did you create the USERS and AUTHORITIES table on your chosen SQL platform?

Did you insert the designated user data in those tables for the user you expect to log on with?

jknulst · ‎08-10-2017