Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

fencing methods with passworded ssh

Labels:
avatar
author-rank oula_alshiekh
Rising Star

Created ‎04-05-2017 11:17 AM

iam using hadoop apache 2.7.1

after setting high availability in hadoop cluster

the automatic zookeeper fail over controller zkfc will apply fencing method

to fence(stop) one of the two name nodes if it goes down

and dfs.ha.fencing.methods in hdfs-site property handles this method as sshfence

but my question is what about if we have a passworded ssh

can fencing happens or automatic fail over works only with password less ssh ?

is there any way to make sshfencce include password in ssh in configuration?

2,174 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎04-05-2017 11:29 AM

@oula.alshiekh@gmail.com alshiekh

There are basically two methods which ship with Hadoop: "shell" and "sshfence".

The sshfence option SSHes to the target node and uses fuser to kill the process listening on the service’s TCP port. In order for this fencing option to work, it must be able to SSH to the target node without providing a passphrase.

You can define username though, one must also configure the dfs.ha.fencing.ssh.private-key-files option, which is a comma-separated list of SSH private key files.

However you can define the username/port/timeout of your choice as mentioned below. "sshfence([[username][:port]])"

<property>
       <name>dfs.ha.fencing.methods</name>
       <value>sshfence([[username][:port]])</value>
</property>

[1] Reference: https://hadoop.apache.org/docs/r2.7.2/hadoop-project-dist/hadoop-hdfs/HDFSHighAvailabilityWithNFS.ht...

.

View solution in original post

1,960 Views
1 REPLY 1

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎04-05-2017 11:29 AM

@oula.alshiekh@gmail.com alshiekh

There are basically two methods which ship with Hadoop: "shell" and "sshfence".

The sshfence option SSHes to the target node and uses fuser to kill the process listening on the service’s TCP port. In order for this fencing option to work, it must be able to SSH to the target node without providing a passphrase.

You can define username though, one must also configure the dfs.ha.fencing.ssh.private-key-files option, which is a comma-separated list of SSH private key files.

However you can define the username/port/timeout of your choice as mentioned below. "sshfence([[username][:port]])"

<property>
       <name>dfs.ha.fencing.methods</name>
       <value>sshfence([[username][:port]])</value>
</property>

[1] Reference: https://hadoop.apache.org/docs/r2.7.2/hadoop-project-dist/hadoop-hdfs/HDFSHighAvailabilityWithNFS.ht...

.

1,961 Views
Announcements
What's New @ Cloudera
Cloudera DataFlow 2.9 now supports building GenAI pipelines ...
What's New @ Cloudera
Accelerate Data Scientist Productivity with Cloudera Copilot...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
Community Announcements
October 2024 Community Highlights
What's New @ Cloudera
Accelerate Your AI with the Cloudera AI Inference Service wi...
View More Announcements