Member since
02-01-2019
4
Posts
1
Kudos Received
1
Solution
My Accepted Solutions
Title | Views | Posted |
---|---|---|
3160 | 02-01-2019 12:21 PM |
02-01-2019
12:21 PM
1 Kudo
Quick update -- there's actually more to do. THIS IS ALL UNSUPPORTED AND AT YOUR OWN RISK. BE WARNED! Disable DB Encryption Stop cloudera-director-server. systemctl stop cloudera-director-server Disable database encryption with these settings in /etc/cloudera-director-server/application.properties. This assumes a default install, with default keys. lp.encryption.twoWayCipher: transitional lp.encryption.twoWayCipherConfig: desede;ZGVmYXVsdGRpcmVjdG9yZGVzZWRla2V5|passthrough; Start cloudera-director-server and wait a few minutes so that the database decrypts. systemctl start cloudera-director-server Log in to the director database. mysql -h --ssl-ca=/etc/cloudera-director-server/rds-combined-ca-bundle.pem --ssl-verify-server-cert -u director -p Run the following query to verify that the database is decrypted. You should see plaintext values in the response. USE director; SELECT TEMPLATE FROM EXTERNAL_DATABASE_SERVERS; Here is an example response (truncated and redacted): +-------...-----+
| TEMPLATE ... |
| {"name":"my-manager-db","type":"MYSQL","host":"1.2.3.4","port":null,"adminUser":"my_username","adminPassword":"my_password","config":{"engineVersion":"5.6.37","allocatedStorage":"20","multiAZ":"false","vpcSecurityGroupIds":"sg-1234567a","dbSubnetGroupName":"my-rds-subnet-group","instanceClass":"db.m4.large","storageEncrypted":"true"},"tags":{}} |
+-------...-----+ Update the database Before we actually edit the hostname, we should have Director update the misc database properties. Stop cloudera-director-server. systemctl stop cloudera-director-server Log in to the director database. mysql -h --ssl-ca=/etc/cloudera-director-server/rds-combined-ca-bundle.pem --ssl-verify-server-cert -u director -p Run the following query to enable 'refreshExternalDatabaseServersOnStart'. USE director; UPDATE SERVER_CONFIGS SET CONFIG_VALUE = 'true' WHERE CONFIG_KEY = 'refreshExternalDatabaseServersOnStart'; Start cloudera-director-server. systemctl start cloudera-director-server Login to the director web interface and check the database servers. In a few minutes, you should see updated properties (versions become accurate, etc). Once the databases look updated, stop cloudera-director-server. systemctl stop cloudera-director-server Run the following query to disable 'refreshExternalDatabaseServersOnStart'. Otherwise, director will overwrite the new hostname with the old IP address on every startup. USE director; UPDATE SERVER_CONFIGS SET CONFIG_VALUE = 'false' WHERE CONFIG_KEY = 'refreshExternalDatabaseServersOnStart'; We will need to update both the 'TEMPLATE' and 'EXTERNAL_DATABASE_SERVER' properties. I prefer to work on one field at a time. Run the following query gather the current database template properties, which will will be modifying and then updating. USE director; SELECT TEMPLATE FROM EXTERNAL_DATABASE_SERVERS; Carefully copy the output into a text editor, and update the json accordingly. Validate the new property using jq. You should see pretty json output. echo '{new long json string}' | jq . Run the following query update the database template property. BE WARNED that if you have multiple DB servers listed, it's super important that the WHERE clause be correct or you'll overwrite all the DB's with the new value. USE director; UPDATE EXTERNAL_DATABASE_SERVERS SET TEMPLATE = '{new long json string}' WHERE NAME = 'my-manager-db'; Perform the same steps for the EXTERNAL_DATABASE_SERVER field. Example: SELECT EXTERNAL_DATABASE_SERVER FROM EXTERNAL_DATABASE_SERVERS; <echo '{new long strong}' | jq . UPDATE EXTERNAL_DATABASE_SERVERS SET EXTERNAL_DATABASE_SERVER = '{new long strong}' WHERE NAME = 'my-manager-db'; Start cloudera-director-server and hope for the best. If everything looks good -- stop cloudera server, re-enable encryption, and start cloudera server back up.
... View more
02-01-2019
09:27 AM
@Mike Wilson I know the above is unsupported, but may I ask -- are there any known-issues which make using the "refreshExternalDatabaseServersOnStart" config setting a Bad Thing? Seems to have saved my bacon.
... View more
02-01-2019
09:24 AM
UPDATE -- See my new post below. This post is incomplete. ______ To anyone else that is stuck: systemctl stop cloudera-director-server mysql -h <rds_endpoint_of_director_db> --ssl-ca=/etc/cloudera-director-server/rds-combined-ca-bundle.pem --ssl-verify-server-cert -u director -p use director;
UPDATE SERVER_CONFIGS SET CONFIG_VALUE = 'true' WHERE CONFIG_KEY = 'refreshExternalDatabaseServersOnStart'; systemctl start cloudera-director-server; tail -f /var/log/cloudera-director-server/application.log This seems to have worked.
... View more
02-01-2019
07:04 AM
Greetings,
We are using Cloudera Director, with databases stored on AWS RDS.
Director was using the IP address of the RDS database, as opposed to the hostname. I recently enabled Multi-AZ on the RDS database, and now it has multiple IP addresses.
How can I update the config for the external database in Director so that new clusters are created against the RDS database's hostname instead of the IP address? I tried the unsupported database update mechanism via the director API at `PUT /api/v12/environments/{environment}/databaseServers/{externalDatabaseServer}` (filled in obviously) with a bunch of different json body contents. However, director just responds with a `UnsupportedExternalDatabaseServerUpdateException` regardless of the format I give. I've tried enabling debug logging to see if there is additional information in application.log, but I can't seem to find the good stuff.
I tried opening director's database, but the tables containing database config information are encrypted in-row (gibberish in the cells).
I'm hoping someone can send a sample API call that could take an existing external mysql database, and just pop in a new hostname. My alternative seems to be re-creating my entire manager + clusters from scratch with a new database template. This will bring a lot of sadness.
It's director 2.8.1.
... View more