Member since
09-01-2020
317
Posts
24
Kudos Received
10
Solutions
My Accepted Solutions
Title | Views | Posted |
---|---|---|
287 | 10-22-2024 11:56 AM | |
350 | 09-23-2024 11:55 PM | |
553 | 09-23-2024 11:35 PM | |
505 | 03-04-2024 07:58 AM | |
1336 | 11-15-2023 07:50 AM |
11-15-2023
07:50 AM
1 Kudo
Hello @one4like , Pushing every local file of a job to HDFS will cause issues, especially in larger clusters. Local directories are used as scratch location. Spills of mappers are written there and moving that over to the network will have performance impacts. The local storage of the scratch files and shuffle files is done exactly to prevent this. It also has security impacts as the NM now pushes the keys for each application on to a network location which could be accessible for others. A far better solution is to use the fact that the value of yarn.nodemanager.local-dirs can point to multiple mount points and thus spreading the load over all mount points. So the answer is NO. local-dirs must contain a list of local paths. There's an explicit check in code which only allows local FS to be used. See here: https://github.com/apache/hadoop/blob/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/LocalDirsHandlerService.java#L224 Please note that an exception is thrown when a non local file system is referenced. If you found this response assisted with your query, please take a moment to log in and click on KUDOS 🙂 & ”Accept as Solution" below this post. Thank you. Bjagtap
... View more
08-03-2023
04:54 AM
1 Kudo
Hello @little-jack , Thank you for contacting Cloudera Support. Yes, "Docker on YARN" is supported in CDP. If you are trying it in CDH, then you can try adding required/custom settings in CM >> Yarn >> YARN Service Advanced Configuration Snippet (Safety Valve) for yarn-site.xml and restart yarn. If it will not work then you continue making changes from yarn-site.xml and container-executor.cfg from SSH/node and set chattr for these files so that changes will not revert when you will restart yarn. But if you have to make any changes in CM >> yarn and even any in other services dependent on yarn then you should remove chattr >> make the changes >> restart yarn and tweak docker on yarn settings again. But would suggest you to please upgrade CDH to CDP where all bugs are fixed and you will be able to use the latest features added in CDP 7.1.8. If this information helped you, then it will be appreciated if you will take a moment to click on KUDOS 🙂 Thank you.
... View more
07-17-2023
11:00 AM
Hello @Timo & @George-Megre If you are facing an issue after enabling Kerberos and are unable to produce/consume then we would suggest you to please follow the below steps and let us know how it goes: Make sure that all partitions are in a healthy state using the Kafka describe command or that there is no warning/alerts for Kafka in CM. If there is no alert for Kafka then, please follow the below steps to connect to the Kafka topic: 1) kinit with the keytab and make sure that the user is having required permissions enabled in Ranger 2) Create jaas.conf file with the contents: vi /tmp/jaas.conf KafkaClient { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true renewTicket=true serviceName="kafka"; }; Client { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true renewTicket=true serviceName="zookeeper"; }; 3) Run the following command export KAFKA_OPTS="-Djava.security.auth.login.config=/tmp/jaas.conf Note: Make sure and replace jaas.conf complete path. 4) Create the client.properties file containing the following properties. vi /tmp/client.properties security.protocol=SASL_PLAINTEXT sasl.kerberos.service.name=kafka 5) Start console producer kafka-console-producer --broker-list <broker1.test.com:6667,broker2.test.com:6667> --topic <topic-name> --producer.config /tmp/client.properties 6) Start console consumer kafka-console-consumer --bootstrap-server <broker1.test.com:6667,broker2.test.com:6667> --topic <topic-name> --consumer.config /tmp/client.properties --from-beginning Note: Use the complete hostname of the broker, Also, replace the topic, client.properties name in the above commands. Please check and f you found this response assisted with your query, please take a moment to log in and click on KUDOS 🙂 & ”Accept as Solution" below this post. Thank you.
... View more
04-24-2023
06:05 AM
Hello @AndreyKravtsov Please refer to the article below to Integrating Apache NiFi and Apache Kafka [1] [1] https://community.cloudera.com/t5/Community-Articles/Integrating-Apache-NiFi-and-Apache-Kafka/ta-p/247433 This example is with the PLAINTEXT Kafka protocol. It looks like you are using SSL/TLLS for kafka. You should check whether you are using SSL or SASL_SSL protocol for kafka from CM >> Kafka conf and created a StandardSSLContextService controller setting and update with Kafka Keystore and Truststore details. You can refer the below article for details [2]: [2] https://community.cloudera.com/t5/Support-Questions/Need-help-with-SSL-config-in-Nifi-ConsumeKafka/td-p/320594 Additionally, refer the following articles for more details: [1] - https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-standard-nar/1.17.0/org.apache.nifi.processors.standard.InvokeHTTP/index.html [2] - https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-ssl-context-service-nar/1.20.0/org.apache.nifi.ssl.StandardSSLContextService/index.html If this information helped you, then it will be appreciated if you will take a moment to click on KUDOS 🙂
... View more
01-23-2023
01:04 AM
1 Kudo
Hello @Yam Below are my inline answers to your queries: #1 How to find In which server the Kafka cluster and topic are created and >> You can check hostnames and broker IDs on which Kafka broker roles are installed from CM >> Kafka >> Instances. Here you will get the hostnames and broker IDs. Now to check on which brokers topics are created either you can check it from SMM which very useful monitoring and administrative tool Cloudera is providing or you simply describe all topics using the command: kafka-topics --zookeeper ZK_HOST:2181 --describe OR kafka-topics --bootstrap-server <broker-hostname>:9092 --describe Note: If the cluster is kerberized, then you should use keytab, jaas.conf, client.properties and the correct port which you are using to describe topics #2 Can we find any IP addresses anywhere in the configuration/properties files >> You can check hostnames, IPs and roles installed on those nodes from CM >> Hosts >> All Hosts. If you found this response assisted with your query, please take a moment to log in and click on KUDOS 🙂 & ”Accept as Solution" below this post.
... View more
12-08-2022
03:44 AM
1 Kudo
@Amn_468 Thank you for sharing the logs. We can see that you are getting the following error. Exception in thread "main" java.lang.StringIndexOutOfBoundsException: String index out of range: -1 As per the above exception we have checked the code of WebappProperties and it's failing while parsing the configs with this code: ============= } else if (val.contains("#")) { val = val.substring(0, val.indexOf(" ")); ============= There is # in your SSL password hence it's failing. We have replicated this issue in the test lab and the queue manager was failing to start with the same error. You should change the password of keystore and truststore and make sure that it will not have # in it or remove SSL settings temporarily. If you found this response assisted with your query, please take a moment to log in and click on KUDOS 🙂 & ”Accept as Solution" below this post. Thank you.
... View more
11-24-2022
02:31 AM
Hello @Amn_468 1) The quick fix might be to restart both RM and YQM and see if that clears the issue. If you still face the same issue, then 2) Check if you are using TLSL for CM and YARN. If yes, then configure TLS for Yarn Queue Manager as well [1]. [1] https://docs.cloudera.com/cdp-private-cloud-base/7.1.7/yarn-security/topics/yarn-configure-tls-ssl-yarn.html 3) If Kerberos is enabled for YARN, then enable it for the YARN queue manager. Could you please verify if Kerberos security is configured correctly using the below doc [1]: https://docs.cloudera.com/cdp-private-cloud-base/7.1.7/security-kerberos-authentication/topics/cm-security-kerberos-enabling-step8-verify-kerberos.html If you still face the same issue, then please upload the below queue manager log files from the Queue manager host for the issue time stamp:- *queuemanager-webapp.log *config-service.log *config-service-requestlog.log location : /var/log/yarn/queuemanager/ Please upload ResourceManager log files for the issue time-stamp - location : /var/log/hadoop-yarn/ If you found this response assisted with your query, please take a moment to log in and click on KUDOS 🙂 & ”Accept as Solution" below this post. Thank you.
... View more
10-19-2022
11:13 AM
@DataMike Yes, you can use the CC APIs as per your requirements [1] [2] [1] https://docs.cloudera.com/cdp-private-cloud-base/7.1.7/cctrl-managing/topics/cctrl-using-rest-api.html [2] https://community.cloudera.com/t5/Customer/Frequently-Used-CRUISE-CONTROL-API-and-important-DOCs/ta-p/324729 From the above articles you can use the following API to rebalance topics/partitions: curl -k --negotiate -u: -X POST "https://<CC FQDN>:8899/kafkacruisecontrol/rebalance?dryrun=false&rebalance_disk=true" To avoid high CPU, memory and disk read write you can initiate rebalance process in batches. It will automatically create a batch and rebalance topics. curl -X POST "http://$HOSTNAME:8899/kafkacruisecontrol/rebalance?dryrun=true&concurrent_partition_movements_per_broker=10&concurrent_leader_movements=500" If it will help you then please click on ”Accept as Solution" below this post. Thank you.
... View more
10-19-2022
10:51 AM
1 Kudo
@DataMike The broker restarting order will not cause any issues. But after adding new brokers you should rebalance topics/partitions between all available brokers for better performance. Refer the following article for more details: https://docs.cloudera.com/cdp-private-cloud-base/7.1.7/kafka-managing/topics/kafka-manage-cli-reassign-use.html If you found this response assisted with your query, please take a moment to log in and click on KUDOS 🙂 & ”Accept as Solution" below this post. Thank you.
... View more
10-18-2022
11:52 AM
@kellerj If this is not kerberized cluster then there is no need to use the KeyTabCredentialsService controller service. As per your query initially, we have provided all security details that you can use from the Nifi processor to connect to Kafka. But here in this case you should know what security parameters you are using for Kafka and use those details as explained above in the Nifi processor. Thank you.
... View more