yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
8f01f116a5ad22cc6ad22bdf6cdc797063a2f5f1
doc-exports/docs/dataartsstudio/umn/dataartsstudio_01_1307.html
chenxiaoxiong f9e2808b7c DataArts UMN 20250810 version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Co-authored-by: chenxiaoxiong <chenxiaoxiong@huawei.com>
Co-committed-by: chenxiaoxiong <chenxiaoxiong@huawei.com>
2025-09-02 10:44:13 +00:00

158 lines
40 KiB
HTML
Raw Blame History

<a name="dataartsstudio_01_1307"></a><a name="dataartsstudio_01_1307"></a>
<h1 class="topictitle1">MRS HBase Connection Parameters</h1>
<div id="body0000001554286261">
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="dataartsstudio_01_1307__en-us_topic_0141836082_table3603114194813" frame="border" border="1" rules="all"><caption><b>Table 1 </b>MRS HBase connection</caption><thead align="left"><tr id="dataartsstudio_01_1307__en-us_topic_0141836082_row960411474814"><th align="left" class="cellrowborder" valign="top" width="20.62%" id="mcps1.3.1.2.4.1.1"><p id="dataartsstudio_01_1307__en-us_topic_0141836082_p56047149488">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="9.36%" id="mcps1.3.1.2.4.1.2"><p id="dataartsstudio_01_1307__en-us_topic_0141836082_p166041214194817">Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="70.02000000000001%" id="mcps1.3.1.2.4.1.3"><p id="dataartsstudio_01_1307__en-us_topic_0141836082_p16604101410480">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="dataartsstudio_01_1307__row396717287620"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__p1421933161719">Data Connection Type</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__p121973121710">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><p id="dataartsstudio_01_1307__p1721993191719"><strong id="dataartsstudio_01_1307__b1563010538441">MRS HBase</strong> is selected by default and cannot be changed.</p>
</td>
</tr>
<tr id="dataartsstudio_01_1307__en-us_topic_0141836082_row18604191416483"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__en-us_topic_0141836082_p5604814124811">Name</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__en-us_topic_0141836082_p15604161444816">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><p id="dataartsstudio_01_1307__p10487624232">Name of the data connection to create. Data connection names can contain a maximum of 100 characters. They can contain only letters, digits, underscores (_), and hyphens (-).</p>
</td>
</tr>
<tr id="dataartsstudio_01_1307__row5643192684012"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__p18643826144020">Tag</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__p664352613407">No</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><div class="p" id="dataartsstudio_01_1307__p194874211237">Attribute of the data connection to create. Tags make management easier.<div class="note" id="dataartsstudio_01_1307__en-us_topic_0000001554166437_note97121765158"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="dataartsstudio_01_1307__en-us_topic_0000001554166437_p107124612153">The tag name can contain only letters, digits, and underscores (_) and cannot start with an underscore (_) or contain more than 100 characters.</p>
</div></div>
</div>
</td>
</tr>
<tr id="dataartsstudio_01_1307__row12822340672"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__p1313102611386">Applicable Modules</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__p1013192653810">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><p id="dataartsstudio_01_1307__p1313192653818">Select the modules for which this connection is available.</p>
</td>
</tr>
<tr id="dataartsstudio_01_1307__row1671016438711"><td class="cellrowborder" colspan="3" valign="top" headers="mcps1.3.1.2.4.1.1 mcps1.3.1.2.4.1.2 mcps1.3.1.2.4.1.3 "><p id="dataartsstudio_01_1307__p85151347175011"><strong id="dataartsstudio_01_1307__b112781101470">Basic and Network Connectivity Configuration</strong></p>
</td>
</tr>
<tr id="dataartsstudio_01_1307__row1230464634418"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__p1930464610447">Manual</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__p16304184616444">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><div class="p" id="dataartsstudio_01_1307__p0516123254614">Select the connection mode. If you do not need to access MRS clusters in other projects or enterprise projects, select <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b142501649142619">Cluster Name Mode</strong>.<ul id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0000001554286261_ul397819617341"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0000001554286261_li18978126143417"><strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b14199071314813">Cluster Name Mode</strong>: Select an existing cluster. You can only connect to an MRS cluster in the same project and enterprise project.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0000001554286261_li103889143412">If you select <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1213618111143">Connection String Mode</strong>, you can set <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b12137411747">Manager IP</strong> and enable communication between this connection's agent (CDM cluster) and an MRS cluster in another project or enterprise project so that you can access the MRS cluster.</li></ul>
</div>
</td>
</tr>
<tr id="dataartsstudio_01_1307__row228872616482"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__p485412805010">Manager IP</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__p48548819504">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><p id="dataartsstudio_01_1307__p129838417617">This parameter is mandatory when <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b2151843184113">Connection String Mode</strong> is selected for <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b954165484119">Manual</strong>.</p>
<div class="p" id="dataartsstudio_01_1307__p898384760">Set this parameter to the floating IP address of MRS Manager. Only MRS clusters are supported. A Hadoop cluster can be connected only after it is managed by MRS.<div class="note" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_note20918139354"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0182566327_p116249795810"><span id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0182566327_text7355181825814">DataArts Studio</span> does not support MRS clusters whose Kerberos encryption type is <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0182566327_b143479402717">aes256-sha2,aes128-sha2</strong>, and only supports MRS clusters whose Kerberos encryption type is <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0182566327_b19532103219813">aes256-sha1,aes128-sha1</strong>.</p>
</div></div>
</div>
<p id="dataartsstudio_01_1307__p11983245620">You can click <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b83091456123411">Select</strong> next to the text box and select an MRS cluster in the same project and enterprise project. If you want to access an MRS cluster in another project or enterprise project, obtain and enter the floating IP address of MRS Manager and ensure that the connection's agent (CDM cluster) can communicate with the tenant-plane MRS cluster. To obtain the floating IP address of MRS Manager, log in to the active master node of the MRS cluster and run the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b10942321153213">ifconfig</strong> command. In the command output, the IP address of <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b994262153215">eth0:wsom</strong> is the floating IP address of MRS Manager. For details about how to log in to the master node of the MRS cluster, see "Manager Operation Guide" &gt; "Getting Started" &gt; "Logging In to an MRS Cluster Node" in <em id="dataartsstudio_01_1307__i125078141788">MapReduce Service (MRS) x.x.x</em><em id="dataartsstudio_01_1307__i95071141583"></em><em id="dataartsstudio_01_1307__i16507171419812"> User</em><em id="dataartsstudio_01_1307__i450711414817"> Guide</em><em id="dataartsstudio_01_1307__i3508121414816"></em>.</p>
<div class="p" id="dataartsstudio_01_1307__p1298384261">Enter multiple IP addresses based on the scenario in sequence and separate them with commas (,), for example, <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1093104214224">127.0.0.1</strong> or <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b14931142122212">127.0.0.1,127.0.0.2,127.0.0.3</strong>.<ul id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ul1461551425"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li15619514426">If you enter one IP address, enter the management-plane floating IP address of the MRS cluster.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li146217534215">If you enter three IP addresses, enter the IP address of the active node on the MRS cluster service plane, IP address of the standby node on the MRS cluster service plane, and the floating IP address of the MRS cluster management plane.</li></ul>
</div>
</td>
</tr>
<tr id="dataartsstudio_01_1307__en-us_topic_0141836082_row46042014144815"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__en-us_topic_0141836082_p56041414104812">MRS Cluster Name</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__p117813419277">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><p id="dataartsstudio_01_1307__p125073133595">This parameter is mandatory when <strong id="dataartsstudio_01_1307__b139111704516">Cluster Name Mode</strong> is selected for <strong id="dataartsstudio_01_1307__b12921274455">Manual</strong>.</p>
<div class="p" id="dataartsstudio_01_1307__en-us_topic_0141836082_p6604111410482">The name of the MRS cluster. Select an MRS cluster that Hive belongs to. Only MRS clusters are supported. A Hadoop cluster can be selected only after it is managed by MRS. All the MRS clusters with the same project ID and enterprise project are displayed.<div class="note" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_note16393711615"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="dataartsstudio_01_1307__p10764137145413"><span id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0182566327_text7355181825814_1">DataArts Studio</span> does not support MRS clusters whose Kerberos encryption type is <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0182566327_b143479402717_1">aes256-sha2,aes128-sha2</strong>, and only supports MRS clusters whose Kerberos encryption type is <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0182566327_b19532103219813_1">aes256-sha1,aes128-sha1</strong>.</p>
</div></div>
</div>
<div class="p" id="dataartsstudio_01_1307__p7640152933511">If the connection fails after you select a cluster, check whether the MRS cluster can communicate with the CDM instance which functions as the agent. They can communicate with each other in the following scenarios:<ul id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ul1715617232281"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li17205293217">If the CDM cluster in the <span id="dataartsstudio_01_1307__en-us_topic_0000001503606428_text15319922125112">DataArts Studio</span> instance and the MRS cluster are in different regions, a public network or a dedicated connection is required. If the Internet is used for communication, ensure that an EIP has been bound to the CDM cluster, and the MRS cluster can access the Internet and the port has been enabled in the firewall rule.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li13205893215">If the CDM cluster in the <span id="dataartsstudio_01_1307__en-us_topic_0000001503606428_text151663810818">DataArts Studio</span> instance and the MRS cluster are in the same region, VPC, subnet, and security group, they can communicate with each other by default. If they are in the same VPC but in different subnets or security groups, you must configure routing rules and security group rules. For details about how to configure routing rules, see "Adding Routes to a Route Table" in <em id="dataartsstudio_01_1307__en-us_topic_0000001503606428_i1317838485">Virtual Private Cloud (VPC) x.x.x User Guide</em> in <em id="dataartsstudio_01_1307__en-us_topic_0000001503606428_i13171138184">Virtual Private Cloud (VPC) x.x.x Usage Guide</em>. For details about how to configure security group rules, see "Security Group" &gt; "Adding a Security Group Rule" in Virtual Private Cloud (VPC) x.x.x User Guide in Virtual Private Cloud (VPC) x.x.x Usage Guide.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li20156162311283">The MRS cluster and the <span id="dataartsstudio_01_1307__en-us_topic_0000001503606428_text4156132310284">DataArts Studio</span> workspace belong to the same enterprise project. If they do not, you can modify the enterprise project of the workspace.</li></ul>
<div class="note" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_note030793314500"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="dataartsstudio_01_1307__en-us_topic_0000001503606428_p130813395015">If an agent is connected to multiple MRS clusters and one of the MRS clusters is deleted or abnormal, connections to the other MRS clusters will be affected. Therefore, you are advised to connect an agent to only one MRS cluster.</p>
</div></div>
</div>
</td>
</tr>
<tr id="dataartsstudio_01_1307__row10705203415615"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__p8955131216449">KMS Key</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__p1944224113810">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><div class="p" id="dataartsstudio_01_1307__p4476133012514">KMS key used to encrypt and decrypt data source authentication information. Select a default or custom key.<div class="note" id="dataartsstudio_01_1307__en-us_topic_0000001554166437_note5782131311013"><span class="notetitle"> NOTE: </span><div class="notebody"><ul id="dataartsstudio_01_1307__en-us_topic_0000001554166437_ul15258512511"><li id="dataartsstudio_01_1307__en-us_topic_0000001554166437_li652514518257">When you use KMS for encryption through DataArts Studio or KPS for the first time, the default key <strong id="dataartsstudio_01_1307__en-us_topic_0000001554166437_b10282246320">dlf/default</strong> or <strong id="dataartsstudio_01_1307__en-us_topic_0000001554166437_b7601112203216">kps/default</strong> is automatically generated. For more information about default keys, see "What Is a Default Master Key?" in <em id="dataartsstudio_01_1307__en-us_topic_0000001554166437_i155895285215">Data Encryption Workshop FAQs</em>.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001554166437_li694815818253">Only symmetric keys are supported. Asymmetric keys are not supported.</li></ul>
</div></div>
</div>
</td>
</tr>
<tr id="dataartsstudio_01_1307__row1759415620168"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__en-us_topic_0141836082_p1160416144488">Agent</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__en-us_topic_0141836082_p8605814194820">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><p id="dataartsstudio_01_1307__p2954164112920">MRS is not a fully managed service and cannot be directly connected to <span id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0187412481_text24757216017">DataArts Studio</span>. A CDM cluster can provide an agent for <span id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0187412481_text5608222103">DataArts Studio</span> to communicate with non-fully-managed services. Therefore, you need to select a CDM cluster when creating an MRS data connection. If no CDM cluster is available, create one first by referring to <a href="dataartsstudio_01_0576.html">Creating a CDM Cluster</a>.</p>
<p id="dataartsstudio_01_1307__p11602122817217">As a network proxy, the CDM cluster must be able to communicate with the MRS cluster. To ensure network connectivity, the CDM cluster must be in the same region and AZ and use the same VPC and subnet as the MRS cluster. The security group rule must also allow the CDM cluster to communicate with the MRS cluster.</p>
<div class="note" id="dataartsstudio_01_1307__note423753912525"><span class="notetitle"> NOTE: </span><div class="notebody"><ul id="dataartsstudio_01_1307__ul788564013216"><li id="dataartsstudio_01_1307__li588511405326">If you use the same CDM cluster as the agent for multiple connections to MRS clusters with Kerberos authentication enabled, jobs will fail. You are advised to plan multiple CDM clusters based on service requirements.</li><li id="dataartsstudio_01_1307__li5615104213216"><p id="dataartsstudio_01_1307__p5270642927"><a name="dataartsstudio_01_1307__li5615104213216"></a><a name="li5615104213216"></a>If a CDM cluster functions as the agent for a data connection in Management Center, the cluster supports a maximum of 200 concurrent active threads. If multiple data connections share an agent, a maximum of 200 SQL, Shell, and Python scripts submitted through the connections can run concurrently. Excess tasks will be queued. You are advised to plan multiple agents based on the workload.</p>
</li></ul>
</div></div>
</td>
</tr>
<tr id="dataartsstudio_01_1307__row523493131611"><td class="cellrowborder" colspan="3" valign="top" headers="mcps1.3.1.2.4.1.1 mcps1.3.1.2.4.1.2 mcps1.3.1.2.4.1.3 "><p id="dataartsstudio_01_1307__p112341236166"><strong id="dataartsstudio_01_1307__b104432456942247">Data Source Authentication and Other Function Configuration</strong></p>
</td>
</tr>
<tr id="dataartsstudio_01_1307__row10417185812142"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__p13239152617566">Authentication Method</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__p1239326135610">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><p id="dataartsstudio_01_1307__p1598411414611">This parameter is mandatory when <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1713514153420">Connection String Mode</strong> is selected for <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1813571517420">Manual</strong>.</p>
<div class="p" id="dataartsstudio_01_1307__p159841841616">It specifies the authentication method used for accessing the MRS cluster. The following options are available:<ul id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0108618545_ul12623191718453"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0108618545_li1362321718457"><strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b10347636565112">SIMPLE</strong>: for non-security mode</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0108618545_li762371724519"><strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b795500665112">KERBEROS</strong>: for security mode</li></ul>
</div>
</td>
</tr>
<tr id="dataartsstudio_01_1307__row3218524154414"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__p942619575240">Username</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__p12426135711249">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><p id="dataartsstudio_01_1307__p521982484417">Username of the MRS cluster If a new MRS user is used for connection, you need to log in to Manager and change the initial password.</p>
<div class="p" id="dataartsstudio_01_1307__p2358196152612">To create a data connection for an MRS security cluster, do not use user <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b4451608085112">admin</strong>. The <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b7127683075112">admin</strong> user is the default management page user and cannot be used as the authentication user of the security cluster. You can create an MRS user whose password never expires by referring to <a href="dataartsstudio_01_1306.html#dataartsstudio_01_1306__section52193714195">Creating a Kerberos Authentication User for an MRS Security Cluster</a>. When creating an MRS data connection, set <span class="parmname" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_parmname49991134133316"><b>Username</b></span> and <span class="parmname" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_parmname2999163419332"><b>Password</b></span> to the new MRS username and password.<div class="note" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0187412481_note15451659151217"><span class="notetitle"> NOTE: </span><div class="notebody"><ul id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0187412481_ul17715141011134"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0187412481_li8715121031318">For clusters of MRS 3.1.0 or later, the user must at least have permissions of the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b18154312735112">Manager_viewer</strong> role to create data connections in Management Center. To perform database, table, and data operations on components, the user must also have user group permissions of the components.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0187412481_li5415103511136">For clusters earlier than MRS 3.1.0, the user must have permissions of the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b8633148225112">Manager_administrator</strong> or <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b3162138655112">System_administrator</strong> role to create data connections in Management Center.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_en-us_topic_0187412481_li1174073716169">A user with only the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b9814483355112">Manager_tenant</strong> or <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b15071940405112">Manager_auditor</strong> permission cannot create connections.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li133851321191312">You are advised to set a user password that never expires to prevent connection failures and service loss caused by password expiration.</li></ul>
</div></div>
</div>
</td>
</tr>
<tr id="dataartsstudio_01_1307__row1674021104415"><td class="cellrowborder" valign="top" width="20.62%" headers="mcps1.3.1.2.4.1.1 "><p id="dataartsstudio_01_1307__p07412118443">Password</p>
</td>
<td class="cellrowborder" valign="top" width="9.36%" headers="mcps1.3.1.2.4.1.2 "><p id="dataartsstudio_01_1307__p15450723153812">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="70.02000000000001%" headers="mcps1.3.1.2.4.1.3 "><p id="dataartsstudio_01_1307__p461753317222">Password for accessing the MRS cluster.</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="section" id="dataartsstudio_01_1307__section26531239492"><h4 class="sectiontitle">Creating a Kerberos Authentication User for an MRS Security Cluster</h4><p id="dataartsstudio_01_1307__en-us_topic_0000001503606428_p1938465911910">To create a data connection for an MRS security cluster, do not use user <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b6470349556">admin</strong>. The <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b784918356554">admin</strong> user is the default management page user and cannot be used as the authentication user of the security cluster. To create an MRS user, perform the following steps:</p>
<p id="dataartsstudio_01_1307__en-us_topic_0000001503606428_p22601334123714">For clusters of MRS 3.x:</p>
<ol id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ol11846135116399"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li374016014404">Log in to MRS Manager as user <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b389414532374">admin</strong>.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li19490112617582">Choose <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b128101412713">System</strong> &gt; <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b37231218472">Permission</strong> &gt; <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1819132213716">Security Policy</strong> &gt; <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b105701926772">Password Policy</strong>. Click <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1078617816819">Add Password Policy</strong> and add a policy under which the password never expires.<ul id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ul15161929125810"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li8162162915588">Set <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b2070713141498">Password Policy Name</strong> to <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b38571630391">neverexp</strong>.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li12416143215586">Set <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b22495551899">Password Validity Period (Days)</strong> to <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b76087594915">0</strong>, indicating that the password never expires.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li994310118599">Set <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b4249144313102">Password Expiration Notification (Days)</strong> to <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b9266194791015">0</strong>.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li159190461599">Retain the default values for other parameters.</li></ul>
</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li10394101114401">Choose <span class="menucascade" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_menucascade53987422261"><b><span class="uicontrol" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_uicontrol153981742152612">System</span></b> &gt; <b><span class="uicontrol" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_uicontrol339864232617">Permission</span></b> &gt; <b><span class="uicontrol" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_uicontrol133986423265">User</span></b></span>. On the page displayed, click <span class="parmname" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_parmname1039813423269"><b>Create</b></span> to add a dedicated human-machine user as the Kerberos authentication user and set the password policy to <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b739894212617">neverexp</strong>. Select the user group <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b4398104252617">superGroup</strong> for the user, and assign all roles to the user.<div class="note" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_note121581838191918"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ul25608543713"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li35608549716">For clusters of MRS 3.1.0 or later, the user must at least have permissions of the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b19898742175517">Manager_viewer</strong> role to create data connections in Management Center. To perform database, table, and data operations on components, the user must also have user group permissions of the components.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li556185413719">For clusters earlier than MRS 3.1.0, the user must have permissions of the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b24684682">Manager_administrator</strong> or <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1201529114">System_administrator</strong> role to create data connections in Management Center.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li165619548718">A user with only the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1249124519554">Manager_tenant</strong> or <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b95017450555">Manager_auditor</strong> permission cannot create connections.</li></ul>
</div></div>
</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li135217359422">Log in to Manager as the new user and change the initial password. Otherwise, the connection fails to be created.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li7470141444514">Synchronize IAM users.<ol type="a" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ol849471117461"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li1064316410469">Log in to the MRS console.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li96444417461">Choose <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b973855112559">Clusters</strong> &gt; <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1073875119557">Active Clusters</strong>, select a running cluster, and click its name to go to its details page.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li6644184154616">In the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b12359853205510">Basic Information</strong> area of the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b4359175315552">Dashboard</strong> page, click <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b5359175315515">Synchronize</strong> on the right side of <span class="parmname" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_parmname5360115345513"><b>IAM User Sync</b></span> to synchronize IAM users.<div class="note" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_note1764494154617"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ul1064544174612"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li6645124194613">When the policy of the user group to which the IAM user belongs changes from <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1823855505514">MRS ReadOnlyAccess</strong> to <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b172381552558">MRS CommonOperations</strong>, <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b52382559559">MRS FullAccess</strong>, or <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b123995555515">MRS Administrator</strong>, wait for 5 minutes until the new policy takes effect after the synchronization is complete because the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1423917551552">SSSD</strong> (System Security Services Daemon) cache of cluster nodes needs time to be updated. Then, submit a job. Otherwise, the job may fail to be submitted.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li1664513413462">When the policy of the user group to which the IAM user belongs changes from <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b106321258195514">MRS CommonOperations</strong>, <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b6632165815557">MRS FullAccess</strong>, or <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b146338583554">MRS Administrator</strong> to <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b46331658165515">MRS ReadOnlyAccess</strong>, wait for 5 minutes until the new policy takes effect after the synchronization is complete because the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b6634135811551">SSSD</strong> cache of cluster nodes needs time to be updated.</li></ul>
</div></div>
</li></ol>
</li></ol>
<p id="dataartsstudio_01_1307__en-us_topic_0000001503606428_p19812127193715">For clusters of MRS 2.x or earlier:</p>
<ol id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ol93844593190"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li14384115918191">Log in to the MRS Manager as user <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b18300056163711">admin</strong>.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li159751127358">On FusionInsight Manager, choose <span class="wintitle" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_wintitle19455105913412"><b>System Settings</b></span> and click <span class="parmname" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_parmname7455459549"><b>Configure Password Policy</b></span> to modify the password policy.<ul id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ul149751027756"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li59758271252">Set <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b156959379513">Password Validity Period (Days)</strong> to <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1169583714515">0</strong>, indicating that the password never expires.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li8975162716510">Set <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1182012391459">Password Expiration Notification (Days)</strong> to <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b108205391519">0</strong>.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li149751273514">Retain the default values for other parameters.</li></ul>
</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li2384759111916">Choose <span class="menucascade" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_menucascade66621571224"><b><span class="uicontrol" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_uicontrol17662778226">System</span></b> &gt; <b><span class="uicontrol" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_uicontrol1366212716226">Manage User</span></b></span>. On the page displayed, add a dedicated human-machine user as the Kerberos authentication user. Select the user group <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b466316710222">superGroup</strong> for the user, and assign all roles to the user.<div class="note" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_note4785194613197"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ul198671229189"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li68678218183">For clusters of MRS 2.<em id="dataartsstudio_01_1307__en-us_topic_0000001503606428_i1495215585612">x</em> or earlier, the user must have permissions of the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b2095218511565">Manager_administrator</strong> or <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b395213519566">System_administrator</strong> role to create data connections in Management Center.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li369157141819">A user with only the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b188121451556">Manager_tenant</strong> or <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b11812545185518">Manager_auditor</strong> permission cannot create connections.</li></ul>
</div></div>
</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li20385115901915">Log in to MRS Manager as the new user and change the initial password. Otherwise, the connection fails to be created.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li4344548154819">Synchronize IAM users.<ol type="a" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ol4344748174818"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li1334444834816">Log in to the MRS console.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li20344194894812">Choose <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1696911522556">Clusters</strong> &gt; <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b49691252145520">Active Clusters</strong>, select a running cluster, and click its name to go to its details page.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li11345154864819">In the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b13551354195515">Basic Information</strong> area of the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b355113541553">Dashboard</strong> page, click <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b95512546552">Synchronize</strong> on the right side of <span class="parmname" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_parmname8551654165515"><b>IAM User Sync</b></span> to synchronize IAM users.<div class="note" id="dataartsstudio_01_1307__en-us_topic_0000001503606428_note9345164824810"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="dataartsstudio_01_1307__en-us_topic_0000001503606428_ul20346154814488"><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li13346948134816">When the policy of the user group to which the IAM user belongs changes from <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b10761456155520">MRS ReadOnlyAccess</strong> to <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b17761756125520">MRS CommonOperations</strong>, <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1676145665517">MRS FullAccess</strong>, or <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b16761175619554">MRS Administrator</strong>, wait for 5 minutes until the new policy takes effect after the synchronization is complete because the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1876117565552">SSSD</strong> (System Security Services Daemon) cache of cluster nodes needs time to be updated. Then, submit a job. Otherwise, the job may fail to be submitted.</li><li id="dataartsstudio_01_1307__en-us_topic_0000001503606428_li9346124824819">When the policy of the user group to which the IAM user belongs changes from <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b1498755917559">MRS CommonOperations</strong>, <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b9987165920555">MRS FullAccess</strong>, or <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b149878598553">MRS Administrator</strong> to <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b19871559175516">MRS ReadOnlyAccess</strong>, wait for 5 minutes until the new policy takes effect after the synchronization is complete because the <strong id="dataartsstudio_01_1307__en-us_topic_0000001503606428_b19871599553">SSSD</strong> cache of cluster nodes needs time to be updated.</li></ul>
</div></div>
</li></ol>
</li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="dataartsstudio_01_0009.html">Configuring DataArts Studio Data Connection Parameters</a></div>
</div>
</div>
View Git Blame Copy Permalink