This document assumes you are familiar with the Azure portal and can navigate and create resources within your Azure subscription.
Tasks in order of completion are:
Setup Azure Application Registration and Permissions
In order to use the Extend Cluster functionality of the MapR installer, a Client ID (Application ID) and Client Secret (Application Key) must be obtained. If you need to create a new application registration please see: Azure Active Directory App Registration | Microsoft Docs and retrieve the Client ID and Client Secret. If you already have an application registered, use the Client ID from that application. If you do not know the Client Secret, a new key will need to be created. To find the application:
- Open the Azure Portal
- On the left hand side menu, find Azure Active Directory
- Click on App registrations
- Click on the application to use
- Find the Application ID (Client ID)
- If a new key is needed because the Client Secret is unknown, click Keys and create a new key. Save the value now as this cannot be retrieved again
While on the application to be used for the MapR installer, make sure the application has the correct permissions. When on the application, make sure at least "Windows Azure Service Management API" is listed with permissions.
Create Virtual Network, Subnets, and Security Groups
An existing Virtual Network can be used if it has the following resources:
- At least one Subnet with enough contiguous static private IP addresses for your cluster. Keep in mind that the cluster might be extended in the future to contain new MapR nodes. Plan for extra IP addresses as necessary.
- All Virtual Machines that will be created need access to the internet to install MapR software. If an existing Virtual Network is used, make sure any custom routing and traffic filtering allows internet access. By default, Azure Virtual Networks have access to the internet.
- NOTE: Azure Security Groups do not block access to Virtual Machine traffic on private IP addresses. Security Groups are only a tool for access on a public IP Address. They can be placed on individual Network Interface Cards (NICs) or on the Subnet. If means have already been setup to get access to the MapR cluster via Azure ExpressRoute or VPN then Security Groups are not needed.
Azure has the concept of a Resource Group. This can be used to logically group a set of Azure resources so they can be managed together. Cost of a Resource Group can be tracked, all resources in a Resource Group can be deleted at once, and most importantly Azure Resource Manager (ARM) Templates can be deployed to a Resource Group.
There are hundreds of ways and combinations to setup Azure networking but to get started we can create a sample Virtual Network with one subnet and a security group connected to that subnet to allow OpenVPN access to the cluster:
- Create a Virtual Network and Subnet
- Click the + New button and type in "Virtual Network" in the marketplace search
- Select and press the Create button
- Enter information. Highly recommend an address space and subnet address range to be at least 256 and a new Resource Group
- Press the Create button and wait until a successful message is shown. A new Virtual Network and a Subnet have now been created
- Create a Network Security Group with Subnet scope
- Add Inbound Security Rules to the Network Security Group and associate with Subnet
- Find the Network Security Group and select the Inbound security rules menu item
- Add port 9443 (Installer Web UI) and optionally 22 (SSH) to the inbound rules
- Do the above for all ports. Priorities must all be different. Results should look like
- Select the Subnets menu item
- Press the Associate button
- Select the Above created Virtual network and the default Subnet and press OK
Create and Deploy the MapR VM Cluster Template
At this point, the networking for the MapR has been setup. MapR will be deployed to the Virtual Network and the Subnet that was created. In order to use the MapR installer extend node capability, an ARM template must be used to create the initial Virtual Machines used in the MapR cluster. In addition, the ARM template must have required input parameters that cause certain actions to happen during deployment. Those parameters are:
For this example there is a sample Minimal ARM Template that deploys CentOS 7.3 images. Please download this template and examine its contents. In the variables section settings can be changed as needed to tailor your deployment but keep in mind the requirements above. Let's deploy this template now:
- Get the Subnet Resource ID in the form of: /subscriptions/<subscription_id>/resourceGroups/<resource_group>/providers/Microsoft.Network/virtualNetworks/<virtual_network_name>/subnets/<subnet_name>. If the post has been followed up to this point the Subnet Resource ID is /subscriptions/<subscription_id>/resourceGroups/MapRExampleResourceGroup/providers/Microsoft.Network/virtualNetworks/MapRExampleVNet/subnets/default. Every subscription has a different ID. To find that id type "subscription" in the top Azure portal window
- Get the Subnet IP Address range. This was defined above and depending on your current deployments and choices might change. Typically this will be 10.4.0.XXX. Check by looking at the Virtual Network's default Subnet to confirm.
- Click the + New button and type in "Template Deployment" in the marketplace search
- Select and press the Create button
- Choose "Build your own template in the editor"
- Copy/paste or load the Minimal ARM Template into the window and press Save
- At this point there should be text boxes and drop downs that were defined in the ARM Template displayed for your input. Do the following:
- Select Use existing Resource group and pick the resource group created above. In the above example that was: MapRExampleResourceGroup
- Change Admin Username if wanted but the default is osadmin
- Enter the Admin Password that the osadmin account will have. A public key could be used here but for this minimal example a password is used
- Enter the Cluster Admin Password. This should be the same as the osadmin user. In this minimal example we are installing MapR with the Admin Username but since the MapR installer expects that these can be different, both the Admin Password and Cluster Admin Password text boxes must be shown
- Enter the Subnet Resource ID from the step 1 above
- Enter Ip Address. IMPORTANT: Enter an IP Address that is not the first contiguous IP Address in the subnet. Typically an empty Azure Subnet's first IP Address will be xxx.xxx.xxx.4. Do not use that octet as the IP Address. In this example choose 10.4.0.8. This will leave room for the installer and other non-MapR cluster machines in the range of 10.4.0.4 - 10.4.0.7. Extending MapR clusters always created static private IP Addresses in contiguous IP Addresses. Doing this will make sure that there is enough IP Addresses available for extending the cluster
- Enter the node count, 2 for example
- After all fields have been filled, press the Purchase button
- Wait until a deployment successful message is given. Go to the MapRExampleResourceGroup Resource Group and it should contain the following
Create and Deploy the MapR Installer
Now that the VMs that are going to run MapR has been created, the installer needs to be installed to another VM within the same Virtual Network.
- Create a Centos 7.3 Virtual Machine
- selecting the MapRExampleVirtualNetwork Virtual Network and the default Subnet
- A DS2_V2 size is fine for the installer
- Make sure the installer has a Public IP Address
- Choose None for the Network Security Group. The Network Security Group created earlier will be used with this VM as the Network Security Group is associated with the Subnet
- Log into the MapR Installer VM using SSH. To find the Public IP Address go to the MapRExampleResourceGroup and find the Public IP address entry. The example below, the MapR Installer IP Address is 126.96.36.199
- sudo su
bash ./mapr-setup.sh -y
- At this point the installer is running
Alter Installer for Azure Deployment
Since the installer was installed using the standard script, it doesn't know that it is running on Azure and therefore will not have any of the Azure cloud capabilities most notably extending a cluster. This can be changed by running a tailored Stanza file through the MapR CLI tool. Also due to an issue with ARM Template deployments through the Azure portal not being able to be named, an edit to an Ansible playbook used by the MapR installer will also need to be made.
- Setup Stanza file and run through the MapR CLI tool in the same SSH session as above as root
- vi config.yml
- Enter the following information. Make sure to replace subscription_id and tenant_id with the correct values
hosts: [10.4.0.8, 10.4.0.9]
- Run: sudo -u mapr /opt/mapr/installer/bin/mapr-installer-cli import -f -n --config -t config.yml
The installer is now in a state where it knows this is an Azure installation and what nodes it is going to install to. All that is necessary is to complete the installation through the installer GUI.
- Go to https://<installer_ip>:9443
- Log in as mapr password mapr
- Follow the screen prompts and once the verify screen is shown it should look like
- Warnings on the above picture are from the size of the OS disk. For this example that is acceptable but in a production environment necessary steps should be taken to create an OS drive of recommended size
- Complete the installation