instruct user to turn off pwd based auth after install if desired
Project: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/commit/268ed136 Tree: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/tree/268ed136 Diff: http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/diff/268ed136 Branch: refs/heads/develop Commit: 268ed1368a81a2dc6c5756ba2008e35bd7328207 Parents: dd25c6f Author: Lisa Owen <[email protected]> Authored: Tue Sep 27 13:52:59 2016 -0700 Committer: Lisa Owen <[email protected]> Committed: Wed Sep 28 09:10:24 2016 -0700 ---------------------------------------------------------------------- install/aws-config.html.md.erb | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-hawq-docs/blob/268ed136/install/aws-config.html.md.erb ---------------------------------------------------------------------- diff --git a/install/aws-config.html.md.erb b/install/aws-config.html.md.erb index 98aa35a..881f742 100644 --- a/install/aws-config.html.md.erb +++ b/install/aws-config.html.md.erb @@ -30,9 +30,6 @@ Instance store-backed storage is generally better performing than EBS and recomm Virtual devices for instance store volumes for HAWQ EC2 instance store instances are named `ephemeralN` (where *N* varies based on instance type). CentOS instance store block device are named `/dev/xvdletter` (where *letter* is a lower case letter of the alphabet). -?? DO WE RECOMMEND EBS-backed VOLUMES FOR ANYTHING? I.E. BACKUPS, ...??) - - ### <a id="topic_cfgplacegrp"></a>Configure Placement Group A placement group is a logical grouping of instances within a single availability zone that together participate in a low-latency, 10 Gbps network. Your HAWQ master and segment cluster instances should support enhanced networking and reside in a single placement group (and subnet) for optimal network performance. @@ -77,22 +74,12 @@ A security group is a set of rules that control network traffic to and from your To configure HAWQ communication between nodes in the HAWQ cluster, include and open the following ports in the appropriate security group for the HAWQ master and segment nodes: -?? PROVIDE SPECIFIC type/protocol/portrange/source settings from EC2 console ?? - | Port | Application | |-------|-------------------------------------| -| 22 | ssh - secure connect to other hosts | -| XX | XX | - -UDP access within the VPC should be enabled by default. - - -?? DIFFENT SECURITY GROUP FOR AMBARI NODE ?? +| 22 | ssh - secure connect to other hosts | To allow access to/from a source external to the Ambari management node, include and open the following ports in an appropriate security group for your Ambari node: -?? PROVIDE SPECIFIC type/protocol/portrange/source settings from EC2 console ?? - | Port | Application | |-------|-------------------------------------| | 22 | ssh - secure connect to other hosts | @@ -118,7 +105,7 @@ Before installing HAWQ, set up the EC2 instances as you would local host server ###Passwordless SSH Configuration<a id="topic_pwdlessssh_cc"></a> -HAWQ hosts will be configured during the installation process to use passwordless SSH for intra-cluster communications. Temporary password-based authentication must be enabled on each HAWQ host in preparation for this configuration. Password authentication is typically disabled by default in cloud images. Update the cloud configuration in `/etc/cloud/cloud.cfg` to enable password authentication in your AMI(s). Set `ssh_pwauth: True` in this file. +HAWQ hosts will be configured during the installation process to use passwordless SSH for intra-cluster communications. Temporary password-based authentication must be enabled on each HAWQ host in preparation for this configuration. Password authentication is typically disabled by default in cloud images. Update the cloud configuration in `/etc/cloud/cloud.cfg` to enable password authentication in your AMI(s). Set `ssh_pwauth: True` in this file. If desired, disable password authentication after HAWQ installation by setting the property back to `False`. ##References<a id="topic_hgz_zwy_bv"></a>
