5.1. Set Up Ganglia

Use the following instructions to set up HTTPS for Ganglia.

  1. Set up the truststore for Ambari Server.

    1. Log into the Ambari Server host.

    2.  Set the truststore path and password in ambari.properties. With a text editor, open:

      /etc/ambari-server/conf/ambari.properties
    3. Add the following lines.

      ssl.trustStore.path = $path-to-truststore
      ssl.trustStore.password = $password-for-truststore             
  2. Set up the Ganglia server.

    1. Log into the Ganglia server host.

    2.  Create a self-signed certificate on the Ganglia server host. For example:

      openssl genrsa -out $gserver.key 2048 
      openssl req -new -key $gserver.key -out $gserver.csr  
      openssl x509 -req -days 365 -in $gserver.csr -signkey $gserver.key -out $gserver.crt

      Where $gserver is the Ganglia server hostname.

    3. Install SSL on the Ganglia server host.

      yum install mod_ssl
    4. Edit the SSL configuration file on the Ganglia server host.

      1. Using a text editor, open:

        /etc/httpd/conf.d/ssl.conf
      2. Add lines setting the certificate and key file names to the files you created above. For example:

        SSLCertificateFile = $gserver.crt
        SSLCertificateKeyFile = $gserver.key 
    5. Disable HTTP access (optional)

      1. Using a text editor, open:

        /etc/httpd/conf/httpd.conf 
      2. Comment out the port 80 listener:

        # Listen 80
    6. Restart the httpd service on the Ganglia server host.

      service httpd restart
  3. Set up and restart the Ambari Server.

    1. Log into the Ambari Server.

    2. Add the cert to the truststore on the Ambari Server host.

      ambari-server setup-ganglia-https

      The setup script uses the truststore path and password you added to ambari.properties above.

    3. Restart the Server

      ambari-server restart

loading table of contents...