Installing and Upgrading the Sentry Service

Before you install or upgrade the Sentry service, see the Before You Install Sentry page to verify the prerequisites.

Adding the Sentry Service

Use one of the following sections to add/install the Sentry service:

Adding the Sentry Service Using Cloudera Manager

Minimum Required Role: Cluster Administrator (also provided by Full Administrator)

  1. On the Cloudera Manager home page, click the down arrow to the right of the cluster name and select Add a Service. The Add Service to Cluster wizard opens and displays a list of service types. You can add one service at a time.
  2. Select the Sentry service and click Continue.
  3. The next page in the wizard allows you to customize the role assignments for Sentry. The wizard evaluates the hardware configurations of the available hosts and selects the best hosts for each role.

    If you are happy with the preselected hosts, click Continue. Otherwise, you can change the host by clicking the hostname.

    When you click the hostname, a pop-up window appears with a list of hosts that you can choose from. You can search for a host or you can filter the list by entering a range of hosts in the Search field.

    You can search for hosts with the following information:

    • Range of hostnames. Use the following range definitions:
      Range Definition Matching Hosts
      10.1.1.[1-4] 10.1.1.1, 10.1.1.2, 10.1.1.3, 10.1.1.4
      host[1-3].company.com host1.company.com, host2.company.com, host3.company.com
      host[07-10].company.com host07.company.com, host08.company.com, host09.company.com, host10.company.com
    • IP addresses
    • Rack name
  4. After you have selected the host, click OK to close the window. The hostname that you selected appears under the role.
  5. Click Continue.
  6. On the Database Setup page, configure the database settings.

    Enter the database host, database type, database name, username, and password for the database that you created when you set up the database. See the Creating Databases documentation for Sentry Server database requirements.

  7. Click Test Connection to confirm that Cloudera Manager can communicate with the database using the information you have supplied. If the test succeeds in all cases, click Continue. Otherwise check and correct the information you have provided for the database and then try the test again. (For some servers, if you are using the embedded database, you will see a message saying the database will be created at a later step in the installation process.) The Review Changes page displays.
  8. Click Continue then click Finish. You are returned to the Home page.
  9. Verify the new service is started properly by checking the health status for the new service. If the Health Status is Good, then the service started properly.
  10. To use the Sentry service, begin by enabling Hive Impala, and Search for the service. See Sentry High Availability for information about enabling high availability for Sentry.

Installing Sentry Using the Command Line

Use the following the instructions, depending on your operating system, to install the latest version of Sentry.
OS Command
RHEL
$ sudo yum install sentry
SLES
$ sudo zypper install sentry
Ubuntu or Debian
$ sudo apt-get update; 
$ sudo apt-get install sentry

Starting the Sentry Service

Perform the following steps to start the Sentry service on your cluster.
  1. Set the SENTRY_HOME and HADOOP_HOME parameters.
  2. Create the Sentry database schema using the Sentry schematool. Sentry, by default, does not initialize the schema. The schematool is a built-in way for you to deploy the backend schema required by the Sentry service. For example, the following command uses the schematool to initialize the schema for a MySQL database.
    bin/sentry --command schema-tool --conffile <sentry-site.xml> --dbType mysql --initSchema
    Alternatively, you can set the sentry.verify.schema.version configuration property to false. However, this is not recommended.
  3. Start the Sentry service.
    bin/sentry --command service --conffile <sentry-site.xml>

Upgrading the Sentry Service

Use one of the following sections to upgrade the Sentry service:

Upgrading the Sentry Service Using Cloudera Manager

If you have a cluster managed by Cloudera Manager, go to Upgrading CDH and Managed Services Using Cloudera Manager and follow the instructions depending on the version of CDH you are upgrading to. If you are upgrading from CDH 5.1, you will notice an extra step in the procedure to upgrade the Sentry database schema.

Upgrading the Sentry Service Using the Command Line

  1. Stop the Sentry service by identifying the PID of the Sentry Service and use the kill command to end the process:
    ps -ef | grep sentry
    kill -9 <PID>
    Replace <PID> with the PID of the Sentry Service.
  2. Remove the previous version of Sentry.
    OS Command
    RHEL
    $ sudo yum remove sentry
    SLES
    $ sudo zypper remove sentry
    Ubuntu or Debian
    $ sudo apt-get remove sentry
  3. Install the new version of Sentry.
    OS Command
    RHEL
    $ sudo yum install sentry
    SLES
    $ sudo zypper install sentry
    Ubuntu or Debian
    $ sudo apt-get update; 
    $ sudo apt-get install sentry
  4. (From CDH 5.1 to CDH 5.x) Upgrade Sentry Database Schema
    Use the Sentry schematool to upgrade the database schema as follows:
    bin/sentry --command schema-tool --conffile <sentry-site.xml> --dbType <db-type> --upgradeSchema
    Where <db-type> should be either mysql, postgres or oracle.
  5. Start the Sentry Service
    1. Set the SENTRY_HOME and HADOOP_HOME parameters.
    2. Run the following command:
      bin/sentry --command service --conffile <sentry-site.xml>
  6. See Sentry High Availability for information about enabling high availability for Sentry.