Install from AWS Marketplace with EMR

Contents:

Expand all Collapse all

Contents:

This documentation applies to installation from a supported Marketplace. Please use the installation instructions provided with your deployment.

If you are installing or upgrading a Marketplace deployment, please use the available PDF content. You must use the install and configuration PDF available through the Marketplace listing.

Scenario Description

This scenario assumes the following about the Designer Cloud Powered by Trifacta® platform deployment:

The platform is to be deployed using the official Designer Cloud Enterprise Edition AMI in one of the following ways:
- Via a CloudFormation template
- Manually from the EC2 Launch Instance wizard
It is to be connected to an EMR cluster. Depending on how you install the product, this cluster can be:
- Created automatically as a three-node cluster via the CloudFormation
- Pre-existing in your enterprise infrastructure
No security features are applied to the platform and its use of the datastore.
You have acquired a Alteryx license key. The license key must be deployed to the Alteryx node before you start the platform.

NOTE: This scenario does not provide information on installing and configuring optional components, including security features. It is intended to get the Designer Cloud Powered by Trifacta platform installed, operational, and connected to the EMR cluster.

Install and Upgrade Methods

You can install the software using either of the following methods:

CloudFormation Template: This method of installation utilizes an Amazon CloudFormation template to install and configure a complete working system that includes:
1. EC2 instance with supporting policies/roles.
2. Alteryx node and software
3. S3 bucket with supporting policies
4. 3-node EMR cluster with supporting policies/roles
Manual installation: This method allows you finer-grain control and the ability to deploy the platform into a pre-existing AWS environment (VPC/EMR/S3 bucket).

Designer Cloud Enterprise Edition on AWS	Through EC2 with AMI ID	Through CloudFormation template
Install	If you know the AMI ID for Designer Cloud Enterprise Edition, you can install the product through EC2. Tip: Use this method if you are integrating the product with an existing EMR cluster, need to launch it in an existing VPC, or want to customize your EMR cluster. NOTE: Please verify that the additional pre-requisites have been met. See below.	Supported. Instructions are provided below. Tip: Using the CloudFormation template is the recommended method of deploying the product if you do not need to integrate it into an existing environment.
Upgrade	Supported. See Upgrade for AWS Marketplace with EMR.	NOTE: This method of upgrading the product is not recommended because it requires replacement of the platform EC2 instance. Instead, you should bring up a new instance and test it next to the existing instance before completely switching over to the new instance.

Pre-requisites

If you are integrating the Designer Cloud Powered by Trifacta platform with an EMR cluster, you must acquire a license first. Additional configuration is required. For more information, please contact aws-marketplace@trifacta.com.

Before you begin:

Read: Please read this entire document before you begin.
EULA. Before you begin, please review the End-User License Agreement. See https://docs.trifacta.com/display/PUB/End-User+License+Agreement+-+Trifacta+Wrangler+Enterprise.
Alteryx license file: If you have not done so already, please acquire a Alteryx license file from your Alteryx representative.

Internet access

From AWS, the Designer Cloud Powered by Trifacta platform requires Internet access for the following services:

NOTE: Depending on your AWS deployment, some of these services may not be required.

AWS S3
Key Management System [KMS] (if sse-kms server side encryption is enabled)
Secure Token Service [STS] (if temporary credential provider is used)
EMR (if integration with EMR cluster is enabled)

NOTE: If the Designer Cloud Powered by Trifacta platform is hosted in a VPC where Internet access is restricted, access to S3, KMS and STS services must be provided by creating a VPC endpoint. If the platform is accessing an EMR cluster, a proxy server can be configured to provide access to the AWS ElasticMapReduce regional endpoint.

SELinux

By default, Designer Cloud Enterprise Edition is installed on a server with SELinux enabled. Security-enhanced Linux (SELinux) provides a set of security features for, among other things, managing access controls.

Tip: The following may be applied to other deployments of the Designer Cloud Powered by Trifacta platform on servers where SELinux has been enabled.

In some cases, SELinux can interfere with normal operations of platform software. If you are experiencing connectivity problems related to SELinux, you can do either one of the following:

Disable SELinux on the server. For more information, please see the CentOS documentation.
Apply the following commands on the server, as root:
1. Open ports on the server for listening.
  1. By default, the Designer Cloud application listens on port 3005. The following opens that port when SELinux is enabled:
    semanage port -a -t http_port_t -p tcp 3005
  2. Repeat the above step for any other ports that you wish to open on the server.
2. Permit nginx, the proxy on the Alteryx node, to open websockets:
```
setsebool -P httpd_can_network_connect 1
```

Product Limitations

The EC2 instance, S3 buckets, and any connected Redshift databases must be located in the same Amazon region. Cross-region integrations are not supported at this time.
No support for Hive integration
No support for secure impersonation or Kerberos
No support for high availability and failover
Job cancellation is not supported on EMR.
When publishing single files to S3, you cannot apply an append publishing action.

Install

Desktop Requirements

All desktop users of the platform must have the latest version of Google Chrome installed on their desktops.
- Google Chrome must have the PNaCl client installed and enabled.
- PNaCl Version: 0.50.x.y or later
All desktop users must be able to connect to the EC2 instance through the enterprise infrastructure.

Pre-requisites for EC2 Installations

NOTE: Before you install, you should review the configuration content for specific instructions on setting up the Alteryx node. See below.

If you are manually installing the platform through the Marketplace, please verify that you have the following assets:

EC2 instance:
1. Create the EC2 instance for the Designer Cloud Powered by Trifacta platform.
2. Download and deploy the AMI into the EC2 instance.
EMR Cluster:
1. Before you begin, you should allocate sufficient resources for sizing the EMR cluster. For guidance, please contact your Alteryx representative.
2. If you have a pre-existing EMR cluster, please verify that the cluster is working properly.
S3 bucket. Please create an S3 bucket to store Alteryx assets. In the bucket, the platform stores metadata in the following location:
```
<S3_bucket_name>/trifacta
```
See https://s3.console.aws.amazon.com/s3/home.
IAM policies. Create IAM policies for access to the S3 bucket. Required permissions are the following:
- The system account or individual user accounts must have full permissions for the S3 bucket:
```
Delete*, Get*, List*, Put*, Replicate*, Restore*
```
- These policies must apply to the bucket and its contents. Example:
```
"arn:aws:s3:::my-trifacta-bucket-name"
"arn:aws:s3:::my-trifacta-bucket-name/*"
```
- See https://console.aws.amazon.com/iam/home#/policies
EC2 instance role. Create an EC2 instance role for this policy. See https://console.aws.amazon.com/iam/home#/roles.

Install Steps - CloudFormation Template

NOTE: If you are integrating the Designer Cloud Powered by Trifacta platform with a pre-existing cluster, you must meet the EC2 install pre-requisites above and complete the manual install process listed in the section following this one. Please skip this section.

This install process creates the following:

Alteryx node on an EC2 instance
- Associated policies and roles
S3 bucket
- Associated policies and roles
Three-node EMR cluster
- Associated policies and roles

Steps:

In the Marketplace listing, click Deploy into a new VPC.
Choose a Template: The template path is automatically populated for you.
Specify Details:
1. Stack Name: Display name of the stack is used in the names of resources created by the stack and as an identifier for the stack.
  
  NOTE: Each instance of the Designer Cloud Powered by Trifacta platform must have a separate name.
2. Instance Type: Please select the appropriate instance depending on the number of users and data volumes of your environment. For more information, see the Sizing Guide above.
3. Key Pair: This SSH key pair is used to access the Alteryx Instance and the EMR cluster instances.
4. Allowed HTTP Source: This range of addresses are permitted access to the Alteryx Instance on port 80, 443, and 3005.
  1. Port numbers 80 and 443 do not have any services by default, but you may modify the Alteryx configuration to permit access via these ports.
5. Allowed SSH Source: This range of addresses is permitted access to port 22 on the Alteryx Instance.
Options: None of these is required for installation. Specify any options as needed for your environment.
Review: Review your installation and configured options.
1. Select the checkbox at the end of the page.
2. To launch the stack, click Create.
Please wait while the stack creates all required resources.

In the Stacks list, select the name of your application. Click the Outputs tab and collect the following information. Instructions on how to use this information are provided later.

Parameter	Description	Use
Alteryx URL value	URL and port number to which to connect to the Alteryx application	Users must connect to this IP address and port number to access. By default, it is set to `3005`. The access port can be moved to `80` or `443` if desired. Please contact us for more details.
Alteryx Bucket	The address of the default S3 bucket	This value must be applied through the application after it has been deployed.
Alteryx Instance Id	The identifier for the instance of the platform	This value is the default password for the admin account. NOTE: You must change this password on the first login to the application.

After the Alteryx instance has been created, you must add a license file before starting the Alteryx service. Here we will SSH into the server and create the license file and paste the license file content in, plus update the ownership and permissions of that file:
1. SSH into the server as the centos user and using the key you specified.
2. Change to root user:
```
sudo su
```
3. Update the license file on the Alteryx node. Edit the following file:
```
/opt/trifacta/license/license.json
```
4. Into the above file, paste the contents of the license.json file that was provided to you by your Alteryx representative.
5. Verify permissions on the file:
```
chown trifacta:trifacta /opt/trifacta/license/license.json
chmod 644 /opt/trifacta/license/license.json
```
Start the Alteryx service:
```
service trifacta start
```
It may take some time for the server to finish coming online. Navigate to the Designer Cloud application.
When the login screen appears, enter the following:
1. Username: admin@trifacta.local
2. Password: (the TrifactaInstanceId value)
  
  NOTE: After you login as an admin for the first time, you must change the password.
From the application menu, select the Settings menu. Then, click Settings >Admin Settings.
In the Admin Settings page, you can configure many aspects of the platform, including user management tasks, and perform restarts to apply the changes.
Add the S3 bucket that was automatically created to store Alteryx metadata and EMR content. Search for:
```
"aws.s3.bucket.name"
```
1. Update the value with the Alteryx Bucket value provided when you created the stack in AWS.
Verify your Spark version. If the cluster was launched from AWS, this value should be set to 2.3.0. Search for:
```
"spark.version"
```
1. Update its value to 2.3.0, if necessary.

Set up the AWS authentication mode:

Search for:
```
"aws.mode"
```

System mode is default and is recommended unless you are doing a custom installation.

aws.mode value	Description
`system`	Set the mode to `system` to enable use of EC2 instance-based authentication for access.
`user`	Set the mode to `user` to utilize user-based credentials. This mode requires additional configuration.

Details on the above configuration are described later.

Enable the "Run in EMR" option within the platform. Search for:
```
"webapp.runinEMR"
```
1. Select the checkbox to enable it.
Click Save underneath the Platform Settings section.
In the Admin Settings page, locate the External Service Settings section.
1. AWS EMR Cluster ID: Paste the value for the EMR Cluster ID for the cluster to which the platform is connecting.
2. AWS Region: Enter the region where your EMR cluster is located.
3. Resource Bucket: you may use the already created Alteryx Bucket.
4. Resource Path: you should use something like EMRLOGS.
Click Save underneath the External Service Settings section.
When the platform restarts, you can begin using the product.

Deleting CloudFormation stack

If you must delete the CloudFormation stack, please be aware of the following.

The S3 bucket that was created for the stack is not removed. If you want to delete it, you must empty it first and then delete it.
Any EMR security groups created for the stack cannot be deleted, due to circular references. The stack deletion process informs you of the security groups that it failed to delete. To complete the deletion:
1. Remove all rules from the security groups.
2. Delete the security groups manually.
3. Re-run the stack deletion, which should complete successfully.

Install Steps - EC2 Instance

Launch the product.
In the EC2 Console:
1. Instance size: Select the instance size.
2. Network: Configure the VPC, subnet, firewall and other configuration settings necessary to communicate with the instance.
3. Auto-assigned Public IP: You must create a public IP to access the Designer Cloud Powered by Trifacta platform.
4. EC2 role: Select the EC2 role that you created.
5. Local storage: Select a local EBS volume. The default volume includes 100GB storage.
  
  NOTE: The local storage environment contains the Alteryx databases, the product installation, and its log files. No source data is ever stored within the product.
6. Security group: Use a security group that exposes access to port 3005, which is the default port for the platform.
7. Create an AWS key-pair for access: This key is used to provide SSH access to the platform, which may be required for some admin tasks.
8. Save your changes.
Apply license key:
1. Acquire the license.json license key file that was provided to you by your Alteryx representative.
2. Transfer the license key file to the EC2 node that is hosting the Designer Cloud Powered by Trifacta platform. Navigate to the directory where you stored it.
3. Make the Alteryx user the owner of the file:
```
sudo chown trifacta:trifacta license.json
```
4. Make sure that the Alteryx user has read permissions on the file:
```
sudo chmod 644 license.json
```
5. Copy the license key file to the proper location:
```
cp license.json /opt/trifacta/license/
```
Launch the configured platform.

NOTE: From the EC2 Console, please acquire the instanceId, which is needed in a later step.
When the instance is spinning up for the first time, performance may be slow. When the instance is up, navigate to the following:
```
http://<public_hostname>:3005
```
When the login screen appears, enter the following:
1. Username: admin@trifacta.local
2. Password: (the instanceId value)
  
  NOTE: As soon as you login as an admin for the first time, you should immediately change the password. Select the User Profile menu item in the upper-right corner. Change the password and click Save to restart the platform.
From the application menu, select Settings menu > Admin Settings.
In the Admin Settings page, you can configure many aspects of the platform, including user management tasks, and perform restarts to apply the changes.
In the Search bar, enter the following:
```
"aws.s3.bucket.name"
```
1. Set the value of this setting to be the bucket that you created.

The following setting must be specified.

"aws.mode":"system",

You can set the above value to either of the following:

aws.mode value	Description
`system`	Set the mode to `system` to enable use of EC2 instance-based authentication for access.
`user`	Set the mode to `user` to utilize user-based credentials to access the EMR cluster.

Details on the above configuration are described later.

Click Save.
When the platform restarts, you can begin using the product.

SSH Access

If you need to SSH to the Alteryx node, you can use the following command:

ssh -i <path_to_key_file> <userId>@<tri_node_DNS_or_IP>

Parameter	Description
<path_to_key_file>	Path to the key file stored on your local computer.
`<userId>`	The user ID is always `centos`.
<tri_node_DNS_or_IP>	DNS or IP address of the Alteryx node

Additional Configuration for Manual Installs

EC2 Role-Based Authentication: If aws.mode was set to system, you are using EC2 role-based authentication. Additional configuration is required to integrate the roles into the platform. For more information, see Configure for EC2 Role-Based Authentication.
EMR: If you are integrating with a pre-existing EMR cluster, additional configuration is required.

NOTE: Please review these steps with your Alteryx representative.
For more information, see Configure for EMR.
S3: For more information on how to modify your S3 integration, see Enable S3 Access.

Verify

Start and Stop the Platform

Error rendering macro 'excerpt-include'

No link could be created for 'Install Start Platform'.

Verify Operations