About
This site contains documentation for HPE Ezmeral Runtime Enterprise, including installation, configuration, administration, and reference content, and information about related solutions. Examples of related solutions include HPE Ezmeral ML Ops and HPE Ezmeral Runtime Analytics for Apache Spark.
5.6 Reference
- HPE Ezmeral Runtime Enterprise 5.6
- Software Versions
- Kubernetes Bundles
  Kubernetes Bundles are software packages that can contain software to support newer Kubernetes versions, updated add-ons, and software fixes. Kubernetes Bundles enable you to update your deployment without requiring you to upgrade to a newer version of HPE Ezmeral Runtime Enterprise.
- Quick Links
- What's New in Version 5.6.x
  This topic summarizes the new features and important changes in HPE Ezmeral Runtime Enterprise 5.6.x compared to HPE Ezmeral Runtime Enterprise 5.5.x.
- Prepackaged Applications
- On-Premises, Hybrid, and Multi-Cloud Deployments
- Third-Party Licenses
- Universal Concepts
- Accessing HPE Ezmeral Runtime Enterprise Applications and Services
- Navigating the GUI
  Describes the screen layout of the HPE Ezmeral Runtime Enterprise graphical user interface (GUI).
- HPE Ezmeral ML Ops
  The topics in this section provide information about machine learning operations (ML Ops/MLOps) using HPE Ezmeral ML Ops in HPE Ezmeral Runtime Enterprise. (Not available with HPE Ezmeral Runtime Enterprise Essentials.)
- Spark on Kubernetes
  The topics in this section provide information about Apache Spark on Kubernetes in HPE Ezmeral Runtime Enterprise. (Not available with HPE Ezmeral Runtime Enterprise Essentials.)
- Kubernetes
- Platform Administration
  Tasks and reference information for Platform Adminstrators (Site Administrators) managing the HPE Ezmeral Runtime Enterprise deployment.
- HPE Ezmeral Data Fabric Introduction
  HPE Ezmeral Data Fabric is a platform for data-driven analytics, ML, and AI workloads. The patented file-system architecture was designed and built for performance, reliability, and scalability. HPE Ezmeral Runtime Enterprise supports multiple implementations of HPE Ezmeral Data Fabric.
- HPE Ezmeral Data Fabric on Kubernetes Administration
  You administer HPE Ezmeral Data Fabric on Kubernetes and Embedded Data Fabric as part of your HPE Ezmeral Runtime Enterprise environment. The external "bare metal" implementation of HPE Ezmeral Data Fabric is administered through its own tools and has its own documentation. (Not available in HPE Ezmeral Runtime Enterprise Essentials.)
- GPU and MIG Support
  This topic provides information about support for NVIDIA GPU and MIG devices on HPE Ezmeral Runtime Enterprise.
- Licensing
- Global Settings
  - Enabling SSL Connections
    This procedure describes how to enable SSL connections in HPE Ezmeral Runtime Enterprise deployments for which SSL was not enabled during the initial deployment process.
  - Enabling Platform High Availability
    Platform High Availability (HA) protects your HPE Ezmeral Runtime Enterprise a failure of the Controller host. Hewlett Packard Enterprise recommends that you enable HA for the HPE Ezmeral Runtime Enterprise Controller before you create Kubernetes clusters.
  - Disabling Platform High-Availability
  - The Controllers & HA Screen
    The Controllers & HA screen enables Platform Administrators to configure platform high availability, and add the Shadow Controller and Arbiter hosts, as needed.
  - Gateway LB
    The topics in this section describe the settings and tasks related to the gateway load balancers in HPE Ezmeral Runtime Enterprise.
  - The User Authentication Screen
    The User Authentication screen enables the Platform Administrator to configure user authentication settings in HPE Ezmeral Runtime Enterprise.
  - The Notification Settings Screen
    The Notification Settings screen enables Platform Administrators to configure the HPE Ezmeral Runtime Enterprise deployment to deliver Nagios alerts.
  - User Management
    The topics in this section describe the settings and tasks related to the managing users in HPE Ezmeral Runtime Enterprise.
    - Viewing User Assignments
    - Assigning/Revoking User Roles (Local)
    - Assigning/Revoking User Roles (LDAP/AD/SAML)
    - Creating a New User (Local)
    - Deleting a User
      Deleting a user immediately removes that user and prevent them from being able to access the deployment.
    - Managing User Sessions
    - Configuring User Authentication Settings
    - Accessing LDAP/AD/SAML Logs
    - Managing Platform Administrators
      The topics in this section describe the settings and tasks related to the managing Platform Administrator (Site Admin) users in HPE Ezmeral Runtime Enterprise.
    - The User Management Screen
    - The User Details Screen
    - Authentication Groups
  - The System Settings Screen
    The topics in this section describe the System Settings screen and its tabs in HPE Ezmeral Runtime Enterprise.
  - System Maintenance
    This topic describes the preparation and post-procedure tasks to perform maintenance, such as OS patches and upgrades, on hosts that are part of an HPE Ezmeral Runtime Enterprise deployment.
- Planning the Deployment
  A high-level overview of the items to consider when planning an HPE Ezmeral Runtime Enterprise deployment.
- System Requirements
- Deploying the Platform
  The topics in this section describe deploying HPE Ezmeral Runtime Enterprise. Deployment is divided into phases.
- Upgrading to HPE Ezmeral Runtime Enterprise 5.6.x
  This article describes the process to upgrade to the latest 5.6.x version of HPE Ezmeral Runtime Enterprise.
- Upgrading from HPE Ezmeral Runtime Enterprise Essentials
  Upgrade from HPE Ezmeral Runtime Enterprise Essentials to the full-featured HPE Ezmeral Runtime Enterprise or to HPE Ezmeral ML Ops by uploading a license. No additional steps are required.
- Manually Restarting HPE Ezmeral Runtime Enterprise Services
  This topic describes restarting HPE Ezmeral Runtime Enterprise services in non-Kubernetes hosts.
- Uninstalling and Reinstalling HPE Ezmeral Runtime Enterprise
- Support and Troubleshooting
App Workbench 5.1

Accessing LDAP/AD/SAML Logs

All queries sent to the configured LDAP/AD server can be logged. To enable this feature:

SSH into the Controller host.
Execute either of the following commands, as appropriate:
- LDAP/AD:/opt/bluedata/common-install/bd_mgmt/bin/bd_mgmt enable_management_logger authaudit
- SAML:/opt/bluedata/common-install/bd_mgmt/bin/bd_mgmt enable_management_logger samldebug
To locate LDAP/AD queries, search /var/log/bluedata/bds-mgmt.log for all instances of authaud (LDAP/AD) or samldeb (SAML).

This feature logs the following LDAP/AD activity:

An LDAP/AD user who does not have an existing session attempts to log in.
A Platform Administrator changes the LDAP/AD authentication parameters.
A Platform Administrator verifies the LDAP/AD authentication parameters.
A user is added who is being authenticated by an external LDAP/AD server.

This feature does not log the following activity because it does not require querying the LDAP/AD server:

An authenticated user attempts to log in.
A user is added who is not being authenticated by an external LDAP/AD server.
A user is assigned a role within a tenant or project.