About
This site contains documentation for HPE Ezmeral Runtime Enterprise, including installation, configuration, administration, and reference content, and information about related solutions. Examples of related solutions include HPE Ezmeral ML Ops and HPE Ezmeral Runtime Analytics for Apache Spark.
5.6 Reference
- HPE Ezmeral Runtime Enterprise 5.6
- Software Versions
- Kubernetes Bundles
  Kubernetes Bundles are software packages that can contain software to support newer Kubernetes versions, updated add-ons, and software fixes. Kubernetes Bundles enable you to update your deployment without requiring you to upgrade to a newer version of HPE Ezmeral Runtime Enterprise.
- Quick Links
- What's New in Version 5.6.x
  This topic summarizes the new features and important changes in HPE Ezmeral Runtime Enterprise 5.6.x compared to HPE Ezmeral Runtime Enterprise 5.5.x.
- Prepackaged Applications
- On-Premises, Hybrid, and Multi-Cloud Deployments
- Third-Party Licenses
- Universal Concepts
- Accessing HPE Ezmeral Runtime Enterprise Applications and Services
- Navigating the GUI
  Describes the screen layout of the HPE Ezmeral Runtime Enterprise graphical user interface (GUI).
- HPE Ezmeral ML Ops
  The topics in this section provide information about machine learning operations (ML Ops/MLOps) using HPE Ezmeral ML Ops in HPE Ezmeral Runtime Enterprise. (Not available with HPE Ezmeral Runtime Enterprise Essentials.)
- Spark on Kubernetes
  The topics in this section provide information about Apache Spark on Kubernetes in HPE Ezmeral Runtime Enterprise. (Not available with HPE Ezmeral Runtime Enterprise Essentials.)
- Kubernetes
- Platform Administration
  Tasks and reference information for Platform Adminstrators (Site Administrators) managing the HPE Ezmeral Runtime Enterprise deployment.
- HPE Ezmeral Data Fabric Introduction
  HPE Ezmeral Data Fabric is a platform for data-driven analytics, ML, and AI workloads. The patented file-system architecture was designed and built for performance, reliability, and scalability. HPE Ezmeral Runtime Enterprise supports multiple implementations of HPE Ezmeral Data Fabric.
- HPE Ezmeral Data Fabric on Kubernetes Administration
  You administer HPE Ezmeral Data Fabric on Kubernetes and Embedded Data Fabric as part of your HPE Ezmeral Runtime Enterprise environment. The external "bare metal" implementation of HPE Ezmeral Data Fabric is administered through its own tools and has its own documentation. (Not available in HPE Ezmeral Runtime Enterprise Essentials.)
  - About HPE Ezmeral Data Fabric on Kubernetes
  - Requirements for HPE Ezmeral Data Fabric on Kubernetes (for non-production environments only)
    Describes the requirements for HPE Ezmeral Data Fabric on Kubernetes, which is only supported for non-production environments. For all production requirements, recommendation is to use HPE Ezmeral Data Fabric on Bare Metal.
  - Data Fabric Cluster Administrator Username and Password
    This topic defines the HPE Ezmeral Data Fabric cluster administrator and provides information about the default username (mapr) and password for the Data Fabric cluster administrator in HPE Ezmeral Runtime Enterprise deployments.
  - Using Self-Signed Certificates with the Data Fabric Cluster
  - External KMIP Keystore Support
  - Creating a New Data Fabric Cluster
    Use this procedure when creating a cluster that implements HPE Ezmeral Data Fabric on Kubernetes.
  - Expanding a Data Fabric Cluster
    This procedure describes how to expand an HPE Ezmeral Data Fabric on Kubernetes cluster deployed on HPE Ezmeral Runtime Enterprise.
  - Shutting Down a Data Fabric Cluster
    This procedure performs an orderly shut down of Data Fabric clusters that implement HPE Ezmeral Data Fabric on Kubernetes. This procedure does not apply to bare-metal HPE Ezmeral Data Fabric clusters. This procedure does not shut down the entire HPE Ezmeral Runtime Enterprise.
  - Restarting the Data Fabric Cluster
    This procedure resumes the startup process for Data Fabric clusters that implement HPE Ezmeral Data Fabric on Kubernetes. This procedure does not apply to bare-metal HPE Ezmeral Data Fabric clusters. This procedure does not restart the entire HPE Ezmeral Runtime Enterprise.
  - Upgrading and Patching Data Fabric Clusters on Kubernetes
  - Managing HPE Ezmeral Data Fabric on Kubernetes
  - Using the CSI
  - Upgrading the CSI Plug-In
    Use this procedure to upgrade the CSI plug-in on Kubernetes clusters that are not HPE Ezmeral Data Fabric on Kubernetes clusters in deployments of HPE Ezmeral Runtime Enterprise 5.3.5 or later. Upgrading the CSI plug-in requires restarting or recreating the affected pods.
  - HPE Ezmeral Data Fabric Control System (MCS)
  - Disk Management in HPE Ezmeral Data Fabric on Kubernetes
    The topics in this section describe disk management tasks for disks that are part of storage pools on HPE Ezmeral Data Fabric on Kubernetes on HPE Ezmeral Runtime Enterprise.
  - HPE Ezmeral Data Fabric Database Administration
    Administration of the HPE Ezmeral Data Fabric Database on HPE Ezmeral Data Fabric on Kubernetes is done using the maprcli command line interface (not the MCS). HPE Ezmeral Data Fabric Database administration is associated with tables, columns and column families, and table regions.
  - Configuring Cross-Cluster Trust
  - Creating Multiple Gateways for Table and Stream Replication
    You can create multiple gateways for table and stream replication by increasing the number of maprgateway pods.
  - Debugging and Troubleshooting
  - Object Store (S3 Gateway) Overview
  - HPE Ezmeral Data Fabric Event Store
    HPE Ezmeral Data Fabric Event Store provides a reliable, global event streaming system that integrates publish and subscribe messaging to HPE Ezmeral Data Fabric on Kubernetes in HPE Ezmeral Runtime Enterprise.
  - Erasure coding
    In HPE Ezmeral Runtime Enterprise, HPE Ezmeral Data Fabric on Kubernetes supports storage tiers that use erasure coding for data. Erasure coding (EC) is a method of protecting data on lower-cost hardware that also reduces storage overhead in the range of 1.2x-1.5x. EC ensures that if data becomes corrupted, it can be reconstructed using information about the data that is present elsewhere.
  - Kafka REST Support
  - Policy-Based Security
    In HPE Ezmeral Runtime Enterprise, HPE Ezmeral Data Fabric on Kubernetes supports policy-based security (PBS), and the creation and management of security policies for Data Fabric objects through maprcli commands.
    - Policy Based Security versus Centralized Policy Management
      In HPE Ezmeral Runtime Enterprise, policy-based security and Centralized Policy Management have similar names but separate functions and scopes. The policy-based security feature applies to HPE Ezmeral Data Fabric objects. The Centralized Policy Management feature applies to Kubernetes cluster objects and can manage security policies from a central repository.
    - Setting Up Policy-Based Security
      In HPE Ezmeral Runtime Enterprise, policy-based security (PBS) for HPE Ezmeral Data Fabric on Kubernetes is enabled by default. Before you can begin creating security policies, you must use maprcli commands to perform some set up tasks.
    - Creating, managing, and monitoring security policies for Data Fabric objects
      Managing policy-based security on HPE Ezmeral Data Fabric on Kubernetes in HPE Ezmeral Runtime Enterprise is the same as managing policy-based security on bare-metal HPE Ezmeral Data Fabric clusters. Using maprcli or the Control Service (MCS), you can perform the same tasks that are described in the HPE Ezmeral Data Fabric documentation.
  - Manual and Advanced Tasks
    The topics in this section describe the manual tasks and information for advanced users of HPE Ezmeral Data Fabric on Kubernetes in HPE Ezmeral Runtime Enterprise.
- GPU and MIG Support
  This topic provides information about support for NVIDIA GPU and MIG devices on HPE Ezmeral Runtime Enterprise.
- Licensing
- Global Settings
- Planning the Deployment
  A high-level overview of the items to consider when planning an HPE Ezmeral Runtime Enterprise deployment.
- System Requirements
- Deploying the Platform
  The topics in this section describe deploying HPE Ezmeral Runtime Enterprise. Deployment is divided into phases.
- Upgrading to HPE Ezmeral Runtime Enterprise 5.6.x
  This article describes the process to upgrade to the latest 5.6.x version of HPE Ezmeral Runtime Enterprise.
- Upgrading from HPE Ezmeral Runtime Enterprise Essentials
  Upgrade from HPE Ezmeral Runtime Enterprise Essentials to the full-featured HPE Ezmeral Runtime Enterprise or to HPE Ezmeral ML Ops by uploading a license. No additional steps are required.
- Manually Restarting HPE Ezmeral Runtime Enterprise Services
  This topic describes restarting HPE Ezmeral Runtime Enterprise services in non-Kubernetes hosts.
- Uninstalling and Reinstalling HPE Ezmeral Runtime Enterprise
- Support and Troubleshooting
App Workbench 5.1

Setting Up Policy-Based Security

In HPE Ezmeral Runtime Enterprise, policy-based security (PBS) for HPE Ezmeral Data Fabric on Kubernetes is enabled by default. Before you can begin creating security policies, you must use maprcli commands to perform some set up tasks.

In HPE Ezmeral Runtime Enterprise, policy-based security (PBS) for HPE Ezmeral Data Fabric on Kubernetes is enabled by default. Before you can begin creating security policies, you must use maprcli commands to do the following:

Designate a global policy master.

You must set one cluster as the global policy master before you can create security policies. The cluster set as the global policy master is the only cluster on which you can create or update security policies.
Set permissions for creating and managing security policies.

To create security policies, an administrator must have cluster-level cp (create security policy) permission. By default, the cp permission is not assigned to all administrators. Administrators with cluster-level a (admin) permission can grant cp permission to themselves or other administrators.

For more information about these tasks, see Policy-Based Security and Policy-Based Security Quick Reference in the HPE Ezmeral Data Fabric documentation.