About
This site contains documentation for HPE Ezmeral Runtime Enterprise, including installation, configuration, administration, and reference content, and information about related solutions. Examples of related solutions include HPE Ezmeral ML Ops and HPE Ezmeral Runtime Analytics for Apache Spark.
5.6 Reference
- HPE Ezmeral Runtime Enterprise 5.6
- Software Versions
- Kubernetes Bundles
  Kubernetes Bundles are software packages that can contain software to support newer Kubernetes versions, updated add-ons, and software fixes. Kubernetes Bundles enable you to update your deployment without requiring you to upgrade to a newer version of HPE Ezmeral Runtime Enterprise.
- Quick Links
- What's New in Version 5.6.x
  This topic summarizes the new features and important changes in HPE Ezmeral Runtime Enterprise 5.6.x compared to HPE Ezmeral Runtime Enterprise 5.5.x.
- Prepackaged Applications
- On-Premises, Hybrid, and Multi-Cloud Deployments
- Third-Party Licenses
- Universal Concepts
  - Controller, Gateway, and Worker Hosts
  - Gateway Hosts
    Gateway hosts run the HAproxy service and are part of the HPE Ezmeral Runtime Enterprise control plane. You can access the web UI of a HPE Ezmeral Runtime Enterprise deployment through any Gateway host. For high availability and load balancing, configure multiple Gateway hosts.
  - HAproxy service
    The HAproxy service enables load balancing and SSL termination. After the Gateway hosts are set up, the HPE Ezmeral Runtime Enterprise Controller automatically starts using the Gateway proxy set for container port mappings.
  - Networks and Subnets
    HPE Ezmeral Runtime Enterprise hosts are connected through an external switch that is accessible to the network that your organization manages. Internally within HPE Ezmeral Runtime Enterprise, Kubernetes pods communicate through a private nonroutable virtual network that is not visible to the host network.
  - Software Components
  - Virtual Cores, RAM, Storage, and GPU Devices
  - Tenants and Projects
  - Namespaces
    This article describes Kubernetes namespaces in HPE Ezmeral Runtime Enterprise.
  - Tenant/Project Storage
  - Node Storage
  - About DataTaps
  - FS Mounts
  - User Authentication
  - Users and Roles
  - High Availability
    High availability (HA) in deployments of HPE Ezmeral Runtime Enterprise is divided into platform controller HA, gateway HA, and cluster HA.
  - Public Key Infrastructure
  - Monitoring and Alerting
- Accessing HPE Ezmeral Runtime Enterprise Applications and Services
- Navigating the GUI
  Describes the screen layout of the HPE Ezmeral Runtime Enterprise graphical user interface (GUI).
- HPE Ezmeral ML Ops
  The topics in this section provide information about machine learning operations (ML Ops/MLOps) using HPE Ezmeral ML Ops in HPE Ezmeral Runtime Enterprise. (Not available with HPE Ezmeral Runtime Enterprise Essentials.)
- Spark on Kubernetes
  The topics in this section provide information about Apache Spark on Kubernetes in HPE Ezmeral Runtime Enterprise. (Not available with HPE Ezmeral Runtime Enterprise Essentials.)
- Kubernetes
- Platform Administration
  Tasks and reference information for Platform Adminstrators (Site Administrators) managing the HPE Ezmeral Runtime Enterprise deployment.
- HPE Ezmeral Data Fabric Introduction
  HPE Ezmeral Data Fabric is a platform for data-driven analytics, ML, and AI workloads. The patented file-system architecture was designed and built for performance, reliability, and scalability. HPE Ezmeral Runtime Enterprise supports multiple implementations of HPE Ezmeral Data Fabric.
- HPE Ezmeral Data Fabric on Kubernetes Administration
  You administer HPE Ezmeral Data Fabric on Kubernetes and Embedded Data Fabric as part of your HPE Ezmeral Runtime Enterprise environment. The external "bare metal" implementation of HPE Ezmeral Data Fabric is administered through its own tools and has its own documentation. (Not available in HPE Ezmeral Runtime Enterprise Essentials.)
- GPU and MIG Support
  This topic provides information about support for NVIDIA GPU and MIG devices on HPE Ezmeral Runtime Enterprise.
- Licensing
- Global Settings
- Planning the Deployment
  A high-level overview of the items to consider when planning an HPE Ezmeral Runtime Enterprise deployment.
- System Requirements
- Deploying the Platform
  The topics in this section describe deploying HPE Ezmeral Runtime Enterprise. Deployment is divided into phases.
- Upgrading to HPE Ezmeral Runtime Enterprise 5.6.x
  This article describes the process to upgrade to the latest 5.6.x version of HPE Ezmeral Runtime Enterprise.
- Upgrading from HPE Ezmeral Runtime Enterprise Essentials
  Upgrade from HPE Ezmeral Runtime Enterprise Essentials to the full-featured HPE Ezmeral Runtime Enterprise or to HPE Ezmeral ML Ops by uploading a license. No additional steps are required.
- Manually Restarting HPE Ezmeral Runtime Enterprise Services
  This topic describes restarting HPE Ezmeral Runtime Enterprise services in non-Kubernetes hosts.
- Uninstalling and Reinstalling HPE Ezmeral Runtime Enterprise
- Support and Troubleshooting
App Workbench 5.1

Public Key Infrastructure

A Public Key Infrastructure (PKI) is used to secure Remote Procedure Calls (RPC) between hosts. In this infrastructure:

The Controller host knows which public server keys reside on each Worker host.
Each Worker host knows which public keys can contact that host from the Controller host (or Shadow Controller, if platform HA is enabled).

This feature manifests itself in the following ways:

Adding a Worker using the Agent: If you are adding a new Worker host using the agent as described in Agent-Based Kubernetes Host Installation, then you must copy the file /opt/bluedata/keys/authorized_keys from the Controller host to the same location on the new Worker host after installing the agent, and with the same owner/group, permissions, and SELinux context. See Kubernetes Worker Installation Overview. This is not needed for Gateway hosts. Copying the authorized_keys file is not necessary for Gateway hosts.
Non-agent based Worker installation: /opt/bluedata/keys/authorized_keys will be securely transmitted to the Worker host using the credentials given for the Worker-add process. See Kubernetes Worker Installation Overview, Gateway Installation Tab. No manual action is needed for the keys.

NOTE When PKI is used, the Details column of the Installation screen will include a Fingerprint column that displays an MD5 sum such as f7:60:1f:45:fb:a7:e4:47:82:e2:38:19:a3:ff:08:bd for each Worker host. This is the MD5 fingerprint contained in the file /opt/bluedata/keys/ssh_host_rsa_key.pub on the Worker host. This allows the Platform Administrator to confirm that they are adding the correct Worker host. You can verify this MD5 fingerprint by logging in to the Worker host and then executing the command

ssh-keygen -E md5 -lf
                                    /opt/bluedata/keys/ssh_host_rsa_key.pub

, followed by comparing the returned value to that displayed in the Details column.

CAUTION Clicking Install means that you trust that you are installing HPE Ezmeral Runtime Enterprise on the correct, intended worker host.