About
This site contains documentation for HPE Ezmeral Runtime Enterprise, including installation, configuration, administration, and reference content, and information about related solutions. Examples of related solutions include HPE Ezmeral ML Ops and HPE Ezmeral Runtime Analytics for Apache Spark.
5.7 Reference
- HPE Ezmeral Runtime Enterprise 5.7
- Software Versions
- Kubernetes Bundles
  Kubernetes Bundles are software packages that can contain software to support newer Kubernetes versions, updated add-ons, and software fixes. Kubernetes Bundles enable you to update your deployment without requiring you to upgrade to a newer version of HPE Ezmeral Runtime Enterprise.
- Quick Links
- What's New in Version 5.7.x
  This topic summarizes the new features and important changes in HPE Ezmeral Runtime Enterprise 5.7.x compared to HPE Ezmeral Runtime Enterprise 5.6.5.
- Prepackaged Applications
- On-Premises, Hybrid, and Multi-Cloud Deployments
- Third-Party Licenses
- Universal Concepts
- Accessing HPE Ezmeral Runtime Enterprise Applications and Services
- Navigating the GUI
  Describes the screen layout of the HPE Ezmeral Runtime Enterprise graphical user interface (GUI).
- HPE Ezmeral ML Ops
  The topics in this section provide information about machine learning operations (ML Ops/MLOps) using HPE Ezmeral ML Ops in HPE Ezmeral Runtime Enterprise. (Not available with HPE Ezmeral Runtime Enterprise Essentials.)
- Spark on Kubernetes
  The topics in this section provide information about Apache Spark on Kubernetes in HPE Ezmeral Runtime Enterprise. (Not available with HPE Ezmeral Runtime Enterprise Essentials.)
- Kubernetes
  - Kubernetes Physical Architecture
  - Hewlett Packard Enterprise Distributions of Kubernetes
    The Hewlett Packard Enterprise distribution of Kubernetes, identified by the -hpe<number> suffix, incorporates the containerd runtime, which is required for all Kubernetes clusters created with HPE Ezmeral Runtime Enterprise version 5.5.0 and later.
  - Kubernetes Cluster Types and Compatibility
    An existing HPE Ezmeral Runtime Enterprise deployment that is upgraded from a previous release might contain Kubernetes clusters that use the containerd runtime and Kubernetes clusters that use the Docker runtime. All nodes in a Kubernetes cluster must use the same type of runtime.
  - Migrating Kubernetes Clusters from Docker to containerd
    This topic describes migrating legacy Kubernetes clusters from Docker container runtime to the the new Hewlett Packard Enterprise distribution of Kubernetes, which implements containerd runtime.
  - About HPE Ezmeral Data Fabric on Kubernetes
  - Kubernetes Tenant RBAC
  - Disabling or Enabling the Kubernetes Web Terminal
    As a Platform Administrator, you can enable or disable user access to the Kubernetes Web terminal. The Kubernetes Web Terminal is not available in HPE Ezmeral Runtime Enterprise Essentials.
  - Kubernetes Metadata
  - Centralized Policy Management
    Defines centralized policy management and describes the features and benefits of applying policies to Kubernetes clusters managed by HPE Ezmeral Runtime Enterprise. Not available in HPE Ezmeral Runtime Enterprise Essentials.
  - Kubernetes Troubleshooting Overview
  - Using Kubernetes
    The topics in this section describe information and tasks for non-administrator users of Kubernetes in HPE Ezmeral Runtime Enterprise.
  - Tenant/Project Administration
    The topics in this section describe information and tasks that Kubernetes Tenant/Project Administrators can perform in HPE Ezmeral Runtime Enterprise. .
    - Dashboard - Kubernetes Tenant/Project Administrator
    - Toolbar & Main Menu - Tenant or Project Administrator
      Describes the toolbar and navigation sidebar available to users with Kubernetes Tenant/Project Administrator access rights in HPE Ezmeral Runtime Enterprise.
    - Viewing and Assigning Kubernetes Tenant Users
      This topic describes associating users with roles in Kubernetes tenants in HPE Ezmeral Runtime Enterprise.
    - DataTaps for Tenant/Project Administrators
      The topics in this section tasks and information related to DataTaps for Kubernetes Tenant/Project Administrators in HPE Ezmeral Runtime Enterprise.
      - About DataTaps
      - The DataTaps Screen (Admin)
      - The DataTap Browser Screen
      - Uploading and Downloading Files
      - Creating a New DataTap
      - Editing an Existing DataTap
      - Deleting a DataTap
      - DataTap Tensorflow Support
      - Accessing DataTaps in Kubernetes Pods
        Describes the generic process for configuring Kubernetes pods to access DataTaps, including considerations and steps for Hadoop 2.x and Hadoop 3.x applications.
      - Launching Kubernetes Pods to Access DataTaps
      - Accessing DataTaps in KubeDirector Applications
      - Sample MAPR DataTap - No Impersonation
      - Sample MAPR DataTap - Impersonation
      - HDFS DataTap Cross-Realm Kerberos Authentication
      - HDFS DataTap Kerberos Security
      - HDFS DataTap TDE Configuration
      - HDFS DataTap Wire Encryption
  - Kubernetes Cluster Administrator Tasks
    The topics in this section describe information and tasks that Kubernetes Cluster Administrators can perform in HPE Ezmeral Runtime Enterprise.
  - Kubernetes Administrator Tasks
    The topics in this section describe information and tasks that Kubernetes Administrators can perform in HPE Ezmeral Runtime Enterprise.
  - Kubernetes Application Administration
    The topics in this section describe information and tasks related to Kubernetes application administration on HPE Ezmeral Runtime Enterprise.
- Platform Administration
  Tasks and reference information for Platform Adminstrators (Site Administrators) managing the HPE Ezmeral Runtime Enterprise deployment.
- HPE Ezmeral Data Fabric Introduction
  HPE Ezmeral Data Fabric is a platform for data-driven analytics, ML, and AI workloads. The patented file-system architecture was designed and built for performance, reliability, and scalability. HPE Ezmeral Runtime Enterprise supports multiple implementations of HPE Ezmeral Data Fabric.
- HPE Ezmeral Data Fabric on Kubernetes Administration
  You administer HPE Ezmeral Data Fabric on Kubernetes and Embedded Data Fabric as part of your HPE Ezmeral Runtime Enterprise environment. The external "bare metal" implementation of HPE Ezmeral Data Fabric is administered through its own tools and has its own documentation. (Not available in HPE Ezmeral Runtime Enterprise Essentials.)
- GPU and MIG Support
  This topic provides information about support for NVIDIA GPU and MIG devices on HPE Ezmeral Runtime Enterprise.
- Licensing
- Global Settings
- Planning the Deployment
  A high-level overview of the items to consider when planning an HPE Ezmeral Runtime Enterprise deployment.
- System Requirements
- Deploying the Platform
  The topics in this section describe deploying HPE Ezmeral Runtime Enterprise. Deployment is divided into phases.
- Upgrading to HPE Ezmeral Runtime Enterprise 5.7.x
  This article describes the process to upgrade to the latest 5.7.x version of HPE Ezmeral Runtime Enterprise.
- Upgrading from HPE Ezmeral Runtime Enterprise Essentials
  Upgrade from HPE Ezmeral Runtime Enterprise Essentials to the full-featured HPE Ezmeral Runtime Enterprise or to HPE Ezmeral ML Ops by uploading a license. No additional steps are required.
- Manually Restarting HPE Ezmeral Runtime Enterprise Services
  This topic describes restarting HPE Ezmeral Runtime Enterprise services in non-Kubernetes hosts.
- Uninstalling and Reinstalling HPE Ezmeral Runtime Enterprise
- Support and Troubleshooting

HDFS DataTap Wire Encryption

NOTE

This article only applies to HDFS DataTaps.

Wire encryption means that the network packets between virtual node and remote HDFS service are encrypted. This includes:

RPC encryption: the RPC messages between the virtual node(s) and the HDFS namenode are encrypted.
Data Transfer encryption: The control message and data between the virtual node(s) and the HDFS data nodes are encrypted.

No additional configuration is required to support this feature; however, the HDFS configurations must be modified to enable the wire encryption. Further, the remote HDFS must be Kerberized for security.

To enable wire encryption on a CDH HDFS service:

Enable RPC encryption on the remote HDFS service using the CDH Manager interface, as shown here.
Enable data transfer encryption on the remote HDFS service using the CDH Manager interface, as shown here.
Restart the remote HDFS service.

To enable wire encryption on an HDP HDFS service:

In the Ambari interface, enable RPC encryption by selecting HDFS>Configs>Advanced>Custom core-site, and then adding hadoop.rpc.protection = privacy, as shown here.
In the Ambari interface, enable Data Transfer encryption by selecting HDFS>Configs>Advanced>Custom hdfs-site, add then adding dfs.encrypt.data.transfer = true, as shown here.
Restart the remote HDFS service.

NOTE

Currently the dfs.encrypt.data.transfer.algorithm supports AES, CTR, or NoPadding, and the dfs.encrypt.data.transfer,cipher.key.bitlength can support 128, 192, or 256 bits..

ALA | Privacy Policy

HPE Ezmeral Runtime Enterprise 5.7 Documentation
Abstract	HPE Ezmeral Container Platform is a unified container platform built on open source Kubernetes and designed for both cloud-native applications and non-cloud-native applications running on any infrastructure either on-premises, in multiple public clouds, in a hybrid model, or at the edge.
Published	November 2024
Edition	5.7.0