Starting the mapr-loopbacknfs Service to Access a Cluster

The following instructions explain how to start the loopbacknfs service so you can access either a non-secure or secure cluster.
Note: If you need to access multiple clusters, make sure the first cluster that you configure is a MapR 4.0.2 or later cluster, with available POSIX client licenses.

Prerequisites for accessing a secure cluster:

  • Enable security for the cluster. See enabling and disabling wire-level security.
  • Generate a user ticket. See Generating a MapR User Ticket for instructions. If you do not already have a MapR user ticket, with full control ACL authorization on the cluster, you will have to have a cluster administrator do this for you.
    • Go to a server node in the MapR cluster to which you want to connect.
    • Be sure to run maprlogin password to log in first. The user that logs in must be a privileged user, such as the mapr superuser.
    • Then run maprlogin generateticket -type service -user <user> -duration 365:0:0 -out <file> to generate the user ticket. The <user> for whom the ticket is generated can be any user. If the service ticket expires, the POSIX client will:
      • Automatically use the renewed service ticket without requiring a restart if the ticket is replaced before expiration (ticket expiry time + grace period of 55 minutes). If the ticket is replaced after expiration (which is ticket expiry time + grace period of 55 minutes), the POSIX loopbacknfs client will not refresh the ticket as the mount will become stale.
      • Allow impersonation if a service ticket is replaced before ticket expiration (which is ticket expiry time + grace period of 55 minutes) with a servicewithimpersonation ticket.
      • Honor all changes in user/group IDs of the renewed ticket.
  • Copy the user ticket file from the cluster server node where you generated it to the /usr/local/mapr-loopbacknfs/conf directory on the client machine where the MapR POSIX client will run.
Note: Since the NFS server runs based on a single user's ticket, it can act on behalf of only one user. Therefore, the UID or GID associated with the ticket must match the UID or GID of any user who accesses the NFS server via MapR POSIX Client.
Note: Securing the cluster so that only one user can have secure access provides tight control over cluster access, but it also means that any user on the client who is able to read the generated ticket will have read access to all data in the cluster.

Start the mapr-loopbacknfs service and mount the volume

Complete the following steps from your client node, except where noted, to start the mapr-loopbacknfs service and mount the volume:
Note: If cluster security is enabled, the ticket you generated above must be available or the NFS server will not start.
  1. Start the mapr-loopbacknfs service from the command line.
    # service mapr-loopbacknfs start
  2. Create a mount point at /mapr and mount the client node to it.
                         # mkdir /mapr
                         # mount localhost:/mapr /mapr
  3. You can also automate the mounting of the volume with every launch of the mapr-loopbacknfs service. On the POSIX client node, create /usr/local/mapr-loopbacknfs/conf/mapr_fstab and add the following line:
    localhost:/mapr /mapr hard,nolock