Help Center/ DataArts Studio/ User Guide/ Management Center/ Configuring DataArts Studio Data Connection Parameters/ Doris Connection Parameters
Updated on 2024-10-23 GMT+08:00
View PDF
Share

Doris Connection Parameters

Table 1 MRS Doris connection

Parameter

Mandatory

Description

Data Connection Type

Yes

Doris is selected by default and cannot be changed.

Name

Yes

Name of the data connection to create. Data connection names can contain a maximum of 100 characters. They can contain only letters, digits, underscores (_), and hyphens (-).

Tag

No
Attribute of the data connection to create. Tags make management easier.
NOTE:

The tag name can contain only letters, digits, and underscores (_) and cannot start with an underscore (_) or contain more than 100 characters.

Applicable Modules

Yes

Select the modules for which this connection is available.

NOTE:
  • When the data migration job feature is enabled, you can select the DataArts Migration module. Then you can select this data connection when creating a data migration job in DataArts Factory.
  • You can use offline processing migration jobs only after apply for the trustlist membership. To use this feature, contact customer service or technical support.

Basic and Network Connectivity Configuration

Doris Type

Yes

You can select MRS Doris or CloudTable Doris.

MRS Cluster Name

Yes

This parameter is valid when Doris Type is set to MRS Doris.

NOTE:

This parameter is available only for MRS clusters of version 3.2.0 or later.

The name of the MRS cluster. Select an MRS cluster that Hive belongs to. Only MRS clusters are supported. A Hadoop cluster can be selected only after it is managed by MRS. All the MRS clusters with the same project ID and enterprise project are displayed.
NOTE:

DataArts Studio does not support MRS clusters whose Kerberos encryption type is aes256-sha2,aes128-sha2, and only supports MRS clusters whose Kerberos encryption type is aes256-sha1,aes128-sha1.

If the connection fails after you select a cluster, check whether the MRS cluster can communicate with the CDM instance which functions as the agent. They can communicate with each other in the following scenarios:
  • If the CDM cluster in the DataArts Studio instance and the MRS cluster are in different regions, a public network or a dedicated connection is required. If the Internet is used for communication, ensure that an EIP has been bound to the CDM cluster, and the MRS cluster can access the Internet and the port has been enabled in the firewall rule.
  • If the CDM cluster in the DataArts Studio instance and the MRS cluster are in the same region, VPC, subnet, and security group, they can communicate with each other by default. If they are in the same VPC but in different subnets or security groups, you must configure routing rules and security group rules. For details about how to configure routing rules, see Configuring Routing Rules. For details about how to configure security group rules, see Configuring Security Group Rules.
  • The MRS cluster and the DataArts Studio workspace belong to the same enterprise project. If they do not, you can modify the enterprise project of the workspace.
NOTE:

If an agent is connected to multiple MRS clusters and one of the MRS clusters is deleted or abnormal, connections to the other MRS clusters will be affected. Therefore, you are advised to connect an agent to only one MRS cluster.

FE IP

Yes

IP address of the frontend node of the Doris or Cloud component in the MRS cluster. You can enter one or more IP addresses. Separate multiple IP addresses with commas (,).

To obtain them, perform the following operations:

  1. Log in to MRS FusionInsight Manager.
  2. Choose Cluster > Services > Doris > Instance to obtain the management IP address of the FE role.

Port

Yes

Port used by the Doris FE to query connections through the MySQL protocol

To obtain MRS Doris, perform the following steps:

  1. Log in to MRS FusionInsight Manager.
  2. Choose Cluster > Services > Doris > Configurations > Basic Configurations, search for query_port, and view the port number.

KMS Key

Yes
KMS key used to encrypt and decrypt data source authentication information. Select a default or custom key.
NOTE:

When you use KMS for encryption through DataArts Studio or KPS for the first time, the default key dlf/default or kps/default is automatically generated. For more information about default keys, see What Is a Default Master Key?.

Agent

Yes

MRS is not a fully managed service and cannot be directly connected to DataArts Studio. A CDM cluster can provide an agent for DataArts Studio to communicate with non-fully-managed services. Therefore, you need to select a CDM cluster when creating an MRS data connection. If no CDM cluster is available, create one first.

As a network proxy, the CDM cluster must be able to communicate with the MRS cluster. To ensure network connectivity, the CDM cluster must be in the same region and AZ and use the same VPC and subnet as the MRS cluster. The security group rule must also allow the CDM cluster to communicate with the MRS cluster.

NOTE:
  • If a CDM cluster functions as the agent for a data connection in Management Center, the cluster cannot connect to multiple MRS security clusters. You are advised to plan multiple agents which are mapped to MRS security clusters one by one.
  • If a CDM cluster functions as the agent for a data connection in Management Center, the cluster supports a maximum of 200 concurrent active threads. If multiple data connections share an agent, a maximum of 200 SQL, Shell, and Python scripts submitted through the connections can run concurrently. Excess tasks will be queued. You are advised to plan multiple agents based on the workload.

SSL Encryption

No

Whether to enable SSL encrypted transmission. This function is enabled by default. Disable it if SSL is disabled at the source.

Data Source Driver Configuration

Driver Name

Yes

Driver name. Currently, the MySQL JDBC driver is supported. The driver name is com.mysql.jdbc.Driver.

Driver Source

Yes

Select the source of the driver file.

Driver File Path

Yes

This parameter is mandatory when Driver file source is set to OBS path.

Path of the driver file in the OBS bucket. You need to download the .jar driver file from the corresponding official website and upload it to the OBS bucket.

MySQL driver: Obtain the driver from https://downloads.mysql.com/archives/c-j/. Version 5.1.48 or later is recommended. If the version is earlier than 5.1.48, error "The db user or password invalid" will be reported.

NOTE:

To update the driver, you must restart the CDM cluster in DataArts Migration and then edit the data connection to upload the driver.

Driver File

Yes

This parameter is mandatory when Driver Source is set to Local file. Select a driver version that adapts to the database type.

Data Source Authentication and Other Function Configuration

Username

Yes

Username of the MRS or CloudTable cluster.

If a new MRS user is used for connection, you need to log in to Manager and change the initial password.

To create a data connection for an MRS security cluster, do not use user admin. The admin user is the default management page user and cannot be used as the authentication user of the security cluster. You can create an MRS user with a permanent password by referring to Creating a Kerberos Authentication User for an MRS Security Cluster. When creating an MRS data connection, set Username and Password to the new MRS username and password.

NOTE:
  • For clusters of MRS 3.1.0 or later, the user must at least have permissions of the Manager_viewer role to create data connections in Management Center. To perform database, table, and data operations on components, the user must also have user group permissions of the components.
  • For clusters earlier than MRS 3.1.0, the user must have permissions of the Manager_administrator or System_administrator role to create data connections in Management Center.
  • A user with only the Manager_tenant or Manager_auditor permission cannot create connections.
  • You are advised to set a user password that never expires to prevent connection failures and service loss caused by password expiration.

Password

Yes

It can also be the password for accessing the MRS or CloudTable cluster.

Creating a Kerberos Authentication User for an MRS Security Cluster

To create a data connection for an MRS security cluster, do not use user admin. The admin user is the default management page user and cannot be used as the authentication user of the security cluster. To create an MRS user, perform the following steps:

For clusters of MRS 3.x:

  1. Log in to MRS Manager as user admin.
  2. Choose System > Permission > Security Policy > Password Policy. Click Add Password Policy and add a policy under which the password never expires.
    • Set Password Policy Name to neverexp.
    • Set Password Validity Period (Days) to 0, indicating that the password never expires.
    • Set Password Expiration Notification (Days) to 0.
    • Retain the default values for other parameters.
  3. Choose System > Permission > User. On the page displayed, click Create to add a dedicated user as the Kerberos authentication user and set the password policy to neverexp. Select the user group superGroup for the user, and assign all roles to the user.
    • For clusters of MRS 3.1.0 or later, the user must at least have permissions of the Manager_viewer role to create data connections in Management Center. To perform database, table, and data operations on components, the user must also have user group permissions of the components.
    • For clusters earlier than MRS 3.1.0, the user must have permissions of the Manager_administrator or System_administrator role to create data connections in Management Center.
    • A user with only the Manager_tenant or Manager_auditor permission cannot create connections.
  4. Log in to Manager as the new user and change the initial password. Otherwise, the connection fails to be created.
  5. Synchronize IAM users.
    1. Log in to the MRS console.
    2. Choose Clusters > Active Clusters, select a running cluster, and click its name to go to its details page.
    3. In the Basic Information area of the Dashboard page, click Synchronize on the right side of IAM User Sync to synchronize IAM users.
      • When the policy of the user group to which the IAM user belongs changes from MRS ReadOnlyAccess to MRS CommonOperations, MRS FullAccess, or MRS Administrator, wait for 5 minutes until the new policy takes effect after the synchronization is complete because the SSSD (System Security Services Daemon) cache of cluster nodes needs time to be updated. Then, submit a job. Otherwise, the job may fail to be submitted.
      • When the policy of the user group to which the IAM user belongs changes from MRS CommonOperations, MRS FullAccess, or MRS Administrator to MRS ReadOnlyAccess, wait for 5 minutes until the new policy takes effect after the synchronization is complete because the SSSD cache of cluster nodes needs time to be updated.

For clusters of MRS 2.x or earlier:

  1. Log in to the MRS Manager as user admin.
  2. On FusionInsight Manager, choose System Settings and click Configure Password Policy to modify the password policy.
    • Set Password Validity Period (Days) to 0, indicating that the password never expires.
    • Set Password Expiration Notification (Days) to 0.
    • Retain the default values for other parameters.
  3. Choose System > Manage User. On the page displayed, add a dedicated user as the Kerberos authentication user. Select the user group superGroup for the user, and assign all roles to the user.
    • For clusters of MRS 2.x or earlier, the user must have permissions of the Manager_administrator or System_administrator role to create data connections in Management Center.
    • A user with only the Manager_tenant or Manager_auditor permission cannot create connections.
  4. Log in to MRS Manager as the new user and change the initial password. Otherwise, the connection fails to be created.
  5. Synchronize IAM users.
    1. Log in to the MRS console.
    2. Choose Clusters > Active Clusters, select a running cluster, and click its name to go to its details page.
    3. In the Basic Information area of the Dashboard page, click Synchronize on the right side of IAM User Sync to synchronize IAM users.
      • When the policy of the user group to which the IAM user belongs changes from MRS ReadOnlyAccess to MRS CommonOperations, MRS FullAccess, or MRS Administrator, wait for 5 minutes until the new policy takes effect after the synchronization is complete because the SSSD (System Security Services Daemon) cache of cluster nodes needs time to be updated. Then, submit a job. Otherwise, the job may fail to be submitted.
      • When the policy of the user group to which the IAM user belongs changes from MRS CommonOperations, MRS FullAccess, or MRS Administrator to MRS ReadOnlyAccess, wait for 5 minutes until the new policy takes effect after the synchronization is complete because the SSSD cache of cluster nodes needs time to be updated.