Product:
- StreamSets Data Collector
- StreamSets Control Hub
Issue:
1) How to run the SCH On-prem control hub on the privileged port as a non-root user (<1024)?
2) How to run SDC on privileged port with non-root users (<1024)?
Solution:
1) We need to install the service and create the service user, which is going to run the service (SDC/SCH) and need to assign permissions (logs/data/resources directory) to that user.
Example:-
SCH service with 443 and 80 (for admin page) port, so for this, we need to follow below steps:
- We need to install the authbind (Installed the authbind according to OS)
- yum install authbind-2.1.1-0.x86_64.rpm
touch /etc/authbind/byport/80
chmod 500 /etc/authbind/byport/80
chown <dpm_service_user> /etc/authbind/byport/80
touch /etc/authbind/byport/443
chmod 500 /etc/authbind/byport/443
chown <dpm_service_user> /etc/authbind/byport/443 NOTE:-
- If we're using systemd setup, we need to update ExecStart property in dpm.service file with the below content, and then we need to start the DPM service using systemctl command.File name:- /etc/systemd/system/dpm.service
[Unit]
Description=StreamSets Dataflow Performance Manager (DPM)
[Service]
User=<service_user>
Group=<service_user>
LimitNOFILE=65536
Environment=DPM_CONF=$DPM_HOME/etc
Environment=DPM_HOME=$DPM_HOME
Environment=DPM_LOG=/var/log/DPM
ExecStart=/usr/bin/authbind --deep $DPM_HOMEbin/streamsets dpm
TimeoutSec=60
[Install]
WantedBy=multi-user.target- If we are using tarball installation, we need to start the service using the below command:
su - <service_user>
/usr/bin/authbind --deep $DPM_HOME/bin/streamsets dpm
2. SDC service with a privileged port as a non-root user can follow the same steps as part of (1).
