Skip to main content
Version: 2.2

Configure system users

Adjust the system user or group for each LiveData Migrator service to suit your environment.

info

Data Migrator 1.20 changed Hive Migrator user configuration. If upgrading to 1.21, and authenticating with Hive through a Kerberos principal that doesn't map to the hive user, ensure there's a valid proxy user setting in core-site.xml. Otherwise metadata migrations will fail. See the known issue for more information.

Defaults

The default system users and groups for each service are as follows:

ServiceDefault system userDefault system group
livedata-migratorhdfshdfs
livedata-migrator-data-agenthdfshdfs
livedata-uihdfshdfs
hivemigratorhivehadoop
hivemigrator-remote-serverhivehadoop

If you assign a customer user and group during installation, the above default system users and groups will be overwritten.

Running a service as a different user or group

You can run a service your own custom user or group, allowing precise control over privileges are provided. However, this is only appropriate in environments not running Kerberos:

Customer service users without Kerberos

Running without Kerberos

Don't run Data Migrator without Kerberos in production environments. We recommend running without Kerberos for internal testing only.

Customer service users with Kerberos

Running with Kerberos

On a kerberized cluster, the principal set in the Kerberos keytab determines the identity used to grant access to the source and target. As a result, you don't need to run services using a privileged user. You can set up a custom user with fewer privileges to increase cluster security.

Follow the steps below, depending on which service user/group you want to change.

Data Migrator and WANdisco UI

Adjust the system user or group in the service configuration.

  1. Only do this step if running a Linux distribution with systemd
    Create an override service file for the following services:

    Data Migrator
    systemctl edit livedata-migrator
    Data Transfer Agent
    systemctl edit livedata-migrator-data-agent
    WANdisco UI
    systemctl edit livedata-ui

    In the text editor that opens automatically, override the User and Group variables with your preferred user and group:

    Example
    [Service]
    User=<user>
    Group=<group>
  2. Update the values for USERNAME and GROUPNAME in the configuration file for the following services:

    Data Migrator
    /etc/wandisco/livedata-migrator/vars.env
    Data Transfer Agent
    /etc/wandisco/livedata-migrator-data-agent/vars.env
    WANdisco UI
    /etc/wandisco/ui/vars.env
  3. Change ownership of the related directories to the new system user/group:

    Data Migrator
    chown -R <user>:<group> /opt/wandisco/livedata-migrator /etc/wandisco/livedata-migrator /var/log/wandisco/livedata-migrator /var/run/livedata-migrator
    Data Transfer Agent
    chown -R <user>:<group> /opt/wandisco/livedata-migrator-data-agent /etc/wandisco/livedata-migrator-data-agent /var/log/wandisco/livedata-migrator-data-agent /var/run/livedata-migrator-data-agent
    WANdisco UI
    chown -R <user>:<group> /opt/wandisco/ui /etc/wandisco/ui /var/log/wandisco/ui /var/run/livedata-ui /var/log/wandisco/audit
  4. After you've made changes, restart the services:

Hive Migrator and Hive Migrator remote server

Adjust the system user or group in the service configuration.

  1. Only do this step if running a Linux distribution with systemd
    Create an override service file for the following services:

    Hive Migrator
    systemctl edit hivemigrator
    Hive Migrator remote server
    systemctl edit hivemigrator-remote-server

    In the text editor that opens automatically, override the User and Group variables with your preferred user and group:

    Example
    [Service]
    User=<user>
    Group=<group>
  2. Update the values for HIVE_MIGRATOR_SERVER_USER and HIVE_MIGRATOR_SERVER_GROUP in the configuration file for the following services:

    Hive Migrator
    /etc/wandisco/hivemigrator/vars.sh
    Hive Migrator remote server
    /etc/wandisco/hivemigrator-remote-server/vars.sh
  3. Change ownership of the related directories to the new system user/group:

    Hive Migrator
    chown -R <user>:<group> /opt/wandisco/hivemigrator /etc/wandisco/hivemigrator /var/log/wandisco/hivemigrator /var/run/hivemigrator
    Hive Migrator remote server
    chown -R <user>:<group> /opt/wandisco/hivemigrator-remote-server /etc/wandisco/hivemigrator-remote-server /var/log/wandisco/hivemigrator-remote-server /var/run/hivemigrator-remote-server
  4. Once you've finished making changes, restart the corresponding services: