Skip to main content

How to install and configure Tableau Server Linux HA | Centos | Redhat |...




















PREPARATION
# Node
information
node1IP:
node2IP:
node3IP:

# TS
installer download


Step1:
Install Initial node

Step 2:
Generate bootstrap file on the initial node
tsm
topology nodes get-bootstrap-file --file <path\file>.json

scp
./bootstrap.json dpark@node2IP:~/
scp
./bootstrap.json dpark@node3IP:~/

Step 3:
Firewall Settings
Step 3-1:
Initial node Firewall settings

1. confirm gateway and tabadmincontroller port number(by default
8850)

tsm topology list-ports | grep -E "tabadmincontroller:primary |
gateway"

2. Check dynamic port range. typical range
is 8000 to 9000.

tsm configuration get -k ports.range.min
  tsm configuration get -k ports.range.max

3. Start firewalld:
  sudo systemctl start firewalld

4. Verify that the default zone is a high-security zone, such
as public.
firewall-cmd --get-default-zone

if change is needed,
sudo firewall-cmd --set-default-zone=public

5. Add ports for the gateway, tabadmincontroller port
and  port range (27000-27010) for  licensing communication between nodes

sudo firewall-cmd --permanent --add-port=80/tcp
  sudo firewall-cmd --permanent
--add-port=27000-27010/tcp

6. Configure the firewall to allow all traffic from the other nodes
in the cluster.

sudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4
source address=node2IP/32 port port=8000-9000 protocol=tcp accept'

sudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4
source address=node3IP/32 port port=8000-9000 protocol=tcp accept'

7. Reload the firewall and verify the settings.
sudo
firewall-cmd --reload
firewall-cmd
--list-all

Step 3-2:
additional nodes firewall setting

1. Start firewalld:
sudo
systemctl start firewalld

2. Verify that the default zone is a high-security zone, such
as public.
firewall-cmd
--get-default-zone

if change is needed,
sudo firewall-cmd --set-default-zone=public

3. Configure the firewall to
allow gateway and tabadmincontroller access from the other
nodes in the cluster.

on node 2:
sudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4
source address=node1IP/32 port port=80 protocol=tcp accept'
sudo
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source
address=node1IP/32 port port=8000-9000 protocol=tcp accept'

sudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4
source address=node3IP/32 port port=80 protocol=tcp accept'
sudo
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source
address=node3IP/32 port port=8000-9000 protocol=tcp accept'

on node 3:
sudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4
source address=node1IP/32 port port=80 protocol=tcp accept'
sudo
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source
address=node1IP/32 port port=8000-9000 protocol=tcp accept'

sudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4
source address=node2IP/32 port port=80 protocol=tcp accept'
sudo
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source
address=node2IP/32 port port=8000-9000 protocol=tcp accept'


4. Reload the firewall and verify the settings.
sudo
firewall-cmd --reload
firewall-cmd
--list-all

Step 4:
Install Additional node with bootstrap

sudo yum
install tableau-server-version.x86_64.rpm

Step 5:
run initialize-tsm script

cd
/opt/tableau/tableau_server/packages/scripts.<version_code>/
sudo
./initialize-tsm -b /path/to/<bootstrap>.json --accepteula

Repeat
Step4 and 5 on third node.

Step 6:
Add process to the additional nodes.
On
initial node,
tsm
topology set-process -n node2 -pr clustercontroller -c 1
tsm
topology set-process -n node3 -pr clustercontroller -c 1
tsm
pending-changes apply --ignore-warnings

Step 7:
deploy coordination service
tsm stop

##check
if there is any pending list.
tsm
pending-changes list

tsm
pending-changes discard
or
tsm
pending-changes apply

# check
node name
tsm
topology list-nodes -v

#create
coordination service
tsm
topology deploy-coordination-service -n node1,node2,node3
tsm start

Step 8:
Configure Client File Service(CFS)
On
initial node

tsm
topology set-process -n node2 -pr clientfileservice -c 1
tsm
topology set-process -n node3 -pr clientfileservice -c 1

tsm
pending-changes apply


Step
9:  Configure process for second node

tsm
topology set-process -n node2 -pr gateway -c 1
tsm
topology set-process -n node2 -pr vizqlserver -c 2
tsm
topology set-process -n node2 -pr vizportal -c 2
tsm
topology set-process -n node2 -pr backgrounder -c 2
tsm
topology set-process -n node2 -pr cacheserver -c 2
tsm
topology set-process -n node2 -pr searchserver -c 1
tsm
topology set-process -n node2 -pr dataserver -c 2
tsm
topology set-process -n node2 -pr filestore -c 1
tsm
topology set-process -n node2 -pr pgsql -c 1

tsm
pending-changes apply

Step 10:
Configure process for third node

tsm
topology set-process -n node3 -pr gateway -c 1
tsm
topology set-process -n node3 -pr vizqlserver -c 2
tsm
topology set-process -n node3 -pr vizportal -c 2
tsm
topology set-process -n node3 -pr backgrounder -c 2
tsm
topology set-process -n node3 -pr cacheserver -c 2
tsm
topology set-process -n node3 -pr searchserver -c 1
tsm
topology set-process -n node3 -pr dataserver -c 2
tsm
topology set-process -n node3 -pr filestore -c 1

tsm
pending-changes apply

tsm start

Comments

Post a Comment

Popular posts from this blog

How to configure LDAPS, LDAP over SSL, using CA Certificate Service on Domain Controller in Windows Server 2016

This post is to provide an instruction on how to set up LDAPS (LDAP over SSL) on Domain Controller using single-tier CA hierachy. Reasons for Enabling LDAPS By default, LDAP communications between client and server applications are not encrypted. This means that it would be possible to use a network monitoring device or software and view the communications traveling between LDAP client and server computers. This is especially problematic when an LDAP simple bind is used because credentials (username and password) is passed over the network unencrypted. This could quickly lead to the compromise of credentials.  Reasons for enabling Lightweight Directory Access Protocol (LDAP) over Secure Sockets Layer (SSL) / Transport Layer Security (TLS) also known as LDAPS include: Some applications authenticate with Active Directory Domain Services (AD DS) through simple BIND. As simple BIND exposes the users’ credentials in clear text, use of Kerberos is preferred. If simp...
Post a Comment
Read more

Setting up AD LDS on Windows Server 2016

What Is Active Directory Lightweight Directory Services? Microsoft Active Directory Lightweight Directory Services (AD LDS) is an independent mode of Active Directory that provides dedicated directory services for applications. AD LDS is a mode of Active Directory that provides directory services for applications. AD LDS provides dedicated directory services for applications. It provides a data store and services for accessing the data store. It uses standard application programming interfaces (APIs) for accessing the application data. The APIs include those of Active Directory, Active Directory Service Interfaces, Lightweight Data Access Protocol, and System.DirectoryServices. AD LDS operates independently of Active Directory and independently of Active Directory domains or forests. It operates either as a standalone data store, or it operates with replication. Its independence enables local control and autonomy of directory services for specific applications. It al...
Post a Comment
Read more

How to enable virtualization on AMD Ryzen 3900x featuring Aorus X570 Pro

Virtualization is not enabled by default with AMD Ryzen Gen2 series. In order to enable virtualization, SVM mode should be enabled in BIOS which is disabled by default. Pressing DEL key when Aorus logo is showing while booting the computer with Gygabyte Aorus Pro WIFI, Navigate to Advanced Setting(F2) -> Advanced CPU Settings -> SVM Mode -> Enabled. Once saved and rebooting, AMD-V is enabled as below. Confirming using CPU-Z or HWINFO64 Leave any question or better solutions appreciated.
Post a Comment
Read more