Note Amazon EMR supports private subnets in release versions 42 and above When

Note amazon emr supports private subnets in release

This preview shows page 124 - 126 out of 395 pages.

Note Amazon EMR supports private subnets in release versions 4.2 and above. When the cluster is launched, Amazon EMR adds security groups based on whether the cluster is launching into VPC private or public subnets. All security groups allow ingress at port 8443 to communicate to the Amazon EMR service, but IP address ranges vary for public and private subnets. Amazon EMR manages all of these security groups, and may need to add additional IP addresses to the AWS range over time. For more information, see Control Network Traffic with Security Groups (p. 258) . To manage the cluster on a VPC, Amazon EMR attaches a network device to the master node and manages it through this device. You can view this device using the Amazon EC2 API action DescribeInstances . If you modify this device in any way, the cluster may fail. To launch a cluster into a VPC using the Amazon EMR console 1. Open the Amazon EMR console at . 2. Choose Create cluster . 3. Choose Go to advanced options . 4. In the Hardware Configuration section, for Network , select the ID of a VPC network that you created previously. 5. For EC2 Subnet , select the ID of a subnet that you created previously. a. If your private subnet is properly configured with NAT instance and S3 endpoint options, it displays (EMR Ready) above the subnet names and identifiers. b. If your private subnet does not have a NAT instance and/or S3 endpoint, you can configure this by choosing Add S3 endpoint and NAT instance , Add S3 endpoint , or Add NAT instance . Select the desired options for your NAT instance and S3 endpoint and choose Configure . Important In order to create a NAT instance from the Amazon EMR, you need ec2:CreateRoute, ec2:RevokeSecurityGroupEgress , ec2:AuthorizeSecurityGroupEgress , cloudformation:DescribeStackEvents and cloudformation:CreateStack permissions. Note There is an additional cost for launching an EC2 instance for your NAT device. 6. Proceed with creating the cluster. To launch a cluster into a VPC using the AWS CLI Note The AWS CLI does not provide a way to create a NAT instance automatically and connect it to your private subnet. However, to create a S3 endpoint in your subnet, you can use the Amazon VPCCLI commands. Use the console to create NAT instances and launch clusters in a private subnet. After your VPC is configured, you can launch EMR clusters in it by using the create-cluster subcommand with the --ec2-attributes parameter. Use the --ec2-attributes parameter to specify the VPC subnet for your cluster. 118
Image of page 124
Amazon EMR Management Guide Configure Networking To create a cluster in a specific subnet, type the following command, replace myKey with the name of your EC2 key pair, and replace 77XXXX03 with your subnet ID. aws emr create-cluster --name "Test cluster" --release-label emr-4.2.0 -- applications Name= Hadoop Name= Hive Name= Pig --use-default-roles --ec2-attributes KeyName= myKey ,SubnetId=subnet- 77XXXX03 --instance-type m5.xlarge --instance-count 3 When you specify the instance count without using the --instance-groups parameter, a single master node is launched, and the remaining instances are launched as core nodes. All nodes use the
Image of page 125
Image of page 126

You've reached the end of your free preview.

Want to read all 395 pages?

  • Spring '12
  • LauraParker
  • Amazon Web Services, Amazon Elastic Compute Cloud

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Ask Expert Tutors You can ask You can ask ( soon) You can ask (will expire )
Answers in as fast as 15 minutes