Users and an MRS cluster are in different networks. As a result, an SSH channel needs to be created to send users' requests for accessing websites to the MRS cluster and dynamically forward them to the target websites.
Record Default Security Group of the Master node.
For details, see.
See "Assigning an EIP and Binding It to an ECS" in the Virtual Private Cloud User Guide (Network Components > EIP > Assigning an EIP and Binding It to an ECS).
ssh -i Path of the key file linux@Elastic IP address
cat /etc/sysctl.conf | grep net.ipv4.ip_forward
If net.ipv4.ip_forward=1 is displayed, the forwarding function has been configured. If it is not displayed, perform Step 7
sudo su - root
echo 1 > /proc/sys/net/ipv4/ip_forward
sed -i "s/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g" /etc/sysctl.conf
sysctl -w net.ipv4.ip_forward=1
Press I to enter the edit mode. Locate AllowTcpForwarding and GatewayPorts and delete comment tags. Modify them as follows. Save the changes and exit.
AllowTcpForwarding yes GatewayPorts yes
service sshd restart
In the command output, eth0:FI_HUE indicates the floating IP address of Hue and eth0:wsom specifies the floating IP address of MRS Manager. Record the value of inet.
Run the exit command to exit.
If the floating IP address of Hue cannot be queried on the Master2 node, query it on the Master 1 node and record it.
ssh -i Path of the key file -v -ND Local port linux@Elastic IP address
In the command, set Local port to the user's local port that is not occupied. Port 8157 is recommended.
After the SSH channel is created, add -D to the command and run the command to start the dynamic port forwarding function. By default, the dynamic port forwarding function enables a SOCKS proxy process and monitors the user's local port. Port data will be forwarded to the Master2 node using the SSH channel.
chrome --proxy-server="socks5://localhost:8157" --host-resolver-rules="MAP * 0.0.0.0 , EXCLUDE localhost" --user-data-dir=c:/tmppath --proxy-bypass-list="*google*com,*gstatic.com,*gvt*.com,*:80",
In the preceding command, 8157 is the local proxy port configured in Step 9.
Address format: https://Floating IP address of MRS Manager:28443/web
The username and password of the MRS cluster need to be entered for accessing clusters with Kerberos authentication enabled, for example, user admin. They are not required for accessing clusters with Kerberos authentication disabled.
When accessing the MRS Manager for the first time, you must add the address to the trusted site list.