Rootless Installation

This article describes additional configuration steps when Exasol is installed with a non-root user.

The default method of installation for an on-premises deployment of Exasol requires that the installation user on the host systems has root privileges. You can also install Exasol with a non-root user, which is known as a rootless installation. Rootless installation will be the default installation method in future versions of Exasol.

A rootless installation requires that you carry out additional system configuration steps (as root) on each host before you start the installation. A script that automatically applies most of these steps is embedded in c4 and can be run with a single command. This section describes how to use this script as well as all additional manual steps required to prepare the hosts for a rootless installation.

Before you continue, refer to the installation procedure in Install Exasol - step by step and carry out the necessary preparatory steps described there. This section only describes the additional steps required for a rootless installation, it does not describe the full installation procedure.

Prerequisites

In addition to the general system requirements for an on-prem installation of Exasol 8, a rootless installation requires that the newuidmap and newgidmap tools are installed on the hosts.

  • In Ubuntu 20.04 LTS and 22.04 LTS, these tools are provided by the uidmap package. To install them, run apt install uidmap.

  • In Red Hat Enterprise Linux 8/9, these tools are preinstalled.

Host preparation

To prepare the hosts for rootless installation, use the following c4 command to run the preplay script on each host.

The script must be run on each database host (node).

The script must be run with sudo or as root. If you are logged in as root, exclude sudo from the command.

sudo ./c4 _ preplay <EXASOL_USER>

Replace EXASOL_USER with the username of the Exasol user.

The preplay script does the following:

  • Enables unprivileged user namespaces (if disabled). This is needed to create the namespaces for the COS (Exasol cluster operating system) container.

  • Increases resource limits for the Exasol user. This includes limits for the number of open files, the number of processes, the stack size, and the amount of locked memory.

  • Disables transparent huge pages to prevent problems with sparse mappings in DB memory.

  • Applies a number of sysctl settings to improve performance and stability. For more information, see the script.

To view the contents of the script without executing it, use the following command:

./c4 _ preplay -D

Additional steps

Add configuration parameter

Add the following parameter to the c4 configuration file:

CCC_PLAY_ROOTLESS=true

Alternatively, you can add this parameter to the c4 host play command when you start the installation:

./c4 --ccc-play-rootless true host play -i config

Configure data disks

The disk device files that are configured as database storage drives must be read-writable by the primary user ID or the group ID of the $exasol_uid user.

One way to achieve this is to set the user as the owner of the selected data disks using udev rules. This also ensures that the owner is not reset when the machine is rebooted.

The following operations must be performed with sudo or as root.

Example:

The following script adds a udev rule that sets the user with id 1001 as the owner of the disks nvme1n1 and nvme2n1. The change will be persistent since the rule is run on system startup. 

exasol_uid=1001
disks=(/dev/nvme1n1 /dev/nvme2n1)

for disk in "${disks[@]}"; do
  disk_basename="$(basename "$(readlink -f "$disk")")"
  owner="$(getent passwd "$exasol_uid" | cut -d: -f1)"

  echo 'KERNEL=="'"$disk_basename"'", OWNER="'"$owner"'"' >> /etc/udev/rules.d/90-exasol.rules
done
Result:
cat /etc/udev/rules.d/90-exasol.rules
KERNEL=="nvme1n1", OWNER="exasol"
KERNEL=="nvme2n1", OWNER="exasol"

To apply the rule immediately without needing to reboot, run the following command after you have added the rule:

udevadm control --reload-rules && udevadm trigger

Configure huge pages

To achieve the expected database performance and stability,the amount of memory that should be reserved for huge pages must be manually configured in /proc/sys/vm/nr_hugepages on each host based on database parameters. The value can be calculated using this formula: 

(DB RAM / number of nodes) - maxSystemHeapMemory

Default maxSystemHeapMemory = 32 GiB.

Note that the value in nr_hugepages is the number of pages, not the memory amount. Each huge page is typically 2 MiB, although this can vary depending on the system configuration. For more information, refer to the documentation for your installation platform.

Interacting with the c4_cloud_command service

In rootless mode, all systemd services that c4 creates are user services belonging to the $exasol_uid user instead of being system services. This means that you do not have to use sudo with the c4_cloud_command service in rootless mode. Instead, you use the systemd commands directly together with the --user flag:

These commands must be run as the $exasol_uid user.

systemctl --user status c4_cloud_command
journalctl --user -u c4_cloud_command

Some systems require that the XDG_RUNTIME_DIR variable is exported, in which case you may get errors when trying to run the systemd commands. A workaround is to export the variable before running the commands:

export XDG_RUNTIME_DIR=/run/user/$(id -u "$USER")

You can also set XDG_RUNTIME_DIR persistently by including this export in the .bashrc of the $exasol_uid.

Installation

When the steps above are completed, continue with the installation as described in Install Exasol - step by step.