This topic describes how to log on to an E-MapReduce (EMR) cluster by using an SSH key pair or password. You can log on to an EMR cluster from an on-premises machine that runs a Linux or Windows operating system.

Prerequisites

  • An EMR cluster is created. For more information, see Create a cluster.
  • Your on-premises machine is connected to the master node of the cluster. You can turn on Assign Public IP Address during cluster creation to associate an elastic IP address (EIP) with your cluster. You can also assign a fixed public IP address or an EIP address to the master node of your cluster in the ECS console after the cluster is created. For more information, see Bind an ENI.

Background information

After your on-premises machine is connected to the master node of your cluster in SSH mode, you can run Linux commands to monitor the cluster and interact with the cluster. You can also create an SSH tunnel to view the web UIs of open source components. For more information, see Create an SSH tunnel to access web UIs of open source components.

Obtain the public IP address of the master node

  1. Go to the Cluster Overview page of your cluster.
    1. Log on to the Alibaba Cloud EMR console.
    2. In the top navigation bar, select the region where you want to create a cluster. The region of a cluster cannot be changed after the cluster is created.
    3. Click the Cluster Management tab.
    4. On the Cluster Management page, find your cluster and click Details in the Actions column.
  2. In the Instance Info section of the Cluster Overview page, view the public IP address of the master node.
    IP

Log on to the cluster by using an SSH key pair

Note For more information about how to obtain the public IP address of the master node, see Obtain the public IP address of the master node.
Use one of the following methods to log on to the cluster:
  • Log on from your on-premises machine that runs a Linux operating system
    In this example, the private key file ecs.pem is used.
    1. Run the following command to modify the attribute of the private key file: 
      chmod 400 ~/.ssh/ecs.pem

      ~/.ssh/ecs.pem is the path where the ecs.pem file is stored on your on-premises machine.

    2. Run the following command to connect to the master node: 
      ssh -i ~/.ssh/ecs.pem root@<Public IP address of the master node>
  • Use PuTTY to log on from your on-premises machine that runs a Windows operating system
    Perform the following steps to log on to the cluster:
    1. Download PuTTY and PuTTYgen.
    2. Convert the format of the private key file from .pem to .ppk.
      1. Run PuTTYgen. In this example, PuTTYgen 0.73 is used.
      2. In the Actions section, click Load to import the private key file that is saved when you create a cluster.

        Make sure that the format of the file that you want to import is All files (*.*).

      3. Select the specific .pem file and click Open.
      4. Click Save private key.
      5. In the dialog box that appears, click Yes. Specify a name for the .ppk file and click Save.

        Save the .ppk file to your on-premises machine. In this example, kp-123.ppk is used.

    3. Run PuTTY.
    4. In the left-side navigation pane, choose Connection > SSH > Auth. Click Browse below Private key file for authentication and select the .ppk file.
    5. Click Session. Enter the logon account and the public IP address of the master node in the Host Name (or IP address) field.
      The format is root@[Public IP address of the master node], such as root@10.10.xx.xx. session
    6. Click Open.
      If the following information appears, the logon is successful. putty
  • Use Command Prompt to log on from your on-premises machine that runs a Windows operating system
    Open Command Prompt and run the following command to log on to the cluster: 
    ssh -i <Storage path of the .pem file on your on-premises machine> root@<Public IP address of the master node>
    cmd

Log on to the cluster by using an SSH password

Note The username and password used in the following operations are the root user and password you specified when you created a cluster. For more information about how to obtain the public IP address of the master node, see Obtain the public IP address of the master node.
Procedure:
  • Log on from your on-premises machine that runs a Linux operating system

    Run the following command in the command-line interface (CLI) of your on-premises machine to connect to the master node: 

    ssh root@[Public IP address of the master node]
  • Log on from your on-premises machine that runs a Windows operating system
    1. Download and install PuTTY.

      Download link: PuTTY.

    2. Start PuTTY.
    3. Configure the parameters required to connect to a Linux instance.
      • Host Name (or IP address): Specify the fixed public IP address of the instance or the EIP address associated with the instance.
      • Port: Enter port number 22.
      • Connection type: Select SSH.
      • Saved Sessions: optional. Enter a name that helps you identify the session and click Save to save the session. This way, you do not need to enter session information such as the public IP address when you connect to the instance again.
    4. Click Open.
    5. Specify the username and press Enter. The default username is root.

      The characters of the password are hidden when you enter the password. After you enter the password, press Enter.

FAQ

  • Q: How do I log on to a cluster from my on-premises machine in password-free mode?
    A: Perform the following steps:
    1. Open Command Prompt and run the following command to generate a public key: 
      ssh-keygen
      A public key file is generated on your on-premises machine. ssh-key
    2. Add the generated public key to the master node of the cluster to which you want to log on.
      1. Go to the /.ssh directory of the cluster. 
        cd ~/.ssh
      2. Edit the key information of the master node of the cluster. 
        vim authorized_keys
      3. Add the content of the generated public key file id_rsa.pub to the authorized_keys file.
    3. Add the IP address of your on-premises machine to the security group to which the cluster belongs.
      1. Obtain the public IP address of your on-premises machine.

        For security reasons, we recommend that you allow access only from the current public IP address when you configure a security group rule. To obtain your current public IP address, visit http://myip.ipip.net/.

      2. Add a security group rule in which port 22 is enabled.
        For more information about how to add a security group rule, see Add a security group rule. Security group
    4. Run the following command in Command Prompt to log on to the cluster in password-free mode: 
      ssh root@<Public IP address of the master node>
  • Q: How do I log on to a core node?

    A: Perform the following steps:

    1. On the master node, run the following command to switch to the hadoop user: 
      su hadoop
    2. Log on to the core node in password-free mode. 
      ssh emr-worker-1
    3. Run the following sudo command to obtain the root permissions: 
      sudo su - root