How to Access HDInsight Linux Web UI's using SSH Dynamic Tunneling

  • Article

Scenario

One of the most important feature of Azure HDInsight Linux (currently on preview), is the feature available on the portal, called Ambari Web. If you open up Azure Portal and select your HDI linux cluster, you will see the AMBARI WEB, a web UI for cluster management and monitoring, on the bottom pane as below:

On the new azure portal (https://ms.portal.azure.com/?r=1), the AMBARI WEB, is linked from the "Dashboard" link of the HDInisght Linux cluster as below:

Once you click on the link, the first authentication will require your https user (admin) and the corresponding password. Then you will be on the main Ambari Web UI page with the prompt for user id and password (admin/admin). Once you enter this, it will enter into the main page as below:

 

One of the issue you will face though is that, the other UI pages you want to browse from this main Ambari page, in Windows for example, will error out as below

  •    Try browsing, without any changes made on the browser, to "NameNode UI"

  •    Error message:

 

Notice the URL it is trying to browse to: https://headnode0.meerhdplinux-ssh.j7.internal.cloudapp.net:30070/

 

The problem is that browser, in this case Chrome, cannot resolve the hostname (or FQDN) to forward the call to.

 

To get around the issue, you will have to setup an SSH tunneling and configure proxy for the browser to use the tunnel to reach to the headnode. SSH Tunneling along with other Linux HDInsight is being discussing here, in greater depth, . I am setting up the tunneling using MobaXterm , as below to show how we can set this up using MobaXterm and Chrome, from your windows client.

 

Setting up tunneling in MobaXterm

  • To setup Tunnel, from MobaXterm (open it up, if not already opened) button toolbar, click on "Tunneling"

  • To create a new tunnel, click on "New SSH tunnel". I already have one so I will show what have set to create my tunnel, so I will click on "Edit the Tunnel" button on my already created tunnel

   

 

  • The settings window pops up

   

 

  • Notice the settings for my tunnel
    • Dynamic port forwarding (SOCKS proxy) has to be chosen
    • Local clients will go through port 9876. This is an arbitrary port, you can set different one, I just set 9876
    • For the remote destination, I entered following information:
      • Host: DNS name of my Linux cluster - meerhdplinux-ssh.azurehdinsight.net
      • User: hdpmeer
      • Port: 22 (ssh port)

 

  • Once this is set, you can start your tunnel, click on the start (play button)

 

 

Setting up the Proxy in the Browser

To demonstrate how to set proxy, I chose to use Chrome browser and Foxy Proxy. This is not available for IE for now, hence is the route.

  •    Click on "Customize and control Google Chrome"->More Tools -> Extension

 

  1. I already have this installed, if I did not have it, I would click on "Get More Extensions" on the extensions page

     

  2. Then I would , on search the Store box, type "Foxy" and select the "FoxyProxy Standard"

     

 

  1. Thus it would install the FoxyProxy, proxy tool on the browser
  2. Upon successful installation, back to the Extensions page, you would see your FoxyProxy being enabled
  3. To create a new proxy, click on "Options" link

 

 

  • Since I already have one setup, I will display the properties for it. To add a new proxy though, you click on the "Add New Proxy"

 

  1. First I select my existing proxy and then click on "Edit Selection"

     

    1. On the General Tab, Proxy Name is set to "localhost:9876". This was set automatically, once I set the other settings

    2. On the "Proxy Details" page, make sure "SOCKS proxy?" is checked. Provider the client name where you are browsing, using localhost. Provide the port number you used when you configured your SSH tunnel in mobaxterm

    3. On the "URL Patterns" tab, since I have the pattern created, I simple select the pattern and click on Edit selection. Otherwise I would click on "Add new pattern"

    4. Note the settings for my pattern:

      1. The pattern is enabled
      2. URL pattern: *headnode*. This is because I am using the wildcard * and any name with headnode on it.
      3. Also, I must Whitelist the URLs matching this pattern.

       

     

  2. Once I have these setup, my proxy is ready to be turn on.

  • Now Before I start browsing the Ambari Web, I can turn on the proxy as below:

 

This will route my requested URL to the SSH tunnel in the mobaXTerm and I will be able to browse through the Web UI for different Hadoop components (services)