Installing Druid

This section provides a step-by-step guide to installing Druid.

Apache Druid, comes with security features disabled, which simplifies the initial deployment experience. However, security features must be configured in the production deployment. These features include TLS, authentication, and authorization. For more information, see https://druid.apache.org/docs/25.0.0/operations/security-overview.html.

Pre-requisites

Before installing Druid, make sure the following things are in place:

  1. Create directories and place the respective files provided as a release artifact, in the specified locations.
    1. create /home/druid/allmetrics directory, and place all_metrics.sh and allmetrics_airflow.json files inside the folder.
    2. create /home/druid/cdpdashboard/cdpleadconv directory, and place cdp_leadconv.sh and cdp_leadconv.json files inside the folder.
    3. create /home/druid/cdpdashboard/cdpuniqueusers directory, and place cdp_uniqueusers.sh and cdp_uniqueusers.json files inside the folder.
    4. create /home/druid/cdpdashboard/events directory, and place events_druid_with_python.sh and events_v1.json files inside the folder.
    5. create /home/druid/daily directory, and place uploadmysqlmappingfiles.sh files inside the folder.
  2. Install mc client. Follow the steps below to install mc client.
    1. Download the mc client, and update the execute permissions using below command.
      curl -fsSLhttps://dl.min.io/client/mc/release/linux-amd64/mc > /usr/bin/mc && chmod +x /usr/bin/mc
    2. Navigate vi /etc/profile, and update the mc path in the system profile file using the below information.
      export PATH="/usr/bin/mc:$PATH"
    3. Verify the version of the mc client using below command.
      mc --version

Setting up MySQL

To set up MySQL, follow the steps below:

  1. Install the MySQL server.
    yum install mysql-server
  2. Start the MySQL server.
    systemctl start mysqld
  3. On successful starting up of the server, check for the status.
    systemctl status mysqld
mysql -u root
  4. Create a user for the MySQL server.
    CREATE USER 'druid'@'localhost' IDENTIFIED BY 'Oc3f4EagD5cUnZnUy5uMQ==';
CREATE DATABASE druid DEFAULT CHARACTER SET utf8mb4;
  5. Grant comprehensive privileges on the druid database to the user.
    GRANT CREATE, ALTER, DROP, INSERT, UPDATE, INDEX, DELETE, SELECT, REFERENCES ON druid.* TO 'druid'@'localhost' WITH GRANT OPTION;FLUSH PRIVILEGES;

Installing Druid and MySQL connector

To install Druid binary and MySQL connector, follow the steps below:

  1. Download the latest package of Apache Druid binary.
    wget https://archive.apache.org/dist/druid/25.0.0/apache-druid-25.0.0-bin.tar.gz
  2. Extract the tar package, and move the directory to the local folder.
    tar -xzf apache-druid-28.0.1-bin.tar.gz
mv apache-druid-25.0.0 /sdd/
  3. Download the MySQL Connector/J library (version 5.1.49) to the current working directory. 
    wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/5.1.49/mysql-connector-java-5.1.49.jar
  4. Copy the jar file to the local directory as shown below.
    cp mysql-connector-java-5.1.49.jar /sdd/apache-druid-25.0.0/extensions/mysql-metadata-storage/

Updating Druid Configuration

To update the druid configuration, follow the steps below:

  1. Open the common.runtime.properties files in text editor, and update the mysql-metadata-storage and druid-s3-extensions in the druid.extensions.loadList file along with other extensions section.
    vi /sdd/apache-druid-25.0.0/conf/druid/single-server/small/_common/common.runtime.properties
druid.extensions.loadList=["druid-hdfs-storage", "druid-kafka-indexing-service", "druid-datasketches", "druid-multi-stage-query","mysql-metadata-storage", "druid-s3-extensions"]
  2. Comment the Derby configurations, and update the following properties in the common.runtime.properties.
    druid.metadata.storage.type=mysql druid.metadata.storage.connector.connectURI=jdbc:mysql://<host>/druid?allowPublicKeyRetrieval=true&useSSL=false
druid.metadata.storage.connector.user=druid
druid.metadata.storage.connector.password=<password>
  3. Update the following to store segments in S3.
    druid.storage.type=s3
druid.storage.bucket=druid-bucket
druid.storage.baseKey=druid/segments
  4. Include the druid.storage.disableAcl=true at the end of the file.
    nohup ./start-single-server-small &
ps -eaf | grep supervise

Enabling Druid Https Configuration

Enabling TLS encrypts the traffic between external clients and the Druid cluster and traffic between services within the cluster. To enable TLS, follow the steps below:

  1. Generate the KeyStore with the Java keytool command:
    $> keytool -genkeypair \
  -alias druid \
  -keyalg RSA \
  -keysize 2048 \
  -validity 365 \
  -keystore keystore.jks \
  -dname "CN=<VM_IP>, OU=CDP, O=HCL, L=PUNE, ST=MH, C=IN" \
  -ext "SAN=IP:<VM_IP>"
    Note: Update the VM_IP address with your VM IP address.
  2. Export a public certificate:
    $>keytool -export -alias druid -keystore keystore.jks -rfc
        -file public.cert
  3. Create the trustStore.
    $>keytool -import -file public.cert -alias druid -keystore
        truststore.jks

Update Druid TLS configurations

To update TLS configuration, follow the steps below:

  1. Edit common.runtime.properties for all Druid services on all nodes. Update the following TLS options.
    # Turn on TLS globally
druid.enableTlsPort=true

# Disable non-TLS communications
druid.enablePlaintextPort=true

# For Druid processes acting as a client
# Load simple-client-sslcontext to enable client side TLS
# Add the following to extension load list
druid.extensions.loadList=[......., "simple-client-sslcontext"]

# Setup client side TLS
druid.client.https.protocol=TLSv1.2
druid.client.https.trustStoreType=jks
druid.client.https.trustStorePath=truststore.jks 
# replace with correct trustStore file
druid.client.https.trustStorePassword=secret123  
# replace with your own password

# Setup server side TLS
druid.server.https.keyStoreType=jks
druid.server.https.keyStorePath=my-keystore.jks 
# replace with correct keyStore file
druid.server.https.keyStorePassword=secret123 
# replace with your own password
druid.server.https.certAlias=druid
  2. Restart Druid and MySQL database. 
    cd /sdd/apache-druid-25.0.0/bin
nohup ./start-single-server-small &
ps -eaf | grep supervise
systemctl restart mysqld
systemctl status mysqld
  3. Access Druid console using the following URL: https://<VM_IP>:9088.
    Note: Replace <VM_IP> with your VM IP address.