- Release Notes
- Get Started
- Clusters
- Cloud Settings
- Table Type
- Query Data Lakes
- Integration
- Query Acceleration
- Data Loading
- Concepts
- Batch load data from Amazon S3
- Batch load data from Azure cloud storage
- Load data from a local file system
- Load data from Confluent Cloud
- Load data from Amazon MSK
- Load data from Amazon Kinesis
- Data Unloading
- Data Backup
- Security
- Console Access Control
- Data Access Control
- Application keys
- Service accounts
- Use SSL connection
- Alarm
- Usage and Billing
- Organizations and Accounts
- Reference
- Amazon Web Services (AWS)
- Microsoft Azure
- SQL Reference
- Keywords
- ALL statements
- User Account Management
- Cluster Management
- ADMIN CANCEL REPAIR
- ADMIN CHECK TABLET
- ADMIN REPAIR
- ADMIN SET CONFIG
- ADMIN SET REPLICA STATUS
- ADMIN SHOW CONFIG
- ADMIN SHOW REPLICA DISTRIBUTION
- ADMIN SHOW REPLICA STATUS
- ALTER RESOURCE GROUP
- ALTER SYSTEM
- CANCEL DECOMMISSION
- CREATE FILE
- CREATE RESOURCE GROUP
- DROP FILE
- DROP RESOURCE GROUP
- EXPLAIN
- INSTALL PLUGIN
- SET
- SHOW BACKENDS
- SHOW BROKER
- SHOW COMPUTE NODES
- SHOW FRONTENDS
- SHOW FULL COLUMNS
- SHOW INDEX
- SHOW PLUGINS
- SHOW PROCESSLIST
- SHOW RESOURCE GROUP
- SHOW TABLE STATUS
- SHOW FILE
- SHOW VARIABLES
- UNINSTALL PLUGIN
- DDL
- ALTER DATABASE
- ALTER MATERIALIZED VIEW
- ALTER TABLE
- ALTER VIEW
- ANALYZE TABLE
- BACKUP
- CANCEL ALTER TABLE
- CANCEL BACKUP
- CANCEL RESTORE
- CREATE ANALYZE
- CREATE DATABASE
- CREATE EXTERNAL CATALOG
- CREATE INDEX
- CREATE MATERIALIZED VIEW
- CREATE REPOSITORY
- CREATE TABLE AS SELECT
- CREATE TABLE LIKE
- CREATE TABLE
- CREATE VIEW
- CREATE FUNCTION
- DROP ANALYZE
- DROP STATS
- DROP CATALOG
- DROP DATABASE
- DROP INDEX
- DROP MATERIALIZED VIEW
- DROP REPOSITORY
- DROP TABLE
- DROP VIEW
- DROP FUNCTION
- KILL ANALYZE
- RECOVER
- REFRESH EXTERNAL TABLE
- RESTORE
- SET CATALOG
- SHOW ANALYZE JOB
- SHOW ANALYZE STATUS
- SHOW META
- SHOW FUNCTION
- TRUNCATE TABLE
- USE
- DML
- ALTER LOAD
- ALTER ROUTINE LOAD
- BROKER LOAD
- CANCEL LOAD
- CANCEL EXPORT
- CANCEL REFRESH MATERIALIZED VIEW
- CREATE ROUTINE LOAD
- DELETE
- EXPORT
- GROUP BY
- INSERT
- PAUSE ROUTINE LOAD
- RESUME ROUTINE LOAD
- REFRESH MATERIALIZED VIEW
- SELECT
- SHOW ALTER
- SHOW ALTER MATERIALIZED VIEW
- SHOW BACKUP
- SHOW CATALOGS
- SHOW CREATE CATALOG
- SHOW CREATE MATERIALIZED VIEW
- SHOW CREATE TABLE
- SHOW CREATE VIEW
- SHOW DATA
- SHOW DATABASES
- SHOW DELETE
- SHOW DYNAMIC PARTITION TABLES
- SHOW EXPORT
- SHOW LOAD
- SHOW MATERIALIZED VIEW
- SHOW PARTITIONS
- SHOW REPOSITORIES
- SHOW RESTORE
- SHOW ROUTINE LOAD
- SHOW ROUTINE LOAD TASK
- SHOW SNAPSHOT
- SHOW TABLES
- SHOW TABLET
- SHOW TRANSACTION
- STOP ROUTINE LOAD
- STREAM LOAD
- SUBMIT TASK
- UPDATE
- Auxiliary Commands
- Data Types
- Keywords
- SQL Functions
- Function list
- Java UDFs
- Window functions
- Lambda expression
- Date Functions
- add_months
- adddate
- convert_tz
- current_date
- current_time
- current_timestamp
- date
- date_add
- date_diff
- date_format
- date_slice
- date_sub, subdate
- date_trunc
- datediff
- day
- dayofweek_iso
- dayname
- dayofmonth
- dayofweek
- dayofyear
- days_add
- days_diff
- days_sub
- from_days
- from_unixtime
- hour
- hours_add
- hours_diff
- hours_sub
- jodatime_format
- last_day
- makedate
- microseconds_add
- microseconds_sub
- minute
- minutes_add
- minutes_diff
- minutes_sub
- month
- monthname
- months_add
- months_diff
- months_sub
- next_day
- now
- previous_day
- quarter
- second
- seconds_add
- seconds_diff
- seconds_sub
- str_to_date
- str_to_jodatime
- str2date
- time_slice
- time_to_sec
- timediff
- timestamp
- timestampadd
- timestampdiff
- to_date
- to_days
- to_iso8601
- to_tera_date
- to_tera_timestamp
- unix_timestamp
- utc_timestamp
- week
- week_iso
- weekofyear
- weeks_add
- weeks_diff
- weeks_sub
- year
- years_add
- years_diff
- years_sub
- Aggregate Functions
- any_value
- approx_count_distinct
- array_agg
- avg
- bitmap
- bitmap_agg
- count
- count_if
- corr
- covar_pop
- covar_samp
- group_concat
- grouping
- grouping_id
- hll_empty
- hll_hash
- hll_raw_agg
- hll_union
- hll_union_agg
- max
- max_by
- min
- min_by
- multi_distinct_sum
- multi_distinct_count
- percentile_approx
- percentile_cont
- percentile_disc
- retention
- stddev
- stddev_samp
- sum
- variance, variance_pop, var_pop
- var_samp
- window_funnel
- Geographic Functions
- String Functions
- append_trailing_char_if_absent
- ascii
- char
- char_length
- character_length
- concat
- concat_ws
- ends_with
- find_in_set
- group_concat
- hex
- hex_decode_binary
- hex_decode_string
- instr
- lcase
- left
- length
- locate
- lower
- lpad
- ltrim
- money_format
- null_or_empty
- parse_url
- repeat
- replace
- reverse
- right
- rpad
- rtrim
- space
- split
- split_part
- substring_index
- starts_with
- strleft
- strright
- str_to_map
- substring
- trim
- ucase
- unhex
- upper
- url_decode
- url_encode
- Pattern Matching Functions
- JSON Functions
- Overview of JSON functions and operators
- JSON operators
- JSON constructor functions
- JSON query and processing functions
- Bit Functions
- Bitmap Functions
- Array Functions
- all_match
- any_match
- array_agg
- array_append
- array_avg
- array_concat
- array_contains
- array_contains_all
- array_cum_sum
- array_difference
- array_distinct
- array_filter
- array_generate
- array_intersect
- array_join
- array_length
- array_map
- array_max
- array_min
- array_position
- array_remove
- array_slice
- array_sort
- array_sortby
- array_sum
- arrays_overlap
- array_to_bitmap
- cardinality
- element_at
- reverse
- unnest
- Map Functions
- Binary Functions
- cast function
- hash function
- Cryptographic Functions
- Math Functions
- Pattern Matching Functions
- Percentile Functions
- Scalar Functions
- Struct Functions
- Table Functions
- Utility Functions
- AUTO_INCREMENT
- Generated columns
- System variables
- System limits
- Information Schema
- Overview
- be_bvars
- be_cloud_native_compactions
- be_compactions
- character_sets
- collations
- column_privileges
- columns
- engines
- events
- global_variables
- key_column_usage
- load_tracking_logs
- loads
- materialized_views
- partitions
- pipe_files
- pipes
- referential_constraints
- routines
- schema_privileges
- schemata
- session_variables
- statistics
- table_constraints
- table_privileges
- tables
- tables_config
- task_runs
- tasks
- triggers
- user_privileges
- views
- System Metadatabase
- API
- Overview
- Actions
- Clusters
- Create and Manage Clusters
- Query Clusters
- Identity and Access Management
- Organization and Account
- Usage and Billing
- Clusters
- Terraform Provider
- Run scripts
Connect to an EC2 instance using SSH
You can connect via SSH to the Amazon EC2 instance that hosts your CelerData cluster.
Prerequisites
- Make sure that you can request port
22
of the EC2 instance you want to connect to. You need to edit the inbound rule of the security group to allow access to port22
and guarantee the network connection across the EC2 instance and the bastion host used to connect to the EC2 instance. - If you want to connect to the EC2 instance using EC2 Instance Connect, you must first install EC2 Instance Connect on the EC2 instance. Note that EC2 Instance Connect is installed by default on the EC2 instances launched with the Cloud AMI.
- If you want to connect to the EC2 instance using EC2 Instance Connect or an SSH client, you must select the key pair you created when you launched the EC2 instance.
Use EC2 Instance Connect
NOTE
This method only supports connecting to an EC2 instance that resides in a public subnet and has a public IP address.
Follow these steps to connect to the EC2 instance using EC2 Instance Connect:
- Sign in to the AWS EC2 console as a user with administrator privileges.
- In the upper-right corner of the page, select your AWS region.
- In the left-side navigation pane, choose Instances > Instances.
- Click the Instance ID of the EC2 instance to which you want to connect.
- In the upper-right corner of the instance summary page, click Connect.
- On the EC2 Instance Connect tab, click Connect.
Use EC2 Instance Connect CLI
Follow these steps to connect to the EC2 instance using the EC2 Instance Connect CLI:
Create an IAM role for Amazon EC2 with the following template:
{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":"ec2-instance-connect:SendSSHPublicKey", // Replace the <aws_region>, <aws_account-id>, and <ec2_instance_id> with the actual AWS region, account ID, and Instance ID. "Resource": "arn:aws:ec2:<aws_region>:<aws_account-id>:<ec2_instance_id>/*", // You can optionally add a tag to limit the VPCs used to connect to the EC2 instance. You can also delete the `Condition` section if you do not need it. "Condition":{ "StringEquals":{ "aws:ResourceTag/tag-key":"<tag-value>" } } }, { "Effect": "Allow", "Action": "ec2:DescribeInstances", "Resource": "*" } ] }
See Create a service IAM role for EC2 for detailed instructions.
Build a bastion host and use the above IAM role as its role.
Install the EC2 Instance Connect CLI on the bastion host.
To install the EC2 Instance Connect CLI using Pip, run the following command:
pip install ec2instanceconnectcli
To install the EC2 Instance Connect CLI using Pip3, run the following command:
pip3 install ec2instanceconnectcli
Run the following command to connect to the EC2 instance:
mssh <user_name>@<ec2_instance_id>
This command consists of the following procedures:
- Generates an SSH public key for single use.
- Pushes the key to the EC2 instance (the key is reserved for 60 seconds).
- Connects to the EC2 instance via SSH.
Use an AWS client
Follow these steps to connect to the EC2 instance using an AWS client:
Create an IAM role for Amazon EC2 with the following template:
{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":"ec2-instance-connect:SendSSHPublicKey", // Replace the <aws_region>, <aws_account-id>, and <ec2_instance_id> with the actual AWS region, account ID, and Instance ID. "Resource": "arn:aws:ec2:<aws_region>:<aws_account-id>:<ec2_instance_id>/*", // You can optionally add a tag to limit the VPCs used to connect to the EC2 instance. You can also delete the `Condition` section if you do not need it. "Condition":{ "StringEquals":{ "aws:ResourceTag/tag-key":"<tag-value>" } } }, { "Effect": "Allow", "Action": "ec2:DescribeInstances", "Resource": "*" } ] }
See Create a service IAM role to grant access to an S3 bucket for detailed instructions.
Build a bastion host and use the above IAM role as its role.
Generate a public key on the bastion host and push the public key to the EC2 instance.
Run the following command to generate a public key:
ssh-keygen -t rsa -f my_key
Run the following command to push the public key to the EC2 instance:
aws ec2-instance-connect send-ssh-public-key \ --instance-id <ec2_instance_id> \ --availability-zone <aws_region> \ --instance-os-user <user_name> \ --ssh-public-key file://my_key.pub
Run the following command to connect to the EC2 instance with the SSH private key:
ssh -i my_key <user_name>@<ec2_instance_ip>
Use an SSH client
Follow these steps to connect to the EC2 instance using an SSH client:
- Sign in to the AWS EC2 console as a user with administrator privileges.
- In the upper-right corner of the page, select your AWS region.
- In the left-side navigation pane, choose Instances > Instances.
- Click the Instance ID of the EC2 instance to which you want to connect.
- In the upper-right corner of the instance summary page, click Connect.
- On the SSH client tab, follow the instructions that are displayed to connect to the EC2 instance.
Use SSM Agent
If you want to connect to an EC2 instance that resides in a private subnet, you can connect to it via AWS Systems Manager Agent (SSM Agent).
To connect via SSM Agent, you must first attach the necessary policy for SSM Agent to the IAM role which is used to deploy your CelerData cluster. For instructions on how to attach the policy, refer to Attach a policy for SSM Agent to the IAM role for EC2.
NOTE
If you have attached the policy to the IAM role of an existing CelerData cluster, you must first suspend and then resume the cluster to allow the policy to take effect on the instances that host your cluster.
Follow these steps to connect to the instance using SSM Agent:
- Sign in to the AWS EC2 console as a user with administrator privileges.
- In the upper-right corner of the page, select your AWS region.
- In the left-side navigation pane, choose Instances > Instances.
- Click the Instance ID of the EC2 instance to which you want to connect.
- In the upper-right corner of the instance summary page, click Connect.
- On the Session Manager tab, click Connect.