Provision on-premises nodes
How you provision nodes for use with an on-premises provider depends on the SSH access that you can grant YugabyteDB Anywhere to provision nodes.
| SSH mode | Description | Notes | For more details |
|---|---|---|---|
| Permissive | You can allow SSH to a root-privileged user, AND You can provide YugabyteDB Anywhere with SSH login credentials for that user. |
For example, the ec2-user for AWS EC2 instances meets this requirement. In this mode, YugabyteDB Anywhere will sign in to the VM and automatically provision the nodes. | See Automatic Provisioning. |
| Medium | You can allow SSH to a root-privileged user, AND You can't provide YugabyteDB Anywhere with SSH login credentials for that user; however you can enter the password interactively. |
In this mode, you run a script on the VM, and are prompted for a password for each sudo action to install the required software. | See Assisted Manual Provisioning. |
| Restrictive | All other cases (you disallow SSH login to a root-privileged user at setup time). | In this mode, you'll manually install each prerequisite software component. | See Fully Manual Provisioning. |
Note that, for Permissive and Medium modes, the root-privileged SSH user can have any username except yugabyte. When YugabyteDB Anywhere later uses this provided SSH user to sign in and prepare the node, it will automatically create and configure a second user – named yugabyte – which will be largely de-privileged, and will have very limited sudo commands available to it. YugabyteDB Anywhere uses the yugabyte user to run the various YugabyteDB software processes.
SSH access is required for initial setup of a new database cluster (and when adding new nodes to the cluster). After setup is completed, SSH can be disabled, at your option. Leaving SSH enabled, however, is still recommended to provide access to nodes for troubleshooting.
Best practices
When creating your VMs, create at least two virtual disks: one as the boot disk, and another for data and logs.