How to connect Cloudera components to a TCPS-enabled Oracle database
Learn which Cloudera components support TCPS-enabled Oracle database and how to configure them to work with an TCPS-enabled Oracle database.
What is TCPS
TCPS is Transmission Control Protocol with SSL. It provides higher security between the database and Cloudera services than TCP alone.
List of Cloudera components and Cloudera Runtime services that support TCPS-enabled Oracle database
The following Cloudera components can use a TCPS-enabled Oracle database starting with CDP 7.1.9:
- Cloudera Manager server
- Reports Manager
- Hive MetaStore
- Hue
- Schema Registry
- Streams Messaging Manager
- Oozie
- Sqoop
- Ranger
- Ranger KMS
High-level steps to configure and set up TCPS
In any TLS connection, there are two entities involved–a client and a server. In Cloudera, Cloudera Manager and Cloudera Runtime services are
the clients and the Oracle database is the server.
- First, you enable TCPS on the Oracle database server, as described in Enabling TCPS for Oracle Database Server.
- Specify the JDBC URL or a connection string when you add the Cloudera Runtime services in the Add service wizard using Cloudera Manager. Review the instructions for each supported service in Configuring runtime services to connect to TLS 1.2/TCPS-enabled databases.
You can also configure the existing Cloudera Runtime services to connect to a TCPS-enabled Oracle database. See Configuring runtime services to connect to TLS 1.2/TCPS-enabled databases.
How to verify whether TCPS is enabled on your database
You can verify whether TCPS is successfully enabled on your Oracle database by running the
following
command:
SQL> select sys_context('userenv','network_protocol') from dual;If TCPS is enabled, you see the following
output:
SYS_CONTEXT('USERENV','NETWORK_PROTOCOL')
----------------------------------------------------------------------
tcpsAlternatively, check whether the
PROTOCOL = TCPS line is present in the
following configuration files:- listener.ora
- tnsnames.ora
