Preparing CDP Private Cloud Base
Use Cloudera Manager to configure your Private Cloud Base cluster in preparation for the Private Cloud Data Services installation.
- Configure the Private Cloud Base cluster to use TLS.Configuring TLS Encryption for Cloudera Manager Using Auto-TLS.
- Configure Cloudera Manager with a JKS-format (not PKCS12) TLS truststore.Database requirements.
- Configure Cloudera Manager to include a root certificate that trusts the certificate for all
Cloudera Manager server hosts expected to be used with the Private Cloud, LDAP server (if you
are using LDAP), and the Postgres DB of all Hive Metastores that you use with Private Cloud. If
a single CA is used to sign all of them, then just that single CA must be imported.
- Import the necessary certificates into the truststore configured in Configure Administration > Settings > Security > Cloudera Manager TLS/SSL Client Trust Store File.
- Enable Kerberos for all the services in the cluster.Enabling Kerberos for authentication.
- Configure Ranger and LDAP for user authentication. Ensure that you have configured Ranger user synchronization.Configure Ranger authentication for LDAP and Ranger usersync.
- Configure LDAP using Cloudera Manager. IPA, Microsoft Active Directory (AD), and OpenLDAP are currently supported.Configure authentication using an LDAP-compliant identity service.
- Check if all the running services in the cluster are healthy. To check this using Cloudera Manager, go to Cloudera Manager > Clusters > [***CLUSTER NAME***] > Health Issues. If there are no health issues, the No Health Issues message is displayed.
- If you want to reuse data from your legacy CDH or HDP deployment in your Private Cloud, copy the data from your CDH or HDP deployments into the CDP Private Cloud Base cluster that will be accessed by CDP Private Cloud Data Services. For more information about data migration, see the Data Migration Guide.
- For installing CDP Private Cloud Base, see Install CDP Private Cloud Base