CDP Private Cloud Base checklist
Use this checklist to ensure that your CDP Private Cloud Base is configured and ready for installing CDP Private Cloud Data Services.
Item | Summary | Documentation | Notes |
---|---|---|---|
Runtime components | Ensure that you have Ranger, Atlas, Hive, HDFS, and Ozone installed in your CDP Private Cloud Base cluster. | If you do not install these components, you see an error when creating an environment in CDP Private Cloud Data Services. | |
Network requirement | Ensure that all the network routing hops in production. Cloudera recommends not to use more than 4:1 oversubscription between the spine-leaf switches. | ||
Cloudera Manager database requirement | Refer to the the CDP Private Cloud Base database requirements. | N/A | |
Cloudera Manager TLS configuration | Ensure that Cloudera Manager in the CDP Private Cloud Base cluster is configured to use TLS. | Configuring TLS Encryption for Cloudera Manager Using Auto-TLS |
You can also manually configure TLS to complete this task. See |
Cloudera Manager JKS-format TLS truststore | Ensure that the Cloudera Manager is configured with a JKS-format (not PKCS12) TLS truststore. | Obtain and Deploy Keys and Certificates for TLS/SSL | N/A |
Cloudera Manager truststore and root certificate | Ensure that the Cloudera Manager truststore contains a root certificate that trusts the certificate for all Cloudera Manager server hosts used with CDP Private Cloud Data Services. | How to Add Root and Intermediate CAs to Truststore for TLS/SSL | Import the necessary certificates into the truststore configured in | .
LDAP configuration | Ensure that you configure LDAP using Cloudera Manager. | N/A | Only Microsoft Active Directory (AD) and OpenLDAP are currently supported. |
Apache Ranger configuration for LDAP | Ensure that the CDP Private Cloud Base cluster is configured with Apache Ranger and LDAP for user authentication. | Configure Ranger authentication for LDAP | N/A |
Apache Ranger usersync configuration | Ensure that you have configured Apache Ranger and Apache Ranger usersync. | Ranger usersync | Apache Ranger user synchronization is used to get users and groups from the corporate ActiveDirectory to use in policy definitions. |
Kerberos configuration | Ensure that Kerberos is enabled for all services in the cluster. | Enabling Kerberos for authentication |
Custom Kerberos principals are not currently supported. |
Internet access or air gap installation | Ensure that CDP Private Cloud Base and the ECS hosts have access to the Internet. If you do not have access to the Internet, you must do an air gap installation. |
Install CDP Private Cloud Data Services in air gap environment |
You need access to the Docker registries and the Cloudera repositories during the installation process. |
Services health check | Ensure that all services running in the cluster are healthy. | Cloudera Manager Health Tests | N/A |
CDP Private Cloud entitlement | Ensure that you have the necessary CDP entitlement from Cloudera to access the Private Cloud installation. | N/A | |
Reuse data from CDH or HDP (Optional) | To reuse data from your legacy CDH or HDP deployment in your Private Cloud, ensure that you have migrated that data into your CDP Private Cloud Base. You must be using Cloudera Runtime 7.1.7 for migrating data from your CDH or HDP cluster. | Data Migration Guide | N/A |
(Recommended) Configure HDFS properties to optimize logging | CDP uses “out_webhdfs” Fluentd output plugin to write records into HDFS, in the form of log files, which are then used by different data services to generate diagnostic bundles. To optimize the size of logs that are captured and stored on HDFS, you must update a few HDFS configurations in the hdfs-site.xml file using Cloudera Manager. | Configuring HDFS properties to optimize logging | N/A |