CDP Private Cloud Experiences pre-installation checklist

Prior to installing CDP Private Cloud Experiences ensure you have satisfied all the requirements of both CDP Private Cloud Base and OpenShift Container platform using a checklist.

The pre-installation checklist is divided into two sections, the CDP Private Cloud Base checklist, and the OpenShift Container Platform checklist. You must ensure that you have satisfied all the requirements in the CDP Private Cloud Base checklist before you complete the requirements in the OpenShift Container Platform checklist.

The notes in each of the checklists have requirements that are specific to CDW (Cloudera Data Warehouse) or CML (Cloudera Machine Learning). If you are installing both these experiences, you need to ensure that you follow all the requirements. Otherwise, you can choose the requirements for CDW or CML.

CDP Private Cloud Base checklist

Use this checklist to ensure that your CDP Private Cloud Base is configured and ready for installing CDP Private Cloud Experiences.
  1. Ensure that the CDP Private Cloud Base cluster is configured to use TLS. To enable auto-TLS using Cloudera Manager, see Configuring TLS Encryption for Cloudera Manager Using Auto-TLS.
  2. Ensure that the Cloudera Manager is configured with a JKS-format (not PKCS12) TLS truststore. For more information, see Database requirements.
  3. Ensure that you have Ranger, Atlas, and Hive installed in your CDP Private Cloud Base cluster. If you have not installed these components, you see an error when creating an environment in your CDP Private Cloud Experiences.
  4. Cloudera Manager truststore must contain a root certificate that trusts the certificate for all Cloudera Manager server hosts expected to be used with Private Cloud.
    1. Import the necessary certificates into the truststore configured in Configure Administration > Settings > Security > Cloudera Manager TLS/SSL Client Trust Store File.
  5. Cluster is configured with Ranger and LDAP is setup and configured for user authentication. Ensure that you have configured Ranger user synchronization. For more information about configuring Ranger and LDAP, see Configure Ranger authentication for LDAP. For more information about Ranger Usersync, see Ranger usersync.
  6. Ensure that Kerberos is enabled for all services in the cluster. Custom Kerberos principals are not currently supported. For more information, see Enabling Kerberos for authentication.
  7. Ensure that your CDP Private Cloud Base deployment has access to the Internet. Also ensure that your Kubernetes cluster network configuration allows access to the Internet. You need access to the Docker registries and the Cloudera repositories. If you do not have access to the Internet (air gap environment), you must follow the steps in Install CDP Private Cloud Experiences in air gap environment.
  8. Ensure that you configure LDAP using Cloudera Manager. Only Microsoft Active Directory (AD) and OpenLDAP are currently supported.
  9. Ensure that all services running in the cluster are healthy. You can check this in Cloudera Manager Clusters > [***CLUSTER NAME***] > Health Issues. If there are no health issues, the No Health Issues message is displayed.
  10. Ensure that you have the necessary CDP entitlements from Cloudera to access the Private Cloud installation. To check this, go to Cloudera Manager > Private Cloud > Select Repository > [***REPOSITORY URL***]. If you have the required entitlements, the You are about to install CDP Private Cloud version [***VERSION***] message with a list of prerequisites is displayed. An error message is displayed if you do not have the necessary entitlements.
  11. To reuse data from your legacy CDH or HDP deployment in your Private Cloud, ensure that you have migrated that data into your CDP Private Cloud Base. You must be using Cloudera Runtime 7.1.3 or higher for migrating data from your CDH or HDP cluster. For more information about data migration, see the Data Migration guide.

OpenShift Container Platform checklist

Use this checklist to ensure that your OpenShift Container Platform is configured and ready for installing CDP Private Cloud Experiences.
  1. Ensure that the installed OpenShift Container Platform is version 4.5.x.
  2. Ensure that you have set up the DNS and Reverse DNS between OpenShift container hosts and CDP Private Cloud Base. This is required for obtaining Kerberos ticket-granting tickets.
  3. Ensure that OpenShift application hostnames can be accessed from outside the cluster. You can test this by creating an ingress point on the target cluster as shown in the A minimal Ingress resource example. And then you must perform a DNS query on the route generated, to check if you can access the hostnames outside the cluster.
  4. Ensure that you have configured separate storage classes for the control plane and the compute clusters. Both the storage classes must be provisioned from Persistent Volumes.
  5. Ensure that you have access to OpenShift Kubeconfig file, cluster administrator privileges, and sufficient expiry time for you to complete your installation. For more information, see Download Kubernetes Configuration.
  6. When a load balancer is used for your OpenShift Container Platform external API, you must allow websocket traffic in addition to HTTPS. The load balancer must allow websockets on port 80. Also, ensure that you set the load balancer server timeout to 5 minutes.
  7. Ensure that the nodes in the OpenShift cluster have their clocks synchronized using NTP. This is an important step if your setup does not have access to the Internet. For more information, see Install CDP Private Cloud Experiences in air gap environment.