CDP Private Cloud Base checklist
Use this checklist to ensure that your CDP Private Cloud Base is configured and ready for installing CDP Private Cloud Experiences.
|Runtime components||Ensure that you have Ranger, Atlas, Hive, and Ozone installed in your CDP Private Cloud Base cluster||CDP Private Cloud Base requirements||If you do not install these components, you see an error when creating an environment in your CDP Private Cloud Experiences.|
|Network requirement||Ensure that the CDP Private Cloud Base and OpenShift Container Platform are on the same network||Network infrastructure considerations||Ensure that all the network routing hops in production. Cloudera recommends not to use more than 4:1 oversubscription between the spine-leaf switches.|
|Cloudera Manager database requirement||Ensure that the Cloudera Manager database is PostgreSQL 10||Database Requirements||Currently, only PostgreSQL 10 is supported with CDP Private Cloud Experiences.|
|Cloudera Manager TLS configuration||Ensure that Cloudera Manager in the CDP Private Cloud Base cluster is configured to use TLS.||Configuring TLS Encryption for Cloudera Manager Using Auto-TLS||
You can also manually configure TLS to complete this task. See
|Cloudera Manager JKS-format TLS truststore||Ensure that the Cloudera Manager is configured with a JKS-format (not PKCS12) TLS truststore. For more information||Obtain and Deploy Keys and Certificates for TLS/SSL||N/A|
|Cloudera Manager truststore and root certificate||Ensure that the Cloudera Manager truststore contains a root certificate that trusts the certificate for all Cloudera Manager server hosts used with CDP Private Cloud Experiences.||How to Add Root and Intermediate CAs to Truststore for TLS/SSL||Import the necessary certificates into the truststore configured in.|
|LDAP configuration||Ensure that you configure LDAP using Cloudera Manager.||N/A||Only Microsoft Active Directory (AD) and OpenLDAP are currently supported.|
|Apache Ranger configuration for LDAP||Ensure that the CDP Private Cloud Base cluster is configured with Apache Ranger and LDAP for user authentication.||Configure Ranger authentication for LDAP||N/A|
|Apache Ranger usersync configuration||Ensure that you have configured Apache Ranger and Apache Ranger usersync.||Ranger usersync||Apache Ranger user synchronization is used to get users and groups from the corporate ActiveDirectory to use in policy definitions.|
|Kerberos configuration||Ensure that Kerberos is enabled for all services in the cluster.||Enabling Kerberos for authentication||
Custom Kerberos principals are not currently supported.
|Internet access or air gap installation||Ensure that your CDP Private Cloud Base and your Kubernetes cluster has access to the Internet. If you do not have access to the Internet, you must do an air gap installation.||
You need access to the Docker registries and the Cloudera repositories during the installation process.
|Services health check||Ensure that all services running in the cluster are healthy.||Cloudera Manager Health Tests||N/A|
|CDP Private Cloud entitlement||Ensure that you have the necessary CDP entitlement from Cloudera to access the Private Cloud installation.||N/A||To check this, go to. If you have the required entitlements, the You are about to install the CDP Private Cloud version [***VERSION***] message with a list of prerequisites is displayed. An error message is displayed if you do not have the necessary entitlements.|
|Reuse data from CDH or HDP (Optional)||To reuse data from your legacy CDH or HDP deployment in your Private Cloud, ensure that you have migrated that data into your CDP Private Cloud Base. You must be using Cloudera Runtime 7.1.3 or higher for migrating data from your CDH or HDP cluster.||Data Migration Guide||N/A|