Download and activate the Cloudera Runtime Parcels
In Cloudera Manager, you must download, distribute, and activate the Cloudera runtime Parcels. You can also enable the TLS which is optional.
In Cloudera Manager Parcel screen, download Cloudera
Runtime and distribute the parcel. Cloudera Manager deploys the parcel to the
cluster hosts. The default is 10 concurrent hosts. You can adjust this to a
maximum of 50, but this must be configured before the template is applied.
This is an optional step. Enable Cloudera Manager TLS:
- Certificate management: Creating certificates, keystores, and truststores.
- Certificate distribution or configuration:
- Copying keystores & truststores to servers.
- Configuring services to reference these keystores & truststores.
- Configuring related TLS properties for service.
- Ensure that you compare Manual TLS and Auto TLS and then proceed. For more information, see Comparing manual TLS and Auto-TLS
- If you select the Manual TLS option, you must manually configure TLS. For more information, see Manually configure TLS Encryption for Cloudera Manager.
- If you select the Auto TLS option 1, Cloudera Manager handles it
independent of any company certificate authority. This is basically
creating a private certificate authority that only Cloudera Manager
- If you want TLS but you do not have any of the external certificate management infrastructures then you will probably want this.
- The benefit is you get full automation for the cluster side (management & certificate distribution and configuration) but requires client configuration to trust the private certificate authority. For more information, see Auto TLS 1
- If you select Auto TLS option 2a, Cloudera Manager handles certificate
management based on a company certificate authority. Cloudera Manager
generates certificates on your behalf using the certificate authority
and performs distribution and configuration for you.
- If you want TLS and are willing to extend trust from an external certificate authority to Cloudera Manager and allow Cloudera Manager to generate certificates will want this.
- The benefit is you get full automation for the cluster side (management & certificate distribution and configuration) but requires extending trust to Cloudera Manager. Clients need not require any additional configuration because they would already trust the global company certificate authority. For more information, see Auto TLS 2
- If you select AutoTLS option 2b, you are only doing certificate
distribution and configuration because you are doing certificate
management outside of Cloudera Manager and manually loading those
certificates into Cloudera Manager's certificate repository.
- If you want TLS but are unwilling to extend trust from an external certificate authority to Cloudera Manager will want this.
- The benefit is you get partially automated for the cluster side (certificate distribution and configuration only). Per-host or per-service certificate management done outside of Cloudera Manager and certificates manually uploaded into Cloudera Manager by an admin. For more information, see Auto TLS 2
- After the parcels are deployed on Cloudera Manager, activate the Cloudera Runtime 7.1.x parcels.
LZO package configuration: If HDP is configured with LZO packages then follow
the steps given below.
- Go to the Parcels/Parcel Repository & Network Settings page on Cloudera Manager user interface and add Remote Parcel Repository URLs.https://archive.cloudera.com/p/gplextras7/220.127.116.11/parcels/
- In the Parcels screen - Download, Distribute, and Activate “GPLEXTRAS”. If the HDP intermediate bits or Ambari 7.1.x.x has used LZO packages, then enable or add the packages to Cloudera Manager. For more information, see the Configuring Data Compression documentation.