Prerequisites and exceptions for the example configuration
Review the prerequisites and exceptions before adding the example configuration to the sudoers file.
-
As a root user, you must create the repository file on the Cloudera Manager
Server. For instance, as a root user you can create the
/etc/yum.repos.d/cloudera-manager.repo
file with the following content:[cloudera-manager] name=Cloudera Manager 7.x.0 baseurl=https://archive.cloudera.com/p/cm6/7.x.0/redhat7/yum/ gpgkey=https://archive.cloudera.com/p/cm6/7.x.0/redhat7/yum/RPM-GPG-KEY-cloudera gpgcheck=1 enabled=1 autorefresh=0 type=rpm-md
-
To enable Auto-TLS, use the Cloudera Manager user interface:
- Administration > Security > Enable Auto-TLS wizard
- For information on how to generate an internal CA and corresponding certificates, see Use case 1: Use CM to generate an internal CA and corresponding certificates
-
Database Configuration:
-
To install the postgreSQL as the Cloudera Manager Database, the root
user must run the following commands for the user1:
i) user1@cmsudo-1 ~]$ echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf -bash: /etc/locale.conf file ii) sudo su -l postgres -c "postgresql-setup initdb"
-
To enable MD5 authentication, user1 must have root permission:
Edit
pg_hba.conf
, which is usually found in/var/lib/pgsql/data or /etc/postgresql/<version>/main
. For more information, see step 2, Enable MD5 authentication.
-
To install the postgreSQL as the Cloudera Manager Database, the root
user must run the following commands for the user1:
- To install Ranger on any host and configure PostgreSQL database for Ranger, you need a new sudoers command list. For more information, see Configuring a PostgreSQL Database for Ranger or Ranger KMS
- For the KDC setup, you must manage the krb5.conf file through Cloudera Manager user interface. For more information, see Enable Kerberos using the wizard
-
Cloudera Manager Upgrade:
To set up the Cloudera Manager repository, user1 must have write access to the repository file. For more information, see Upgrading the Cloudera Manager Server
-
If you are setting up a KTS cluster, do the following as root user:
-
You must obtain root access to install a file under “/etc/systemd/system/”
as a prerequisite for installing rng-tools
package. After installing the “rng-tools” package, user1 will require root user to run the following commands:
i) cp /usr/lib/systemd/system/rngd.service /etc/systemd/system/ ii) sed -i -e 's/ExecStart=\ /sbin/rngd -f /ExecStart=\ /sbin\ /rngd -f -r \ / dev \ / urandom/'/etc/systemd/system/rngd.service
-
You must obtain root access to install a file under “/etc/systemd/system/”
as a prerequisite for installing rng-tools
package. After installing the “rng-tools” package, user1 will require root user to run the following commands:
-
Run the rsync command to copy the Key Trustee Server keys.
rsync -zav --exclude .ssl /var/lib/keytrustee/ .keytrustee cmsudo-6.vpc.cloudera.com:/var/lib/keytrustee/