Configure the SOCKS Proxy
The SOCKS5 protocol is implemented as a client and server process that enables traversal of IP network firewalls. After you configure the SOCKS proxy, your browser resolves DNS lookups using the Microsoft Azure network (through the proxy server), and lets you connect to services using internal FQDNs or private IP address.
- Set up a single SSH tunnel to one of the hosts on the network and create a SOCKS proxy on the host.
- Change the browser configuration to perform all lookups through the SOCKS proxy host.
Network Prerequisites
- You must be able to reach the host that you want to proxy to from the public internet or from the network that you're connecting from.
- The host that you proxy to must be on the same network as the Cloudera services that you're connecting to. For example, if you’re using the Cloudera EDH offering, tunnel to the Cloudera Manager host.
Find the Public IP of the Host
For the Cloudera EDH offering, use the public IP of the 0th master node VM: [dnsName]-mn0.
Start the SOCKS Proxy
On Linux
ssh -i your-key-file.pem -CND 1080 the_username_you_specified@publicIP_of_VM
-i your-key-file.pem
Specifies the path to the private key needed to SSH to the Cloudera EDH server. Omit if using SSH passwords.C
Sets up compression.N
Suppresses any command execution once established.D
Sets up the SOCKS proxy on a port.1080
The port to set the SOCKS proxy locally.
On Windows
Follow the instructions on Microsoft's website (see SSH tunnel to endpoints in Azure VNet
from Windows
).
Configure Google Chrome to Use the Proxy
- The SOCKS proxy port. This must be the same port that you used when you started the proxy.
- The profile. This examples below create a new profile.
Use one of the following commands to create a profile and launch a new instance of Chrome that does not conflict with any currently running Chrome instances.
/usr/bin/google-chrome \ --user-data-dir="$HOME/chrome-with-proxy" \ --proxy-server="socks5://localhost:1080"
"/Applications/Google Chrome.app/Contents/MacOS/Google Chrome" \ --user-data-dir="$HOME/chrome-with-proxy" \ --proxy-server="socks5://localhost:1080"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" ^ --user-data-dir="%USERPROFILE%\chrome-with-proxy" ^ --proxy-server="socks5://localhost:1080"
In this Chrome session, you can use the private IP address or internal FQDN to connect to any host that is accessible by Cloudera EDH.