Connecting to Your Cluster Using a SOCKS Proxy

For security purposes, we recommend that you connect to your cluster using a SOCKS proxy. This topic shows you how.

Create a Proxy Auto-Config File

To create proxy auto-config (PAC) file, perform the following tasks.

Open a text editor and enter the following text:

function regExpMatch(url, pattern) {    
  try { return new RegExp(pattern).test(url); } catch(ex) { return false; }    
}
  
function FindProxyForURL(url, host) {
    // Important: replace 172.31 bellow with the proper prefix for your VPC subnet
    if (shExpMatch(url, "*172.31.*")) return "SOCKS5 localhost:8157";
    if (shExpMatch(url, "*ec2*.amazonaws.com*")) return 'SOCKS5 localhost:8157';
    if (shExpMatch(url, "*.compute.internal*") || shExpMatch(url, "*://compute.internal*")) return 'SOCKS5 localhost:8157';
    if (shExpMatch(url, "*ec2.internal*")) return 'SOCKS5 localhost:8157';
    return 'DIRECT';
}

Save the file.

The PAC file contains the three rules needed for Cloudera Director.

Set Up SwitchySharp

Open Chrome and go to Chrome Apps
Search for Proxy SwitchySharp and add to it Chrome.
In the SwitchySharp Options screen, click the Proxy Profiles tab and do the following:
- In the Profile Name field, enter AWS-Cloudera.
- Click Automatic Configuration.
- Click Import PAC File and import your PAC file.
- Click Save.
Click the General tab and do the following:
- Click Quick Switch.
- Drag [Direct Connection] and AWS-Cloudera to the Cycled Profiles area.
- Set Startup Profile to [Direct Connection].
- Click Save.

Set Up a SOCKS Proxy with SSH

Set up a SOCKS proxy to access the EC2 instance running Cloudera Director. For example, in RHEL run the following command (with your instance information):

ssh -i <key-file.pem> -CND 8157 ec2-user@instance_running_director_server

where

C sets up compression
N suppresses any command execution once established
D 8157 sets up the SOCKS 5 proxy on the port

Starting an Instance

Cloudera Director Client