Installing a non-transparent proxy in a CML environment

If Cloudera Machine Learning is used in an air-gapped environment, a proxy configuration is not mandatory. If a non-transparent proxy is used, then certain endpoints must be added to the allowed list for the proxy.

If your CDP Private Cloud deployment uses a non-transparent network proxy, configure proxy hosts that the workloads can use for connections with CML workspaces. You can configure the proxy configuration values from the Management Console.

Sign in to the CDP console.
Click Management Console.
On the Management Console home page, select Administration > Networks to view the Networks page.

Configure the following options for the proxy values:

Field Description

HTTPS Proxy

Field	Description
HTTPS Proxy	The HTTP or HTTPS proxy connection string for use in connections with CML workspaces. You must specify this connection string in the form: `http(s)://<username>:<password>@<host>:<port>`. note The `<username>` and `<password>` parameters are optional. You can specify the connection proxy string without these parameters.
HTTP Proxy	The HTTP or HTTPS proxy connection string for use in connections with CML workspaces. You must specify this connection string in the form: `http(s)://<username>:<password>@<host>:<port>`. note The `<username>` and `<password>` parameters are optional. You can specify the connection proxy string without these parameters.
No Proxy	Comma-separated list of hostnames, IP addresses, or hostnames and IP addresses that should not be accessed through the specified HTTPS or HTTP proxy URLs. In case of ECS deployments, you must include no-proxy URLs for the following: All the ECS hosts in your deployment Any CDP Private Cloud Base cluster that you want to access CIDR IP addresses for internal operations in the ECS cluster: 10.42.0.0/16 and 10.43.0.0/16

The HTTP or HTTPS proxy connection string for use in connections with CML workspaces. You must specify this connection string in the form: http(s)://<username>:<password>@<host>:<port>.

HTTP Proxy

The HTTP or HTTPS proxy connection string for use in connections with CML workspaces. You must specify this connection string in the form: http(s)://<username>:<password>@<host>:<port>.

No Proxy

Comma-separated list of hostnames, IP addresses, or hostnames and IP addresses that should not be accessed through the specified HTTPS or HTTP proxy URLs.

In case of ECS deployments, you must include no-proxy URLs for the following:

All the ECS hosts in your deployment
Any CDP Private Cloud Base cluster that you want to access
CIDR IP addresses for internal operations in the ECS cluster: 10.42.0.0/16 and 10.43.0.0/16

Click Save

Ensure that the following endpoint is allowed:

Description/Usage CDP service Destination Protocol and Authentication IP Protocol/Port Comments

Description/Usage	CDP service	Destination	Protocol and Authentication	IP Protocol/Port	Comments
Accelerators for ML Projects (AMPs)	Machine Learning	`https://raw.githubusercontent.com` `https://github.com`	HTTPS	TCP/443	Files for AMPs are hosted on GitHub.

Accelerators for ML Projects (AMPs)

Machine Learning

https://raw.githubusercontent.com

https://github.com

HTTPS

TCP/443

Files for AMPs are hosted on GitHub.