Installing a non-transparent proxy in a CML environment

If Cloudera Machine Learning is used in an air-gapped environment, a proxy configuration is not mandatory. If a non-transparent proxy is used, then certain endpoints must be added to the allowed list for the proxy.

If your CDP Private Cloud deployment uses a non-transparent network proxy, configure proxy hosts that the workloads can use for connections with CML workspaces. You can configure the proxy configuration values from the Management Console.

  1. Sign in to the CDP console.
  2. Click Management Console.
  3. On the Management Console home page, select Administration > Networks to view the Networks page.
  4. Configure the following options for the proxy values:
    Field Description
    HTTPS Proxy The HTTP or HTTPS proxy connection string for use in connections with CML workspaces. You must specify this connection string in the form: http(s)://<username>:<password>@<host>:<port>.
    HTTP Proxy The HTTP or HTTPS proxy connection string for use in connections with CML workspaces. You must specify this connection string in the form: http(s)://<username>:<password>@<host>:<port>.
    No Proxy

    Comma-separated list of hostnames, IP addresses, or hostnames and IP addresses that should not be accessed through the specified HTTPS or HTTP proxy URLs.

    In case of ECS deployments, you must include no-proxy URLs for the following:

    • All the ECS hosts in your deployment
    • Any CDP Private Cloud Base cluster that you want to access
    • CIDR IP addresses for internal operations in the ECS cluster: 10.42.0.0/16 and 10.43.0.0/16
  5. Click Save
  6. Ensure that the following endpoint is allowed:
    Description/Usage CDP service Destination Protocol and Authentication IP Protocol/Port Comments

    Accelerators for ML Projects (AMPs)

    Machine Learning

    https://raw.githubusercontent.com

    https://github.com

    HTTPS TCP/443 Files for AMPs are hosted on GitHub.