Using classic clusters with a non-transparent proxy

If your organization has a non-transparent proxy on the CM node, the following steps must be performed prior to classic cluster registration.

When you register a cluster in CDP as a classic cluster, CDP installs CCM on the CM/Ambari node of CDH and HDP clusters to create a reverse tunnel, allowing communication with the CDP Control Plane to kick off replication jobs on schedule. To do this, CCM must be able to connect to the outside of the Data Center.

Steps

  1. Download an install corkscrew on the CM node.

    Corkscrew is an open source project with GPL licensing. You can download corkscrew from http://ftp.altlinux.org/pub/distributions/ALTLinux/Sisyphus/x86_64/RPMS.classic/corkscrew-2.0-alt1.qa1.x86_64.rpm.

    For more information about corkscrew, see https://github.com/bryanpkc/corkscrew/.

  2. CCM runs as root, so for the root user, create the .ssh directory and the following config files in the .ssh directory.
    Note the following:
    • Proxy server hostname does not need to contain http/https. Just use the hostname/IP address.

    • Proxy server port should be 443/80/8080 or similar.

    • Typical proxy_auth file would have “manishm:mypassword”.

    1. On CM node, create a /root/.ssh/config file with the following content, replacing the <PROXY-SERVER-HOSTNAME-IP-ADDRESS> and <PROXY-SERVER-PORT> with actual values:

      ProxyCommand /usr/bin/corkscrew <PROXY-SERVER-HOSTNAME-IP-ADDRESS> <PROXY-SERVER-PORT> %h %p /root/.ssh/proxy_auth

    2. On CM node, create a /root/.ssh/proxy_auth file with the following content, replacing the <PROXY-USERNAME> and <PROXY-PASSWORD> with actual values:

      <PROXY-USERNAME>:<PROXY-PASSWORD>

    3. Set ownership of the proxy_auth file as follows:

      chmod 600 /root/.ssh/proxy_auth

    4. If the proxy server does not need user id and password, then set just this in the /root/.ssh/config file as follows, replacing the <PROXY-SERVER-HOSTNAME-IP-ADDRESS> and <PROXY-SERVER-PORT> with actual values:

      ProxyCommand /usr/bin/corkscrew <PROXY-SERVER-HOSTNAME-IP-ADDRESS> <PROXY-SERVER-PORT>

Once you’ve performed these steps, you can proceed to registering your cluster in CDP, as described in Adding your classic clusters.