Configuring a VPC with private IPs in GCP

Prior to registering your GCP environment in Cloudera, you should set up a VPC network with private IPs, and create firewall rules.

You need the following:

• At least one subnet for hosts that will use Cluster Connectivity Manager.

• Outbound traffic via the HTTP connection initiated by Cluster Connectivity Manager should be allowed to the Cloudera hosted Network Load Balancers (NLBs) on workload nodes.

In the Google Cloud console, configure the following:

1. Create a VPC with custom (preferred) subnet configuration in the desired GCP region.

2. Create a GCP cloud router in the desired region.

3. Create a GCP NAT gateway specifying the previously created GCP cloud router.

4. You must configure outbound traffic for Cloudera resources.

5. The workload clusters containing Cluster Connectivity Manager (Knox, master, or Cloudera Manager for Classic Clusters) must be able to reach the Network Load Balancers (NLBs).

6. You can use port 443 to connect to the NLBs.

7. Create your firewall rules as described in Firewall rules.