Configuring a VPC with private IPs in GCP

Prior to registering your GCP environment in CDP, you should set up a VPC network with private IPs, and create firewall rules.

You need the following:

• At least one subnet for hosts that will use CCM.

• Outbound traffic via the HTTP connection initiated by CCM should be allowed to the Cloudera hosted Network Load Balancers (NLBs) on workload nodes.

In the Google Cloud console, configure the following:

1. Create a VPC with custom (preferred) subnet configuration in the desired GCP region.

2. Create a GCP cloud router in the desired region.

3. Create a GCP NAT gateway specifying the previously created GCP cloud router.

4. You must configure outbound traffic for CDP resources.

5. The workload clusters containing CCM (Knox, master, or CM for Classic Clusters) must be able to reach the Network Load Balancers (NLBs).

6. You can use port 443 to connect to the NLBs.

7. Create your firewall rules as described in Firewall rules.