VPC and subnets

When registering an AWS environment in CDP, you will be asked to select a VPC and two or more subnets.

You have two options:

  • Use your existing VPC and subnets for provisioning CDP resources.

  • Have CDP create a new VPC and subnets. All CDP resources will be provisioned into this new VPC and subnets.

Existing VPC and subnets

If you would like to use your own VPC, it needs to fulfill the following requirements:
  • The VPC has at least two subnets, each in a different availability zone.
  • The VPC subnets must be connected to an Internet Gateway OR a NAT Gateway. VPC should be able to make an outbound connection with the internet or set of CIDRs and ports provided by Cloudera.
  • Only public subnets are supported at this time.
  • If you are planning to use the Machine Learning service, you must:
    • Enable DNS in the VPC.
    • Tag the VPC and the subnets as shared so that Kubernetes can find them. For load balancers to be able to choose the subnets correctly, you are also required to tag private subnets with the kubernetes.io/role/internal-elb:1 tag, and public subnets with the kubernetes.io/role/elb:1 tag.
    • For more information about Machine Learning requirements, refer to AWS account prerequisites for ML workspaces.

Verify the limits of the VPC and subnets available in your AWS account to ensure that you have enough resources to create clusters in CDP.

New VPC and subnets

If you would like CDP to create a new VPC, three subnets will be created automatically. You will need to specify a valid CIDR in IPv4 range that will be used to define the range of private IPs for EC2 instances provisioned into these subnets. Default is Consider changing the IP range to correspond to corporate policies for standardized IP address ranges.