Cloudera Enterprise 6.3.x | Other versions

Step 3: Install Cloudera Manager Server

Step 1: Configure a Repository Step 2: Install Java Step 3: Install Cloudera Manager Server Step 4: Install Databases Step 5: Set Up the Cloudera Manager Database Step 6: Install CDH and Other Software Step 7: Set Up a Cluster

In this step you install the Cloudera Manager packages on the Cloudera Manager Server host, and optionally enable auto-TLS.

Install Cloudera Manager Packages

  1. On the Cloudera Manager Server host, type the following commands to install the Cloudera Manager packages.
    OS Command
    RHEL, CentOS, Oracle Linux
    sudo yum install cloudera-manager-daemons cloudera-manager-agent cloudera-manager-server
    SLES
    sudo zypper install cloudera-manager-daemons cloudera-manager-agent cloudera-manager-server
    Ubuntu
    sudo apt-get install cloudera-manager-daemons cloudera-manager-agent cloudera-manager-server
  2. If you are using an Oracle database for Cloudera Manager Server, edit the /etc/default/cloudera-scm-server file on the Cloudera Manager server host. Locate the line that begins with export CMF_JAVA_OPTS and change the -Xmx2G option to -Xmx4G.

(Recommended) Enable Auto-TLS

  Note: Auto-TLS supports two options:
  • Option 1: Use Cloudera Manager to generate an internal Certificate Authority and corresponding certificates
  • Option 2: Use an existing Certificate Authority and corresponding certificates

The following procedure demonstrates Option 1, enabling auto-TLS to use an internal certificate authority (CA) created and managed by Cloudera Manager. To use a trusted public CA (Option 2), you must first obtain the certificates for your cluster hosts. For more information, see Configuring TLS Encryption for Cloudera Manager and CDH Using Auto-TLS .

In Cloudera Manager 6.3 and higher, for new installations only, you can make the Cloudera Manager CA an intermediate CA to an existing internal root CA. For more information, see Enabling Auto-TLS with an Existing Root CA.

Auto-TLS greatly simplifies the process of enabling and managing TLS encryption on your cluster. It automates the creation of an internal certificate authority (CA) and deployment of certificates across all cluster hosts. It can also automate the distribution of existing certificates, such as those signed by a public CA. Adding new cluster hosts or services to a cluster with auto-TLS enabled automatically creates and deploys the required certificates.

Starting in Cloudera Manager 6.2, you can enable auto-TLS on existing clusters. If you do not want to enable auto-TLS right now, skip this section and continue to Step 4: Install and Configure Databases. Enabling auto-TLS on existing clusters is not supported if you are using the Cloudera Manager CA as an intermediate CA to an existing internal root CA, so if you want to use this option, you must enable auto-TLS now using the procedure documented in Enabling Auto-TLS with an Existing Root CA.

To enable auto-TLS with an embedded Cloudera Manager CA, run the following command:

sudo JAVA_HOME=/usr/java/jdk1.8.0_181-cloudera /opt/cloudera/cm-agent/bin/certmanager setup --configure-services
  Note: The certmanager utility is included with Cloudera Manager Agent, but not Cloudera Manager Server. If you see an error about the certmanager command not being found, make sure you have installed the cloudera-manager-agent package as documented above.

Replace jdk1.8.0_181-cloudera with your JDK version. If you want to store the files in a directory other than the default (/var/lib/cloudera-scm-server/certmanager), add the --location option as follows:

sudo JAVA_HOME=/usr/java/jdk1.8.0_181-cloudera /opt/cloudera/cm-agent/bin/certmanager --location /opt/cloudera/CMCA setup --configure-services

Check the /var/log/cloudera-scm-agent/certmanager.log log file to confirm that the /var/lib/cloudera-scm-server/certmanager/* directories were created.

That's it! When you start Cloudera Manager Server, it will have TLS enabled, and all hosts that you add to the cluster, as well as any supported services, will automatically have TLS configured and enabled.

For more information about auto-TLS, see Configuring TLS Encryption for Cloudera Manager and CDH Using Auto-TLS .

Install and Configure Databases

After installing the Cloudera Manager Server packages, continue to Step 4: Install and Configure Databases.

Page generated August 29, 2019.