Community Articles

Find and share helpful community-sourced technical articles.
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Labels (2)
avatar
Cloudera Employee

Upon setting up a Socks Proxy Connection to access Cloudera Manager on an Altus cluster per:

 

https://www.cloudera.com/documentation/altus/topics/ug_dataengr_trblshoot_socks_proxy.html#socks_pro...

 

You may see:

 

ssh: connect to host X.X.X.X port 22: Connection timed out

2017-06-26 09:16:05,759 - MainThread - altuscli.extensions.dataeng.socksproxy - ERROR - IP address of Cloudera Manager (X.X.X.X) is unreachable. Please check security permissions on instances of the cluster.

 

The same steps should be followed, listed here:

 

https://www.cloudera.com/documentation/altus/topics/ug_dataengr_trblshoot_ssh_conn.html

 

However, you should slightly modify these steps to allow access Cloudera Manager (port 7180

  1. In the AWS Console, go to VPC > Security Groups and find the security group you created for the Altus environment.
  2. Verify that you are in the correct region.
  3. On the Inbound Rules tab, edit the security group and add another rule of type Custom TCP Rule (7180).
  4. Set the Source property to the IP address or range of IP addresses from which you want to connect by selecting My IP in the Source pulldown menu.
  5. Press Save

 

In addition, if you see:

 

Load key "/path/yourprivatekey.pem": bad permissions

Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

2017-06-26 12:04:15,705 - MainThread - altuscli.extensions.dataeng.socksproxy - ERROR - Unable to setup socks tunnel.

 

This is an indication that the pem file  "/path/yourprivatekey.pem" used in the altus command line is not 600 permissions to ensure security.   Please use the chmod command to restrict read by other, and retry the command.

 

991 Views