Created 06-16-2022 02:17 AM
I am in process of setting up a CDP cluster (private base) and in step of configuring local repositories. I have got the Cloudera repos configured via out standard repository solution, Artifactory since servers will not have access to public internet to access Cloudera archives.
Now the URL given to me to access those repos has to be authenticated via a User ID and API key. So URL ultimately turns out something like this:
1. Is there a way I can configure a authentication based YUM repository for Cloudera Manager packages, without having the need to enter credentials in a plain text in base URL field of YUM repo?
2. Once we have Cloudera Manager installed, we can provide a custom repo link in Cloudera Manager to fetch Cloudera Runtime Parcels. At that stage, will Cloudera Manager accept Environment variables in the URL or that again has to be a plain text? Else, is there any other way to setup authentication based Cloudera runtime repo which can be used in Cloudera Manager so we don't have to provide these creds in a plain text.
1. This is a functionality to be provided by the OS vendor since package installations use yum which is not Cloudera managed.
2. No we don't have another way. Ideally for both these security specific use cases, you should create temporary /local repositories only where authentication is not required.
Hope this helps,
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
In regards to item 2, you can actually configure the credentials in Cloudera Manager, so that they are not in clear text. The properties below can be found under Parcel Repository & Network Settings:
Thank you @araujo,
Do we also get a field to enter these details while installing Cloudera Manager at the page were we add custom repositories for Hadoop parcels? I don't remember it hence, asking.
Sorry, I don't remember either. Unfortunately I don't have a cluster handy now to confirm this.