Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Auto-TLS on 6.1 Express Cluster Creation

Highlighted

Auto-TLS on 6.1 Express Cluster Creation

Hi,

 

I am creating a dev cluster on AWS EC2 and during the install of Cloudera Manager Express, I set it up to use Auto-TLS. When I tried to form a cluster and add hosts, they failed to heartbeat. After some troubleshooting and some googling, I found this thread which says that auto-TLS can only be used with an enterprise licence. (Please do make the documentation clear that this is an enterprise-only feature). Edit; the documentation does say

 

Now, I have to prevent Cloudera Manager from using auto-TLS. I have deleted the row from the SCM database:

delete from CONFIGS where ATTR='agent_tls';

and set:

[Security]
# Use TLS and certificate validation when connecting to the CM server.
use_tls=0

in /etc/cloudera-scm-agent/config.ini on each of the nodes.

 

However; the agents are still failing to heartbeat. Eventually, I want to enable TLS on the cluster am I correct in thinking that this can be done once the cluster is formed? If so, can anyone point me in the direction of some documentation for disabling auto-TLS? If not, is there a way of solving this problem, or am I best off terminating the hosts and starting afresh?

 

Thanks,

Tom

13 REPLIES 13

Re: Auto-TLS on 6.1 Express Cluster Creation

Community Manager

While you are waiting for someone to answer the question, can I get some additional information on documentation needing to be updated. Can you provide a link to the documentation you found that wasn't clear on the need for the Enterprise Version so we can get it reviewed?

 

I did a quick search for Auto-TLS in 6.1 and found the below document but it states that the Enterprise version is needed. Perhaps we need to add it elsewhere?

 

Configuring TLS Encryption for Cloudera Manager and CDH Using Auto-TLS

 

Screen Shot 2019-02-26 at 8.47.26 AM.png



Cy Jervis, Community Manager

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Learn more about the Cloudera Community:
Community Guidelines
How to use the forum

Re: Auto-TLS on 6.1 Express Cluster Creation

Hi Cy,

 

I take that back, I've been building the cluster across a month, in between other tasks and either you've added that line between then and now, or I completely missed it. Apologies.

 

Regards,

Tom

Re: Auto-TLS on 6.1 Express Cluster Creation

Community Manager

No worries @ThomasHopewell. I wanted to make sure just in case I missed where you saw it. I'm checking with some of my contacts to see if I can get someone to reply on the main issue. 



Cy Jervis, Community Manager

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Learn more about the Cloudera Community:
Community Guidelines
How to use the forum

Re: Auto-TLS on 6.1 Express Cluster Creation

Thanks :)

Re: Auto-TLS on 6.1 Express Cluster Creation

New Contributor

The actual installation page, https://docs.cloudera.com/documentation/enterprise/6/6.2/topics/install_cm_server.html, is not clear that this is an enterprise feature.  I suspect this is where most of us are being misled. I ran into the same issue.

Re: Auto-TLS on 6.1 Express Cluster Creation

Community Manager

Hi @Augustine ,

 

Thanks for pointing that out. It does make sense we update this to clarify it. I will follow up with our doc team to get it improved.

 

Thanks!

 

Li Wang, Technical Resolution Manager


Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Learn more about the Cloudera Community:

Terms of Service

Community Guidelines

How to use the forum

Re: Auto-TLS on 6.1 Express Cluster Creation

New Contributor

The actual installation instructions, https://docs.cloudera.com/documentation/enterprise/6/6.2/topics/install_cm_server.html, are where it is not clear at all that this is an enterprise feature. I suspect this is where most of us are being misled. We just ran into this issue. Out of curiosity has a way of reversing this been developed yet, or is the best solution still just to restart the installation?

Re: Auto-TLS on 6.1 Express Cluster Creation

Community Manager

Hi @ThomasHopewell,

 

We currently don't have any dcoumentation on disabling auto-TLS. I think the easier and quicker way for now is to start from fresh.

 

Thanks,

Li

 

Li Wang, Technical Resolution Manager


Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Learn more about the Cloudera Community:

Terms of Service

Community Guidelines

How to use the forum

Re: Auto-TLS on 6.1 Express Cluster Creation

Thanks for the reply Li, that's what I'll do

Don't have an account?
Coming from Hortonworks? Activate your account here