I am creating a dev cluster on AWS EC2 and during the install of Cloudera Manager Express, I set it up to use Auto-TLS. When I tried to form a cluster and add hosts, they failed to heartbeat. After some troubleshooting and some googling, I found this thread which says that auto-TLS can only be used with an enterprise licence.
(Please do make the documentation clear that this is an enterprise-only feature). Edit; the documentation does say
Now, I have to prevent Cloudera Manager from using auto-TLS. I have deleted the row from the SCM database:
delete from CONFIGS where ATTR='agent_tls';
[Security] # Use TLS and certificate validation when connecting to the CM server. use_tls=0
in /etc/cloudera-scm-agent/config.ini on each of the nodes.
However; the agents are still failing to heartbeat. Eventually, I want to enable TLS on the cluster am I correct in thinking that this can be done once the cluster is formed? If so, can anyone point me in the direction of some documentation for disabling auto-TLS? If not, is there a way of solving this problem, or am I best off terminating the hosts and starting afresh?
While you are waiting for someone to answer the question, can I get some additional information on documentation needing to be updated. Can you provide a link to the documentation you found that wasn't clear on the need for the Enterprise Version so we can get it reviewed?
I did a quick search for Auto-TLS in 6.1 and found the below document but it states that the Enterprise version is needed. Perhaps we need to add it elsewhere?
I take that back, I've been building the cluster across a month, in between other tasks and either you've added that line between then and now, or I completely missed it. Apologies.
No worries @ThomasHopewell. I wanted to make sure just in case I missed where you saw it. I'm checking with some of my contacts to see if I can get someone to reply on the main issue.
The actual installation page, https://docs.cloudera.com/documentation/enterprise/6/6.2/topics/install_cm_server.html, is not clear that this is an enterprise feature. I suspect this is where most of us are being misled. I ran into the same issue.
Hi @Augustine ,
Thanks for pointing that out. It does make sense we update this to clarify it. I will follow up with our doc team to get it improved.
The actual installation instructions, https://docs.cloudera.com/documentation/enterprise/6/6.2/topics/install_cm_server.html, are where it is not clear at all that this is an enterprise feature. I suspect this is where most of us are being misled. We just ran into this issue. Out of curiosity has a way of reversing this been developed yet, or is the best solution still just to restart the installation?
We currently don't have any dcoumentation on disabling auto-TLS. I think the easier and quicker way for now is to start from fresh.