Member since
05-18-2021
5
Posts
0
Kudos Received
1
Solution
My Accepted Solutions
Title | Views | Posted |
---|---|---|
4872 | 05-21-2021 07:28 AM |
05-27-2021
01:20 AM
I was able to use Ansible to append these additional two lines to the existing db.properties file on Manger, from Director. This was done as the last step in the cluster build.
... View more
05-21-2021
08:05 AM
Hello - I wish to enable SSL on database connections between Cloudera Manager and MySql hosted in AWS RDS. When I enable SSL in the db.properties file on Manager, I see the following errors: 2021-05-21 15:38:37,703 WARN C3P0PooledConnectionPoolManager[identityToken->2yvpj9ah13s0oi2z72mvh|3afae281]-HelperThread-#0:com.mchange.v2.resourcepool.BasicResourcePool: com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@e19e904 -- Acquisition Attempt Failed!!! Clearing pending acquires. While trying to acquire a needed new resource, we failed to succeed more than the maximum number of allowed acquisition attempts (5). Last acquisition attempt exception: OS Type: [root@ip-10-179-61-233 ~]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.9 (Maipo) Cloudera Binaries: [root@ip-10-179-61-233 ~]# rpm -qa | grep cloudera cloudera-manager-daemons-6.3.1-1466458.el7.x86_64 cloudera-manager-agent-6.3.1-1466458.el7.x86_64 cloudera-manager-server-6.3.1-1466458.el7.x86_64 SCM Config: [root@ip-10-179-61-233 ~]# egrep -v "^#|^$" /etc/cloudera-scm-server/db.properties com.cloudera.cmf.db.type=mysql com.cloudera.cmf.orm.hibernate.connection.driver_class=com.mysql.jdbc.Driver com.cloudera.cmf.orm.hibernate.connection.url=jdbc:mysql://foo.123.eu-west-2.rds.amazonaws.com:3306/scm_123?useUnicode=true&characterEncoding=UTF-8&useSSL=true&verifyServerCertificate=false&trustCertificateKeyStoreUrl=/usr/java/jdk1.8.0_121-cloudera/jre/lib/security/cacerts&trustCertificateKeyStoreType=JKS&trustCertificateKeyStorePassword=changeit com.cloudera.cmf.db.host=foo.123.eu-west-2.rds.amazonaws.com:3306 com.cloudera.cmf.db.name=scm_123 com.cloudera.cmf.db.user=scmu_123 com.cloudera.cmf.db.password=123 Java Version: /usr/java/jdk1.8.0_121-cloudera/jre/bin/java -version java version "1.8.0_121" MySql Connector Version: v5.1.46 Any ideas / pointers would be much appreciated. Theo
... View more
Labels:
- Labels:
-
Cloudera Manager
05-21-2021
07:28 AM
Hi - thanks for your suggestion, it worked. Since MySql is not running locally (AWS RDS), there was no need to edit the my.conf file. I understand the db.properties file is currently automatically created by Director during the cluster build process and placed onto Manager. It there a way to automate the db.properties file so these extra two lines are appended to it? com.cloudera.cmf.orm.hibernate.connection.driver_class=com.mysql.jdbc.Driver
com.cloudera.cmf.orm.hibernate.connection.url=jdbc:mysql://<mysql-host>/<database>?useUnicode=true&characterEncoding=UTF-8&useSSL=false 🙂 Theo
... View more
05-18-2021
06:01 AM
I've tried updating the db.properties file on Manager to enforce SSL, as seen below, but the warning message is persisting. [root@ip-10-179-61-233 ~]# egrep -v "^#|^$" /etc/cloudera-scm-server/db.properties com.cloudera.cmf.db.type=mysql com.cloudera.cmf.db.host=foo.123.eu-west-2.rds.amazonaws.com:3306 com.cloudera.cmf.db.name=scm_123 com.cloudera.cmf.db.user=scmu_123 com.cloudera.cmf.db.password=123 com.cloudera.cmf.db.useSSL=true com.cloudera.cmf.db.verifyServerCertificate=true com.cloudera.cmf.db.trustCertificateKeyStoreUrl=file:/usr/java/jdk1.8.0_121-cloudera/jre/lib/security/jssecacerts com.cloudera.cmf.db.trustCertificateKeyStoreType=JKS com.cloudera.cmf.db.trustCertificateKeyStorePassword=changeit
... View more
05-18-2021
03:11 AM
Hello - Cloudera Manager is returning the following warning when connecting to MySql hosted in AWS RDS. How can this warning be resolved / suppressed? Log Warning: May 17 12:15:48 ip-10-179-61-80 cm-server[23717]: Mon May 17 12:15:48 BST 2021 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL SSby setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification OS Type: [root@ip-10-179-61-233 ~]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.9 (Maipo) Cloudera Binaries: [root@ip-10-179-61-233 ~]# rpm -qa | grep cloudera cloudera-manager-daemons-6.3.1-1466458.el7.x86_64 cloudera-manager-agent-6.3.1-1466458.el7.x86_64 cloudera-manager-server-6.3.1-1466458.el7.x86_64 SCM Config: [root@ip-10-179-61-233 ~]# egrep -v "^#|^$" /etc/cloudera-scm-server/db.properties com.cloudera.cmf.db.type=mysql com.cloudera.cmf.db.host=foo.123.eu-west-2.rds.amazonaws.com:3306 com.cloudera.cmf.db.name=scm_123 com.cloudera.cmf.db.user=scmu_123 com.cloudera.cmf.db.password=123
... View more
Labels:
- Labels:
-
Cloudera Manager