Setting up the AWS Environment

You must set up a VPC and create an SSH key pair in the AWS environment before deploying Cloudera Director.

Setting Up a VPC

Cloudera Director requires an Amazon Virtual Private Cloud (Amazon VPC) to implement its virtual environment. The Amazon VPC must be set up for forward and reverse hostname resolution.

To set up a new VPC, follow the steps below. Skip these steps if you are using an existing VPC.

  1. Log in to the AWS Management Console and make sure you are in the desired region. The current region is displayed in the upper-right corner of the AWS Management Console. Click the region name to change your region.
  2. In the AWS Management Console, select VPC in the Networking section.
  3. Click Start VPC Wizard. (Click VPC Dashboard in the left side pane if the Start VPC Wizard button is not displayed.)
  4. Select the desired VPC configuration. For the easiest way to get started, select VPC with a Single Public Subnet.
  5. Complete the VPC wizard and then click Create VPC.

Configuring your Security Group

Cloudera Director requires the following inbound ports to be open:

Type Protocol Port Range Source
ALL Traffic ALL ALL security_group_id
SSH (22) TCP (6) 22 0.0.0.0/0

Creating a New Security Group

The simplest way to set up the required network connectivity for Cloudera Director is to create a security group for your VPC and allow traffic between members of this security group as described below. With this approach, you do not have to specify each part that is required by Cloudera Manager.

  1. In the left pane, click Security Groups.
  2. Click Create Security Group.
  3. Enter a name and description. Make sure to select the VPC you created from the VPC list box.
  4. Click Yes, Create.

Select the newly created security group and add inbound rules as detailed in the table above.

The configured security group should look similar to the following, but with your own values in the Source column.



For more information about security groups in AWS, see Security Groups for Your VPC. If your organization's network policies are more restrictive, and you need to specify each port required by Cloudera Manager, see Ports Used by Cloudera Manager and Cloudera Navigator in the Cloudera Manager documentation for details.

Creating an SSH Key Pair

To interact with the cluster launcher and other instances, you must create an SSH key pair or use an existing EC2 key pair. For information on importing an existing key pair, see Amazon EC2 Key Pairs in the AWS documentation. If you do not have a key pair, follow these steps:

  1. Select EC2 in Compute section of the AWS console.
  2. In the Network & Security section of the left pane, click Key Pairs.
  3. Click Create Key Pair. In the Create Key Pair dialog box, enter a name for the key pair and click Create.
  4. Note the key pair name. Move the automatically downloaded private key file (with the .pem extension) to a secure location and note the location.

You are now ready to launch an EC2 instance.