Running Altus Director and Cloudera Manager in Different Regions or Clouds
- Running Altus Director in one region and Cloudera Manager and the CDH clusters it manages in a different region.
- Installing Altus Director on one cloud provider, such as AWS, and Cloudera Manager and the CDH clusters it manages on a different cloud provider, such as Microsoft Azure or Google Cloud Platform.
- Installing Altus Director in your local network environment (on your laptop, for instance), and Cloudera Manager and the CDH clusters it manages in a cloud environment.
The most secure solution in these cases is to set up a VPN giving Altus Director access to the private subnet. Alternatively, Altus Director can be given SSH access to the instances through the public internet.
- Private IP address
- Private DNS host name
- Public IP address
- Public DNS host name
- Your cluster instances must have public IP addresses and your security group must allow SSH access on port 22 from the IP address of the Altus Director host.
- For AWS: If you are creating the cluster with the UI, set Associate public IP addresses to true in the Environment for Cloudera Manager and the cluster. If you are creating the cluster with the CLI, set the associatePublicIpAddresses to true in the configuration file.
- For Microsoft Azure: If you are creating the cluster with the UI, set Public IP to Yes in the instance template for Cloudera Manager and the cluster. If you are creating the cluster with the CLI, set publicIP to Yes in the configuration file.
- While Altus Director can run in a different subnet, Cloudera Manager and the CDH cluster hosts must be in the same subnet.
- Altus Director must have SSH access to the public IP addresses of all cluster instances.
- Altus Director needs to communicate with Cloudera Manager on its API endpoint (typically through HTTP to port 7180) on the private IP address. For security reasons, this endpoint
should not be exposed to the public internet.
- For Cloudera Manager instances that were deployed by Altus Director, if Altus Director cannot make a direct connection to the Cloudera Manager API on the private IP address, it will automatically attempt to create an SSH tunnel to the Cloudera Manager API endpoint through an SSH connection to the instance on its public IP address.
- Connecting to an existing deployment of Cloudera Manager through SSH tunneling is not supported.