Embedded Container Service (ECS) checklist

Use this checklist to ensure that your Embedded Container Service (ECS) is configured and ready for installing CDP Private Cloud Data Services.

Table 1. Embedded Container Service (ECS) checklist to install CDP Private Cloud Data Services
Item Summary Documentation Notes
Network requirements Private Cloud Data Services requires a single ethernet interface. Multihoming is currently not supported.
DNS configuration Ensure that you have set up the DNS and Reverse DNS between Embedded Container Service (ECS) hosts and CDP Private Cloud Base. This is required for obtaining Kerberos ticket-granting tickets. N/A A wildcard DNS entry is required for resolving the ingress route for applications. The ingress route is usually behind a load balancer.
Check that ECS Ingress can be resolved in DNS. Ensure that Embedded Container Service (ECS) application hostnames can be accessed from outside the cluster. You can test this by creating an ingress point on the target cluster. The cluster generates multiple hosts and host-based routing is used in the cluster in order to route it to the right service. You must decide on a domain for the services which Cloudera Manager, by default points to one of the hostnames on the cluster. However, during the installation, you should check the default domain and override the default domain (only if necessary) with what you plan to use as the domain. The default domain must have a wildcard DNS entry. For example, *.apps.myhostname.com.

Perform a DNS query on the ingress point, to check if you can access the hostnames outside the cluster.

Clock time from NTP source Ensure that the NTP clock in CDP Private Cloud Base is in sync with the time configured in the Embedded Container Service (ECS) cluster. This is an important step if your setup does not have access to the Internet. Enable an NTP Service Installing CDP Private Cloud Data Services (ECS)
Default subnet created for docker service The default subnet used by docker is 172.17.0.0/16. Since the IP range within the subnet is used by docker, any internal applications running or using an IP in this range will not be accessible. Docker documentation Ensure 172.17.0.0/16 IP range is not used by other applications or services, to avoid conflicts with the docker subnet. You can use a different subnet for docker if needed.