Disabling TLS for HDFS Transparency using the automation script
This section lists the steps to disable TLS for HDFS Transparency cluster using the gpfs_tls_configuration.py script.
Note: TLS cannot be disabled on Cloudera Manager. It can only be disabled on HDFS Transparency
cluster.
- Stop the HDFS Transparency services by running the following commands:
- Stop the DataNodes by running the following command as root on any HDFS Transparency
node:
mmhdfs hdfs-dn stop - Stop the NameNodes by running the following command as root on a CES HDFS
NameNode:
mmces service stop HDFS -N <NN1>,<NN2>
- Stop the DataNodes by running the following command as root on any HDFS Transparency
node:
- Run the following command on a CES HDFS NameNode to disable TLS for the HDFS Transparency
cluster:
Running this script performs the following:/usr/lpp/mmfs/hadoop/scripts/gpfs_tls_configuration.py disable-tls- Clears the configuration changes that were performed while enabling TLS.
- Deletes the TLS certificate files created for HDFS Transparency on all the HDFS Transparency nodes.
- Uploads the configuration to IBM Storage Scale CCR.
- Delete the IBM Storage Scale Trust store file
manually from all the Cloudera managed nodes. On all the Cloudera managed nodes run the following
command:
rm -f /var/lib/cloudera-scm-agent/agent-cert/spectrum_scale_ces_hdfs_truststore.jks - Start the HDFS Transparency services by running the following commands:
- Start the NameNodes by running the following command as root on a CES HDFS
NameNode:
mmces service start HDFS -N <NN1>,<NN2> - Start the DataNodes by running the following command as root on any HDFS Transparency
node:
mmhdfs hdfs-dn start
- Start the NameNodes by running the following command as root on a CES HDFS
NameNode: