OpenSSL version on the cluster nodes is openssl-1.0.1e-30.el6_6.5.x86_64 or later. Make sure that you do not use versions in the 1.0.2 branch.
Ensure that you install JDK 1.8 on all cluster nodes.
Verify that the secure path in the
file has the
directory location at the start.
On each host machine, verify that you have the zip and unzip utilities available.
You have the Read, Write, and Execute permissions for owners, groups, and others on HDFS directories.
Verify that the maximum number of open file descriptors is 10,000 or more. Use the
command to verify the current value and change the value if required.
When you create the Catalog Service that connects to an SSL-enabled external cluster, verify that you configure the following properties:
A keytab file that contains all the users in LDAP.
Kerberos domain name.
HDFS namenode and YARN Resource Manager service principals
Path to Solr keystore file and password.
Import the Hadoop cluster certificates to the Informatica domain truststore.
Before you deploy Enterprise Data Catalog on clusters where Apache Ranger is enabled, make sure that the Informatica domain user has the required permission to submit applications to the YARN queue.
If the cluster is enabled for SSL, it is recommended to enable SSL for the Informatica domain and the Catalog Service.
Verify that you install the following prerequisite packages before you enable Kerberos:
/informatica/ldm/<service cluster name>/
and assign the ownership of the directory to the service cluster user if the cluster is enabled for Kerberos.
If the cluster is not enabled for Kerberos, create the
/informatica/ldm/<domain user name>/
and assign the ownership of the directory to the domain user.
If the cluster is not enabled for Kerberos. create the directory
<domain user name>
and assign the ownership of directory to the domain user.
If the cluster is enabled for Kerberos, create the directory
<service cluster name>
and assign the ownership of the directory to the service cluster user.
Ensure that you do not create the Informatica domain on a node in the existing Hadoop cluster.
If you want to enable Kerberos authentication for Enterprise Data Catalog deployed on a multi-node Informatica domain, make sure that you complete the following prerequisites:
Make sure that all the domain nodes include the
file in the following directories:
Make sure that the
file of all cluster nodes and domain nodes include the krb hosts entry and a host entry for other nodes.
in all domain nodes.
Make sure that the keytab file is present in a common location on all domain nodes.
If you want to enable SSL authentication for Enterprise Data Catalog deployed on a multi-node Informatica domain, make sure that you complete the following prerequisites:
Export the Default.keystore of each node to the infa_truststore.jks on all nodes.
Make sure that the Default.keystore is unique for each host node.
Copy the Default.keystore to a unique location of each node.
If Informatica Cluster Service and Catalog Service are on different nodes, then export the Apache Ambari server certificate to the infa_truststore.jks on all nodes.