Bi-directional communication with your MapR cluster in AWS

Document created by nsen Employee on Nov 3, 2017Last modified by nsen Employee on Nov 3, 2017
Version 4Show Document
  • View in full screen mode

If you have setup your MapR cluster in AWS following our instructions and you want the MapR cluster nodes to talk back to the VPN client host, you need to make the following changes to the setup. For example, if you are trying to use the data science refinery against a MapR cluster setup in AWS following our instructions, the MapR cluster would need to communicate back to the Livy server running on your desktop/laptop. 


The procedure requires to put the client VPN subnet to be different than the VPC subnet. The VPC subnet in the cluster setup by our scripts is We will use as the client VPN subnet. 


The steps are:


Disable Source/Destination check on the OpenVPN Instance

From the list of EC2 instances in AWS console, right click on the OpenVPN instance. Select Networking. Select Source/Dest. Check. Disable it. 




Update the Security Group to allow traffic from the cluster subnet to the OpenVPN Instance subnet

In the description section of the OpenVPN instance, click on the security group (not the default one). Go to the Inbound tab. Add a new rule to allow all inbound traffic . 


Update the Route table to route traffic for the VPN client subnet 

From the VPC dashboard in AWS console, go to the Route Tables. Filter the routes by the VPC the openVPN instance belongs to. You should see 3 routes. Select the route that ends with -internal. Edit its route to add a route to the OpenVPN instance. 



Update OpenVPN settings

Login to the OpenVPN administration console. Go to Configuration -> VPN Settings.

  • Set the VPN client subnet 

  • Use "routing" instead of NAT as the routing option


Now connect to your cluster via OpenVPN from your desktop/laptop. Your cluster nodes will now be able to communicate back to your desktop/laptop.