Installing Elasticsearch
Now let’s download and install Elasticsearch by following the excellent instructions available on the Elasticsearch site itself. Please follow the steps to install Elasticsearch(Elasticsearch Installation Guide).
These instructions were written for version 6.2.2. So grab that tar (elasticsearch-6.2.2.tar.gz).
If java is not there, install JDK first. Elasticsearch is built using Java, and requires at least Java 8 in order to run.
Enabling Ranger Elasticsearch Plugin
a. We’ll start by extracting our Ranger plugin build at the appropriate place (/usr/local).
cd /usr/local sudo tar -zxvf ~/ranger/target/ranger-2.0.0-SNAPSHOT-elasticsearch-plugin.tar.gz cd /usr/local/ranger-2.0.0-SNAPSHOT-elasticsearch-plugin |
---|
b. Now let’s edit the install.properties file. Here are the relevant lines that you should edit
PROPERTY | VALUE | DESCRIPTION |
---|---|---|
POLICY_MGR_URL | http://IP:6080 | Pull the address of the Ranger policy |
REPOSITORY_NAME | elasticsearchdev | Elasticsearch service name |
COMPONENT_INSTALL_DIR_NAME | /home/elasticsearch/elasticsearch-6.2.2 | Elasticsearch component installed directory |
XAAUDIT.SOLR.ENABLE | true | Whether to save the audit log |
XAAUDIT.SOLR.URL | http://IP:8983/solr/ranger_audits | The address of the solr to store audit log |
CUSTOM_USER | elasticsearch | The user of installing the elasticsearch component |
CUSTOM_GROUP | hadoop | The user group of installing the elasticsearch component |
c. Now enable the Elasticsearch Plugin by running the enable-elasticsearch-plugin.sh command using root user(Remember to set JAVA_HOME before running the command)
cd /usr/local/ranger-2.0.0-SNAPSHOT-elasticsearch-plugin ./enable-elasticsearch-plugin.sh |
---|
d.Configure the security policy file of Elasticsearch to run ranger plugin
add the following configuration to $ELASTICSEARCH_HOME/config/jvm.options:
-Djava.security.policy=$ELASTICSEARCH_HOME/plugins/ranger-elasticsearch-plugin/plugin-security.policy |
---|
e.Create Elasticsearch service in Ranger Admin web portal
PROPERTY | VALUE |
---|---|
Service Name | elasticsearchdev |
Username | elasticsearch |
Elasticsearch URL | http://IP:9200 |
f.Restart Elasticsearch
Note that Ranger Elasticsearch plugin should be installed in each Elasticsearch master node and data node,
we should restart the total Elasticsearch cluster.
g.Verify install result
- Check whether the elasticsearch_elasticsearchdev.json file exists under the /etc/ranger/elasticsearchdev/policycache directory.
- Check the Elasticsearch plugin status on the Plugins tab page of the Audit function in Ranger Admin web portal.