...
sudo useradd --home-dir /var/hadoop --create-home --shell /bin/bash --user-group hadoop
sudo tar xzf hadoop-2.5.2.tar.gz -C /usr/local
cd /usr/local
sudo ln -s hadoop-2.5.2 hadoop
sudo chown hadoop -R hadoop hadoop-2.5.2
sudo chgrp hadoop -R hadoop hadoop-2.5.2
sudo su - hadoop
Now let's follow the below steps to install/configure Ranger HDFS plugin.
- Create a repository in Ranger Policy Manager. E.g. "local_hdfs". The same name needs to be configured during plugin setup
- Extract Start by extracting binaries at the appropriate place (/usr/local).
cd /usr/local
sudo tar zxf ~/dev/ranger/target/ranger-0.4.0-hdfs-plugin.tar.gz
sudo ln -s ranger-0.4.0-hdfs-plugin ranger-hdfs-plugin
cd ranger-hdfs-plugin - Now let’s edit the install.properties file. Here are the relevant lines that you should edit:
POLICY_MGR_URL=http://localhost:6080
REPOSITORY_NAME=local_hdfs
XAAUDIT.DB.HOSTNAME=localhost
XAAUDIT.DB.DATABASE_NAME=ranger
XAAUDIT.DB.USER_NAME=rangerlogger
XAAUDIT.DB.PASSWORD=rangerlogger (Change password as it was set during Ranger Admin install) - Now enable the hdfs-plugin by running the enable-hdfs-plugin.sh command (Remember to set JAVA_HOME)
- Create a symlink as conf dir of hadoop linking to hadoop conf dir
- cd /usr/local/hadoop
- ln -s /usr/local/hadoop/etc/hadoop conf
- Enable Ranger HDFS plugin
- export
- echo “export HADOOP_HOME=/usr/local/hadoop” >> /etc/bashrc
- hadoop
- cd /usr/local/ranger-hdfs-plugin
- ./enable-hdfs-plugin.sh
- Copy all the jar files from ${hadoop_home}/lib
- cp /usr/local/hadoop/lib/* /usr/local/hadoop/share/hadoop/hdfs/lib/
- Create a symlink as conf dir of hadoop linking to hadoop conf dir
- Now edit the xasecure-audit.xml file.
- cd /usr/local/hadoop/conf
- change the xasecure-audit.xml file to look like the below. Make sure the JDBC properties are correct.
<property> <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
<value>jdbc:mysql://localhost/ranger</value>
</property>
<property>
<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
<value>rangerlogger</value>
</property>
<property> <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
<value>rangerlogger</value>
</property>
- Once these changes are done Restart Hadoop namenode. This should start the association of ranger-hdfs-plugin with hadoop.
- You can verify by logging into the Ranger Admin Web interface -> Audit -> Agents
- Now HDFS resources will be authorized via Ranger policies.
...
Now let's follow the below steps to install/configure Ranger Hive plugin.
- Create a repository in Ranger Policy Manager. E.g. "hivedev". The same name needs to be configured during plugin setup
- Extract Start by extracting binaries at the appropriate place.
cd /usr/local
sudo tar zxf ~/dev/ranger/target/ranger-0.4.0-hive-plugin.tar.gz
sudo ln -s ranger-0.4.0-hive-plugin ranger-hive-plugin
cd ranger-hive-plugin - Now let’s edit the install.properties file. Here are the relevant lines that you should edit:
POLICY_MGR_URL=http://localhost:6080
REPOSITORY_NAME=hivedev
XAAUDIT.DB.HOSTNAME=localhost
XAAUDIT.DB.DATABASE_NAME=ranger
XAAUDIT.DB.USER_NAME=rangerlogger
XAAUDIT.DB.PASSWORD=rangerlogger - Now enable the hive-plugin by running the enable-hive-plugin.sh command (Remember to set JAVA_HOME)
cd /usr/local/ranger-hive-plugin
./enable-hive-plugin.sh - Now edit the xasecure-audit.xml file.
- cd /usr/local/hive/conf
- Change the xasecure-audit.xml file. Make sure the JDBC properties are correct.
<property> <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
<value>jdbc:mysql://localhost/ranger</value>
</property>
<property>
<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
<value>rangerlogger</value>
</property>
<property> <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
<value>rangerlogger</value>
</property> - Once these changes are done Restart hive. This should start the association of ranger-hive-plugin with hive.
- You can verify by logging into the Ranger Admin Web interface -> Audit Tab -> Agents
Install/Configure Ranger HBase Plugin:
- Build Hbase > 0.99.2 (0.99.2RC0 is used for this document)
- cd ~/dev && mkdir hbase-trunk && cd hbase-trunk/
- git clone https://github.com/apache/hbase.git
- cd hbase && git checkout 0.99.2RC0
- mvn clean compile install package -DskipTests=true assembly:single
- Untar the build Hbase assembly to /usr/local directory
- cd /usr/local && cp /root/dev/hbase-trunk/hbase/hbase-assembly/target/hbase-0.99.2-bin.tar.gz .
- tar xzf hbase-0.99.2-bin.tar.gz
- sudo ln -s hbase-0.99.2 hbase
- cd hbase
- Now follow the instructions in Apache HBase site to configure in Pseudo mode. http://hbase.apache.org/book/getting_started.html
Now let's follow the below steps to install/configure Ranger HBase plugin.steps to install/configure Ranger HBase plugin.
- Create a repository in Ranger Policy Manager. E.g. "hbasedev". The same name needs to be configured during plugin setup
- Extract Start by extracting binaries at the appropriate place.
cd /usr/local
sudo tar zxf ~/dev/ranger/target/ranger-0.4.0-hbase-plugin.tar.gz
sudo ln -s ranger-0.4.0-hbase-plugin ranger-hbase-plugin
cd ranger-hbase-plugin - Now let’s edit the install.properties file. Here are the relevant lines that you should edit:
POLICY_MGR_URL=http://localhost:6080
REPOSITORY_NAME=hbasedev
XAAUDIT.DB.HOSTNAME=localhost
XAAUDIT.DB.DATABASE_NAME=ranger
XAAUDIT.DB.USER_NAME=rangerlogger
XAAUDIT.DB.PASSWORD=rangerlogger - Now enable the hbase-plugin by running the enable-hbase-plugin.sh command (Remember to set JAVA_HOME)
cd /usr/local/ranger-hbase-plugin
./enable-hbase-plugin.sh - Now edit the xasecure-audit.xml file.
- cd /usr/local/hbase/conf
- Change the xasecure-audit.xml file. Make sure the JDBC properties are correct.
<property> <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
<value>jdbc:mysql://localhost/ranger</value>
</property>
<property>
<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
<value>rangerlogger</value>
</property>
<property> <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
<value>rangerlogger</value>
</property> - Once these changes are done Restart HBase. This should start the association of ranger-hbase-plugin with HBase.
- You can verify by logging into the Ranger Admin Web interface -> Audit Tab -> Agents
...
Now let's follow the below steps to install/configure Ranger Knox plugin.
- Create a repository in Ranger Policy Manager. E.g. "knoxdev". The same name needs to be configured during plugin setup
- Extract Start by extracting binaries at the appropriate place.
cd /usr/local
sudo tar zxf ~/dev/ranger/target/ranger-0.4.0-knox-plugin.tar.gz
sudo ln -s ranger-0.4.0-knox-plugin ranger-knox-plugin
cd ranger-knox-plugin - Now let’s edit the install.properties file. Here are the relevant lines that you should edit:
POLICY_MGR_URL=http://localhost:6080
REPOSITORY_NAME=knoxdev
KNOX_HOME=/usr/local/knox
XAAUDIT.DB.HOSTNAME=localhost
XAAUDIT.DB.DATABASE_NAME=ranger
XAAUDIT.DB.USER_NAME=rangerlogger
XAAUDIT.DB.PASSWORD=rangerlogger - Now enable the knox-plugin by running the enable-knox-plugin.sh command (Remember to set JAVA_HOME)
cd /usr/local/ranger-knox-plugin
./enable-knox-plugin.sh - Now edit the xasecure-audit.xml file.
- cd /usr/local/knox/conf
- Change the xasecure-audit.xml file. Make sure the JDBC properties are correct.
<property> <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
<value>jdbc:mysql://localhost/ranger</value>
</property>
<property>
<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
<value>rangerlogger</value>
</property>
<property> <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
<value>rangerlogger</value>
</property> - Once these changes are done Restart Knox (Gateway/LDAP). This should start the association of ranger-knox-plugin with Knox.
- You can verify by logging into the Ranger Admin Web interface -> Audit Tab -> Agents
...
Now let's follow the below steps to install/configure Ranger Storm Plugin.
Create a repository in Ranger Policy Manager. E.g. "stormdev". The same name needs to be configured during plugin setup
cd /usr/local
sudo tar zxf ~/dev/ranger/target/ranger-0.4.0-storm-plugin.tar.gz
sudo ln -s ranger-0.4.0-storm-plugin ranger-storm-plugin
- cd ranger-storm-plugin
...