THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
toc
Summary
In order to install Ranger in kerberized environment, user will have to enable kerberos on the cluster where Ranger is to be installed. Once, cluster is kerberized, user will have to create principals for each Ranger service and then follow below given steps to install Ranger.
Creating Keytab and principals
Note: Below steps required only for manual installation of ranger services and plugins
...
Note: Change the keytab permission to read only and assign it to “ranger” user
Installation Steps for Ranger-Admin
Untar the ranger-<verison>-admin.tar.gz
tar zxf ranger-<version>-admin.tar.gz
Change directory to ranger-<version>-admin
cd ranger-<version>-admin
Edit install.properties (Enter appropriate values for the below given properties)
db_root_user= db_root_password= db_host= db_name= db_user= db_password= policymgr_external_url=http://<FQDN_OF_Ranger_Admin_Cluster>:6080 authentication_method=UNIX or LDAP or AD spnego_principal=HTTP/<FQDN_OF_Ranger_Admin_Cluster>@<REALM> spnego_keytab=<HTTP keytab path> token_valid=30 cookie_domain=<FQDN_OF_Ranger_Admin_Cluster> cookie_path=/ admin_principal=rangeradmin/<FQDN_OF_Ranger_Admin_Cluster>@<REALM> admin_keytab=<rangeradmin keytab path> lookup_principal=rangerlookup/<FQDN_OF_Ranger_Admin_Cluster>@<REALM> lookup_keytab=<rangerlookup keytab path> hadoop_conf=/etc/hadoop/conf |
Note: If kerberos server and admin are on different host then copy the keytab on admin host and assign permission to “ranger” user
scp the rangeradmin keytab file to the respective path of another host
chown ranger <rangeradmin keytab path>
chmod 400 <rangeradmin keytab path>
Run setup
./setup.sh
Start Ranger admin server
- ./ranger-admin-services.sh start