THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
An example of such Blueprint where everything is set manually (note that this just covers a subset of currently supported configuration properties and ranger plugins):
Wiki Markupcode |
---|
{ "configurations" : [ { "admin-properties" : { "properties_attributes" : { }, "properties" : { "DB_FLAVOR" : "MYSQL", "audit_db_name" : "ranger_audit", "db_name" : "ranger", "audit_db_user" : "rangerlogger", "SQL_CONNECTOR_JAR" : "/usr/share/java/mysql-connector-java.jar", "db_user" : "rangeradmin", "policymgr_external_url" : "http://%HOSTGROUP::host_group_1%:6080", "db_host" : "172.17.0.9:3306", "db_root_user" : "root" } } }, { "ranger-kms-security" : { "properties_attributes" : { }, "properties" : { "ranger.plugin.kms.policy.cachesource.dirimpl" : "/etc/ranger/{{repo_name}}/policycacheorg.apache.ranger.admin.client.RangerAdminRESTClient", "ranger.plugin.kms.policyservice.pollIntervalMsname" : "30000{{repo_name}}", "ranger.plugin.kms.policy.rest.ssl.config.fileurl" : "/etc/ranger/kms/conf/ranger-policymgr-ssl.xml",{{policymgr_mgr_url}}" "ranger.plugin.kms.policy.source.impl" : "org.apache.ranger.admin.client.RangerAdminRESTClient",} } "ranger.plugin.kms.service.name" : "{{repo_name}}", "ranger.plugin.kms.policy.rest.url" : "{{policymgr_mgr_url}}" } } }, { "ranger-kms-site" : { "properties_attributes" : { }, "properties" : { "rangerhadoop.kms.servicesecurity.shutdownauthorization.portmanager" : "7085", org.apache.ranger.authorization.kms.authorizer.RangerKmsAuthorizer", "ranger.contextName "hadoop.kms.key.provider.uri" : "dbks://http@localhost:9292/kms", } } "xa.webapp.dir" : "./webapp"}, { "ranger.service.https.port-hdfs-plugin-properties" : "9393",{ "ranger.service.host"properties_attributes" : "{{kms_host}}" }, "ranger.service.https.attrib.ssl.enabledproperties" : "false",{ "ranger.service.http.portREPOSITORY_CONFIG_USERNAME" : "{{kms_port}}"hadoop", } "ranger-hdfs-plugin-enabled" } }: "Yes", { "cluster-envcommon.name.for.certificate" : {"", "propertiespolicy_attributesuser" : { }"ambari-qa", "propertieshadoop.rpc.protection" : { "" } "user_group" : "hadoop"} }, { "repo_ubuntu_template" : "{{package_type}} {{base_url}} {{components}}", "repo_suse_rhel_template" : "[{{repo_id}}]\nname={{repo_id}}\n{% if mirror_list %}mirrorlist={{mirror_list}}{% else %}baseurl={{base_url}}{% endif %}\n\npath=/\nenabled=1\ngpgcheck=0", "kerberos_domain" : "EXAMPLE.COM", "fetch_nonlocal_groups" : "true", "override_uid" : "true", "smokeuser" : "ambari-qa", "security_enabled" : "false", "smokeuser_keytab" : "/etc/security/keytabs/smokeuser.headless.keytab", "ignore_groupsusers_create" : "false" } } }, { "kms-site" : { "properties_attributes" : { }, "properties" : { "hadoop.kms.security.authorization.manager" : "org.apache.ranger.authorization.kms.authorizer.RangerKmsAuthorizer", "hadoop.kms.current.key.cache.timeout.ms" : "30000", "hadoop.kms.authentication.signer.secret.provider.zookeeper.path" : "/hadoop-kms/hadoop-auth-signature-secret", "hadoop.kms.key.provider.uri" : "dbks://http@localhost:9292/kms", "hadoop.kms.cache.enable" : "true", "hadoop.kms.audit.aggregation.window.ms" : "10000", "hadoop.kms.authentication.type" : "simple", "hadoop.kms.cache.timeout.ms" : "600000", "hadoop.kms.authentication.signer.secret.provider.zookeeper.connection.string" : "#HOSTNAME#:#PORT#,...", "hadoop.kms.authentication.signer.secret.provider.zookeeper.auth.type" : "kerberos", "hadoop.kms.authentication.kerberos.name.rules" : "DEFAULT", "hadoop.kms.authentication.kerberos.keytab" : "${user.home}/kms.keytab", "hadoop.kms.authentication.kerberos.principal" : "HTTP/localhost", "hadoop.kms.authentication.signer.secret.provider" : "random", "hadoop.kms.authentication.signer.secret.provider.zookeeper.kerberos.principal" : "kms/#HOSTNAME#", "hadoop.kms.authentication.signer.secret.provider.zookeeper.kerberos.keytab" : "/etc/hadoop/conf/kms.keytab" } } }, { "ranger-hdfs-plugin-properties" : { "properties_attributes" : { }, "properties" : { "REPOSITORY_CONFIG_USERNAME" : "hadoop", "ranger-hdfs-plugin-enabled" : "Yes", "common.name.for.certificate" : "", "policy_user" : "ambari-qa", "hadoop.rpc.protection" : "" } } }, { "ranger-yarn-audit" : { "properties_attributes" : { }, "properties" : { "xasecure.audit.destination.solr.batch.filespool.dir" : "/var/log/hadoop/yarn/audit/solr/spool", "xasecure.audit.destination.hdfs.dir" : "hdfs://ambari-agent-1.node.dc1.consul:8020/ranger/audit", "xasecure.audit.destination.solr.urls" : "", "xasecure.audit.destination.hdfs.batch.filespool.dir" : "/var/log/hadoop/yarn/audit/hdfs/spool", "xasecure.audit.is.enabled" : "true", "xasecure.audit.destination.hdfs" : "true", "xasecure.audit.credential.provider.file" : "jceks://file{{credential_file}}", "xasecure.audit.provider.summary.enabled" : "false", "xasecure.audit.destination.db.jdbc.driver" : "{{jdbc_driver}}", "xasecure.audit.destination.db.batch.filespool.dir" : "/var/log/hadoop/yarn/audit/db/spool", "xasecure.audit.destination.solr" : "false", "xasecure.audit.destination.db.user" : "{{xa_audit_db_user}}", "xasecure.audit.destination.db" : "true", "xasecure.audit.destination.db.jdbc.url" : "{{audit_jdbc_url}}", "xasecure.audit.destination.solr.zookeepers" : "NONE" } } }, { "ranger-admin-site" : { "properties_attributes" : { }, "properties" : { "ranger.ldap.group.searchfilter" : "{{ranger_ug_ldap_group_searchfilter}}", "ranger.ldap.group.searchbase" : "{{ranger_ug_ldap_group_searchbase}}", "ranger.sso.enabled" : "false", "ranger.externalurl" : "{{ranger_external_url}}", "ranger.sso.browser.useragent" : "Mozilla,chrome", "ranger.service.https.attrib.ssl.enabled" : "false", "ranger.ldap.ad.referral" : "ignore", "ranger.jpa.jdbc.url" : "jdbc:mysql://172.17.0.9:3306/ranger", "ranger.https.attrib.keystore.file" : "/etc/ranger/admin/conf/ranger-admin-keystore.jks", "ranger.ldap.user.searchfilter" : "{{ranger_ug_ldap_user_searchfilter}}", "ranger.jpa.jdbc.driver" : "com.mysql.jdbc.Driver", "ranger.authentication.method" : "UNIX", "ranger.service.host" : "{{ranger_host}}", "ranger.jpa.audit.jdbc.user" : "{{ranger_audit_db_user}}", "ranger.ldap.referral" : "ignore", "ranger.jpa.audit.jdbc.credential.alias" : "rangeraudit", "ranger.service.https.attrib.keystore.pass" : "SECRET:ranger-admin-site:2:ranger.service.https.attrib.keystore.pass", "ranger.audit.solr.username" : "ranger_solr", "ranger.sso.query.param.originalurl" : "originalUrl", "ranger.service.http.enabled" : "true", "ranger.audit.source.type" : "solr", "ranger.ldap.url" : "{{ranger_ug_ldap_url}}", "ranger.service.https.attrib.clientAuth" : "want", "ranger.ldap.ad.domain" : "", "ranger.ldap.ad.bind.dn" : "{{ranger_ug_ldap_bind_dn}}", "ranger.credential.provider.path" : "/etc/ranger/admin/rangeradmin.jceks", "ranger.jpa.audit.jdbc.driver" : "{{ranger_jdbc_driver}}", "ranger.audit.solr.urls" : "", "ranger.sso.publicKey" : "", "ranger.ldap.bind.dn" : "{{ranger_ug_ldap_bind_dn}}", "ranger.unixauth.service.port" : "5151", "ranger.ldap.group.roleattribute" : "cn", "ranger.jpa.jdbc.dialect" : "{{jdbc_dialect}}", "ranger.sso.cookiename" : "hadoop-jwt", "ranger.service.https.attrib.keystore.keyalias" : "rangeradmin", "ranger.audit.solr.zookeepers" : "NONE", "ranger.jpa.jdbc.user" : "{{ranger_db_user}}", "ranger.jpa.jdbc.credential.alias" : "rangeradmin", "ranger.ldap.ad.user.searchfilter" : "{{ranger_ug_ldap_user_searchfilter}}", "ranger.ldap.user.dnpattern" : "uid={0},ou=users,dc=xasecure,dc=net", "ranger.ldap.base.dn" : "dc=example,dc=com", "ranger.service.http.port" : "6080", "ranger.jpa.audit.jdbc.url" : "{{audit_jdbc_url}}", "ranger.service.https.port" : "6182", "ranger.sso.providerurl" : "", "ranger.ldap.ad.url" : "{{ranger_ug_ldap_url}}", "ranger.jpa.audit.jdbc.dialect" : "{{jdbc_dialect}}", "ranger.unixauth.remote.login.enabled" : "true", "ranger.ldap.ad.base.dn" : "dc=example,dc=com", "ranger.unixauth.service.hostname" : "{{ugsync_host}}" } } }, { "dbks-site" : { "properties_attributes" : { }, "properties" : { "ranger.ks.jpa.jdbc.url" : "jdbc:mysql://172.17.0.9:3306/rangerkms", "hadoop.kms.blacklist.DECRYPT_EEK" : "hdfs", "ranger.ks.jpa.jdbc.dialect" : "{{jdbc_dialect}}", "ranger.ks.jdbc.sqlconnectorjar" : "{{ews_lib_jar_path}}", "ranger.ks.jpa.jdbc.user" : "{{db_user}}", "ranger.ks.jpa.jdbc.credential.alias" : "ranger.ks.jdbc.password", "ranger.ks.jpa.jdbc.credential.provider.path" : "/etc/ranger/kms/rangerkms.jceks", "ranger.ks.masterkey.credential.alias" : "ranger.ks.masterkey.password", "ranger.ks.jpa.jdbc.driver" : "com.mysql.jdbc.Driver" } } }, { "kms-env" : { "properties_attributes" : { }, "properties" : { "kms_log_dir" : "/var/log/ranger/kms", "create_db_user" : "true", "kms_group" : "kms", "kms_user" : "kms", "kms_port" : "9292" } } }, { "ranger-hdfs-security" : { "properties_attributes" : { }, "properties" : { "ranger.plugin.hdfs.policy.source.impl" : "org.apache.ranger.admin.client.RangerAdminRESTClient", "xasecure.add-hadoop-authorization" : "true", "ranger.plugin.hdfs.policy.rest.ssl.config.file" : "/etc/hadoop/conf/ranger-policymgr-ssl.xml", "ranger.plugin.hdfs.policy.pollIntervalMs" : "30000", "ranger.plugin.hdfs.policy.cache.dir" : "/etc/ranger/{{repo_name}}/policycache", "ranger.plugin.hdfs.service.name" : "{{repo_name}}", "ranger.plugin.hdfs.policy.rest.url" : "{{policymgr_mgr_url}}" } } }, { "ranger-env" : { "properties_attributes" : { }, "properties" : { "xml_configurations_supported" : "true", "ranger_user" : "ranger", "xasecure.audit.destination.hdfs.dir" : "hdfs://ambari-agent-1.node.dc1.consul:8020/ranger/audit", "create_db_dbuser" : "true", "ranger-hdfs-plugin-enabled" : "Yes", "ranger_privelege_user_jdbc_url" : "jdbc:mysql://172.17.0.9:3306", "ranger-knox-plugin-enabled" : "No", "is_solrCloud_enabled" : "false", "bind_anonymous" : "false", "ranger-yarn-plugin-enabled" : "Yes", "ranger-kafka-plugin-enabled" : "No", "xasecure.audit.destination.hdfs" : "true", "ranger-hive-plugin-enabled" : "No", "ranger_pid_dir" : "/var/run/ranger", "ranger-storm-plugin-enabled" : "No", "ranger_usersync_log_dir" : "/var/log/ranger/usersync", "xasecure.audit.destination.solr" : "false", "xasecure.audit.destination.db" : "true", "ranger_group" : "ranger", "ranger_admin_username" : "amb_ranger_admin", "ranger-hbase-plugin-enabled" : "Yes", "ranger_admin_log_dir" : "/var/log/ranger/admin", "admin_username" : "admin" } } }, { "kms-properties" : { "properties_attributes" : { }, "properties" : { "REPOSITORY_CONFIG_USERNAME" : "keyadmin", "KMS_MASTER_KEY_PASSWD" : "SECRET:kms-properties:1:KMS_MASTER_KEY_PASSWD", "DB_FLAVOR" : "MYSQL", "db_name" : "rangerkms", "SQL_CONNECTOR_JAR" : "/usr/share/java/mysql-connector-java.jar", "db_user" : "rangerkms", "db_host" : "172.17.0.9:3306", "db_root_user" : "root" } } }, { "ranger-yarn-security" : { "properties_attributes" : { }, "properties" : { "ranger.plugin.yarn.service.name" : "{{repo_name}}", "ranger.plugin.yarn.policy.rest.ssl.config.file" : "/etc/hadoop/conf/ranger-policymgr-ssl-yarn.xml", "ranger.plugin.yarn.policy.source.impl" : "org.apache.ranger.admin.client.RangerAdminRESTClient", "ranger.plugin.yarn.policy.rest.url" : "{{policymgr_mgr_url}}", "ranger.plugin.yarn.policy.pollIntervalMs" : "30000", "ranger.plugin.yarn.policy.cache.dir" : "/etc/ranger/{{repo_name}}/policycache" } } }, { "usersync-properties" : { "properties_attributes" : { }, "properties" : { } } }, { "ranger-hbase-security" : { "properties_attributes" : { }, "properties" : { "ranger.plugin.hbase.policy.pollIntervalMs" : "30000", "ranger.plugin.hbase.policy.source.impl" : "org.apache.ranger.admin.client.RangerAdminRESTClient", "ranger.plugin.hbase.policy.cache.dir" : "/etc/ranger/{{repo_name}}/policycache", "ranger.plugin.hbase.service.name" : "{{repo_name}}", "ranger.plugin.hbase.policy.rest.ssl.config.file" : "/etc/hbase/conf/ranger-policymgr-ssl.xml", "xasecure.hbase.update.xapolicies.on.grant.revoke" : "true", "ranger.plugin.hbase.policy.rest.url" : "{{policymgr_mgr_url}}" } } }, { "ranger-yarn-policymgr-ssl" : { "properties_attributes" : { }, "properties" : { "xasecure.policymgr.clientssl.truststore.credential.file" : "jceks://file{{credential_file}}", "xasecure.policymgr.clientssl.keystore.credential.file" : "jceks://file{{credential_file}}", "xasecure.policymgr.clientssl.truststore" : "/usr/hdp/current/hadoop-client/conf/ranger-yarn-plugin-truststore.jks", "xasecure.policymgr.clientssl.keystore" : "/usr/hdp/current/hadoop-client/conf/ranger-yarn-plugin-keystore.jks" } } }, { "ranger-ugsync-site" : { "properties_attributes" : { }, "properties" : { "ranger.usersync.unix.minUserId" : "500", "ranger.usersync.enabled" : "true", "ranger.usersync.unix.password.file" : "/etc/passwd", "ranger.usersync.passwordvalidator.path" : "./native/credValidator.uexe", "ranger.usersync.ldap.bindalias" : "testldapalias", "ranger.usersync.ldap.user.searchfilter" : "", "ranger.usersync.ssl" : "true", "ranger.usersync.group.searchscope" : "", "ranger.usersync.port" : "5151", "ranger.usersync.ldap.groupname.caseconversion" : "lower", "ranger.usersync.source.impl.class" : "org.apache.ranger.unixusersync.process.UnixUserGroupBuilder", "ranger.usersync.policymanager.baseURL" : "{{ranger_external_url}}", "ranger.usersync.group.memberattributename" : "memberUid", "ranger.usersync.ldap.url" : "ldap://192.168.59.103:389", "ranger.usersync.ldap.user.groupnameattribute" : "memberof, ismemberof", "ranger.usersync.group.searchfilter" : "", "ranger.usersync.policymanager.mockrun" : "false", "ranger.usersync.ldap.user.nameattribute" : "uid", "ranger.usersync.ldap.user.searchscope" : "sub", "ranger.usersync.ldap.bindkeystore" : "", "ranger.usersync.group.nameattribute" : "cn", "ranger.usersync.truststore.file" : "/usr/hdp/current/ranger-usersync/conf/mytruststore.jks", "ranger.usersync.sleeptimeinmillisbetweensynccycle" : "60000", "ranger.usersync.credstore.filename" : "/usr/hdp/current/ranger-usersync/conf/ugsync.jceks", "ranger.usersync.ldap.binddn" : "cn=admin,dc=dev,dc=local", "ranger.usersync.keystore.file" : "/usr/hdp/current/ranger-usersync/conf/unixauthservice.jks", "ranger.usersync.group.searchbase" : "", "ranger.usersync.ldap.user.searchbase" : "", "ranger.usersync.ldap.username.caseconversion" : "lower", "ranger.usersync.sink.impl.class" : "org.apache.ranger.unixusersync.process.PolicyMgrUserGroupBuilder", "ranger.usersync.pagedresultssize" : "500", "ranger.usersync.group.usermapsyncenabled" : "true", "ranger.usersync.group.objectclass" : "posixGroup", "ranger.usersync.logdir" : "/var/log/ranger/usersync", "ranger.usersync.pagedresultsenabled" : "true", "ranger.usersync.filesource.text.delimiter" : ",", "ranger.usersync.unix.group.file" : "/etc/group", "ranger.usersync.group.searchenabled" : "false", "ranger.usersync.ldap.user.objectclass" : "posixAccount", "ranger.usersync.filesource.file" : "/tmp/usergroup.txt", "ranger.usersync.policymanager.maxrecordsperapicall" : "1000", "ranger.usersync.ldap.referral" : "ignore", "ranger.usersync.ldap.searchBase" : "ou=hdp,dc=dev,dc=local" } } }, { "hdfs-site" : { "properties_attributes" : { }, "properties" : { "dfs.datanode.data.dir" : "/hadoop/hdfs/data", "dfs.content-summary.limit" : "5000", "dfs.namenode.https-address" : "%HOSTGROUP::host_group_1%:50470", "dfs.namenode.checkpoint.txns" : "1000000", "dfs.namenode.audit.log.async" : "true", "dfs.datanode.https.address" : "0.0.0.0:50475",ranger-admin-site" : { "dfs.journalnode.edits.dir"properties_attributes" : "/hadoop/hdfs/journalnode"{ }, "dfs.datanode.failed.volumes.tolerated"properties" : "0",{ "dfsranger.datanodeldap.maxgroup.transfer.threadssearchfilter" : "16384{{ranger_ug_ldap_group_searchfilter}}", "dfsranger.encryptldap.data.transfer.cipher.suites" : "AES/CTR/NoPaddinggroup.searchbase" : "{{ranger_ug_ldap_group_searchbase}}", "dfsranger.datanodesso.du.reservedenabled" : "1073741824false", "dfsranger.support.appendexternalurl" : "true{{ranger_external_url}}", "dfsranger.namenodesso.handlerbrowser.countuseragent" : "200Mozilla,chrome", "dfs.namenode.checkpoint.dirranger.service.https.attrib.ssl.enabled" : "/hadoop/hdfs/namesecondaryfalse", "nfsranger.exportsldap.allowedad.hostsreferral" : "* rwignore", "dfsranger.encryptionjpa.keyjdbc.provider.uriurl" : "kmsjdbc:mysql://http@%HOSTGROUP::host_group_1%:9292/kms172.17.0.9:3306/ranger", "dfsranger.https.domainattrib.socketkeystore.pathfile" : "/etc/varranger/admin/libconf/hadoop-hdfs/dn_socketranger-admin-keystore.jks", "dfsranger.namenodeldap.nameuser.dir.restoresearchfilter" : "true{{ranger_ug_ldap_user_searchfilter}}", "dfsranger.namenodejpa.write.stale.datanode.ratiojdbc.driver" : "1.0fcom.mysql.jdbc.Driver", "dfsranger.namenodeauthentication.checkpoint.periodmethod" : "21600UNIX", "dfsranger.namenode.avoid.read.stale.datanodeservice.host" : "true{{ranger_host}}", "dfsranger.blockjpa.accessaudit.tokenjdbc.enableuser" : "true{{ranger_audit_db_user}}", "dfsranger.ldap.replicationreferral" : "3ignore", "dfs.journalnode.https-addressranger.jpa.audit.jdbc.credential.alias" : "0.0.0.0:8481rangeraudit", "dfsranger.service.namenodehttps.staleattrib.datanodekeystore.intervalpass" : "30000SECRET:ranger-admin-site:2:ranger.service.https.attrib.keystore.pass", "dfsranger.clientaudit.read.shortcircuit.streams.cache.sizesolr.username" : "4096ranger_solr", "dfs.permissions.enabledranger.sso.query.param.originalurl" : "trueoriginalUrl", "dfsranger.namenodeservice.secondaryhttp.http-addressenabled" : "%HOSTGROUP::host_group_2%:50090true", "dfsranger.namenodeaudit.checkpointsource.edits.dirtype" : "${dfs.namenode.checkpoint.dir}solr", "dfsranger.journalnodeldap.http-addressurl" : "0.0.0.0:8480{{ranger_ug_ldap_url}}", "dfsranger.service.datanodehttps.balanceattrib.bandwidthPerSecclientAuth" : "6250000want", "dfsranger.ldap.namenodead.http-addressdomain" : "%HOSTGROUP::host_group_1%:50070", "dfs.permissions.superusergroupranger.ldap.ad.bind.dn" : "hdfs{{ranger_ug_ldap_bind_dn}}", "dfsranger.credential.namenodeprovider.rpc-addresspath" : "%HOSTGROUP::host_group_1%:8020/etc/ranger/admin/rangeradmin.jceks", "dfsranger.jpa.namenodeaudit.fslockjdbc.fairdriver" : "false{{ranger_jdbc_driver}}", "dfsranger.datanodeaudit.httpsolr.addressurls" : "0.0.0.0:50075", "dfsranger.namenode.avoid.write.stale.datanodesso.publicKey" : "true", "dfsranger.ldap.datanodebind.addressdn" : "0.0.0.0:50010{{ranger_ug_ldap_bind_dn}}", "dfsranger.namenodeunixauth.startup.delay.block.deletion.secservice.port" : "36005151", "dfsranger.datanodeldap.datagroup.dir.permroleattribute" : "750cn", "dfsranger.jpa.httpjdbc.policydialect" : "HTTP_ONLY{{jdbc_dialect}}", "nfsranger.filesso.dump.dircookiename" : "/tmp/.hdfs-nfshadoop-jwt", "dfs.heartbeat.intervalranger.service.https.attrib.keystore.keyalias" : "3rangeradmin", "dfsranger.audit.clustersolr.administratorszookeepers" : " hdfsNONE", "dfsranger.namenodejpa.namejdbc.diruser" : "/hadoop/hdfs/namenode{{ranger_db_user}}", "dfs.hosts.excluderanger.jpa.jdbc.credential.alias" : "/etc/hadoop/conf/dfs.excluderangeradmin", "dfs.webhdfs.enabledranger.ldap.ad.user.searchfilter" : "true{{ranger_ug_ldap_user_searchfilter}}", "dfs.blocksizeranger.ldap.user.dnpattern" : "134217728uid={0},ou=users,dc=xasecure,dc=net", "fsranger.ldap.permissionsbase.umask-modedn" : "022dc=example,dc=com", "dfsranger.namenodeservice.safemodehttp.threshold-pctport" : "16080", "dfsranger.jpa.datanodeaudit.ipcjdbc.addressurl" : "0.0.0.0:8010{{audit_jdbc_url}}", "dfsranger.clientservice.retryhttps.policy.enabledport" : "false6182", "dfsranger.blockreportsso.initialDelayproviderurl" : "120", "dfsranger.namenodeldap.inode.attributes.provider.classad.url" : "org.apache.ranger.authorization.hadoop.RangerHdfsAuthorizer{{ranger_ug_ldap_url}}", "dfs.https.portranger.jpa.audit.jdbc.dialect" : "50470{{jdbc_dialect}}", "dfsranger.unixauth.clientremote.readlogin.shortcircuitenabled" : "true", "dfs.replication.maxranger.ldap.ad.base.dn" : "50dc=example,dc=com", "dfsranger.namenodeunixauth.accesstimeservice.precisionhostname" : "0{{ugsync_host}}" } } }, { "ranger-hdfs-policymgr-ssldbks-site" : { "properties_attributes" : { }, "properties" : { "xasecureranger.policymgrks.clientssljpa.truststorejdbc.credential.fileurl" : "jceksjdbc:mysql://file{{credential_file}}", "xasecure.policymgr.clientssl.keystore.credential.file" : "jceks://file{{credential_file}}172.17.0.9:3306/rangerkms", "xasecurehadoop.policymgrkms.clientsslblacklist.truststoreDECRYPT_EEK" : "/usr/hdp/current/hadoop-client/conf/ranger-plugin-truststore.jkshdfs", "xasecureranger.ks.policymgrjpa.clientssljdbc.keystoredialect" : "/usr/hdp/current/hadoop-client/conf/ranger-plugin-keystore.jks"{{jdbc_dialect}}", } "ranger.ks.jdbc.sqlconnectorjar" } }: "{{ews_lib_jar_path}}", { "ranger-hbase-audit.ks.jpa.jdbc.user" : "{{db_user}}", "properties_attributesranger.ks.jpa.jdbc.credential.alias" : { }"ranger.ks.jdbc.password", "properties "ranger.ks.jpa.jdbc.credential.provider.path" : {"/etc/ranger/kms/rangerkms.jceks", "xasecureranger.auditks.destinationmasterkey.solr.batch.filespool.dircredential.alias" : "/var/log/hbase/audit/solr/spoolranger.ks.masterkey.password", "xasecureranger.auditks.destinationjpa.hdfsjdbc.dirdriver" : "hdfs://ambari-agent-1.node.dc1.consul:8020/ranger/audit", com.mysql.jdbc.Driver" } "xasecure.audit.destination.solr.urls" : "" } }, { "xasecure.audit.destination.hdfs.batch.filespool.dirkms-env" : "/var/log/hbase/audit/hdfs/spool",{ "xasecure.audit.is.enabled"properties_attributes" : { "true"}, "xasecure.audit.destination.hdfs"properties" : "true",{ "xasecure.audit.credential.provider.filekms_log_dir" : "jceks://file{{credential_file}}/var/log/ranger/kms", "xasecure.audit.provider.summary.enabledcreate_db_user" : "true", "xasecure.audit.destination.db.jdbc.driverkms_group" : "{{jdbc_driver}}kms", "xasecure.audit.destination.db.batch.filespool.dir" : "/var/log/hbase/audit/db/spoolkms_user" : "kms", "xasecure.audit.destination.solrkms_port" : "false9292", } "xasecure.audit.destination.db.user" : "{{xa_audit_db_user}}"} }, { "xasecure.audit.destination.dbranger-hdfs-security" : { "true" "properties_attributes" : { }, "xasecure.audit.destination.db.jdbc.url"properties" : "{{audit_jdbc_url}}",{ "xasecureranger.plugin.audithdfs.destinationpolicy.solrsource.zookeepersimpl" : "NONEorg.apache.ranger.admin.client.RangerAdminRESTClient" } } }, { "ranger-yarn-plugin-propertiesenv" : { "properties_attributes" : { }, "properties" : { "REPOSITORYxml_CONFIGconfigurations_USERNAMEsupported" : "yarntrue", "common.name.for.certificateranger_user" : "ranger", "ranger-yarn-plugin-enabledxasecure.audit.destination.hdfs.dir" : "Yes", "policy_user" : "ambari-qahdfs://ambari-agent-1.node.dc1.consul:8020/ranger/audit", "hadoop.rpc.protectioncreate_db_dbuser" : "" } } }true", { "ranger-kmshdfs-policymgrplugin-sslenabled" : {"Yes", "properties_attributes "ranger_privelege_user_jdbc_url" : { }, "properties" : {"jdbc:mysql://172.17.0.9:3306", "xasecure.policymgr.clientssl.truststore.credential.fileranger-knox-plugin-enabled" : "jceks://file{{credential_file}}No", "xasecure.policymgr.clientssl.keystore.credential.fileis_solrCloud_enabled" : "jceks://file{{credential_file}}false", "xasecure.policymgr.clientssl.truststorebind_anonymous" : "/usr/hdp/current/ranger-kms/conf/ranger-plugin-truststore.jksfalse", "xasecure.policymgr.clientssl.keystore" : "/usr/hdp/current/ranger-kms/conf/rangerranger-yarn-plugin-keystore.jks" } enabled" : "Yes", } "ranger-kafka-plugin-enabled" : }"No", { "ranger-hdfs-auditxasecure.audit.destination.hdfs" : {"true", "properties_attributes "ranger-hive-plugin-enabled" : { }"No", "properties "xasecure.audit.destination.solr" : {"false", "xasecure.audit.destination.solr.batch.filespool.dirdb" : "/var/log/hadoop/hdfs/audit/solr/spooltrue", "ranger_group" : "ranger", "xasecure.audit.destination.hdfs.dirranger_admin_username" : "hdfs://ambari-agent-1.node.dc1.consul:8020/ranger/auditamb_ranger_admin", "xasecure.audit.destination.solr.urlsranger-hbase-plugin-enabled" : "Yes", "xasecure.audit.destination.hdfs.batch.filespool.diradmin_username" : "/var/log/hadoop/hdfs/audit/hdfs/spool",admin" "xasecure.audit.is.enabled" : "true", } } }, "xasecure.audit.destination.hdfs" : "true", { "xasecure.audit.credential.provider.filekms-properties" : "jceks://file{{credential_file}}", "xasecure.audit.provider.summary.enabledproperties_attributes" : { "false"}, "xasecure.audit.destination.db.jdbc.driver"properties" : "{{jdbc_driver}}", "xasecure.audit.destination.db.batch.filespool.dirREPOSITORY_CONFIG_USERNAME" : "/var/log/hadoop/hdfs/audit/db/spoolkeyadmin", "xasecure.audit.destination.solrKMS_MASTER_KEY_PASSWD" : "falseSECRET:kms-properties:1:KMS_MASTER_KEY_PASSWD", "xasecure.audit.destination.db.userDB_FLAVOR" : "{{xa_audit_db_user}}MYSQL", "xasecure.audit.destination.dbdb_name" : "truerangerkms", "xasecure.audit.destination.db.jdbc.urlSQL_CONNECTOR_JAR" : "{{audit_jdbc_url}}/usr/share/java/mysql-connector-java.jar", "xasecure.audit.destination.solr.zookeepersdb_user" : "NONErangerkms", } "db_host" } }: "172.17.0.9:3306", { "ranger-hbase-policymgr-ssldb_root_user" : { "root" } "properties_attributes" : { }, }, "properties" : { { "xasecure.policymgr.clientssl.truststore.credential.fileranger-yarn-security" : "jceks://file{{credential_file}}", "xasecure.policymgr.clientssl.keystore.credential.file"properties_attributes" : "jceks://file{{credential_file}}"{ }, "xasecure.policymgr.clientssl.truststore"properties" : "/usr/hdp/current/hbase-client/conf/ranger-plugin-truststore.jks",{ "xasecure.policymgr.clientssl.keystoreranger.plugin.yarn.policy.source.impl" : "/usr/hdp/current/hbase-client/conf/ranger-plugin-keystore.jksorg.apache.ranger.admin.client.RangerAdminRESTClient" } } }, { "rangerusersync-siteproperties" : { "properties_attributes" : { }, "properties" : { } } }, { "ranger-kmshbase-auditsecurity" : { "properties_attributes" : { }, "properties" : { "xasecureranger.auditplugin.destinationhbase.solrpolicy.batchsource.filespool.dirimpl" : "/var/log/ranger/kms/audit/solr/spool",org.apache.ranger.admin.client.RangerAdminRESTClient" } } }, { "xasecure.audit.destination.hdfs.dir" : "hdfs://NAMENODE_HOSTNAME:8020/ranger/audit", "hdfs-site" : { "xasecure.audit.destination.solr.urlsproperties_attributes" : "{{ranger_audit_solr_urls}}"{ }, "xasecure.audit.destination.hdfs.batch.filespool.dir"properties" : "/var/log/ranger/kms/audit/hdfs/spool",{ "xasecuredfs.encryption.auditkey.isprovider.enableduri" : "truekms://http@%HOSTGROUP::host_group_1%:9292/kms", "xasecure.audit.destination.hdfsdfs.namenode.inode.attributes.provider.class" : "true",org.apache.ranger.authorization.hadoop.RangerHdfsAuthorizer" } "xasecure.audit.credential.provider.file" : "jceks://file{{credential_file}}" } }, { "xasecure.audit.provider.summary.enabledranger-yarn-plugin-properties" : "false",{ "xasecure.audit.destination.db.jdbc.driver"properties_attributes" : "{{jdbc_driver}}" }, "xasecure.audit.destination.db.batch.filespool.dir"properties" : "/var/log/ranger/kms/audit/db/spool",{ "xasecure.audit.destination.solrREPOSITORY_CONFIG_USERNAME" : "trueyarn", "xasecurecommon.auditname.destinationfor.db.usercertificate" : "{{xa_audit_db_user}}", "xasecure.audit.destination.dbranger-yarn-plugin-enabled" : "falseYes", "xasecure.audit.destination.db.jdbc.urlpolicy_user" : "{{audit_jdbc_url}}ambari-qa", "xasecurehadoop.audit.destination.solr.zookeepersrpc.protection" : "none" } } }, { "ranger-hbase-plugin-properties" : { "properties_attributes" : { }, "properties" : { "REPOSITORY_CONFIG_USERNAME" : "hbase", "common.name.for.certificate" : "", "ranger-hbase-plugin-enabled" : "Yes", "policy_user" : "ambari-qa" } } } ], "host_groups" : [ { "name" : "host_group_1", "configurations" : [ ], "components" : [ { "name" : "ZOOKEEPER_CLIENT" }, { "name" : "ZOOKEEPER_SERVER" }, { "name" : "RANGER_ADMIN" }, { "name" : "HBASE_REGIONSERVER" }, { "name" : "HBASE_CLIENT" }, { "name" : "HBASE_MASTER" }, { "name" : "RANGER_USERSYNC" }, { "name" : "NAMENODE" }, { "name" : "NODEMANAGER" }, { "name" : "HDFS_CLIENT" }, { "name" : "YARN_CLIENT" }, { "name" : "MAPREDUCE2_CLIENT" }, { "name" : "DATANODE" }, { "name" : "RANGER_KMS_SERVER" } ], "cardinality" : "1" }, { "name" : "host_group_2", "configurations" : [ ], "components" : [ { "name" : "ZOOKEEPER_SERVER" }, { "name" : "HISTORYSERVER" }, { "name" : "HBASE_REGIONSERVER" }, { "name" : "APP_TIMELINE_SERVER" }, { "name" : "HDFS_CLIENT" }, { "name" : "NODEMANAGER" }, { "name" : "SECONDARY_NAMENODE" }, { "name" : "DATANODE" }, { "name" : "RESOURCEMANAGER" } ], "cardinality" : "1" }, { "name" : "host_group_3", "configurations" : [ ], "components" : [ { "name" : "ZOOKEEPER_CLIENT" }, { "name" : "ZOOKEEPER_SERVER" }, { "name" : "HBASE_REGIONSERVER" }, { "name" : "HBASE_CLIENT" }, { "name" : "HDFS_CLIENT" }, { "name" : "NODEMANAGER" }, { "name" : "YARN_CLIENT" }, { "name" : "MAPREDUCE2_CLIENT" }, { "name" : "DATANODE" } ], "cardinality" : "1" } ], "Blueprints" : { "stack_name" : "HDP", "stack_version" : "2.3" } } |
...