If you are here, you already know that Apache Ranger is becoming an universal Authorization Framework for most of the data platforms in the CLOUD. To make it easier for new Ranger users to try the Apache Ranger in action, we have created a docker based setup process that will take few steps to make the Apache Ranger running on your system (in few mins).
software prerequisites
Here are the pre-requisites to run Apache Ranger on your system:
- You must have a latest version of Docker and Docker-Compose installed on your system
- You should be able to run BASH (shell) script from your system
Downloading Apache Ranger
With these simple requirements, you can start downloading the latest version of Apache Ranger using the following command:
mkdir -p ${HOME}/git cd ${HOME}/git git clone https://github.com/apache/ranger.git
Bring up Apache Ranger (Builds if needed)
Once you have latest Apache Ranger on your system, you can start the setup of Apache Ranger by following commands below:
cd ${HOME}/git/ranger # Enable only necessary services to be run along with CORE ranger services export ENABLED_RANGER_SERVICES="tagsync,hadoop,hbase,kafka,hive,knox,kms" # Execute this command to bring the services up (after successful build if it is not already build) ./ranger_in_docker up
The above commands should build the Apache Ranger from the source and creates necessary Docker Containers to run them in Docker. First time startup may take approx. 10 minutes to build all necessary docker container(s) and sub-sequent startup will take less than two minute. Once the process completes successfully, you should be able to login into Apache Ranger UI using http://{hostname_of_docker}:6080 with appropriate credential displayed on the screen.
As specified in the ENABLED_RANGER_SERVICES variables, additional services are also created as docker containers and runs with ranger plugin(s) installed and configured to work with the Ranger instance. You can login into these services (e.g.: Apache Hive Service) and execute appropriate (e.g.: Hive SQL) commands to see how Apache Ranger is enforcing your Authorization Policies and also, creates necessary audit records to provide an Enterprise Data Governance Framework.
Shutdown Apache Ranger & related services
If you want to turn off the Apache Ranger & its related services, please follow the instruction below:
# Go to the directory where we downloaded the Apache Ranger cd ${HOME}/git/ranger # Execute this command to bring services down ./ranger_in_docker down
You can always bring the services up by following the instruction specified in section: Bring up Apache Ranger (Builds if needed)
List of Ranger Services & its LISTEN port
# | Service Name | Listen Port | Core Ranger Service ? |
---|---|---|---|
1 | ranger | 6080/tcp | Y (ranger engine) |
2 | ranger-postgres | 5432/tcp | Y (ranger datastore) |
3 | ranger-solr | 8983/tcp | Y (audit store) |
4 | ranger-zk | 2181/tcp | Y (used by solr) |
5 | ranger-usersync | - | Y (user/group synchronization from Local Linux/Mac) |
6 | ranger-kms | 9292/tcp | N (needed only for Encrypted Storage / TDE) |
7 | ranger-tagsync | - | N (needed only for Tag Based Policies to be sync from ATLAS) |
List of Data Engine Services (protected by Apache Ranger) & its LISTEN port
# | Service Name | Listen Port | Service Description |
---|---|---|---|
1 | Hadoop | 8088/tcp | Apache Hadoop 3.3.0 |
2 | HBase | 16000/tcp 16010/tcp 16020/tcp 16030/tcp | Apache HBase 2.2.6 Protected by Apache Ranger's HBase Plugin |
3 | Hive | 10000/tcp | Apache Hive 3.1.2 Protected by Apache Ranger's Hive Plugin |
4 | Kafka | 6667/tcp | Apache Kafka 2.12-2.5.0 Protected by Apache Ranger's Kafka Plugin |
5 | Knox | 8443/tcp | Apache Knox 1.4.0 Protected by Apache Ranger's Knox Plugin |
If you have any questions, please feel free to reach us via Ranger User Group Community.
Subscribe to Apache Ranger User Group by sending an email to user-subscribe@ranger.apache.org