Details
-
Sub-task
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
2.8.0
-
None
Description
Add ranger 2.4 support in ambari bigtop stacks
Currently, the work of adapting Ranger to Bigtop and Ambari has been completed. Due to the large number of issues involved in the adaptation, they are summarized as follows:
apache ambari related issues
The main issues related to adapting Ranger in Ambari 2.8 are related to the advisor functionality. Enabling Ranger would trigger the advisor to recommend updates to the component's Ranger-related configurations, thus adapting Ranger requires fixing this part first. Otherwise, after enabling Ranger plugin in Ambari, manual updates to the Ranger-related configurations would still be required.
1.AMBARI-25894: Missing file service_advisor.py in some serivces (merged)
https://github.com/apache/ambari/pull/3677
2.AMBARI-25932: Wrong config file name in spark service advisor (merged)
https://issues.apache.org/jira/browse/AMBARI-25932
ambari ranger support related issues:
Here, we additionally adapted Ambari Infra because the Ambari Ranger service relies on the Infra client to perform Solr-related automation settings for Ranger.
1.ambari infra PR
1.Add support for Ambari Infra in Ambari 2.8 wait for review (merged)
https://issues.apache.org/jira/browse/AMBARI-25933
2.ambari ranger service support (wait for merge in next version)
https://issues.apache.org/jira/browse/AMBARI-25929
3.ambari infra service support wait for review (merged)
https://github.com/apache/ambari/pull/3696
apache bigtop related issues
To adapt Ranger to Ambari, we need to first build RPM packages related to Ranger using Bigtop. The following are the pull requests required for Bigtop to support Ranger.
1.BIGTOP-3925 ranger support (merged)
https://github.com/apache/bigtop/pull/1100
2.BIGTOP-3923: Add missing jars for Ranger (merged)
https://github.com/apache/bigtop/pull/1099
3.BIGTOP-3910: Bigtop-select support Ranger (merged)
https://github.com/apache/bigtop/pull/1089
4.BIGTOP-3950: fix ranger etc conf dir (in review)
https://github.com/apache/bigtop/pull/1120
Bigtop support for Ranger requires three PRs:
BIGTOP-3925: This PR mainly addresses issues with Ranger RPM packaging and includes a patch that resolves problems with starting HBase after integrating with Ranger.
BIGTOP-3923: This PR addresses package dependency issues when running "java -cp '/usr/bigtop/current/ranger-usersync/lib/*' org.apache.ranger.credentialapi.buildks create ranger.usersync.policymgr.password -value [PROTECTED] -provider jceks://file/usr/bigtop/current/ranger-usersync/conf/ugsync.jceks" command.
BIGTOP-3910: This PR adds support for Ranger in Bigtop-select.
ranger related issues:
These are the PRs encountered during the process of adapting Ranger in Bigtop Ambari. All 3 PRs have been made into patches and submitted to the aforementioned Bigtop Ranger support-related PRs. The review of the related issues on the Ranger side is also currently underway.
1.fix Kafka2.8 can't restart after enable ranger plugin
https://issues.apache.org/jira/browse/RANGER-4228 wait for review
2.addresses the issue of HBase not starting after integrating with Ranger due to class loading order
https://issues.apache.org/jira/browse/RANGER-4201 wait for review
3.mainly addresses the missing dependency issue when running the Ranger command "java -cp '/usr/bigtop/current/ranger-usersync/lib/*' org.apache.ranger.credentialapi.buildks create ranger.usersync.policymgr.password -value [PROTECTED] -provider jceks://file/usr/bigtop/current/ranger-usersync/conf/ugsync.jceks".
https://issues.apache.org/jira/browse/RANGER-3992 wait for review
manual test:
before enable kerberos all compoent works smoonthly
after enable kerberos all compoent works smoonthly
Attachments
Attachments
Issue Links
- links to
The latest release of ranger is 2.4.0. How about adding ranger 2.4.0 instead of ranger 2.3.0?