Cloudera Community

Archives of Support Questions (Read Only)

This is an archived board for historical reference. Information and links may no longer be available or relevant
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
This board is archived and read-only for historical reference. To ask a new question, please post a new topic on the appropriate active board.
Solved Go to solution

amb_ranger_admin/ranger_admin_username user on kerberized cluster

Labels:
avatar
author-rank capacman
New Member

Created ‎04-24-2017 03:44 PM

Hi All,

I dont understand what (ranger_admin_username)"amb_ranger_admin" user is for? I enabled kerberos on my cluster and installed ranger. Everything is working very well. I changed "ranger_admin_username" value to some meaningless value but it is still working. So is ranger_admin_username still a relevant property in a kerberos enabled cluster? In the mean time there is no "amb_ranger_admin" in ambari internal users as well. It was not created by ambari or ranger.

2,974 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank vperiasamy author-rank
Guru

Created ‎04-24-2017 03:53 PM

Main purpose of amb_ranger_admin is for ambari to communicate to ranger to create ranger repositories (when ranger plugins get enabled).

In kerberos enabled clusters, starting from HDP 2.5/Ambari 2.4, service keytabs are used for the above purpose. Hence amb_ranger_admin is applicable only for non kerberos environments. What version of HDP are you using?

View solution in original post

2,849 Views
4 REPLIES 4

avatar
author-rank vperiasamy author-rank
Guru

Created ‎04-24-2017 03:53 PM

Main purpose of amb_ranger_admin is for ambari to communicate to ranger to create ranger repositories (when ranger plugins get enabled).

In kerberos enabled clusters, starting from HDP 2.5/Ambari 2.4, service keytabs are used for the above purpose. Hence amb_ranger_admin is applicable only for non kerberos environments. What version of HDP are you using?

2,850 Views

avatar
author-rank capacman
New Member

Created ‎04-24-2017 04:12 PM

Hi @vperiasamy,

Thank you for quick response.

We are using 2.5.3. In the mean time, is this information still correct for ambari enabled plugins:

https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.5.3/bk_security/content/hdfs_plugin_kerberos.ht...

What I understand, ambari making this config automatically? Am I correct?

2,849 Views
0 Kudos

avatar
author-rank vperiasamy author-rank
Guru

Created ‎05-03-2017 10:16 PM

Starting from HDP 2.5.3, you don't need to setup separate lookup users mentioned in that link (for kerberized environments).

2,849 Views

avatar
author-rank capacman
New Member

Created ‎05-03-2017 10:33 PM

Thank you vperiasamy

2,849 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Real time Monitoring for 7.1.9+ and 7.2.18+ with Cl...
What's New @ Cloudera
Announcing Cloudera Streaming Analytics 1.17: Python UDFs, S...
Community Announcements
Content Update: Evolving Our Community Content for Better, A...
Community Announcements
Product Name Updates — Community Label Changes & Notificatio...
What's New @ Cloudera
Announcing Cloudera Data Lineage for Trino
View More Announcements