Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Does it need to ues Kerberos when install Ranger-storm plugin?

Solved Go to solution
Highlighted

Does it need to ues Kerberos when install Ranger-storm plugin?

New Contributor

Hi ALL:

We have successfully installed Storm Plugin for apache ranger, and we are also able to create policies within ranger, the problem is that when we click the Connection Test button after add a storm service,we got a error about Kerberos.The error report is that:

org.apache.ranger.plugin.client.HadoopException: executeUnderKerberos: Login failure using given configuration parameters, username : `admin`..

executeUnderKerberos: Login failure using given configuration parameters, username : `admin`.. kerberos.example.com: Name or service not known.

Hadoop Version:2.7.2

Ranger Version: 0.62

Storm Version:1.0.0

Any ideas or help in this regard will be appreciated.

Thanks in advance.

Regards,

Benny

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Does it need to ues Kerberos when install Ranger-storm plugin?

New Contributor

To enable ranger-storm-plugin need to have kerberos environment. Refer: Enabling Storm Plugin

Also link /etc/hadoop/conf/core-site.xml under /etc/storm/conf

7 REPLIES 7

Re: Does it need to ues Kerberos when install Ranger-storm plugin?

New Contributor

we can see the plugin on Ranger admin in Audit >plugins tab

Re: Does it need to ues Kerberos when install Ranger-storm plugin?

New Contributor

To enable ranger-storm-plugin need to have kerberos environment. Refer: Enabling Storm Plugin

Also link /etc/hadoop/conf/core-site.xml under /etc/storm/conf

Re: Does it need to ues Kerberos when install Ranger-storm plugin?

New Contributor

@mvaradkar Thank you very much for you reply.we will follow you advice,and holp it will helps to solve the problem.thank you again.

Re: Does it need to ues Kerberos when install Ranger-storm plugin?

Re: Does it need to ues Kerberos when install Ranger-storm plugin?

New Contributor

@Sagar Shimpi Thank you very much for you reply.Because I am a student ,I should study apache ranger wihtout Ambari. It also help for my work and thank you again for you reply.

Re: Does it need to ues Kerberos when install Ranger-storm plugin?

@hu bai

Contrary to popular belief, it is not necessary to enable Kerberos to use the Ranger plugin. Kerberos is for authentication, while Ranger does authorization. You can use other authentication techniques to identify the user, if you choose. Kerberos is a very secure and reliable way of authenticating a user, and that is why is is frequently used. However, you can use Unix auth or LDAP authentication in your cluster to identify the user. The username which submits the Storm topology is the one used for authorization with Ranger. Ranger will then use its policy information to determine what the user is allowed to do.

Re: Does it need to ues Kerberos when install Ranger-storm plugin?

Mentor

@emaxwell just heard from engineering, in case of Storm, kerberos is required for Ranger authorization.