How to setup External SolrCloud for RangerAudits

chiru_tnk · ‎08-02-2018

Dear experts,

I have a kerberized (using Active Directory) HDP cluster and an external Solr cloud(Not kerberized). I am now trying to configure Ranger audits to point to the external SolrCloud and not able to find any process. Could you please guide me regarding this ?

I have followed the process from the below link to setup an external SolrCloud using Rangerscripts and confused how to proceed with kerberization.

https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.6.5/bk_security/content/solr_ranger_configure_s...

It will be really helpful if i can get any documentation/links regarding this process.

Thanks

krajguru · ‎08-02-2018

@Chiranjeevi Nimmala If you are looking at kerberising solrcloud, below link should help :

https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.6.5/bk_security/content/solr_ranger_configure_s...

Just to note, as you have AD, you need to create the principals for solr in AD , not need of setting up MIT 🙂

Also, if you already have a spnego keytab in /etc/security/keytabs/spnego.service.keytab , no need to generate the HTTP keytab, this will create issues for services that use spnego.service.keytab.

Just copy /etc/security/keytabs/spnego.service.keytab to /opt/solr/conf/HTTP.keytab