Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Is it possible to manage multiple clusters using one ranger instance?

Labels:
avatar
author-rank nsabharwal
Master Mentor

Created ‎12-16-2015 10:56 PM

Is it possible to manage multiple clusters using one ranger instance?

4,016 Views
1 ACCEPTED SOLUTION

avatar
author-rank bdurai
Rising Star

Created ‎12-16-2015 11:13 PM

The primary limitation is wrt to UserSync. If there are multiple clusters, but using the same AD/LDAP, then you can use the same the Ranger instance to manage all of them.

View solution in original post

3,431 Views
9 REPLIES 9

avatar
author-rank amcbarnett
Guru

Created ‎12-16-2015 11:03 PM

No I don't think it's possible.

Admin Authentication is only for one cluster. We would need to specify when we authenticate which cluster we are authenticating for.

Security Policies and configuration is on a cluster basis in the Ranger Admin database.

3,431 Views
0 Kudos

avatar
author-rank nsabharwal
Master Mentor

Created ‎12-16-2015 11:04 PM

@bganesan @bdurai

3,431 Views
0 Kudos

avatar
author-rank pardeep_kumar
Guru

Created ‎12-16-2015 11:13 PM

No, This is not supported.

3,431 Views
0 Kudos

avatar
author-rank bdurai
Rising Star

Created ‎12-16-2015 11:13 PM

The primary limitation is wrt to UserSync. If there are multiple clusters, but using the same AD/LDAP, then you can use the same the Ranger instance to manage all of them.

3,432 Views

avatar
author-rank nsabharwal
Master Mentor

Created ‎12-17-2015 12:07 AM

@bdurai What challenges do you see from the Ambari side?

3,431 Views
0 Kudos

avatar
author-rank bdurai
Rising Star

Created ‎12-17-2015 03:11 AM

There is no native support from Ambari to do this. If you are using Ambari in all env, then the Ambari which is hosting the main Ranger instance is oblivious of the clusters Ranger is supporting. The Ambari which is hosting Ranger will automatically configure Ranger for the components within it's cluster. For the other clusters, you have to go to each component and modify Ranger properties. E.g. you will have to set ranger.plugin.hbase.policy.rest.url property and few others. You also need to add all the services/repo using Ranger Admin UI.

3,431 Views
0 Kudos

avatar
author-rank nsabharwal
Master Mentor

Created ‎12-17-2015 03:15 AM

@bdurai Based on this, I believe it's a good idea to have one to one relationship i,e Each cluster will have it's own ranger install.

3,431 Views
0 Kudos

avatar
author-rank bdurai
Rising Star

Created ‎12-17-2015 03:19 AM

I agree, just because we can do it doesn't mean we should do it. From operation point of view, it is better to have one ranger per ambari cluster. This makes management very simple. Also, when it comes to upgrade, it will cause less headache.

3,431 Views

avatar
author-rank SudheerV
New Contributor

Created ‎10-13-2021 04:17 PM

Do you have any reference on how to enable ranger for kafka sitting in a separate cluster in CDP?

2,485 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements