Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Is it possible to manage multiple clusters using one ranger instance?

Labels:
avatar
author-rank nsabharwal
Master Mentor

Created ‎12-16-2015 10:56 PM

Is it possible to manage multiple clusters using one ranger instance?

4,548 Views
0
1 ACCEPTED SOLUTION

avatar
author-rank bdurai
Rising Star

Created ‎12-16-2015 11:13 PM

The primary limitation is wrt to UserSync. If there are multiple clusters, but using the same AD/LDAP, then you can use the same the Ranger instance to manage all of them.

View solution in original post

3,963 Views
0
9 REPLIES 9

avatar
author-rank amcbarnett
Guru

Created ‎12-16-2015 11:03 PM

No I don't think it's possible.

Admin Authentication is only for one cluster. We would need to specify when we authenticate which cluster we are authenticating for.

Security Policies and configuration is on a cluster basis in the Ranger Admin database.

3,963 Views
0 Kudos

avatar
author-rank nsabharwal
Master Mentor

Created ‎12-16-2015 11:04 PM

@bganesan @bdurai

3,963 Views
0 Kudos

avatar
author-rank pardeep_kumar
Guru

Created ‎12-16-2015 11:13 PM

No, This is not supported.

3,963 Views
0 Kudos

avatar
author-rank bdurai
Rising Star

Created ‎12-16-2015 11:13 PM

The primary limitation is wrt to UserSync. If there are multiple clusters, but using the same AD/LDAP, then you can use the same the Ranger instance to manage all of them.

3,964 Views
0

avatar
author-rank nsabharwal
Master Mentor

Created ‎12-17-2015 12:07 AM

@bdurai What challenges do you see from the Ambari side?

3,963 Views
0 Kudos

avatar
author-rank bdurai
Rising Star

Created ‎12-17-2015 03:11 AM

There is no native support from Ambari to do this. If you are using Ambari in all env, then the Ambari which is hosting the main Ranger instance is oblivious of the clusters Ranger is supporting. The Ambari which is hosting Ranger will automatically configure Ranger for the components within it's cluster. For the other clusters, you have to go to each component and modify Ranger properties. E.g. you will have to set ranger.plugin.hbase.policy.rest.url property and few others. You also need to add all the services/repo using Ranger Admin UI.

3,963 Views
0 Kudos

avatar
author-rank nsabharwal
Master Mentor

Created ‎12-17-2015 03:15 AM

@bdurai Based on this, I believe it's a good idea to have one to one relationship i,e Each cluster will have it's own ranger install.

3,963 Views
0 Kudos

avatar
author-rank bdurai
Rising Star

Created ‎12-17-2015 03:19 AM

I agree, just because we can do it doesn't mean we should do it. From operation point of view, it is better to have one ranger per ambari cluster. This makes management very simple. Also, when it comes to upgrade, it will cause less headache.

3,963 Views

avatar
author-rank SudheerV
New Contributor

Created ‎10-13-2021 04:17 PM

Do you have any reference on how to enable ranger for kafka sitting in a separate cluster in CDP?

3,017 Views
0 Kudos
Announcements
Community Announcements
April 2025 Cloudera Customer Advisory: Cloudera’s response t...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
View More Announcements