Support Questions
Find answers, ask questions, and share your expertise

Knox Ranger policies not being applied on the cluster

Expert Contributor

Hi all,

On our secured HDP 2.4.2 cluster we have configured Ranger to define security policies and Knox for parameter security. Ranger works fine with all the components (HDFS/YARN/HBASE/Hive) but not the Knox. The policies defined in Knox repository are not being reflected. I tried checking by Audit-> plugins tab, it doesn't show up there, also checked in corresponding policycache

/etc/ranger/Prod_knox/policycache/knox_Prod_knox.json

But the file does not exist.

Its strange to me that for other components it works fine but not for Knox.

Can you suggest what I should be looking for?

Thanks.

SS

5 REPLIES 5

Rising Star

@Smart Solutions Are you using Ambari to manage the cluster? If yes, can you go to Ranger -> Configs -> Ranger Plugin and check if Knox-Ranger plugin is enabled?

6300-screen-shot-2016-08-03-at-101232-pm.png

Expert Contributor

@Krishna Pandey : Its managed through Ambari and Knox Ranger Plugin in already enabled. Tried disabling and re-enabling didn't help.

@Smart Solutions are you sure you have enable ranger plugin for knox ? please check settings --> advanced setting --> knox-ranger-plugin-properties , whether ranger plugin is enabled for it.

if it is enabled , then please check gateway.log in knox, whether policies are being refreshed there , you must be seeing some exception there!

Expert Contributor

@deepak sharma , checked in plugin properties, ranger is enabled.

Checked gateway logs, don't see any syc or refreshing.

Explorer

@Smart Solutions Did you solve this issue ? I am facing similar one.