Support Questions

Find answers, ask questions, and share your expertise

Ranger Installation Through Blueprints

avatar
Contributor

Are there still Ranger prerequisites before you can install a fresh cluster with a blueprint which includes Ranger? For example, do we still have to modify permissions on db and set the appropriate jdbc?

ambari-server setup --jdbc-db=mysql --jdbc-driver=/usr/share/java/mysql-connector-java.jar 

I notice if I export a blueprint from a cluster which had Ranger installed. If I try to use this blueprint on a new cluster, it will complain about missing jdbc-driver, and mysql permissions issues (basically the prerequisites required for Ranger). Am I missing something which would install the blueprint without extra steps?

1 ACCEPTED SOLUTION

avatar

@Anna Shaverdian DB pre-requisites need to be met before creating the cluster through the blueprint.

View solution in original post

6 REPLIES 6

avatar

@Anna Shaverdian DB pre-requisites need to be met before creating the cluster through the blueprint.

avatar
Contributor

@vperiasamy How should the blueprint json be updated to account for db passwords? Where are you supposed to enter the passwords? I'm not able to register the blueprint when I include the passwords for the db users in the blueprint json.

avatar

@Anna Shaverdian Can you please share your blueprint? Ranger Admin's DB password settings should go in "admin-properties" section.

avatar
Contributor

@vperiasamy This is the blueprint as exported directly:

{
      "admin-properties" : {
        "properties_attributes" : {
          "db_root_password" : {
            "toMask" : "true"
          },
          "audit_db_password" : {
            "toMask" : "true"
          },
          "db_password" : {
            "toMask" : "true"
          }
        },
        "properties" : {
          "audit_db_user" : "rangerlogger",
          "db_root_user" : "rangerdba",
          "DB_FLAVOR" : "MYSQL",
          "db_name" : "ranger",
          "policymgr_external_url" : "http://%HOSTGROUP::host_group_1%:6080",
          "db_user" : "rangeradmin",
          "SQL_CONNECTOR_JAR" : "/usr/share/java/mysql-connector-java.jar",
          "db_host" : "localhost",
          "audit_db_name" : "ranger_audit"
        }
      }

When in place of { "toMask" : "true"} I put "password," I see formatting errors. What would be the correct format? For now I put the password as the default_password in the template I define which blueprint I use. Thanks!!

avatar
Guru

FYI: this wiki page might need to be expanded a bit but posting in case it's useful. Thx.

https://cwiki.apache.org/confluence/display/AMBARI/Blueprint+support+for+Ranger

avatar
Expert Contributor

Hi @Anna Shaverdian, In addition to what has already been posted, I wanted to mention something about Blueprint exports.

In general, you should be able to re-use an exported Blueprint from a running cluster without any changes.

There are a few exceptions,however:

1. Passwords: Any password properties are filtered out of the exported Blueprint, and must be added in explicitly during a redeployment attempt.

2. External Database Connections: I'm defining an "External" DB connection as any DB that is used by the cluster, but is not managed by Ambari. The DB instance used by Ranger is one example, but Oozie and Hive can also use separate instances that are not managed by Ambari. In these cases, the Blueprint export process filters out these properties, since they are not necessarily portable to the new environment. From what I've seen in this posting, these are the kinds of properties that you'll need to add back into your Blueprint or Cluster Creation template, as the other posts have indicated.

Hope this helps,

Thanks,

Bob