Support Questions

ashaver · ‎02-24-2016

Are there still Ranger prerequisites before you can install a fresh cluster with a blueprint which includes Ranger? For example, do we still have to modify permissions on db and set the appropriate jdbc?

ambari-server setup --jdbc-db=mysql --jdbc-driver=/usr/share/java/mysql-connector-java.jar

I notice if I export a blueprint from a cluster which had Ranger installed. If I try to use this blueprint on a new cluster, it will complain about missing jdbc-driver, and mysql permissions issues (basically the prerequisites required for Ranger). Am I missing something which would install the blueprint without extra steps?

vperiasamy · ‎02-24-2016

@Anna Shaverdian DB pre-requisites need to be met before creating the cluster through the blueprint.

View solution in original post

vperiasamy · ‎02-24-2016

@Anna Shaverdian DB pre-requisites need to be met before creating the cluster through the blueprint.

ashaver · ‎03-01-2016

@vperiasamy How should the blueprint json be updated to account for db passwords? Where are you supposed to enter the passwords? I'm not able to register the blueprint when I include the passwords for the db users in the blueprint json.

vperiasamy · ‎03-01-2016

@Anna Shaverdian Can you please share your blueprint? Ranger Admin's DB password settings should go in "admin-properties" section.

ashaver · ‎03-04-2016

@vperiasamy This is the blueprint as exported directly:

{
      "admin-properties" : {
        "properties_attributes" : {
          "db_root_password" : {
            "toMask" : "true"
          },
          "audit_db_password" : {
            "toMask" : "true"
          },
          "db_password" : {
            "toMask" : "true"
          }
        },
        "properties" : {
          "audit_db_user" : "rangerlogger",
          "db_root_user" : "rangerdba",
          "DB_FLAVOR" : "MYSQL",
          "db_name" : "ranger",
          "policymgr_external_url" : "http://%HOSTGROUP::host_group_1%:6080",
          "db_user" : "rangeradmin",
          "SQL_CONNECTOR_JAR" : "/usr/share/java/mysql-connector-java.jar",
          "db_host" : "localhost",
          "audit_db_name" : "ranger_audit"
        }
      }

When in place of { "toMask" : "true"} I put "password," I see formatting errors. What would be the correct format? For now I put the password as the default_password in the template I define which blueprint I use. Thanks!!

jeff1 · ‎04-04-2016

FYI: this wiki page might need to be expanded a bit but posting in case it's useful. Thx.

https://cwiki.apache.org/confluence/display/AMBARI/Blueprint+support+for+Ranger

rnettleton · ‎04-06-2016

Hi @Anna Shaverdian, In addition to what has already been posted, I wanted to mention something about Blueprint exports.

In general, you should be able to re-use an exported Blueprint from a running cluster without any changes.

There are a few exceptions,however:

1. Passwords: Any password properties are filtered out of the exported Blueprint, and must be added in explicitly during a redeployment attempt.

2. External Database Connections: I'm defining an "External" DB connection as any DB that is used by the cluster, but is not managed by Ambari. The DB instance used by Ranger is one example, but Oozie and Hive can also use separate instances that are not managed by Ambari. In these cases, the Blueprint export process filters out these properties, since they are not necessarily portable to the new environment. From what I've seen in this posting, these are the kinds of properties that you'll need to add back into your Blueprint or Cluster Creation template, as the other posts have indicated.

Hope this helps,

Thanks,

Bob

Cloudera Community

Support Questions

Ranger Installation Through Blueprints