Created 09-12-2017 05:29 PM
policymgr_external_url parameter ( External URL ) , when pointed the load balancer vip , Ranger sink with Active Directory isnot happening.
We have successfully setup Ranger Admin HA . External URL was pointing to load balancer vip.With this new configuration, Ranger sink with Active Directory is not happening.
if we replace the load balance vip with actual host name , able get all the Active Directory user list.
is there any problem with setting up load balancer vip ? , i am not getting. http://dev-rag.dataquest.com:6080” is not working for AD user sink.
can we have multiple hostname for policymgr_external_url parameter ( External URL ) like“ http://dev-rag-001.dataquest.com,dev-rag-002.dataquest.com:6080” ?
please share your thoughts and experiences
Created 09-12-2017 05:33 PM
If it is a kerberos env, you need to make sure loadbalancer hostname is added to spnego keytab as documented in this link - see step 32 onwards.
Created 09-14-2017 07:24 AM
When we enabled Kerberos, Principals and keytabs were created for only 1 Ranger admin host .
No principals and keytabs were created for other ranger admin host and LB. Do we need to create them using the kadmin utility , on missing hosts?
Created 09-13-2017 11:10 AM
@Jacqualin jasmin, currently multiple entries are not supported for policymgr_external_url ( External URL ) parameter.
For configuration with LB using a vip, Can you do a curl call from Ranger-Usersync host to Ranger-Admin LB url and check whether it is able to connect to the LB.
Created 09-14-2017 07:25 AM
Can you please give me the steps for "curl call from Ranger-Usersync host to Ranger-Admin LB url"
Created 09-15-2017 06:26 AM
@Jacqualin jasmin, you can do ssh / login to the terminal of the host where Ranger-Usersync is installed and execute the below command and check the output:
curl -iv http://<VIP of the LB>:<Port of LB for Ranger>
Created 04-25-2022 12:24 AM
What can I do if the return code is 401, and hdfs-plugin error getting policies 401, principle and keytab are set correctly.