Support Questions
Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Advanced Search

Ranger load balancer vip , is not working in sinking the users from Active Directory ( after configuring Ranger Admin HA)

Highlighted

Ranger load balancer vip , is not working in sinking the users from Active Directory ( after configuring Ranger Admin HA)

Labels:
Jacqueline
Explorer

Created ‎09-12-2017 05:29 PM

Hi ,

policymgr_external_url parameter ( External URL ) , when pointed the load balancer vip , Ranger sink with Active Directory isnot happening.

We have successfully setup Ranger Admin HA . External URL was pointing to load balancer vip.With this new configuration, Ranger sink with Active Directory is not happening.

if we replace the load balance vip with actual host name , able get all the Active Directory user list.

is there any problem with setting up load balancer vip ? , i am not getting. http://dev-rag.dataquest.com:6080” is not working for AD user sink.

can we have multiple hostname for policymgr_external_url parameter ( External URL ) like“ http://dev-rag-001.dataquest.com,dev-rag-002.dataquest.com:6080” ?

please share your thoughts and experiences

Regards

JJ

Reply
714 Views
0 Kudos
5 REPLIES 5

Re: Ranger load balancer vip , is not working in sinking the users from Active Directory ( after configuring Ranger Admin HA)

vperiasamy
Guru

Created ‎09-12-2017 05:33 PM

If it is a kerberos env, you need to make sure loadbalancer hostname is added to spnego keytab as documented in this link - see step 32 onwards.

Reply
500 Views
0 Kudos
Highlighted

Re: Ranger load balancer vip , is not working in sinking the users from Active Directory ( after configuring Ranger Admin HA)

Jacqueline
Explorer

Created ‎09-14-2017 07:24 AM

Hi ,

When we enabled Kerberos, Principals and keytabs were created for only 1 Ranger admin host .

No principals and keytabs were created for other ranger admin host and LB. Do we need to create them using the kadmin utility , on missing hosts?

Thanks

JJ

Reply
500 Views
0 Kudos
Highlighted

Re: Ranger load balancer vip , is not working in sinking the users from Active Directory ( after configuring Ranger Admin HA)

vsuvagia
Explorer

Created ‎09-13-2017 11:10 AM

@Jacqualin jasmin, currently multiple entries are not supported for policymgr_external_url ( External URL ) parameter.

For configuration with LB using a vip, Can you do a curl call from Ranger-Usersync host to Ranger-Admin LB url and check whether it is able to connect to the LB.

Reply
500 Views
0 Kudos
Highlighted

Re: Ranger load balancer vip , is not working in sinking the users from Active Directory ( after configuring Ranger Admin HA)

Jacqueline
Explorer

Created ‎09-14-2017 07:25 AM

Hi ,

Can you please give me the steps for "curl call from Ranger-Usersync host to Ranger-Admin LB url"

Thanks

JJ

Reply
500 Views
0 Kudos
Highlighted

Re: Ranger load balancer vip , is not working in sinking the users from Active Directory ( after configuring Ranger Admin HA)

vsuvagia
Explorer

Created ‎09-15-2017 06:26 AM

@Jacqualin jasmin, you can do ssh / login to the terminal of the host where Ranger-Usersync is installed and execute the below command and check the output:
curl -iv http://<VIP of the LB>:<Port of LB for Ranger>

Reply
500 Views
0 Kudos
Don't have an account?
Register