Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

amb_ranger_admin/ranger_admin_username user on kerberized cluster

Labels:
avatar
author-rank capacman
Explorer

Created ‎04-24-2017 03:44 PM

Hi All,

I dont understand what (ranger_admin_username)"amb_ranger_admin" user is for? I enabled kerberos on my cluster and installed ranger. Everything is working very well. I changed "ranger_admin_username" value to some meaningless value but it is still working. So is ranger_admin_username still a relevant property in a kerberos enabled cluster? In the mean time there is no "amb_ranger_admin" in ambari internal users as well. It was not created by ambari or ranger.

1,741 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank vperiasamy author-rank
Guru

Created ‎04-24-2017 03:53 PM

Main purpose of amb_ranger_admin is for ambari to communicate to ranger to create ranger repositories (when ranger plugins get enabled).

In kerberos enabled clusters, starting from HDP 2.5/Ambari 2.4, service keytabs are used for the above purpose. Hence amb_ranger_admin is applicable only for non kerberos environments. What version of HDP are you using?

View solution in original post

1,616 Views
4 REPLIES 4

avatar
author-rank vperiasamy author-rank
Guru

Created ‎04-24-2017 03:53 PM

Main purpose of amb_ranger_admin is for ambari to communicate to ranger to create ranger repositories (when ranger plugins get enabled).

In kerberos enabled clusters, starting from HDP 2.5/Ambari 2.4, service keytabs are used for the above purpose. Hence amb_ranger_admin is applicable only for non kerberos environments. What version of HDP are you using?

1,617 Views

avatar
author-rank capacman
Explorer

Created ‎04-24-2017 04:12 PM

Hi @vperiasamy,

Thank you for quick response.

We are using 2.5.3. In the mean time, is this information still correct for ambari enabled plugins:

https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.5.3/bk_security/content/hdfs_plugin_kerberos.ht...

What I understand, ambari making this config automatically? Am I correct?

1,616 Views
0 Kudos

avatar
author-rank vperiasamy author-rank
Guru

Created ‎05-03-2017 10:16 PM

Starting from HDP 2.5.3, you don't need to setup separate lookup users mentioned in that link (for kerberized environments).

1,616 Views

avatar
author-rank capacman
Explorer

Created ‎05-03-2017 10:33 PM

Thank you vperiasamy

1,616 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera DataFlow 2.9 now supports building GenAI pipelines ...
What's New @ Cloudera
Accelerate Data Scientist Productivity with Cloudera Copilot...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
Community Announcements
October 2024 Community Highlights
What's New @ Cloudera
Accelerate Your AI with the Cloudera AI Inference Service wi...
View More Announcements