Guys, I have two HDP 2.4.0 clusters. On both the we have setup Ranger and integrated with different ADs. More or less users are same. I read on one of the HCC questions that we can use DB replication to keep both policy DB in sync. What I want to achieve is : From Cluster-A, want to take up Ranger DB, replace environment specific values and restore it on another cluster, restart Ambari and I should be good to go. But more I study schema and spend more time analyzing the situation, it doesn't look practical to me. Has anyone actually replaced DB for Ranger? I was trying to check the Ranger DB and both these environments I found lot of differences in the table contents. Mostly because of the users and groups, as we are pointing to different Active Directories. I've three questions here : (1) If we backup ranger db from cluster-1, drop db of cluster-2, stop user sync in Ambari on cluster-2, restore db of cluster-1 and restart Ambari (keep user sync) off and restart the Ranger admin. Will it work? ( I am happy to have imported users/groups of Cluster-1 - which are imported from AD1 and OK to delete imported users of Cluster-2 Ranger DB, Will this create problem? ) (2) Any better suggestions to make db replication work? (3) What is better way around syncing policies across clusters? Thanks.
... View more
