Cloudera Community
hyadav
user rank
Rising Star

Re: Wrong timezone in Ranger admin

by Rising Star in Support Questions
‎09-20-2016 07:47 AM
‎09-20-2016 07:47 AM
@Berry Österlund Please check https://issues.apache.org/jira/browse/RANGER-798 , the patch on this JIRA should be resolving this issue. ... View more

Re: How to integrate Ranger with two High Availabi...

by Rising Star in Support Questions
‎08-25-2016 02:50 PM
‎08-25-2016 02:50 PM
@Rahul Buragohain This has been incorporated in the next official release. Below is the Apache JIRA details: https://issues.apache.org/jira/browse/RANGER-803 ... View more

Re: Unable to connect Ranger to mysql , failed to...

by Rising Star in Support Questions
‎08-25-2016 09:02 AM
‎08-25-2016 09:02 AM
@Mourad Chahri use the following commands to create the 'rangerdba'@'manager' user CREATE USER 'rangerdba'@'manager' IDENTIFIED BY 'rangerdba'; GRANT ALL PRIVILEGES ON *.* TO 'rangerdba'@'manager'; ... View more

Re: How to integrate Ranger with two High Availabi...

by Rising Star in Support Questions
‎08-25-2016 08:52 AM
2 Kudos
‎08-25-2016 08:52 AM
2 Kudos
@Rahul Buragohain Ranger (on HDP 2.3.4 which has Apache Ranger 0.5.0) not supporting multiple ldap/OU sync at this point of time. Please refer to below Apache Documentation: https://cwiki.apache.org/confluence/display/RANGER/Multiple+OU+Ldap+Search+support+for+UserSync However we can sync up with one domain controller with Ranger and for others created the local users in ranger admin, still we get the next release. You may refer to an article on HCC by Hortonworker: https://community.hortonworks.com/articles/36651/how-to-sync-up-multiple-domain-controllers-from-ad.html ... View more

Re: Hive server 2 thrift error

by Rising Star in Support Questions
‎08-17-2016 10:59 AM
‎08-17-2016 10:59 AM
@Sindhu "hive.server2.authentication" is set to LDAP and hive.metastore.sasl.enabled=false . Though we see these error. Thanks ... View more

Re: Hive server 2 thrift error

by Rising Star in Support Questions
‎08-17-2016 10:56 AM
‎08-17-2016 10:56 AM
@mqureshi Cluster is non -kerberised. Thanks ... View more

Hive server 2 thrift error

by Rising Star in Support Questions
‎08-17-2016 05:31 AM
‎08-17-2016 05:31 AM
I'm seeing this message repeated over and over in the log. It doesn't seem to be causing an issue so can this log entry be disabled? 2016-08-12 14:54:37,199 ERROR server.TThreadPoolServer (TThreadPoolServer.java:run(296)) - Error occurred during processing of message. java.lang.RuntimeException: org.apache.thrift.transport.TSaslTransportException: No data or no sasl data in the stream at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:219) at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:268) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.thrift.transport.TSaslTransportException: No data or no sasl data in the stream at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:328) at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41) at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:216) ... View more
Labels:

Ambari for LDAP or Active Directory Authentication

by Rising Star in Support Questions
‎07-20-2016 09:31 AM
2 Kudos
‎07-20-2016 09:31 AM
2 Kudos
Few questions on Ambari for LDAP or Active Directory Authentication: 1. When users are synced into Ambari , are the passwords also stored in the Ambari's local DB along with the usernames 2. When a user logs into Ambari , is there a way for the user to change his password ? 3. When we create a user in AD , we set the property that "user must change password at next logon" , however after the ldpa-sync, the user cannot login into ambari . what could be the problem ? Also, when we go back to AD and untick this option (" user must change password at next logon") , the user is now able to login into ambari ? Any pointers would help Thanks ... View more
Labels:

Configuring Ranger Policy Administration High Avai...

by Rising Star in Community Articles
‎06-22-2016 01:31 PM
1 Kudo
‎06-22-2016 01:31 PM
1 Kudo
Documentation referred: https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.3.2/bk_installing_manually_book/content/configure-ranger_policy_admin_ha.html Environment Information: [ hivenv ] >> Cluster name hivenv-ambari-server.hwxblr.com >> 10.0.1.26 >> Ambari Server hn1.hwxblr.com >> 10.0.1.21 >> Existing Ranger Admin hn3.hwxblr.com >> 10.0.1.23 >> Load Balancer hn2.hwxblr.com >> 10.0.1.25 >> Additional Ranger Admin # hadoop version Hadoop 2.7.1.2.3.2.0-2950 Subversion git@github.com:hortonworks/hadoop.git -r5cc60e0003e33aa98205f18bccaeaf36cb193cc Compiled by jenkins on 2015-09-30T18:08Z Compiled with protoc 2.5.0 From source with checksum 69a3bf8c667267c2c252a54fbbf23d This command was run using /usr/hdp/2.3.2.0-2950/hadoop/lib/hadoop-common-2.7.1.2.3.2.0-2950.jar # uname -a Linux hn1.hwxblr.com 3.10.0-327.13.1.el7.x86_64 #1 SMP Thu Mar 31 16:04:38 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux # cat /etc/redhat-release CentOS release 6.7 (Final) Steps to be followed: Install the Ranger Admin component on the hosts you wish to use – hn1.hwxblr.com. For information about installing Ranger over Ambari, see Installing Ranger Over Ambari 2.0 . Configure a load balancer to balance the loads among the various Ranger Admin instances and take note of the load balancer URL. Step 1: Before Installing HAProxy on the server we need to install epel repository on our system depending on our operating system version using following command. CentOS/RHEL 5 , 32 bit: # rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm CentOS/RHEL 5 , 64 bit: # rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm CentOS/RHEL 6 , 32 bit: # rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm CentOS/RHEL 6 , 64 bit: # rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm Step 2: Install HAProxy using Yum. [root@hn3 ~]# yum install haproxy Step 3: Now we will configure HAProxy. [root@hn3 ~]# vi /etc/haproxy/haproxy.cfg Please refer for brief documentation before editing this file : https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Load_Balancer_Administration/ch-haproxy-setup-VSA.html [root@hn3 ~]# cat haproxy.cfg #--------------------------------------------------------------------- # Example configuration for a possible web application. See the # full configuration options online. # # http://haproxy.1wt.eu/download/1.4/doc/configuration.txt # #--------------------------------------------------------------------- #--------------------------------------------------------------------- # Global settings #--------------------------------------------------------------------- global # to have these messages end up in /var/log/haproxy.log you will # need to: # # 1) configure syslog to accept network log events. This is done # by adding the '-r' option to the SYSLOGD_OPTIONS in # /etc/sysconfig/syslog # # 2) configure local2 events to go to the /var/log/haproxy.log # file. A line like the following can be added to # /etc/sysconfig/syslog # # local2.* /var/log/haproxy.log # log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon # turn on stats unix socket stats socket /var/lib/haproxy/stats #--------------------------------------------------------------------- # common defaults that all the 'listen' and 'backend' sections will # use if not designated in their block #--------------------------------------------------------------------- defaults mode http log global option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 30000 #--------------------------------------------------------------------- # round robin balancing between Ranger HA #--------------------------------------------------------------------- frontend haproxy bind 10.0.1.28:6080 reqadd X-Forwarded-Proto:\ http default_backend ranger_ha backend ranger_ha 10.0.1.28:6080 balance roundrobin mode http stats enable stats hide-version stats uri /stats stats realm Haproxy\ Statistics stats auth haproxy:redhat option httpchk option httpclose option forwardfor cookie LB insert server hn1.hwxblr.com 10.0.1.27:6080 cookie A check server hn2.hwxblr.com 10.0.1.29:6080 check [root@hn3 ~]# Step 5: Start the HAProxy service [root@hn3 ~]# service haproxy start Step 6: To make the HAProxy service persist through reboots [root@hn3 ~]# chkconfig haproxy on Update the Policy Manager external URL in all Ranger Admin clients (Ranger UserSync and Ranger plug-ins) to point to the load balancer URL. Ambari >> Ranger >> Configs >>Ranger Settings >> External URL (policymgr_external_url ) : http://hn3.hwxblr.com:6080 Enable Ranger Admin HA Wizard >> On Ambari >> Ranger >> Service Actions >> Enable Ranger HA URL to load balancer: http://10.0.1.23:6080 Select additional Ranger Admin as hn2.hwxblr.com Install Additional Ranger Admin Access Load Balancer URL: http://10.0.1.23:6080 , you should be able to access Ranger policies. ... View more

Between HDFS encryption and compression

by Rising Star in Support Questions
‎06-21-2016 07:20 AM
‎06-21-2016 07:20 AM
If we turn on encryption, should we turn off compression? Are the data nodes smart enough to realize that there's no point trying to compress encrypted blocks? ... View more
Labels:
Contact Me
Online
Offline
Last Visited
‎08-15-2019 06:35 AM
Community Statistics
Member Since ‎01-27-2016 09:53 AM
Last Visited ‎08-15-2019 06:35 AM
Posts 27
Kudos received 25