Apache Ranger - To enable, monitor and manage comprehensive data security across the Hadoop platform and beyond

Clone this repo:
  1. dad4833 RANGER-4991: GDS policy evaluation support for masking and row-filtering by Madhan Neethiraj · 13 days ago master
  2. 89963fb RANGER-4989: DB patch fix for add_validity_schedule_labels_keywords_in_x_gds_dataset in mysql by Radhika Kundam · 12 days ago
  3. 3efbbc7 RANGER-4998: Add validations to Ensure Non-Empty Resource Values in GDS Resource Creation and Edit APIs by Radhika Kundam · 5 days ago
  4. 5970eda RANGER-4997: Ranger DataShare created shows status as ACTIVE instead of the default REQUESTED. by Radhika Kundam · 6 days ago
  5. 08059b5 RANGER-4986: Implement best practices for Ranger GDS REST API module by Pradeep Agrawal · 13 days ago

Apache Ranger

License PyPI Downloads Documentation Wiki

NOTE

Apache Ranger allows contributions via pull requests (PRs) on GitHub.
Alternatively, use this to submit changes for review using the Review Board. Also create a ranger jira to go along with the review and mention it in the review board review.

Building Ranger in Docker (Sandbox Install)

Ranger is built using Apache Maven. To run Ranger:

  1. Check out the code from GIT repository

  2. Ensure that docker & docker-compose is installed and running on your system.

  3. Ensure that JDK 1.8+ is installed on your system.

  4. Ensure that Apache Maven is installed on your system.

  5. Run the following command to build & run Ranger from Docker

    ./ranger_in_docker up

  6. After successful completion of the above command, you should be able to view Ranger Admin Console by using URL:

     http://<hostname-of-system>:6080/
    
     UserName: admin
     Password: rangerR0cks!
    

Regular Build Process

  1. Check out the code from GIT repository

  2. On the root folder, please execute the following Maven command:

    mvn clean compile package install

    mvn eclipse:eclipse

    Ranger Admin UI tests depend on PhantomJS. If the build fails with npm or Karma errors you can either:

    • install PhantomJS dependencies for your platform (bzip2 and fontconfig)
    • skip JavaScript test execution: mvn -DskipJSTests ...
  3. After the above build command execution, you should see the following TAR files in the target folder:

    ranger-<version>-admin.tar.gz
    ranger-<version>-atlas-plugin.tar.gz
    ranger-<version>-hbase-plugin.tar.gz
    ranger-<version>-hdfs-plugin.tar.gz
    ranger-<version>-hive-plugin.tar.gz
    ranger-<version>-kafka-plugin.tar.gz
    ranger-<version>-kms.tar.gz
    ranger-<version>-knox-plugin.tar.gz
    ranger-<version>-migration-util.tar.gz
    ranger-<version>-ranger-tools.tar.gz
    ranger-<version>-solr-plugin.tar.gz
    ranger-<version>-sqoop-plugin.tar.gz
    ranger-<version>-src.tar.gz
    ranger-<version>-storm-plugin.tar.gz
    ranger-<version>-tagsync.tar.gz
    ranger-<version>-usersync.tar.gz
    ranger-<version>-yarn-plugin.tar.gz
    ranger-<version>-kylin-plugin.tar.gz
    ranger-<version>-elasticsearch-plugin.tar.gz
    

Importing Apache Ranger Project into Eclipse

  1. Create an Eclipse workspace called ‘ranger’

  2. Import maven project from the root directory where ranger source code is downloaded (and build)

Deployment Process

Installation Host Information

  1. Ranger Admin Tool Component (ranger--admin.tar.gz) should be installed on a host where Policy Admin Tool web application runs on port 6080 (default).
  2. Ranger User Synchronization Component (ranger--usersync.tar.gz) should be installed on a host to synchronize the external user/group information into Ranger database via Ranger Admin Tool.
  3. Ranger Component plugin should be installed on the component boxes:
    • HDFS Plugin needs to be installed on Name Node hosts.
    • Hive Plugin needs to be installed on HiveServer2 hosts.
    • HBase Plugin needs to be installed on both Master and Regional Server nodes.
    • Knox Plugin needs to be installed on Knox gateway host.
    • Storm Plugin needs to be installed on Storm hosts.
    • Kafka/Solr Plugin needs to be installed on their respective component hosts.
    • YARN plugin needs to be installed on YARN Resource Manager hosts.
    • Sqoop plugin needs to be installed on Sqoop2 hosts.
    • Kylin plugin needs to be installed on Kylin hosts.
    • Elasticsearch plugin needs to be installed on Elasticsearch hosts.

Installation Process

  1. Download the tar.gz file into a temporary folder in the box where it needs to be installed.

  2. Expand the tar.gz file into /usr/lib/ranger/ folder

  3. Go to the component name under the expanded folder (e.g. /usr/lib/ranger/ranger--admin/)

  4. Modify the install.properties file with appropriate variables

    • If the module has setup.sh, execute ./setup.sh
    • If the install.sh file does not exists, execute ./enable--plugin.sh