Make sure the HDP 2.2 repository is added to your site's list of yum repositories.
If it has not yet been added, add it now by performing the following steps:
For RHEL/Centos6/Oracle LINUX 6:
wget -nv http://public-repo-1.hortonworks.com/HDP/centos6/2.x/GA/2.2.4.2/hdp.repo -O /etc/yum.repos.d/hdp.repo
For Ubuntu 12.04:
apt-get update wget http://public-repo-1.hortonworks.com/HDP/ubuntu12/2.x/GA/2.2.4.2/hdp.list -O /etc/apt/sources.list.d/hdp.list
For Debian 6:
apt-get update wget http://public-repo-1.hortonworks.com/HDP/debian6/2.x/GA/2.2.4.2/hdp.list -O /etc/apt/sources.list.d/hdp.list
Find the Ranger Policy Admin software:
yum search ranger
Install the Ranger Policy Admin software:
yum install ranger_2_2_4_2_2-admin
In the Ranger Policy Administration installation directory, update the install.properties file:
Go to the installation directory:
cd /usr/hdp/2.2.4.2-2/ranger-admin/
Edit the following install.properties entries:
Table 13.1. install.properties Entries
Configuration Property
Default/Example Value
Required?
Ranger Policy Database
DB_FLAVOR Specifies the type of database used for audit logging (MYSQL,ORACLE)
MYSQL (default)
Y
SQL_CONNECTOR_JAR Path to SQL connector JAR. DB driver location for Mysql, If Oracle db is used, copy the oracle jdbc driver to file, /usr/share/java/ojdbc6.jar ** In Windows, only Mysql is supported.
/usr/share/java/mysql-connector-java.jar (default)
Y
db_root_user database username who has privileges for creating database schemas and users
root (default)
Y
db_root_password database password for the "db_root_user"
rootPassW0Rd
Y
db_host Hostname of the ranger policy database server
localhost
Y
db_name Ranger Policy database name
ranger (default)
Y
db_user db username used for performing all policy mgmt operation from policy admin tool
rangeradmin (default)
Y
db_password database password for the "db_user"
RangerAdminPassW0Rd
Y
Ranger Audit Database
audit_db_name Ranger audit database name - This can be different database in the same database server mentioned above
ranger_audit (default)
Y
audit_db_user Ranger audit database name - This can be different database in the same database server mentione
rangerlogger (default)
Y
audit_db_password database password for the "audit_db_user"
RangerLoggerPassW0Rd
Y
Policy Admin Tool Config
policymgr_external_url URL used within Policy Admin tool when a link to its own page is generated in the Policy Admin Tool website
http://localhost:6080 (default) http://myexternalhost.xasecure.net:6080N
policymgr_http_enabled Enables/disables HTTP protocol for downloading policies by Ranger plugins
true (default)
Y
unix_user UNIX user who runs the Policy Admin Tool process
ranger (default) (default)
Y
unix_group UNIX group associated with the UNIX user who runs the Policy Admin Tool process
ranger (default)
Y
Policy Admin Tool Authentication
authentication_method
Authentication Method used to log in to the Policy Admin Tool.
NONE -- only users created within the Policy Admin Tool may log in
UNIX -- allows UNIX userid authentication using the UNIX authentication service (see below)
LDAP -- allows Corporate LDAP authentication (see below)
ACTIVE_DIRECTORY -- allows authentication using an Active Directory
none (default)
Y
UNIX Authentication Service
remoteLoginEnabled Flag to enable/disable remote Login via Unix Authentication Mode
true (default)
Y, if UNIX authentication_method is selected
authServiceHostName Server Name (or ip-addresss) where ranger-usersync module is running (along with Unix Authentication Service)
localhost (default) myunixhost.domain.com
Y, if UNIX authentication_method is selected
authServicePort Port Number where ranger-usersync module Is running Unix Authentication Service
5151 (default)
Y, if UNIX authentication_method is selected
LDAP Authentication
xa_ldap_url URL for the LDAP service
ldap://71.127.43.33:389
Y, if LDAP authentication_method is selectedd
xa_ldap_userDNpattern LDAP DN Pattern used to uniquely locate the login user
uid={0},ou=users,dc=xasecure,dc=net
Y, if LDAP authentication_method is selectedd
xa_ldap_groupSearchBase LDAP Base node location to get all groups associated with login user
ou=groups,dc=xasecure,dc=net
Y, if LDAP authentication_method is selectedd
xa_ldap_groupSearchFilter LDAP search filter used to retrieve groups for the login user
(member=uid={0},ou=users, dc=xasecure,dc=net)
Y, if LDAP authentication_method is selectedd
xa_ldap_groupRoleAttribute Attribute used to retrieve the group names from the group search filters
cn
Y, if LDAP authentication_method is selectedd
Active Directory Authentication
xa_ldap_ad_domain Active Directory Domain Name used for AD login
xasecure.net
Y, if ACTIVE_DIRECTORY authentication_method is selectedd
xa_ldap_ad_url Active Directory LDAP URL for authentication of user
ldap://ad.xasecure.net:389
Y, if ACTIVE_DIRECTORY authentication_method is selectedd
Check the JAVA_HOME environment variable. If it has not yet been set, enter:
export JAVA_HOME=<path of installed jdk version folder>