Security
Also available as:
PDF
loading table of contents...

Installation Prerequisites

Before you install Ranger, make sure your cluster meets the following requirements:

[Important]Important

As of HDP-2.5, Audit to DB is no longer supported. If you previously used Audit to DB, you can migrate the logs to Solr using the instructions in Migrating Audit Logs from DB to Solr in Ambari Clusters.

  • It is recommended that you store audits in both HDFS and Solr. The default configuration for Ranger Audits to Solr uses the shared Solr instance provided under the Ambari Infra service. For more information about Audits to Solr, see Ranger Audit Settings and Using Apache Solr for Ranger Audits.

  • To ensure that LDAP/AD group level authorization is enforced in Hadoop, you should set up Hadoop group mapping for LDAP.

  • A MySQL, Oracle, or PostgreSQL database instance must be running and available to be used by Ranger.

    The Ranger installation will create two new users (default names: rangeradmin and rangerlogger) and two new databases (default names: ranger and ranger_audit).

  • Configuration of the database instance for Ranger is described in the following sections for some of the databases supported by Ranger.

  • If you choose not to provide system Database Administrator (DBA) account details to the Ambari Ranger installer, you can use the dba_script.py Python script to create Ranger DB database users without exposing DBA account information to the Ambari Ranger installer. You can then run the normal Ambari Ranger installation without specifying a DBA user name and password. For more information see Setting up Database Users Without Sharing DBA Credentials.