Configuring Ranger Admin HA Without SSL
Set up the load-balancer and enable Ranger Admin on an Ambari-managed cluster.
- Use SSH to connect to the cluster node where you will set up the load-balancer. In this procedure, we use the IP address 172.22.71.37.
- Use the following command to switch to the
/usr/local
directory:cd /usr/local
- Download the
httpd
file and its dependencies (apr
andapr-util
):wget https://archive.apache.org/dist/httpd/httpd-2.4.16.tar.gz wget https://archive.apache.org/dist/apr/apr-1.5.2.tar.gz wget https://archive.apache.org/dist/apr/apr-util-1.5.4.tar.gz
- Extract the contents of these files:
tar -xvf httpd-2.4.16.tar.gz tar -xvf apr-1.5.2.tar.gz tar -xvf apr-util-1.5.4.tar.gz
- Run the following commands to move
apr
andapr-util
to thesrclib
directory underhttpd
:mv apr-1.5.2/ apr mv apr httpd-2.4.16/srclib/ mv apr-util-1.5.4/ apr-util mv apr-util httpd-2.4.16/srclib/
- Install PCRE (Perl-Compatible Regular Expressions Library):
yum install pcre pcre-devel
NoteHere we are using yum install, but you can also download the latest bits from http://www.pcre.org/
- Install
gcc
(ANSI-C Compiler and Build System):yum install gcc
- Run the following commands to configure the source tree:
cd /usr/local/httpd-2.4.16 ./configure
- Run the following command to make the build:
make
- Run the install:
make install
- Run the following commands to confirm the preceding configuration steps:
cd /usr/local/apache2/bin ./apachectl start curl localhost
This should return:
<html><body><h1>It works!</h1></body></html>
- Run the following commands to create a backup
conf
file.cd /usr/local/apache2/conf cp httpd.conf ~/httpd.conf.backup
- Edit the
httpd.conf
file:vi /usr/local/apache2/conf/httpd.conf
Make the following updates:
-
If you are not running the load-balancer on the default port 80, change the default listening port in line
Listen 80
to match the port setting. -
Un-comment the following module entries (remove the
#
symbol at the beginning of each line):LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_ajp_module modules/mod_proxy_ajp.so LoadModule proxy_balancer_module modules/mod_proxy_balancer.so LoadModule slotmem_shm_module modules/mod_slotmem_shm.so LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
-
Update the ServerAdmin email address, or comment out that line.
#ServerAdmin you@example.com
-
At the end of the
httpd.conf
file, add the following line to read the custom configuration file:Include conf/ranger-cluster.conf
-
- Create a custom
conf
file:vi ranger-cluster.conf
Make the following updates:
-
Add the following lines, then change the
<VirtualHost *:88>
port to match the default port you set in thehttpd.conf
file in the previous step.# # This is the Apache server configuration file providing SSL support. # It contains the configuration directives to instruct the server how to # serve pages over an https connection. For detailing information about these # directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html> # # Do NOT simply read the instructions in here without understanding # what they do. They're here only as hints or reminders. If you are unsure # consult the online docs. You have been warned. #Listen 80 <VirtualHost *:88> ProxyRequests off ProxyPreserveHost on Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED <Proxy balancer://rangercluster> BalancerMember http://172.22.71.38:6080 loadfactor=1 route=1 BalancerMember http://172.22.71.39:6080 loadfactor=1 route=2 Order Deny,Allow Deny from none Allow from all ProxySet lbmethod=byrequests scolonpathdelim=On stickysession=ROUTEID maxattempts=1 failonstatus=500,501,502,503 nofailover=Off </Proxy> # balancer-manager # This tool is built into the mod_proxy_balancer # module and will allow you to do some simple # modifications to the balanced group via a gui # web interface. <Location /balancer-manager> SetHandler balancer-manager Order deny,allow Allow from all </Location> ProxyPass /balancer-manager ! ProxyPass / balancer://rangercluster/ ProxyPassReverse / balancer://rangercluster/ </VirtualHost>
NoteThe URLs listed in the
BalancerMember
entries are the IP addresses of the Ranger Admin hosts. In this example, the Ranger Admin host addresses are:http://172.22.71.38:6080 http://172.22.71.39:6080
-
- Run the following commands to restart the
httpd
server:cd /usr/local/apache2/bin ./apachectl restart
If you use a browser to check the load-balancer host (with port) as specified in the
BalanceMember
entries in theranger-cluster.conf
file, you should see the Ranger Admin page. - Enable Ranger Admin HA using Ambari. On the Ambari dashboard of the
first Ranger host, select Services > Ranger, then
select Service Actions > Enable Ranger Admin HA to
launch the Enable Ranger Admin HA Wizard.
- On the Get Started page, enter the load-balancer URL and port number (in this
example, 172.22.71.37:88), then click Next.
- On the Select Hosts page, confirm the host assignments, then click Next.
- Check the settings on the Review page, then click Next.
- Click Complete on the Install, Start, and Test page to complete the installation.
- When the installation is complete, the Ranger Admin instances are listed on the
Ranger Summary page. Select Actions > Restart All
Required to restart all services that require a restart.
Note
For Oracle, clear the
Setup DB and DB user
check box under "Advanced ranger-env" to avoid DB setup. - To test the load-balancer and Ranger HA configuration, select Ranger > Service Actions > Stop on one of the Ranger hosts.
- Use a browser to check the load-balancer host URL (with port). You should see the Ranger Admin page.