Configure Ranger Admin High Availability with a Load Balancer
For clusters that have multiple users and production availability requirements, you may want to configure Ranger high availability (HA) with a load-balancing proxy server to relay requests to and from Ranger.
- Configure an external load balancer to use with Ranger HA.
-
In Cloudera Manager, select Ranger, then select Actions > Add Role
Instances.
-
On the Add Role Instances page, click Select hosts.
-
On the selected hosts page, the primary Ranger Admin host is selected by default.
Select your configured backup Ranger host (
ranger-host2-fqdn
). A Ranger Admin (RA) icon appears in the Added Roles column for the selected backup host. Click OK to continue. -
The Add Role Instances page is redisplayed with the new backup host. Click
Continue.
-
Review the settings on the Review Changes page, then click Continue.
-
Update the Ranger Load Balancer Address property
(
ranger.externalurl
) with the load balancer host URL and port, then click Save Changes. -
Verify the load balancer principal is generated by CM. In Cloudera Manager > Administration > Security > Kerberos credentials, search for the load balancer hostname. You should be able to search
the principal in the format : HTTP/<loadbalancer-hostname>@EXAMPLE.COM. If the
load balancer principal hostname entry is not available, click Generate
Missing Credentials on the same page and then search for the
principal. After the load balancer principal is created by CM, restart the Ranger
service after staleness.
-
Restart all other cluster services that require a restart, then click
Finish.
-
Use a browser to check the load-balancer host URL (with port). You should see the
Ranger Admin page.