Configure Ranger Admin High Availability with a Load Balancer

For clusters that have multiple users and production availability requirements, you may want to configure Ranger high availability (HA) with a load-balancing proxy server to relay requests to and from Ranger.

  1. Configure an external load balancer to use with Ranger HA.
  2. In Cloudera Manager, select Ranger, then select Actions > Add Role Instances.
  3. On the Add Role Instances page, click Select hosts.
  4. On the selected hosts page, the primary Ranger Admin host is selected by default. Select your configured backup Ranger host (ranger-host2-fqdn). A Ranger Admin (RA) icon appears in the Added Roles column for the selected backup host. Click OK to continue.
  5. The Add Role Instances page is redisplayed with the new backup host. Click Continue.
  6. Review the settings on the Review Changes page, then click Continue.
  7. Update the Ranger Load Balancer Address property (ranger.externalurl) with the load balancer host URL and port, then click Save Changes.
  8. Verify the load balancer principal is generated by CM. In Cloudera Manager > Administration > Security > Kerberos credentials, search for the load balancer hostname. You should be able to search the principal in the format : HTTP/<loadbalancer-hostname>@EXAMPLE.COM. If the load balancer principal hostname entry is not available, click Generate Missing Credentials on the same page and then search for the principal. After the load balancer principal is created by CM, restart the Ranger service after staleness.
  9. Restart all other cluster services that require a restart, then click Finish.
  10. Use a browser to check the load-balancer host URL (with port). You should see the Ranger Admin page.