Configuring a Ranger or Ranger KMS Database: MySQL/MariaDB

Prior to upgrading your cluster to CDP Private Cloud Base you must configure the MySQL or MariaDB database instance for Ranger by creating a Ranger database and user. Before you begin the transition, review the support policies of database and admin policy support for transactions.

A supported version of MySQL or MariaDB must be running and available to be used by Ranger.

When using MySQL or MariaDB, the storage engine used for the Ranger admin policy store tables MUST support transactions. InnoDB is an example of engine that supports transactions. A storage engine that does not support transactions is not suitable as a policy store.

  1. Log in to the host where you want to set up the MySQL database for Ranger.
  2. Make sure you have the MYSQL connector version 5.7 or higher in the /usr/share/java/ directory with name mysql-connector-java.jar.
  3. Edit the following file: /etc/my.cnf and add the following line:
    log_bin_trust_function_creators = 1 
  4. Restart the database:
    systemctl restart mysqld
    or:
    systemctl restart mariadb
  5. Log in to mysql:
    mysql -u root
  6. Run the following commands to create the Ranger database and user.
    Substitute the following in the command:
    • (optional) Replace rangeradmin with a username of your choice. Note this username, you will need to enter it later when running the Upgrade Cluster command.
    • (optional) Replace cloudera with a password of your choice. Note this password, you will need to enter it later when running the Upgrade Cluster command.
    • <Ranger Admin Role hostname> – the name of the host where the Ranger Admin role will run. Note this host, you will need to enter it later when running the Upgrade Cluster command.
    CREATE DATABASE ranger;
    CREATE USER 'rangeradmin'@'%' IDENTIFIED BY 'cloudera';
    CREATE USER 'rangeradmin'@'localhost' IDENTIFIED BY 'cloudera';
    CREATE USER 'rangeradmin'@'<Ranger Admin Role hostname>' IDENTIFIED BY 'cloudera';
    GRANT ALL PRIVILEGES ON ranger.* TO 'rangeradmin'@'%';
    GRANT ALL PRIVILEGES ON ranger.* TO 'rangeradmin'@'localhost';
    GRANT ALL PRIVILEGES ON ranger.* TO 'rangeradmin'@'<Ranger Admin Role hostname>';
    FLUSH PRIVILEGES;
  7. Use the exit; command to exit MySQL.
  8. Test connecting to the database using the following command:
    mysql -u rangerdba -pcloudera
  9. After testing the connection, use the exit; command to exit MySQL.
  10. Continue with the cluster installation or upgrade to complete the transition.