Apache Ranger AuthorizationPDF version

Configure optimized rename and recursive delete operations in Ranger Ozone plugin

You can enable performance optimized authorization approach for rename and recursive delete operations in the Ranger Ozone plugin.

Ozone introduced support for FSO (FILE_SYSTEM_OPTIMIZED) Bucket layout. FSO Bucket layout is a Hierarchical FileSystem namespace view with directories and files. Similar to HDFS, with FSO bucket layout, Ozone has an efficient directory rename and delete operations. Ranger supports not only authorization for rename and recursive delete operations, but also provides an option to enable performance optimized solution when these operations are performed on directory containing large set of subpaths (directories/files) within it.

Property name - ranger.plugin.ozone.optimized.subaccesspath.enabled

Default is set to false.

To enable authorization for rename and recursive delete operations in the Ranger Ozone plugin:

  1. In Cloudera Manager > Ozone > Ozone Manager > Configuration > Search. type ranger-ozone-security.xml.
  2. In Ozone Service Advanced Configuration Snippet (Safety Valve) for ranger-ozone-security.xml, click +.
    1. Under Ozone, in Name, type: ranger.plugin.ozone.optimized.subaccesspath.enabled.
    2. In Value, type: true.
    3. Click Save Changes.
  3. In Ozone > Actions, click Restart.
Ranger not only authorizes rename and recursive delete operations, but also provides an option to enable performance optimized solution when these operations are performed on a directory containing a large set of subpaths (directories/files) within it.