网站导航
> 技术文档 > Apache Ranger 权限管理

Apache Ranger 权限管理

网友: 技术文档 2025-07-26 20:20:37

编译

mvn install package -DskipTests -Dfast -Drat.skip=true -Dmaven.test.skip=true -Dcheckstyle.skip=true -Denforcer.skip=true

Apache Ranger 权限管理

install.properties
PYTHON_COMMAND_INVOKER=python#DB_FLAVOR=MYSQL|ORACLE|POSTGRES|MSSQL|SQLADB_FLAVOR=MYSQL### Location of DB client library (please check the location of the jar file)##SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar#SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar#SQL_CONNECTOR_JAR=/usr/share/java/postgresql.jar#SQL_CONNECTOR_JAR=/usr/share/java/sqljdbc4.jar#SQL_CONNECTOR_JAR=/opt/sqlanywhere17/java/sajdbc4.jarSQL_CONNECTOR_JAR=/data/app/apache-ranger/mysql-connector-java-5.1.47.jardb_root_user=rootdb_root_password=OIRLkZvqIQyBdb_host=localhost:3306#SSL configdb_ssl_enabled=falsedb_ssl_required=falsedb_ssl_verifyServerCertificate=false#db_ssl_auth_type=1-way|2-way, where 1-way represents standard one way ssl authentication and 2-way represents mutual ssl authenticationdb_ssl_auth_type=1-wayjavax_net_ssl_keyStore=javax_net_ssl_keyStorePassword=javax_net_ssl_trustStore=javax_net_ssl_trustStorePassword=javax_net_ssl_trustStore_type=jksjavax_net_ssl_keyStore_type=jks# For postgresql dbdb_ssl_certificate_file=## DB UserId used for the Ranger schema#db_name=rangerdb_user=rangerdb_password=OIRLkZvqIQyB#For over-riding the jdbc url.is_override_db_connection_string=falsedb_override_connection_string=# change password. Password for below mentioned users can be changed only once using this property.#PLEASE NOTE :: Password should be minimum 8 characters with min one alphabet and one numeric.rangerAdmin_password=Ranger123456rangerTagsync_password=Ranger123456rangerUsersync_password=Ranger123456keyadmin_password=Ranger123456#Source for Audit Store. Currently solr, elasticsearch and cloudwatch logs are supported.# * audit_store is solraudit_store=solraudit_elasticsearch_password=audit_elasticsearch_index=audit_elasticsearch_bootstrap_enabled=true# * audit_solr_url URL to Solr. E.g. http://:6083/solr/ranger_auditsaudit_solr_urls=http://192.168.1.49:8983/solr/ranger_auditsaudit_solr_user=audit_solr_password=audit_solr_zookeepers=192.168.1.49:2181audit_solr_collection_name=ranger_audits#solr Properties for cloud modeaudit_solr_config_name=ranger_auditsaudit_solr_configset_location=audit_solr_no_shards=1audit_solr_no_replica=1audit_solr_max_shards_per_node=1audit_solr_acl_user_list_sasl=solr,infra-solraudit_solr_bootstrap_enabled=true# * audit to amazon cloudwatch propertiesaudit_cloudwatch_region=audit_cloudwatch_log_group=audit_cloudwatch_log_stream_prefix=#------------------------- DB CONFIG - END ----------------------------------## ------- PolicyManager CONFIG ----------------#policymgr_external_url=http://192.168.1.49:6080policymgr_http_enabled=truepolicymgr_https_keystore_file=policymgr_https_keystore_keyalias=rangeradminpolicymgr_https_keystore_password=
setup.sh
  • 构建 jisql/lib 目录
[root@localhost lib]# lltotal 132-rw-r--r-- 1 ranger ranger 19516 Jul 25 16:55 credentialbuilder-3.0.0-SNAPSHOT.jar-rw-r--r-- 1 ranger ranger 29240 Jul 25 16:34 jisql-3.0.0-SNAPSHOT.jar-rw-r--r-- 1 ranger ranger 78146 Jul 25 16:39 jopt-simple-5.0.4.jar[root@localhost lib]# pwd/data/app/apache-ranger/ranger-3.0.0-SNAPSHOT-admin/jisql/lib

Apache Ranger 权限管理
Apache Ranger 权限管理

ranger-admin
[root@localhost lib]# ranger-admin --helpInvalid argument [--help];Usage: Only start | stop | restart | metric | version, are supported.For metric Usage: metric -type policies | audits | usergroup | services | database | contextenrichers | denyconditions

Apache Ranger 权限管理

Apache Ranger 权限管理

Apache Ranger 权限管理

整合 StarRocks 管理权限

参考:https://docs.starrocks.io/zh/docs/3.2/administration/user_privs/ranger_plugin/

curl -u admin:Ranger123456 -X POST -H \"Accept: application/json\" \\-H \"Content-Type: application/json\" \\http://hadoop03:6080/service/plugins/definitions -d@ranger-servicedef-starrocks.json

Apache Ranger 权限管理
Apache Ranger 权限管理

Apache Ranger 权限管理

网络标签:

相关问题