缂栬瘧瀹夎澶ф暟鎹钩鍙版潈闄愮鐞嗙粍浠?- Apache Ranger 3.x
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了缂栬瘧瀹夎澶ф暟鎹钩鍙版潈闄愮鐞嗙粍浠?- Apache Ranger 3.x相关的知识,希望对你有一定的参考价值。
鏍囩锛?a href='http://www.mamicode.com/so/1/effective' title='effective'>effective
渚濊禆 uil tip mysql8 閫氳繃 glob jdb ima 瀹樻柟鏂囨。锛?/p>
缂栬瘧Ranger婧愮爜
棣栧厛鍑嗗濂絁ava鍜孧aven鐜锛?/p>
[root@hadoop01 ~]# java -version
java version "1.8.0_261"
Java(TM) SE Runtime Environment (build 1.8.0_261-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.261-b12, mixed mode)
[root@hadoop01 ~]# mvn -v
Apache Maven 3.6.3 (cecedd343002696d0abb50b32b541b8a6ba2883f)
Maven home: /usr/local/maven
Java version: 1.8.0_261, vendor: Oracle Corporation, runtime: /usr/local/jdk/1.8/jre
Default locale: zh_CN, platform encoding: UTF-8
OS name: "linux", version: "3.10.0-1062.el7.x86_64", arch: "amd64", family: "unix"
[root@hadoop01 ~]#
- Tips锛?/strong>Maven闇€閰嶇疆濂藉浗鍐呯殑闀滃儚婧愶紝鍚﹀垯渚濊禆涓嬩竴澶╀篃涓嬭浇涓嶄笅鏉?/li>
鐩存帴浠嶨itHub涓婃媺鍙朢anger鐨勬簮鐮侊紝鎴栬€呬粠瀹樼綉涓嬭浇鐩稿簲鐗堟湰鐨勬簮鐮佸寘锛?/p>
[root@hadoop01 ~]# cd /usr/local/src
[root@hadoop01 /usr/local/src]# git clone https://github.com/apache/ranger
杩涘叆婧愮爜鐩綍锛?code>cd ranger
pom鏂囦欢锛屼富瑕佷慨鏀逛袱涓湴鏂癸紝绗竴鏄皢浠撳簱鐩稿叧閰嶇疆閮界粰娉ㄩ噴鎺夛細
<!--
<repositories>
<repository>
<id>apache.snapshots.https</id>
<name>Apache Development Snapshot Repository</name>
<url>https://repository.apache.org/content/repositories/snapshots</url>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
<repository>
<id>apache.public.https</id>
<name>Apache Development Snapshot Repository</name>
<url>https://repository.apache.org/content/repositories/public</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
<repository>
<id>repo</id>
<url>file://${basedir}/local-repo</url>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
</repositories>
-->
绗簩鏄慨鏀筯adoop鐩稿叧缁勪欢鐨剉ersion锛屽皢鐗堟湰鏀逛负浣犳墍瀹夎鐨勭増鏈細
<hadoop.version>3.3.0</hadoop.version>
<hbase.version>2.2.6</hbase.version>
<hive.version>3.1.2</hive.version>
- Tips锛?/strong>濡傛灉闇€瑕佺敤Ranger绠$悊鍏朵粬缁勪欢锛屼篃闇€瑕佹壘鍒板叾鐗堟湰瀹氫箟锛屼慨鏀逛负涓€鑷寸殑鐗堟湰锛岄伩鍏嶆暣鍚堟椂鍙戠敓鐗堟湰涓嶅吋瀹圭瓑闂
鐒跺悗淇敼security-admin/pom.xml鏂囦欢涓笌nodejs鐨勭浉鍏抽厤缃€傚湪鏂囦欢鍐呮悳绱?code><id>install node and npm</id>
configuration鏍囩鐨勫唴瀹逛慨鏀瑰涓嬶細
<configuration>
<nodeVersion>v10.13.0</nodeVersion>
<!--<npmVersion>6.4.1</npmVersion>-->
</configuration>
鐒跺悗缁х画鍦ㄦ枃浠跺唴鎼滅储<id>npm install for packaging</id>锛屽皢configuration鏍囩鐨勫唴瀹逛慨鏀瑰涓嬶細
<configuration>
<workingDirectory>${project.build.directory}/jsmain</workingDirectory>
<arguments>install -registry=https://registry.npm.taobao.org --cache-max=0 --no-save</arguments>
</configuration>
缁х画鍦ㄦ枃浠跺唴鎼滅储<id>npm install for tests</id>锛屽皢configuration鏍囩鐨勫唴瀹逛慨鏀瑰涓嬶細
<configuration>
<skip>${skipJSTests}</skip>
<workingDirectory>${project.build.directory}/jstest</workingDirectory>
<arguments>install -registry=https://registry.npm.taobao.org --cache-max=0 --no-save</arguments>
</configuration>
瀹屾垚浠ヤ笂鐨勪慨鏀瑰悗锛屼娇鐢╩aven鍛戒护杩涜缂栬瘧鎵撳寘锛?/p>
[root@hadoop01 /usr/local/src]# cd ranger/
[root@hadoop01 /usr/local/src/ranger]# mvn -DskipTests=true clean package
缁忚繃涓€娈垫极闀跨殑绛夊緟鍚庯紝缂栬瘧鎵撳寘瀹屾垚灏嗚緭鍑哄涓嬩俊鎭細
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary for ranger 3.0.0-SNAPSHOT:
[INFO]
[INFO] ranger ............................................. SUCCESS [ 0.763 s]
[INFO] Jdbc SQL Connector ................................. SUCCESS [ 0.903 s]
[INFO] Credential Support ................................. SUCCESS [ 35.119 s]
[INFO] Audit Component .................................... SUCCESS [ 24.206 s]
[INFO] ranger-plugin-classloader .......................... SUCCESS [ 0.823 s]
[INFO] Common library for Plugins ......................... SUCCESS [ 4.650 s]
[INFO] ranger-intg ........................................ SUCCESS [ 1.672 s]
[INFO] Installer Support Component ........................ SUCCESS [ 0.494 s]
[INFO] Credential Builder ................................. SUCCESS [ 2.276 s]
[INFO] Embedded Web Server Invoker ........................ SUCCESS [ 4.777 s]
[INFO] Key Management Service ............................. SUCCESS [ 27.430 s]
[INFO] HBase Security Plugin Shim ......................... SUCCESS [01:47 min]
[INFO] HBase Security Plugin .............................. SUCCESS [ 25.536 s]
[INFO] Hdfs Security Plugin ............................... SUCCESS [ 13.548 s]
[INFO] Hive Security Plugin ............................... SUCCESS [01:41 min]
[INFO] Knox Security Plugin Shim .......................... SUCCESS [ 12.290 s]
[INFO] Knox Security Plugin ............................... SUCCESS [02:12 min]
[INFO] Storm Security Plugin .............................. SUCCESS [ 3.999 s]
[INFO] YARN Security Plugin ............................... SUCCESS [ 1.452 s]
[INFO] Ozone Security Plugin .............................. SUCCESS [ 16.509 s]
[INFO] Ranger Util ........................................ SUCCESS [ 1.000 s]
[INFO] Unix Authentication Client ......................... SUCCESS [ 0.590 s]
[INFO] User Group Synchronizer Util ....................... SUCCESS [ 0.457 s]
[INFO] Security Admin Web Application ..................... SUCCESS [01:15 min]
[INFO] KAFKA Security Plugin .............................. SUCCESS [ 13.393 s]
[INFO] SOLR Security Plugin ............................... SUCCESS [ 19.696 s]
[INFO] NiFi Security Plugin ............................... SUCCESS [ 1.556 s]
[INFO] NiFi Registry Security Plugin ...................... SUCCESS [ 1.586 s]
[INFO] Kudu Security Plugin ............................... SUCCESS [ 0.809 s]
[INFO] Unix User Group Synchronizer ....................... SUCCESS [ 34.854 s]
[INFO] Ldap Config Check Tool ............................. SUCCESS [ 0.643 s]
[INFO] Unix Authentication Service ........................ SUCCESS [ 0.917 s]
[INFO] Unix Native Authenticator .......................... SUCCESS [ 0.475 s]
[INFO] KMS Security Plugin ................................ SUCCESS [ 7.668 s]
[INFO] Tag Synchronizer ................................... SUCCESS [02:24 min]
[INFO] Hdfs Security Plugin Shim .......................... SUCCESS [ 0.906 s]
[INFO] Hive Security Plugin Shim .......................... SUCCESS [ 5.423 s]
[INFO] YARN Security Plugin Shim .......................... SUCCESS [ 0.914 s]
[INFO] OZONE Security Plugin Shim ......................... SUCCESS [ 0.944 s]
[INFO] Storm Security Plugin shim ......................... SUCCESS [ 0.961 s]
[INFO] KAFKA Security Plugin Shim ......................... SUCCESS [ 0.881 s]
[INFO] SOLR Security Plugin Shim .......................... SUCCESS [ 1.096 s]
[INFO] Atlas Security Plugin Shim ......................... SUCCESS [ 12.065 s]
[INFO] KMS Security Plugin Shim ........................... SUCCESS [ 7.139 s]
[INFO] ranger-examples .................................... SUCCESS [ 0.017 s]
[INFO] Ranger Examples - Conditions and ContextEnrichers .. SUCCESS [ 1.479 s]
[INFO] Ranger Examples - SampleApp ........................ SUCCESS [ 0.384 s]
[INFO] Ranger Examples - Ranger Plugin for SampleApp ...... SUCCESS [ 0.831 s]
[INFO] sample-client ...................................... SUCCESS [ 0.865 s]
[INFO] Apache Ranger Examples Distribution ................ SUCCESS [ 1.262 s]
[INFO] Ranger Tools ....................................... SUCCESS [ 3.747 s]
[INFO] Atlas Security Plugin .............................. SUCCESS [ 1.149 s]
[INFO] SchemaRegistry Security Plugin ..................... SUCCESS [ 32.873 s]
[INFO] Sqoop Security Plugin .............................. SUCCESS [ 6.273 s]
[INFO] Sqoop Security Plugin Shim ......................... SUCCESS [ 0.810 s]
[INFO] Kylin Security Plugin .............................. SUCCESS [03:13 min]
[INFO] Kylin Security Plugin Shim ......................... SUCCESS [ 9.244 s]
[INFO] Presto Security Plugin ............................. SUCCESS [ 21.863 s]
[INFO] Presto Security Plugin Shim ........................ SUCCESS [01:42 min]
[INFO] Elasticsearch Security Plugin Shim ................. SUCCESS [ 3.510 s]
[INFO] Elasticsearch Security Plugin ...................... SUCCESS [ 1.047 s]
[INFO] Apache Ranger Distribution ......................... SUCCESS [03:07 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
姝ゆ椂鍦?code>target
[root@hadoop01 /usr/local/src/ranger]# ls target/
antrun ranger-3.0.0-SNAPSHOT-hive-plugin.tar.gz ranger-3.0.0-SNAPSHOT-presto-plugin.tar.gz ranger-3.0.0-SNAPSHOT-storm-plugin.tar.gz
maven-shared-archive-resources ranger-3.0.0-SNAPSHOT-kafka-plugin.tar.gz ranger-3.0.0-SNAPSHOT-ranger-tools.tar.gz ranger-3.0.0-SNAPSHOT-tagsync.tar.gz
ranger-3.0.0-SNAPSHOT-admin.tar.gz ranger-3.0.0-SNAPSHOT-kms.tar.gz ranger-3.0.0-SNAPSHOT-schema-registry-plugin.jar ranger-3.0.0-SNAPSHOT-usersync.tar.gz
ranger-3.0.0-SNAPSHOT-atlas-plugin.tar.gz ranger-3.0.0-SNAPSHOT-knox-plugin.tar.gz ranger-3.0.0-SNAPSHOT-solr_audit_conf.tar.gz ranger-3.0.0-SNAPSHOT-yarn-plugin.tar.gz
ranger-3.0.0-SNAPSHOT-elasticsearch-plugin.tar.gz ranger-3.0.0-SNAPSHOT-kylin-plugin.tar.gz ranger-3.0.0-SNAPSHOT-solr-plugin.tar.gz version
ranger-3.0.0-SNAPSHOT-hbase-plugin.tar.gz ranger-3.0.0-SNAPSHOT-migration-util.tar.gz ranger-3.0.0-SNAPSHOT-sqoop-plugin.tar.gz
ranger-3.0.0-SNAPSHOT-hdfs-plugin.tar.gz ranger-3.0.0-SNAPSHOT-ozone-plugin.tar.gz ranger-3.0.0-SNAPSHOT-src.tar.gz
[root@hadoop01 /usr/local/src/ranger]#
閮ㄧ讲Ranger Admin
灏唕anger admin鐨勫畨瑁呭寘瑙e帇鍒板悎閫傜殑鐩綍涓嬶紝鎴戣繖閲屼範鎯斁鍒?code>/usr/local
[root@hadoop01 /usr/local/src/ranger]# tar -zxvf target/ranger-3.0.0-SNAPSHOT-admin.tar.gz -C /usr/local/
杩涘叆瑙e帇鍚庣殑鐩綍锛岀洰褰曠粨鏋勫涓嬶細
[root@hadoop01 /usr/local/src/ranger]# cd /usr/local/ranger-3.0.0-SNAPSHOT-admin/
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]# ls
bin contrib dba_script.py ews ranger_credential_helper.py set_globals.sh templates-upgrade upgrade_admin.py
changepasswordutil.py cred db_setup.py install.properties restrict_permissions.py setup_authentication.sh update_property.py upgrade.sh
changeusernameutil.py db deleteUserGroupUtil.py jisql rolebasedusersearchutil.py setup.sh updateUserAndGroupNamesInJson.py version
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]#
閰嶇疆瀹夎閫夐」锛?/p>
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]# vim install.properties
# 鎸囧畾mysql椹卞姩鍖呮墍鍦ㄧ殑璺緞
SQL_CONNECTOR_JAR=/usr/local/src/mysql-connector-java-8.0.21.jar
# 閰嶇疆root鐢ㄦ埛鍚嶅瘑鐮佷互鍙奙ySQL瀹炰緥鐨勮繛鎺ュ湴鍧€
db_root_user=root
db_root_password=123456a.
db_host=192.168.1.11
# 閰嶇疆鎿嶄綔ranger搴撶殑鐢ㄦ埛鍚嶅瘑鐮?db_name=ranger
db_user=root
db_password=123456a.
# 鎸囧畾瀹¤鏃ュ織鐨勫瓨鍌ㄦ柟寮?audit_store=db
audit_db_user=root
audit_db_name=ranger
audit_db_password=123456a.
鍦∕ySQL涓垱寤簉anger鏁版嵁搴擄細
create database ranger;
鐢变簬鎴戣繖閲屼娇鐢ㄧ殑鏄疢ySQL8.x锛岄渶瑕佷慨鏀逛竴涓嬫暟鎹簱鐩稿叧鐨勮剼鏈€傛墦寮€dba_script.py鍜?code>db_setup.py
-cstring jdbc:mysql://%s/%s%s
灏嗗叾鍏ㄩ儴淇敼涓哄涓嬫墍绀猴紝涓昏鏄坊鍔燡DBC鐨?code>serverTimezone
-cstring jdbc:mysql://%s/%s%s?serverTimezone=Asia/Shanghai
鐒跺悗鎵ц濡備笅鍛戒护寮€濮嬪畨瑁卹anger admin锛?/p>
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]# ./setup.sh
鎶ラ敊瑙e喅
瀹夎杩囩▼涓鏋滄姤濡備笅閿欒锛?/p>
SQLException : SQL state: HY000 java.sql.SQLException: Operation CREATE USER failed for 鈥榬oot鈥楡鈥榣ocalhost鈥?ErrorCode: 1396
SQLException : SQL state: 42000 java.sql.SQLSyntaxErrorException: Access denied for user 鈥榬oot鈥楡鈥?92.168.1.11鈥?to database 鈥榤ysql鈥?ErrorCode: 1044
瑙e喅鏂瑰紡锛屽氨鏄湪MySQL涓墽琛屽涓嬭鍙ワ細
flush privileges;
grant system_user on *.* to 鈥榬oot鈥?
drop user鈥榬oot鈥楡鈥榣ocalhost鈥?
create user 鈥榬oot鈥楡鈥榣ocalhost鈥?identified by 鈥?23456a.鈥?
grant all privileges on *.* to 鈥榬oot鈥楡鈥榣ocalhost鈥?with grant option;
drop user鈥榬oot鈥楡鈥?92.168.1.11鈥?
create user 鈥榬oot鈥楡鈥?92.168.1.11鈥?identified by 鈥?23456a.鈥?
grant all privileges on *.* to 鈥榬oot鈥楡鈥?92.168.1.11鈥?with grant option;
flush privileges;
濡傛灉鎶ュ涓嬮敊璇細
SQLException : SQL state: HY000 java.sql.SQLException: This function has none of DETERMINISTIC, NO SQL, or READS SQL DATA in its declaration and binary logging is enabled (you *might* want to use the less safe log_bin_trust_function_creators variable) ErrorCode: 1418
瑙e喅鏂瑰紡锛?/p>
set global log_bin_trust_function_creators=TRUE;
flush privileges;
濡傛灉鎶ュ涓嬮敊璇細
SQLException : SQL state: HY000 java.sql.SQLException: Cannot drop table 鈥榵_policy鈥?referenced by a foreign key constraint 鈥榵_policy_ref_role_FK_policy_id鈥?on table 鈥榵_policy_ref_role鈥? ErrorCode: 3730
瑙e喅鏂瑰紡锛氬垹闄anger搴撲腑鎵€鏈夌殑琛紝鍐嶉噸鏂版墽琛?code>./setup.sh
瀹夎瀹屾垚鍚庢渶缁堜細杈撳嚭锛?/p>
Installation of Ranger PolicyManager Web Application is completed.
鍚姩Ranger Admin
淇敼閰嶇疆鏂囦欢锛岄厤缃暟鎹簱杩炴帴瀵嗙爜鍜宩dbc url鏃跺尯鍙傛暟锛?/p>
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]# vim conf/ranger-admin-site.xml
...
<property>
<name>ranger.jpa.jdbc.url</name>
<value>jdbc:log4jdbc:mysql://192.168.1.11/ranger?serverTimezone=Asia/Shanghai</value>
<description />
</property>
<property>
<name>ranger.jpa.jdbc.password</name>
<value>123456a.</value>
<description />
</property>
...
鍚姩鍛戒护濡備笅锛?/p>
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]# ranger-admin start
Starting Apache Ranger Admin Service
Apache Ranger Admin Service failed to start!
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]#
鍙互鐪嬪埌鍚姩澶辫触浜嗭紝鍏蜂綋鍘熷洜闇€瑕佹煡鐪嬫棩蹇椾俊鎭€俽anger admin鐨勬棩蹇楃洰褰曢厤缃湪conf/ranger-admin-env-logdir.sh鏂囦欢涓紝榛樿鏄?code>$RANGER_ADMIN_HOME/ews/logs/
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]# cat /usr/local/ranger-3.0.0-SNAPSHOT-admin/ews/logs/catalina.out
...
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/commons/compress/archivers/tar/TarArchiveInputStream
...
寰堟槑鏄炬槸鎵句笉鍒?code>TarArchiveInputStream
鐒跺悗鏀惧埌ews/lib/鐩綍涓嬶細
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]# ls ews/lib/ |grep commons-compress
commons-compress-1.20.jar
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]#
閲嶆柊鍚姩ranger admin锛岃繖娆″氨鍚姩鎴愬姛浜嗭細
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]# ranger-admin start
Starting Apache Ranger Admin Service
Apache Ranger Admin Service with pid 52505 has started.
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]#
妫€鏌ョ鍙e拰杩涚▼鏄惁姝e父锛?/p>
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]# jps
52626 Jps
52505 EmbeddedServer
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]# netstat -lntp |grep 52505
tcp6 0 0 :::6080 :::* LISTEN 52505/java
tcp6 0 0 127.0.0.1:6085 :::* LISTEN 52505/java
[root@hadoop01 /usr/local/ranger-3.0.0-SNAPSHOT-admin]#
浣跨敤娴忚鍣ㄨ闂?080绔彛锛岃繘鍏ュ埌鐧诲綍椤甸潰锛岄粯璁ょ敤鎴峰悕鍜屽瘑鐮佸潎涓?strong>admin锛?br/>![鎶€鏈浘鐗? src=]()
鐧诲綍鎴愬姛鍚庯紝杩涘叆鍒伴椤碉紝濡備笅锛?br/>![鎶€鏈浘鐗? src=]()
Ranger HDFS Plugin瀹夎
瑙e帇hdfs plugin鐨勫畨瑁呭寘鍒板悎閫傜殑鐩綍涓嬶細
[root@hadoop01 ~]# mkdir /usr/local/ranger-plugin
[root@hadoop01 ~]# tar -zxvf /usr/local/src/ranger/target/ranger-3.0.0-SNAPSHOT-hdfs-plugin.tar.gz -C /usr/local/ranger-plugin
[root@hadoop01 ~]# cd /usr/local/ranger-plugin/
[root@hadoop01 /usr/local/ranger-plugin]# mv ranger-3.0.0-SNAPSHOT-hdfs-plugin/ hdfs-plugin
杩涘叆瑙e帇鍚庣殑鐩綍锛岀洰褰曠粨鏋勫涓嬶細
[root@hadoop01 /usr/local/ranger-plugin/hdfs-plugin]# ls
disable-hdfs-plugin.sh enable-hdfs-plugin.sh install install.properties lib ranger_credential_helper.py upgrade-hdfs-plugin.sh upgrade-plugin.py
[root@hadoop01 /usr/local/ranger-plugin/hdfs-plugin]#
閰嶇疆瀹夎閫夐」锛?/p>
[root@hadoop01 /usr/local/ranger-plugin/hdfs-plugin]# vim install.properties
# 鎸囧畾ranger admin鏈嶅姟鐨勮闂湴鍧€
POLICY_MGR_URL=http://192.168.243.142:6080
# 閰嶇疆浠撳簱閰嶇疆锛屽彲鑷畾涔?REPOSITORY_NAME=dev_hdfs
# 閰嶇疆hadoop鐨勫畨瑁呯洰褰?COMPONENT_INSTALL_DIR_NAME=/usr/local/hadoop-2.6.0-cdh5.16.2
# 閰嶇疆hdfs鐨勭洰褰?XAAUDIT.HDFS.HDFS_DIR=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit
XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
# 閰嶇疆鐢ㄦ埛鍜岀敤鎴风粍
CUSTOM_USER=root
CUSTOM_GROUP=root
鎵ц濡備笅鑴氭湰寮€鍚?strong>hdfs-plugin锛?/p>
[root@hadoop01 /usr/local/ranger-plugin/hdfs-plugin]# ./enable-hdfs-plugin.sh
濡傛灉鎶ュ涓嬮敊璇細
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/commons/lang3/StringUtils
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/commons/compress/archivers/tar/TarArchiveInputStream
鎷疯礉缂哄け鐨刯ar鍖呭埌install/lib/鐩綍涓嬶細
[root@hadoop01 /usr/local/ranger-plugin/hdfs-plugin]# cp /usr/local/ranger-3.0.0-SNAPSHOT-admin/ews/lib/commons-lang3-3.3.2.jar ./install/lib/
[root@hadoop01 /usr/local/ranger-plugin/hdfs-plugin]# cp /usr/local/ranger-3.0.0-SNAPSHOT-admin/ews/lib/commons-compress-1.20.jar ./install/lib/
鑴氭湰鎵ц鎴愬姛鍚庯紝浼氳緭鍑哄涓嬪唴瀹癸細
Ranger Plugin for hadoop has been enabled. Please restart hadoop to ensure that changes are effective.
閲嶅惎Hadoop锛?/p>
[root@hadoop01 ~]# stop-all.sh
[root@hadoop01 ~]# start-all.sh
楠岃瘉鏉冮檺鎺у埗
鍒癛anger Admin涓婃坊鍔爃dfs service锛岃繖閲岀殑Service Name闇€涓庨厤缃枃浠朵腑鐨勯厤缃墍瀵瑰簲涓婏細
![鎶€鏈浘鐗? src=]()
濉啓鐩稿簲淇℃伅锛?br/>![鎶€鏈浘鐗? src=]()
濉啓瀹屾垚鍚庯紝鍒伴〉闈㈠簳閮ㄧ偣鍑烩€淭est Connection鈥濇祴璇曡兘鍚︽甯歌繛鎺ワ紝纭鍙互姝e父杩炴帴鍚庣偣鍑烩€淎dd鈥濆畬鎴愭柊澧烇細
![鎶€鏈浘鐗? src=]()
鍦╤dfs涓垱寤轰竴浜涙祴璇曠洰褰曞拰鏂囦欢锛?/p>
[root@hadoop01 ~]# hdfs dfs -mkdir /rangertest1
[root@hadoop01 ~]# hdfs dfs -mkdir /rangertest2
[root@hadoop01 ~]# echo "ranger test" > testfile
[root@hadoop01 ~]# hdfs dfs -put testfile /rangertest1
[root@hadoop01 ~]# hdfs dfs -put testfile /rangertest2
鐒跺悗鍒癛anger Admin涓婃坊鍔燫anger鐨勫唴閮ㄧ敤鎴凤紝鈥淪ettings鈥?-> 鈥淎dd New User鈥濓紝濉啓鐢ㄦ埛淇℃伅锛?br/>![鎶€鏈浘鐗? src=]()
鎺ョ潃娣诲姞鏉冮檺绛栫暐锛屸€淎ccess Manager鈥?-> 鈥渄ev_hdfs鈥?-> 鈥淎dd New Policy鈥濓紝閰嶇疆鏉冮檺绛栫暐鎵€浣滅敤鐨勭敤鎴枫€佺洰褰曠瓑淇℃伅锛?br/>![鎶€鏈浘鐗? src=]()
鎷夊埌搴曢儴鐐瑰嚮鈥淎dd鈥濆畬鎴愭坊鍔犲悗锛屽彲浠ョ湅鍒版柊澧炰簡涓€鏉$瓥鐣ラ厤缃細
![鎶€鏈浘鐗? src=]()
鍥炲埌鎿嶄綔绯荤粺锛屽垏鎹㈠埌hive鐢ㄦ埛锛屾祴璇曡兘鍚︽甯歌鍙栫洰褰曘€佹枃浠讹細
[root@hadoop01 ~]# sudo su - hive
涓婁竴娆$櫥褰曪細涓€ 11鏈? 9 21:08:34 CST 2020pts/3 涓?[hive@hadoop01 ~]$ hdfs dfs -ls /rangertest1
Found 1 items
-rw-r--r-- 1 root supergroup 12 2020-11-11 16:26 /rangertest1/testfile
[hive@hadoop01 ~]$ hdfs dfs -cat /rangertest1/testfile
ranger test
[hive@hadoop01 ~]$
娴嬭瘯鍐欐搷浣滐紝姝ゆ椂浼氬彂鐜拌兘澶熸甯稿線rangertest1鐩綍娣诲姞鏂囦欢锛屼絾寰€rangertest2鐩綍娣诲姞鏂囦欢灏变細鎶ラ敊锛屽洜涓烘垜浠彧璧嬩簣浜?code>rangertest1
[hive@hadoop01 ~]$ hdfs dfs -put testfile2 /rangertest1
[hive@hadoop01 ~]$ hdfs dfs -put testfile2 /rangertest2
put: Permission denied: user=hive, access=WRITE, inode="/rangertest2":root:supergroup:drwxr-xr-x
[hive@hadoop01 ~]$ 鑷虫锛孯anger瀵笻DFS鐨勬潈闄愭帶鍒朵篃楠岃瘉閫氳繃浜嗐€傞櫎姝や箣澶栵紝浣犱篃鍙互杩涜鍏朵粬鐨勬祴璇曪紝鍏朵粬缁勪欢鐨剅anger plugin涔熸槸绫讳技鐨勶紝鍦ㄦ湰鏂囦腑灏变笉涓€涓€婕旂ず浜嗐€?/p>
以上是关于缂栬瘧瀹夎澶ф暟鎹钩鍙版潈闄愮鐞嗙粍浠?- Apache Ranger 3.x的主要内容,如果未能解决你的问题,请参考以下文章