ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aleksandr Kovalenko (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMBARI-9395) Ambari Web UI changes required to support Ranger Installation
Date Thu, 29 Jan 2015 14:37:34 GMT

    [ https://issues.apache.org/jira/browse/AMBARI-9395?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14296943#comment-14296943
] 

Aleksandr Kovalenko commented on AMBARI-9395:
---------------------------------------------

+1 for the patch

> Ambari Web UI changes required to support Ranger Installation
> -------------------------------------------------------------
>
>                 Key: AMBARI-9395
>                 URL: https://issues.apache.org/jira/browse/AMBARI-9395
>             Project: Ambari
>          Issue Type: Task
>          Components: ambari-web
>    Affects Versions: 2.0.0
>            Reporter: Andrii Babiichuk
>            Assignee: Andrii Babiichuk
>             Fix For: 2.0.0
>
>         Attachments: AMBARI-9395.patch, AMBARI-9395_1.patch
>
>
> Ranger Policy Admin and User/Group Sync Process fields will be under the "Ranger" service
and Ranger Agents fields will be under the corresponding component ( HDFS/Hive/HBASE/KNOX/STORM
currently)
> {color:blue} +*Ranger Policy Admin:*+{color}
> +Admin Setting+
> |Name|Type|Default|Label|
> |ambari_user_password|Password|ambari|Ranger Admin user's password for Ambari|
> |SQL_CONNECTOR_JAR|Text|/usr/share/java/mysql-connector-java.jar|Location of Sql Connector
Jar |
> +DB Settings+
> |DB_FLAVOR|SelectOne(MYSQL,ORACLE)|MYSQL|DB Flavor|
> |SQL_COMMAND_INVOKER|Text|mysql| |
> |db_host|Text|<Blank>|Admin DB Instance|
> |db_root_user|Text|<Blank>|Admin DB root user|
> |db_root_password|Password|<Blank>|Admin DB root password|
> |db_name|Text|<Blank>|Admin DB database name|
> |db_user|Text|<Blank>|Admin DB mysql username|
> |db_password|Password|<Blank>|Admin DB mysql password|
> |audit_db_name|Text|<Blank>|Admin DB database name|
> |audit_db_user|Text|<Blank>|Admin DB mysql username|
> |audit_db_password|Password|<Blank>|Admin DB mysql password|
> +Ranger Settings+
> |policymgr_external_url|Text(URL)|http://localhost:6080| External URL|
> |policymgr_http_enabled|Checkbox|Selected|HTTP enabled|
> |unix_user|Text|ranger|Used to create user and assign permission|
> |unix_group|Text|ranger|Used to create group and assign permission|
> |authentication_method|SelectOne(LDAP,ACTIVE_DIRECTORY,UNIX,NONE)|NONE|Authentication
method|
> +Unix Authentication Settings( Enable only if authentication_method=UNIX )+
> |remoteLoginEnabled|Checkbox|Selected|Allow remote Login|
> |authServiceHostName|Text|localhost| |
> |authServicePort|Text(Numerical)|5151| |
> +LDAP Settings ( Enable only if authentication_method=LDAP )+
> |xa_ldap_url|Text| |E.g. ldap://71.127.43.33:389|
> |xa_ldap_userDNpattern|Text| |E.g. "uid={0},ou=users,dc=xasecure,dc=net" |
> |xa_ldap_groupSearchBase|Text| |E.g."ou=groups,dc=xasecure,dc=net"|
> |xa_ldap_groupSearchFilter|Text| |E.g."(member=uid={0},ou=users,dc=xasecure,dc=net)"|
> |xa_ldap_groupRoleAttribute|Text| |E.g."cn"|
> +AD Settings ( Enable only if authentication_method=AD )+
> |xa_ldap_ad_domain|Text|<Blank>|E.g."xasecure.net" |
> |xa_ldap_ad_url|Text|<Blank>|E.g."ldap://ad.xasecure.net:389" |
> {color:blue}+*User/Group Sync Process:*+{color}
> |Name|Type|Default|Label|
> |{color:red}RANGER_HOST{color}|Text|<Blank>|Policy Admin URL|
> |SYNC_INTERVAL|Text|360|sync interval in minutes|
> |SYNC_LDAP_URL|Text|<Blank>|E.g. ldap://ldap.example.com:389|
> |SYNC_LDAP_BIND_DN|Text|<Blank>|E.g. cn=admin,ou=users,dc=hadoop,dc=apache,dc-org|
> |SYNC_LDAP_BIND_PASSWORD|Text|<Blank>| |
> |SYNC_LDAP_USER_SEARCH_BASE|Text|<Blank>|Eg. ou=users,dc=xasecure,dc=net |
> |SYNC_LDAP_USER_SEARCH_SCOPE|Text|sub| |
> |SYNC_LDAP_USER_OBJECT_CLASS|Text|person|objectclass to identify user entries|
> |SYNC_LDAP_USER_SEARCH_FILTER|Text|<Blank>|optional additional filter constraining
the users selected for syncing|
> |SYNC_LDAP_USER_NAME_ATTRIBUTE|Text|cn|attribute from user entry that would be treated
as user name|
> |SYNC_LDAP_USER_GROUP_NAME_ATTRIBUTE|Text|memberof,ismemberof|attribute from user entry
whose values would be treated as group values|
> |SYNC_LDAP_USERNAME_CASE_CONVERSION|Text|lower|Case Conversion Flags|
> |SYNC_LDAP_GROUPNAME_CASE_CONVERSION|Text|lower|Case Conversion Flags|
> |CRED_KEYSTORE_FILE|Text|<Blank>| |
> {color:blue}+*RANGER Agents*+ (for each agent - HDFS/Hive/Hbase/Knox/Storm){color}
> |Name|Type|Default|Label|
> |enable_hdfs_plugin|Checkbox|Disabled|Enable Ranger for HDFS|
> |{color:red}RANGER_HOST{color}|Text|<Blank>|Policy Admin URL|
> |SQL_CONNECTOR_JAR|Text|/usr/share/java/mysql-connector-java.jar|Location of Sql Connector
Jar |
> |XAAUDIT.DB.IS_ENABLED|Checkbox|Disabled|Audit to DB|
> |XAAUDIT.HDFS.IS_ENABLED|Checkbox|Disabled|Audit to HDFS|
> +HDFS Audit Settings ( Enabled Only if XAAUDIT.HDFS.IS_ENABLED is checked )+
> |XAAUDIT.HDFS.DESTINATION_DIRECTORY|Text|hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%||
> |XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY|Text|__REPLACE__LOG_DIR/hbase/audit/%app-type%|
|
> |XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY|Text|__REPLACE__LOG_DIR/hbase/audit/archive/%app-type%|
|
> |XAAUDIT.HDFS.DESTINTATION_FILE|Text|%hostname%-audit.log| |
> |XAAUDIT.HDFS.DESTINTATION_FLUSH_INTERVAL_SECONDS|Text|900| |
> |XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS|Text|86400| |
> |XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS|Text|60| |
> |XAAUDIT.HDFS.LOCAL_BUFFER_FILE|Text|%time:yyyyMMdd-HHmm.ss%.log| |
> |XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS|Text|60| |
> |XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS|Text|600| |
> |XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT|Text|10| |
> +Grant/Revoke Settings ( Only for Hive/HBase Plugin )+
> |UPDATE_XAPOLICIES_ON_GRANT_REVOKE|Checkbox|Enabled|Should HBase/Hive GRANT/REVOKE update
XA policies?|
> +SSL Settings+
> |SSL_KEYSTORE_FILE_PATH|Text|/etc/hadoop/conf/ranger-plugin-keystore.jks| |
> |SSL_KEYSTORE_PASSWORD|Text|myKeyFilePassword| |
> |SSL_TRUSTSTORE_FILE_PATH|Text|/etc/hadoop/conf/ranger-plugin-truststore.jks| |
> |SSL_TRUSTSTORE_PASSWORD|Text|changeit| |



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message