If you are here, you already know that Apache Ranger is becoming an universal Authorization Framework for most of the data platforms in the CLOUD. To make it easier for new Ranger users to try the Apache Ranger in action, we have created a docker based setup process that will take few steps to make the Apache Ranger running on your system (in few mins).
software prerequisites
Here are the pre-requisites to run Apache Ranger on your system:
- You must have a latest version of Docker and Docker-Compose installed on your system
- You should be able to run BASH (shell) script from your system
Downloading Apache Ranger
With these simple requirements, you can start downloading the latest version of Apache Ranger using the following command:
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
mkdir -p ${HOME}/git cd ${HOME}/git git clone https://github.com/apache/ranger.git |
Anchor | ||||
---|---|---|---|---|
|
Once you have latest Apache Ranger on your system, you can start the setup of Apache Ranger by following commands below:
...
As specified in the ENABLED_RANGER_SERVICES variables, additional services are also created as docker containers and runs with ranger plugin(s) installed and configured to work with the Ranger instance. You can login into these services (e.g.: Apache Hive Service) and execute appropriate (e.g.: Hive SQL) commands to see how Apache Ranger is enforcing your Authorization Policies and also, creates necessary audit records to provide an Enterprise Data Governance Framework.
Shutdown Apache Ranger & related services
If you want to turn off the Apache Ranger & its related services, please follow the instruction below:
...
You can always bring the services up by following the instruction specified in section: Bring up Apache Ranger (Builds if needed)
List of Ranger Services & its LISTEN port
# | Service Name | Listen Port | Core Ranger Service ? |
---|---|---|---|
1 | ranger | 6080/tcp | Y (ranger engine) |
2 | ranger-postgres | 5432/tcp | Y (ranger datastore) |
3 | ranger-solr | 8983/tcp | Y (audit store) |
4 | ranger-zk | 2181/tcp | Y (used by solr) |
5 | ranger-usersync | - | Y (user/group synchronization from Local Linux/Mac) |
6 | ranger-kms | 8443 | N (needed only for Encrypted Storage / TDE) |
7 | ranger-tagsync | - | N (needed only for Tag Based Policies to be sync from ATLAS) |
List of Data Engine Services (protected by Apache Ranger) & its LISTEN port
# | Service Name | Listen Port | Service Description |
---|---|---|---|
1 | Hadoop | 8088/tcp | Apache Hadoop 3.3.0 |
2 | HBase | 16000/tcp 16010/tcp 16020/tcp 16030/tcp | Apache HBase 2.2.6 Protected by Apache Ranger's HBase Plugin |
3 | Hive | 10000/tcp | Apache Hive 3.1.2 Protected by Apache Ranger's Hive Plugin |
4 | Kafka | 6667/tcp | Apache Kafka 2.12-2.5.0 Protected by Apache Ranger's Kafka Plugin |
5 | Knox | 8443/tcp | Apache Knox 1.4.0 Protected by Apache Ranger's Knox Plugin |
...