Ranger uses Solrcloud Storage Audit Log

By Cloud Service

Ranger uses solrCloud to store audit logs

Tags (separated by spaces): Ranger

1, Zookeeper build

1, ignore. The zk cluster has been built by default.
VECS17820:2181,VECS17821:2181,VECS17822:2181

2, SolrCloud mode installation (three machines)

1, JDK, environment variables and solr users have been created by default, and the installation package and log etc. directories are all Empowered.

Install Solr Cluster Steps:

1

[emailprotected]:/app$ ll 
total 412840
lrwxrwxrwx 1 root root 12 Oct 15 14:19 jdk -> jdk1.8.0_181
drwxr-xr-x 7 10 143 4096 Jul 7 2018 jdk1.8.0_181
drwxr-xr-x 9 root root 4096 Oct 16 17:16 ranger-2.0.0-admin
-rw-r--r-- 1 root root 250254688 Oct 17 11:05 ranger-2.0.0- admin.tar.gz
lrwxrwxrwx 1 solr solr 10 Oct 15 17:18 solr -> solr-7.7.2
drwxr-xr-x 9 solr solr 4096 May 28 23:38 solr-7.7.2 
-rw-r--r-- 1 solr solr 172470530 Oct 15 17:14 solr-7.7.2.zip
lrwxrwxrwx 1 zookeeper zookeeper 16 Oct 15 14:22 zookeeper -> zookeeper-3.4. 10
drwxr-xr-x 10 zookeeper zookeeper 4096 Mar 23 2017 zookeeper-3.4.10

The ranger installation package on the solr cluster machines is temporarily required to be copied, not the ranger-admin node. (The conf directory of this package will be used later)

2

Modify the solr configuration file solr.in.sh for each machine

SOLR_JAVA_MEM="-Xmx20g -Xms20g -Xmn5g -Xss256k -XX:MaxPermSize=384m -XX:SurvivorRatio=6 -XX:+UseParNewGC -XX:ParallelGCThreads=10 -XX:+UseConcMarkSweepGC -XX:ParallelCMSs=16- :+CMSParallelRemarkEnabled -XX:+UseCMSCompactAtFullC
ollection -XX:+UseCMSInitiatingOccupancyOnly -XX:CMSInitiatingOccupancyFraction=70 -XX:CMSMaxAbortablePrecleanTime=500 -XX:CMSFullGCsBeforeCompactAtFullC -XX:+CMSOnClass+OfMemoryError -XX -XX:+PrintG
CDateStamps -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -Xloggc:/app/solr/bin/gc-solr-`hostname`.log"


ZK_HOST="VECS17820:2181,VECS17821:2181,VECS17822:2181/ranger_audits"

3

Executed on one of the solr cluster nodes The following command is used to create the chroot directory of ranger_audits on zookeeper. This directory only needs to be created once

sudo su 
cd /app/solr-7.7.2
server/scripts/ cloud-scripts/zkcli.sh -zkhost VECS17820:2181,VECS17821:2181,VECS17822:2 181 -cmd makepath /ranger_audits

4 Start three solr cluster nodes (execute each one)

sudo su- solr
cd /app/solr-7.7.2/bin
./solr start -c

5 Create a connection named ranger_audits

Note: To manually unzip the installation package to build a solr cluster mode, you must use the solr configuration item in the ranger to create a connection

cd /app/solr-7.7.2

bin/solr create_collection -c ranger_audits -d /app/ranger-2.0.0-admin/contrib/solr_for_audit_setup/conf -shards 3 -replicationFactor 2
When the above command is executed, the default configuration will be automatically set The conf directory under the collection is uploaded to zookeeper and associated with the default collection.

3, Ranger-Admin configuration

vim /app/ranger-2.0.0-admin/install.properties

 #Source for Audit Store. Currently only solr is supported.
# * audit_store is solr
audit_store=solr

# * audit_solr_url URL to Solr. Eg http://:6083/solr/ranger_audits
audit_solr_urls=http://VECS07820:8983/solr/ranger_audits 
audit_solr_user=
audit_solr_password=
audit_solr_zookeepers=VECS17820:2181,VECS17821:2181,VECS17821:2181, VECS17822:2181/ranger_audits

audit_solr_collection_name=ranger_audits
#solr Properties for cloud mode
audit_solr_config_name=ranger_audits
audit_solr_no_shards=3
audit_solr_no_ >audit_solr_max_shards_per_node=1
audit_solr_acl_user_list_sasl=solr,infra-solr

After setup.sh
/app/ranger/ews/webapp/WEB-INF/classes/conf/ranger-admin -site.xml
The configuration items in install.perproties will be loaded in the configuration file.

, Ranger-Hbase-Plugin as an example configuration

vi ranger-2.0.0-hdfs-plugin/install.properties< /p>

XAAUDIT.SOLR.ENABLE=true

XAAUDIT.SOLR.ZOOKEEPER=VECS17820:2181,VECS17821:2181,VECS17822:2181/ranger_audits

, , , , ,

Leave a Comment

Your email address will not be published.