ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Don Bosco Durai <bo...@apache.org>
Subject DISCUSS: Ansible playbook for Ranger...
Date Sat, 21 Nov 2015 20:31:37 GMT
Recently I gave few trainings for setting up security in Hadoop. Even with Apache Ambari, there
are so many external dependencies that need to be tweaked and configured to ensure there are
no loop holes. The entire exercise is very overwhelming and bound for human errors or oversights.

Since Ranger supports almost 9 Hadoop components now, just installing and configuring Apache
Ranger (https://cwiki.apache.org/confluence/display/RANGER/Apache+Ranger+0.5.0+Installation)
could be a challenge. 

Yesterday, I  wrote some simple Ansible playbooks for installing zookeeper and Solr and I
was pretty impressed how easy it is to install and configure components using Ansible. And
if we do it once, then anyone can just reuse it.

 We could start by creating playbooks for installing Solr for Ranger Audits, enabling plugins,
enabling audits and even installing Ranger.

Another area I see it will be very useful would be to come up with recipes for securing non-core
hadoop components like Solr and Kafka. Both the communities have just enabled security in
their product. So if we can come up with point solutions for these components, then these
user communities will tremendously benefit from our exercise.

I am not an expert in Ansible. If someone knows one of these technologies or knows someone
who knows it, and if they are willing to contribute to the Ranger community, then it will
be great. The person doesn’t need to know Ranger. The Ranger community can guide.

We can pick something to start with e.g. Ansible, Puppet, Chef or Docker and then use the
recipe for supporting other tools.

Thanks

Bosco



Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message