ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bolke de Bruin (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (RANGER-1300) S3 support
Date Tue, 26 Jun 2018 10:51:00 GMT

    [ https://issues.apache.org/jira/browse/RANGER-1300?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16523551#comment-16523551
] 

Bolke de Bruin commented on RANGER-1300:
----------------------------------------

[~bosco]
 # I did consider JNI integration, but doing this in Go one of the things I tried to do is
to keep it small, simple and understandable. The proxy currently ways in under 8mb. This is
with all dependencies statically compiled in. This allows us to just easily deploy it anywhere.
If we would have a dependency on the JVM and all the dependencies it brings it would defeat
the purpose. Btw the JNI integration you linked is really old and has not been updated since
2014. I also though it more fun trying to do it all in Go.
 # Although I think the policy evaluation in Ranger is complex and counter intuitive with
all the weights etc (why not use a firewall approach and user the order by which it was entered?
How ranger evaluates policies is pretty opaque), I agree that from a management perspective
it might be easier to support using the Java framework. Might still do that. Tag based policies
and Auditing are quite easy to add.
 # Ceph(thus RadosGW) doesnt need additional configuration at the moment. Basically `s3gw`
functions as the frontend to Ceph's S3 and you should not allow anyone to connect to Ceph's
S3 interface directly. Having a proxy allows a more flexibility and also AWS S3 support eventually.
I don't know if Ranger knows a kind of events that fired off when a policy change happens?
If that exists you could manage many permissions directly from ranger.

So all in all, maybe we will switch to java/scala eventually. Go is just a bit more fun at
the moment ;).

> S3 support
> ----------
>
>                 Key: RANGER-1300
>                 URL: https://issues.apache.org/jira/browse/RANGER-1300
>             Project: Ranger
>          Issue Type: New Feature
>          Components: plugins
>            Reporter: Jose
>            Priority: Major
>         Attachments: ranger-servicedef-aws-s3.json
>
>
> As more and more people are deploying hadoop into AWS and as S3 is used in lots of application.
It'd be nice to have S3 support built into Ranger.
> It's not a trivial task. Right now Ranger Storage support (only hdfs) runs directly in
the Namenode



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message