Linux-UNIX: Hortonworks and Apache Ranger prerequisites
Verify these prerequisites before starting your integration.
- S-TAP® and appliance are running Guardium V10.1 or later
- Hortonworks 2.3-3.1 with Ranger
- For Hive 3+, log4j libraries must be replaced by log4j 2.8 libraries for
hiveserver2 in /usr/hdp/current/hive-server2/lib directory. The correct
libraries are:
- log4j-1.2-api-2.8.2.jar
- log4j-api-2.8.2.jar
- log4j-core-2.8.2.jar
- log4j-slf4j-impl-2.8.2.jar
- log4j-web-2.8.2.jar
- Solr Component is configured (mandatory Ranger component that enables display of user information in Guardium)
- Ambari and Ranger information. A significant portion of setup is done through Ambari, the Hadoop
administrative interface. You need the following information:
- Ambari
-
- A user ID and password who has privileges to update and save the log4j configuration, such as a Service Administrator account. For simplicity, refer to this as the admin account and password.
- Port and IP address or hostname.
- Cluster name.
- Ranger
- The details are only needed if configuring blocking. For more information about configuring
blocking, see IBM Security Monitoring and Blocking for Hortonworks Hadoop Using Apache Ranger
Integration.
- A Service Administrator account that can update and save the log4j configuration.
- Port and IP address or hostname.
- These ports must be open (assuming use of default ports):
- For monitoring, open port 5555 between the node(s) that S-TAP is on and the Ranger server.
- For blocking, open port 5556 to allow communication between S-TAP and all nodes in the cluster that have the Guardium plugin.