add_ranger_hdfs_config
Use this command to add a Hadoop integration with Ranger HDFS.
This API is available in Guardium V11.3 and later.
REST API syntax
POST
method. Call this API as follows:
POST https://[Guardium hostname or IP address]:8443/restAPI/add_ranger_hdfs_config
GuardAPI syntax
add_ranger_hdfs_config parameter=value
Parameters
Parameter | Value type | Description |
---|---|---|
ldLibraryPath | String | Locate libjvm.so (for example, /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-1.el7_6.x86_64/jre/lib/amd64/server/libjvm.so) and set ld_library_paths to the directory that contains libjvm.so (for example, /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-1.el7_6.x86_64/jre/lib/amd64/server). |
principal | String | Required for Kerberos. The value of Ranger HDFS user. |
rangerHdfsAuditDirs | String |
Comma-separated list of directories where Ranger logs the service audits. Include one directory that contains the daily log directories, for each service you want to monitor. Usually the paths are located under /ranger/audit. Example service directories for CDP 7: /ranger/audit/hive/hiveServer2,/ranger/audit/kafka/kafka,/ranger/audit/hbase/hbaseMaster,/ranger/audit/hbase/hbaseRegional,/ranger/audit/atlas/atlas,/ranger/audit/hdfs/hdfs Example service directories for HW 3: /ranger/audit/hbaseMaster,/ranger/audit/hbaseRegional, /ranger/audit/hdfs,/ranger/audit/hiveServer2,/ranger/audit/kafka,/ranger/audit/solr,/ranger/audit/storm |
rangerHdfsKeytab | String | Required for Kerberos. Location of the Kerberos keytab that contains the principal used to connect to HDFS. |
rangerHdfsLibLocation | String | Locate libhdfs.so provided by Hadoop cluster (for example, /usr/hdp/3.1.0.141-1/usr/lib/libhdfs.so) and set ranger_hdfs_lib_location to the directory that contains libhdfs.so (for example, /usr/hdp/3.1.0.141-1/usr/lib). |
rangerHdfsNamenode | String | IP or hostname of the HDFS NameNode. |
rangerHdfsPollMs | Integer | Time interval, in milliseconds, the S-TAP® waits between checking for new Ranger audits in HDFS. |
rangerHdfsPort | Integer | The HDFS NameNode port the S-TAP connects to. |
rangerHdfsUser | String | The user with which S-TAP connects to HDFS. if the HDFS setup is using Kerberos, set the parameter to the Kerberos principal. |
stapHostName | String | Required. Host name or IP of the S-TAP that receives the Ranger audit messages from the Ranger. |
useKerberos | Boolean | Enables Kerberos authentication for this connection. When enabled,
requires values for Principal and Ranger HDFS keytab.
Valid values:
Default = 0 |
api_target_host | String |
Specifies the target hosts where the API executes. Valid values:
IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode. |