Disabling Ranger

Edit online

This topic lists the steps to disable Ranger.

Perform the following steps on the CDP Private Cloud Base cluster and the CES HDFS cluster to disable Ranger:
  1. Configure CES HDFS cluster.
    1. Stop all the services from the Cloudera Manager by clicking Cluster-name > Actions > Stop.
    2. Update the HDFS Transparency configuration files and upload the changes.
      • Get the configuration files by running the following commands: 
        # mkdir /tmp/hdfsconf
# mmhdfs config export /tmp/hdfsconf   core-site.xml,hdfs-site.xml,hadoop-env.sh
      • Remove the following Ranger specific configurations from the following config files in /tmp/hdfsconf:
        File: core-site.xml
        <property>
<name>hadoop.security.auth_to_local</name>
<value>
RULE:[2:$1@$0](rangeradmin@IBM.COM)s/(.*)@IBM.COM/ranger/
RULE:[2:$1@$0](rangertagsync@IBM.COM)s/(.*)@IBM.COM/rangertagsync/
RULE:[2:$1@$0](rangerusersync@IBM.COM)s/(.*)@IBM.COM/rangerusersync/
….. <other existing rules>
DEFAULT
</value>
</property>
        File: hdfs-site.xml
          <property>  
    <name>dfs.permissions</name>
    <value>true</value>
  </property>
  <property>
    <name>dfs.permissions.enabled</name>
    <value>true</value>
  </property>
  <property>
    <name>dfs.permissions.ContentSummary.subAccess</name>
    <value>true</value>
  </property>
 <property>
    <name>dfs.namenode.inode.attributes.provider.class</name>
    <value>org.apache.ranger.authorization.hadoop.RangerHdfsAuthorizer</value>
  </property>
        File: hadoop-env.sh
        Note: Based on your environment, substitute the right path to the CDH ranger-hdfs-plugin library.
        for f in /opt/cloudera/parcels/CDH/lib/ranger-hdfs-plugin/lib/*.jar;
do
export HADOOP_CLASSPATH=$HADOOP_CLASSPATH:$f
done

export HADOOP_CLASSPATH=$HADOOP_CLASSPATH:/root/postgres-jar/postgresql-42.1.4.jre7.jar

for f in /opt/cloudera/parcels/CDH/lib/hadoop/client/jersey-client.jar;
do
export HADOOP_CLASSPATH=$HADOOP_CLASSPATH:$f
done
      • Import the files into CES HDFS cluster by running the following command:
        # mmhdfs config import /tmp/hdfsconf  core-site.xml
# mmhdfs config import /tmp/hdfsconf  hdfs-site.xml
# mmhdfs config import /tmp/hdfsconf  hadoop-env.sh
      • Upload the changes to CES HDFS cluster by running the following command.
        # mmhdfs config upload
  2. Configure the IBM Storage® Scale service to disable Ranger.
    • Click IBM Spectrum Scale > Configuration. Then search for hadoop.security.authorization and disable this option by unchecking the check box.
    • Save and deploy the client configuration.
    • Start all the services from the Cloudera Manager.