Ranger admin、Presto Plugin安装

作者: alaya_c09d | 来源:发表于2019-08-09 20:39 被阅读0次

一. Ranger 编译

https://ranger.apache.org/quick_start_guide.html

git clone https://github.com/apache/ranger.git
cd ranger
mvn -DskipTests=true clean compile package install assembly:assembly 
ls target/
#target 目录下为所有压缩包

image.png

二.Ranger-Admin安装

https://cwiki.apache.org/confluence/display/RANGER/Ranger+Installation+Guide

tar -zxvf ranger-2.1.0-SNAPSHOT-admin.tar.gz 
cd /opt/app/ranger-2.1.0-SNAPSHOT-admin/
vim install.properties

install.properties修改如下部分

#mysql 数据库信息
db_root_user=root
db_root_password=xxxx
db_host=10.5.xxx.xxx

# DB UserId used for the Ranger schema
#提前在mysql中创建数据库和用户， GRANT ALL PRIVILEGES ON ranger_presto.* TO 'presto'@'%' WITH GRANT OPTION; 
db_name=ranger_presto
db_user=presto
db_password=presto1234

#禁用审计功能
#audit_store=solr

SQL语句

CREATE DATABASE `ranger_presto` CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE USER 'presto'@'%' IDENTIFIED BY 'presto1234';
GRANT ALL ON ranger_presto.* TO 'presto'@'%';

将mysql的驱动包放置到/usr/share/java/mysql-connector-java.jar。
执行./setup.sh

启动Ranger Admin服务

service ranger-admin start

访问http://localhost:6080；用admin/admin登录，出现登录界面，登录成功，说明成功！

image.png

三. 在Prestosql中安装Presto Plugin

https://cwiki.apache.org/confluence/display/RANGER/Presto+Plugin
https://github.com/prestodb/presto/issues/12989

注意：Presto Plugin目前仅支持Prestosql，不支持Prestodb，本文中Presto 即指Prestosql

1、下载安装Presto

wget https://repo1.maven.org/maven2/io/prestosql/presto-server/317/presto-server-317.tar.gz

具体配置参见Prestodb安装https://www.jianshu.com/p/0de42b075af0

安装presto-cli

wget https://repo1.maven.org/maven2/io/prestosql/presto-cli/317/presto-cli-317-executable.jar
mv presto-cli-317-executable.jar  presto-cli
chmod 766 presto-cli

2、安装Presto Plugin

https://cwiki.apache.org/confluence/display/RANGER/Presto+Plugin

cp tartget/ranger-2.1.0-SNAPSHOT-presto-plugin.tar.gz /usr/local/
tar -zxvf ranger-2.1.0-SNAPSHOT-presto-plugin.tar.gz
mv ranger-2.1.0-SNAPSHOT-presto-plugin ranger-presto-plugin
cd ranger-presto-plugin
vim install.properties

install.properties修改参数

# Location of Policy Manager URL
# Example: POLICY_MGR_URL=http://policymanager.xasecure.net:6080
POLICY_MGR_URL=http://10.5.xxx.xxx:6080

# This is the repository name created within policy manager
# Example: REPOSITORY_NAME=prestodev
REPOSITORY_NAME=prestodev

#Presto component installed directory
#COMPONENT_INSTALL_DIR_NAME=../presto
COMPONENT_INSTALL_DIR_NAME=/opt/app/presto-server-317

#为了简单，此处不开启审计功能
XAAUDIT.SOLR.ENABLE=false

#虽然文档中没有提及，不设置的话，enable-presto-plugin.sh脚本执行出错
XAAUDIT.SUMMARY.ENABLE=false

以root用户执行脚本

./enable-presto-plugin.sh

如果提示找不到JAVA_HOME，修改enable-presto-plugin.sh，添加：
export JAVA_HOME=/usr/local/jdk

image.png

检查presto配置文件目录是否生成access-control.properties

[umecron@sssss-hdp26-xxx11x ranger-presto-plugin]$ ll /opt/app/presto-server-317/etc/
total 44
-rwxr-xr-x 1 umecron hadoop    27 Aug  9 15:41 access-control.properties
drwxr-xr-x 2 umecron hadoop    29 Aug  9 15:10 catalog
-rw-r--r-- 1 umecron hadoop   471 Aug  9 15:10 config.properties
-rw-r--r-- 1 umecron hadoop   244 Aug  9 15:10 jvm.config
-rw-r--r-- 1 umecron hadoop    25 Aug  9 15:10 log.properties
-rw-r--r-- 1 umecron hadoop    87 Aug  9 15:10 node.properties
-rwxr--r-- 1 umecron hadoop  2065 Aug  9 15:41 ranger-policymgr-ssl.xml
-rwxr--r-- 1 umecron hadoop 10476 Aug  9 15:41 ranger-presto-audit.xml
-rwxr--r-- 1 umecron hadoop  2655 Aug  9 15:41 ranger-presto-security.xml
-rw-r--r-- 1 umecron hadoop    69 Aug  9 15:41 ranger-security.xml

[umecron@sssss-hdp26-xxx11x ranger-presto-plugin]$ cat  /opt/app/presto-server-317/etc/access-control.properties 
access-control.name=ranger

检查presto的plugin目录下是否生成ranger目录,其中jar包连接到/usr/local/ranger-presto-plugin/lib

[umecron@umetrip-hdp26-xxx11x ranger-presto-plugin]$ ll /opt/app/presto-server-317/plugin/ranger/
total 0
lrwxrwxrwx 1 root root 55 Aug  9 15:41 bootstrap-0.178.jar -> /usr/local/ranger-presto-plugin/lib/bootstrap-0.178.jar
lrwxrwxrwx 1 root root 54 Aug  9 15:41 bval-jsr-2.0.0.jar -> /usr/local/ranger-presto-plugin/lib/bval-jsr-2.0.0.jar
lrwxrwxrwx 1 root root 59 Aug  9 15:41 configuration-0.178.jar -> /usr/local/ranger-presto-plugin/lib/configuration-0.178.jar
lrwxrwxrwx 1 root root 54 Aug  9 15:41 guava-26.0-jre.jar -> /usr/local/ranger-presto-plugin/lib/guava-26.0-jre.jar
lrwxrwxrwx 1 root root 51 Aug  9 15:41 guice-4.2.2.jar -> /usr/local/ranger-presto-plugin/lib/guice-4.2.2.jar
lrwxrwxrwx 1 root root 54 Aug  9 15:41 javax.inject-1.jar -> /usr/local/ranger-presto-plugin/lib/javax.inject-1.jar
lrwxrwxrwx 1 root root 49 Aug  9 15:41 log-0.178.jar -> /usr/local/ranger-presto-plugin/lib/log-0.178.jar
lrwxrwxrwx 1 root root 57 Aug  9 15:41 log-manager-0.178.jar -> /usr/local/ranger-presto-plugin/lib/log-manager-0.178.jar
lrwxrwxrwx 1 root root 80 Aug  9 15:41 ranger-plugin-classloader-2.1.0-SNAPSHOT.jar -> /usr/local/ranger-presto-plugin/lib/ranger-plugin-classloader-2.1.0-SNAPSHOT.jar
lrwxrwxrwx 1 root root 61 Aug  9 15:41 ranger-presto-plugin-impl -> /usr/local/ranger-presto-plugin/lib/ranger-presto-plugin-impl
lrwxrwxrwx 1 root root 80 Aug  9 15:41 ranger-presto-plugin-shim-2.1.0-SNAPSHOT.jar -> /usr/local/ranger-presto-plugin/lib/ranger-presto-plugin-shim-2.1.0-SNAPSHOT.jar
lrwxrwxrwx 1 root root 56 Aug  9 15:41 slf4j-api-1.7.25.jar -> /usr/local/ranger-presto-plugin/lib/slf4j-api-1.7.25.jar
lrwxrwxrwx 1 root root 66 Aug  9 15:41 validation-api-2.0.1.Final.jar -> /usr/local/ranger-presto-plugin/lib/validation-api-2.0.1.Final.jar

检查/opt/app/presto-server-317/plugin/ranger/ranger-presto-plugin-impl/conf/中配置文件是否与/opt/app/presto-server-317/etc/中一致

[umecron@umetrip-hdp26-xxx11x ranger-presto-plugin]$ ll /opt/app/presto-server-317/plugin/ranger/ranger-presto-plugin-impl/conf/
total 44
-rwxrwxrwx 1 umecron hadoop    27 Aug  9 14:01 access-control.properties
drwxr-xr-x 2 umecron hadoop    29 Aug  9 11:15 catalog
-rw-r--r-- 1 umecron hadoop   471 Apr 28 14:22 config.properties
lrwxrwxrwx 1 root    root      30 Aug  9 15:41 etc -> /opt/app/presto-server-317/etc
-rw-r--r-- 1 umecron hadoop   244 Jul 30 21:11 jvm.config
-rw-r--r-- 1 umecron hadoop    25 Mar 25 15:04 log.properties
-rw-r--r-- 1 umecron hadoop    87 Apr 28 14:24 node.properties
-rwxr--r-- 1 umecron hadoop  2065 Aug  9 14:01 ranger-policymgr-ssl.xml
-rwxr--r-- 1 umecron hadoop 10476 Aug  9 14:01 ranger-presto-audit.xml
-rwxr--r-- 1 umecron hadoop  2655 Aug  9 14:01 ranger-presto-security.xml
-rw-r--r-- 1 umecron hadoop    69 Aug  9 14:01 ranger-security.xml

Ranger访问策略本地缓存目录 /etc/ranger/, 目录权限修改为presto启动用户
3.在Ranger Admin中创建presto repository

image.png

jdbc.driver为: io.prestosql.jdbc.PrestoDriver
jdbc.url为: jdbc:presto://10.5.xxx.xxx:8084/catalog
注意：
1)Service Name要与presto plugin配置文件 install.properties中REPOSITORY_NAME一致。
2)Password填写为：***empty***。原因是密码不为空，建立JDBC连接时PrestoDriverUri.java要求必须使用SSL ,否则抛出异常。

            // TODO: fix Tempto to allow empty passwords
            String password = PASSWORD.getValue(properties).orElse("");
            if (!password.isEmpty() && !password.equals("***empty***")) {
                if (!useSecureConnection) {
                    throw new SQLException("Authentication using username/password requires SSL to be enabled");
                }
                builder.addInterceptor(basicAuth(getUser(), password));
            }

如果以JDBC访问，可能要修改PrestoDriverUri.java，去掉必须使用SSL的代码逻辑。

4.重启服务
重启presto: ./launcher.py restart
重启ranger: service ranger-admin restart

不指定username，无权限访问表

image.png

指定授权过username

image.png

网友评论

本文标题：Ranger admin、Presto Plugin安装

本文链接：https://www.haomeiwen.com/subject/ubckjctx.html

延伸阅读

深度阅读

您也可以注册成为美文阅读网的作者，发表您的原创作品、分享您的心情！

Ranger admin、Presto Plugin安装

一. Ranger 编译

二.Ranger-Admin安装

三. 在Prestosql中安装Presto Plugin

相关文章

网友评论

延伸阅读

深度阅读

栏目导航

热点阅读