HDDS-14266. [Website v2] [Docs] [Administrator Guide] Configuring Apache Ranger #191
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jojochuang
approved these changes
Jan 1, 2026
jojochuang
reviewed
Jan 1, 2026
Contributor
jojochuang
left a comment
jojochuang
left a comment
There was a problem hiding this comment.
lgtm. will merge as is.
Some review comments added. We can address them later. @rich7420 please help open jiras to follow up.
Note this page just talks about initializing Ozone to perform authorization check using Ranger. It does not touch upon using Ranger to configure authorization policies for Ozone volume/bucket/key.
| export OZONE_MANAGER_CLASSPATH="${OZONE_HOME}/share/ozone/lib/libext/*" | ||
| ``` | ||
|
|
||
| - The location of the ranger-ozone-plugin jars depends on where the Ranger Plugin is installed. |
Contributor
There was a problem hiding this comment.
Not clear what this "ranger-ozone-plugin jars" is. A little explanation is needed.
cc @smengcl
|
|
||
| To use Apache Ranger, you must have Apache Ranger installed in your Hadoop Cluster. For installation instructions of Apache Ranger, please take a look at the [Apache Ranger website](https://ranger.apache.org/index.html). | ||
|
|
||
| If you have a working Apache Ranger installation that is aware of Ozone, then configuring Ozone to work with Apache Ranger is trivial. You have to enable the ACLs support and set the acl authorizer class inside Ozone to be Ranger authorizer. Please add the following properties to the `ozone-site.xml`. |
Contributor
There was a problem hiding this comment.
the configurations are to be added to the ozone-site.xml of Ozone Managers.
Author
|
thanks for the review @jojochuang ! I've opened a jira issue HDDS-14331. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What changes were proposed in this pull request?
Migrate the whole page in the v1 doc "Apache Ranger
" https://ozone.apache.org/docs/edge/security/securitywithranger.html minus the last section pertaining to the Ranger permissions,
to v2 doc page "Configuring Apache Ranger" https://ozone-site-v2.staged.apache.org/docs/administrator-guide/configuration/security/ranger
What is the link to the Apache Jira?
HDDS-14266
How was this patch tested?
Check off which of the following tests were done on this change. If additional testing was done, please elaborate here as well.