1 / 17

Apache Ranger

This presentation gives an overview of the Apache Ranger project. It explains Apache Ranger in terms of it's architecture, security, audit and plugin features. <br> <br>Links for further information and connecting<br><br>http://www.amazon.com/Michael-Frampton/e/B00NIQDOOM/<br><br>https://nz.linkedin.com/pub/mike-frampton/20/630/385<br><br>https://open-source-systems.blogspot.com/<br>

semtechs
Download Presentation

Apache Ranger

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What Is Apache Ranger ? ● For data security across the Hadoop platform ● A framework to enable, monitor and manage security ● Supports security in – A multi tenant data lake – Hadoop eco system ● Open source / Apache 2.0 license ● Administration of security policies ● Monitoring of user access ● Offers central UI and REST API's

  2. What Is Apache Ranger ? ● Manage policies for resource access – File, folder, database, table, column ● Policies for users and groups ● Has audit tracking ● Enables policy analytics ● Offers decentralizing data ownership

  3. Ranger Projects ● Which projects does Ranger support ? – Apache Hadoop – Apache Hive – Apache HBase – Apache Storm – Apache Knox – Apache Solr – Apache Kafka – YARN – ATLAS ● No additional OS level process to manage

  4. Ranger Enforcement ● Ranger enforces policy with Java plugins ● Which run as part of the same process i.e. – Namenode (HDFS) – Hive2Server(Hive) – HBase server (Hbase) – Nimbus server (Storm) – Knox server (Knox)

  5. Ranger User Interface

  6. Ranger User Interface ● Ranger has a central user interface ● This interface has tabs for – Access – Admin – Log Sessions – Plugins – Plugin Status – User Sync

  7. Ranger UI Access Tab ● Provides service activity details ● For policies that have Audit enabled - see – Policy id, time, user, service, resource, access, result, – ACL, ip, cluster ● Search on – User, cluster, time, service, result, ip, access, acl ● Filter audit data as required to monitor activity

  8. Ranger UI Admin Tab ● Provides service administration details ● Shows administration details like –Operation, audit type, user, date, action, session id ● Search on – Audit type, user, start date, end date, action, session id ● Filter administration data to monitor – Actions like create, update, delete, password change

  9. Ranger UI Login Sessions Tab ● Provides service login details ● Shows login details like –Session id, login id, result, login type, ip, user agent, time ● Search on – Login id, session id, start date, end date, login type, ip, – User agent, result ● Filter login data to monitor sessions ● Login type is – The mode through which the user tries to login

  10. Ranger UI Plugin Tab ● Provides plugin security agent details ● Shows plugin details like – Date, service name, plugin id, ip, http response code, – Status ● Search on – Plugin ip, plugin id, http response code, start / end date – Service name, cluster name ● The service name is the Hadoop component i.e. – HDFS, Hive, HBase

  11. Ranger UI Plugin Status Tab ● Provides plugin security agent status details ● Shows plugin status details like – Service name, service type, hostname, plugin ip, active date – Download date, update date, tags ● Search on – Hostname, plugin ip, service name, service type ● The service name is the Hadoop component i.e. – HDFS, Hive, HBase

  12. Ranger UI User Sync Tab ● Provides user synchronisation activity details ● Provides a compliance audit trail ● Data from File, LDAP/AD or OS ● Filter on – User name, start / end date, sync source

  13. Ranger Install OS / RDBMS ● The install guide shows OS support for – RHEL / CentOS – Ubuntu – SUSE – Debian ● Ranger supports the following RDBMS – MySQL – Oracle – PostgreSQL – MS SQL ● For storing policy, user, group, audit log information

  14. Ranger Pre Requisites ● What does Ranger need prior to install ? – JDK – LDAP/AD for user / AD group synchronisation – RDBMS – see previous page – Kerberos ● Ranger install creates the components – Admin, UserSync, Key Management Service ● Plugins for Ranger services can then be enabled from UI

  15. Ranger - Knox / Kerberos / MySQL / HDFS

  16. Available Books ● See “Big Data Made Easy” Apress Jan 2015 – See “Mastering Apache Spark” ● Packt Oct 2015 – See “Complete Guide to Open Source Big Data Stack ● “Apress Jan 2018” – ● Find the author on Amazon www.amazon.com/Michael-Frampton/e/B00NIQDOOM/ – Connect on LinkedIn ● www.linkedin.com/in/mike-frampton-38563020 –

  17. Connect ● Feel free to connect on LinkedIn –www.linkedin.com/in/mike-frampton-38563020 ● See my open source blog at open-source-systems.blogspot.com/ – ● I am always interested in – New technology – Opportunities – Technology based issues – Big data integration

More Related