GithubHelp home page GithubHelp logo

bluishglc / ranger-emr-cli-installer Goto Github PK

View Code? Open in Web Editor NEW
8.0 1.0 15.0 178 KB

This is a powerful cli tool for Apache Ranger and AWS EMR automated installation & integration with OpenLDAP & Windows AD. It supports Open-Source Ranger and EMR-Native Ranger both, supports OpenLDAP & Windows AD both, and works in all AWS regions (also including China regions).

Shell 94.77% PowerShell 5.23%
ranger emr ad ldap install integrate tool shell

ranger-emr-cli-installer's Issues

Solr Permission denied with OpenLDAP + Open-Source Ranger example

Hi Laurence,

Thank you so much for putting together this wonderful repo and the tutorial on DZone. I am following the "Apache Ranger and AWS EMR Automated Installation and Integration Series (4): OpenLDAP + Open-Source Ranger", and I got stuck on step 2.3.3 Install Ranger with permission denied on starting Solr.

Here the log output of what I am seeing now.

======================================================================================    INIT SOLR AS RANGER AUDIT STORE    ======================================================================================

Fri Mar  3 00:13:18 CST 2023|INFO|Solr Ranger Home </opt/solr/ranger_audit_server> exists. Will overwrite configurations
Fri Mar  3 00:13:18 CST 2023|INFO|Configuring standalone instance
Fri Mar  3 00:13:18 CST 2023|INFO|Copying Ranger Audit Server configuration to /opt/solr/ranger_audit_server
Fri Mar  3 00:13:18 CST 2023|INFO|Done configuring Solr for Apache Ranger Audit
Fri Mar  3 00:13:18 CST 2023|INFO|Solr HOME for Ranger Audit is /opt/solr/ranger_audit_server
Fri Mar  3 00:13:18 CST 2023|INFO|Data folder for Audit logs is /opt/solr/ranger_audit_server/data
Fri Mar  3 00:13:18 CST 2023|INFO|To start Solr run /opt/solr/ranger_audit_server/scripts/start_solr.sh
Fri Mar  3 00:13:18 CST 2023|INFO|To stop Solr run /opt/solr/ranger_audit_server/scripts/stop_solr.sh
Fri Mar  3 00:13:18 CST 2023|INFO|After starting Solr for RangerAudit, it will listen at 8983. E.g http://ip-____.ec2.internal:8983
Fri Mar  3 00:13:18 CST 2023|INFO|Configure Ranger to use the following URL http://ip-____.ec2.internal:8983/solr/ranger_audits
Fri Mar  3 00:13:18 CST 2023|INFO| ** NOTE: If Solr is Secured then solrclient JAAS configuration has to be added to Ranger Admin and Ranger Plugin properties
Fri Mar  3 00:13:18 CST 2023|INFO| ** Refer documentation on how to configure Ranger for audit to Secure Solr
########## Done ###################
Created file /opt/solr/ranger_audit_server/install_notes.txt with instructions to start and stop
###################################
No process found for Solr node running on port 8983
/opt/solr/bin/solr: line 2246: /opt/solr/bin/solr-8983.pid: Permission denied
Warning: Available entropy is low. As a result, use of the UUIDField, SSL, or any other features that require
RNG might not work properly. To check for the amount of available entropy, use 'cat /proc/sys/kernel/random/entropy_avail'.

Waiting up to 180 seconds to see Solr running on port 8983 [\]  Still not seeing Solr listening on 8983 after 180 seconds!
tail: cannot open ‘/var/log/solr/ranger_audits/solr.log’ for reading: No such file or directory
    
============================================================================    TEST SOLR CONNECTIVITY    ============================================================================

I was running the following shell command on my Ranger server EC2 instance.

sudo sh ./ranger-emr-cli-installer/bin/setup.sh install-ranger \
    --region "$REGION" \
    --access-key-id "$ACCESS_KEY_ID" \
    --secret-access-key "$SECRET_ACCESS_KEY" \
    --solution 'open-source' \
    --auth-provider 'openldap' \
    --openldap-host "$OPENLDAP_HOST" \
    --openldap-base-dn 'dc=example,dc=com' \
    --ranger-bind-dn 'cn=ranger,ou=services,dc=example,dc=com' \
    --ranger-bind-password 'Admin1234!' \
    --openldap-user-dn-pattern 'uid={0},ou=users,dc=example,dc=com' \
    --openldap-group-search-filter '(member=uid={0},ou=users,dc=example,dc=com)' \
    --openldap-user-object-class 'inetOrgPerson'

My shell script and linux permissions are rusty, so any insights or recommendation on how to solve this problem will be great.

Thank you,
Heng

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.