基础信息:
centos7 :linux 3.10.0-1160.76.1.el7.x86_64 x86_64 x86_64 x86_64 GNU/Linux
python : python2.7.5(ranger-admin中的PYTHON配置使用),python3.8.3
java: jvm/java-1.8.0 openjdk version "1.8.0_362"
doris:2.1.3
ranger:2.4.0 (ranger-admin, ranger-usersync)
操作过程:
1、编译下载安装ranger-admin,ranger-usersync:
1.1:https://blog.csdn.net/qq_35370485/article/details/133313043
1.2:https://www.cnblogs.com/shine-rainbow/p/17080132.html
2、安装doris-plugin,doris官网地址:https://doris.apache.org/zh-CN/docs/admin-manual/auth/ranger/?_highlight=ranger#%E5%AE%89%E8%A3%85-doris-ranger-%E6%8F%92%E4%BB%B6 完成安装
3、后台启动ranger-admin和ranger-usersync成功后进入rangerui配置doris,配置数据doris-service,配置过程中测试联通性显示
在ranger-admin目录下install.properties文件注释该行 #hadoop_conf=/etc/hadoop/conf 后,执行./setup.sh 启动ranger-admin start,
在rangerui中配置doris-service测试联通性,报错如下
Connection Failed.
Unable to connect repository with given config for zw_doris123_test
在ranger-admin目录下install.properties文件不注释该行 hadoop_conf=/etc/hadoop/conf 后,执行./setup.sh 启动ranger-admin start,
在rangerui中配置doris-service测试联通性,第一层测试联通性显示Connected Successfully.
以上配置add新增成功后
点开配置再次测试,ranger-ui弹窗报错
Connection Failed.
Unable to retrieve any files using given parameters, You can still save the repository and start creating policies, but you would not be able to use autocomplete for resource names. Check ranger_admin.log for more info.
org.apache.ranger.plugin.client.HadoopException: Unable to connect to Presto instance..
Access denied for user 'admin@xx.xx.xx.xx' (using password: YES).
配置doris-policy过程中,不能match到对应数据库表
按照官网配置policy例子,用新建用户登入不能实现policy效果
报错日志:
doris-fe/log/ranger.log报错
2024-05-28 15:39:59 [ PolicyRefresher(serviceName=doris)-267:20467934 ] - [ ERROR ] Error getting Roles; service not found. secureMode=false, user=root (auth:SIMPLE), response=404, serviceName=doris, lastK
nownRoleVersion=-1, lastActivationTimeInMillis=1716881969495
2024-05-28 15:39:59 [ PolicyRefresher(serviceName=doris)-267:20467934 ] - [ ERROR ] RangerRolesProvider(serviceName=doris): failed to find service. Will clean up local cache of roles (-1)
org.apache.ranger.plugin.util.RangerServiceNotFoundException: doris
at org.apache.ranger.plugin.util.RangerServiceNotFoundException.throwExceptionIfServiceNotFound(RangerServiceNotFoundException.java:35)
at org.apache.ranger.admin.client.RangerAdminRESTClient.getRolesIfUpdatedWithCred(RangerAdminRESTClient.java:1231)
at org.apache.ranger.admin.client.RangerAdminRESTClient.getRolesIfUpdated(RangerAdminRESTClient.java:167)
at org.apache.ranger.plugin.util.RangerRolesProvider.loadUserGroupRolesFromAdmin(RangerRolesProvider.java:183)
at org.apache.ranger.plugin.util.RangerRolesProvider.loadUserGroupRoles(RangerRolesProvider.java:123)
at org.apache.ranger.plugin.util.PolicyRefresher.loadRoles(PolicyRefresher.java:495)
at org.apache.ranger.plugin.util.PolicyRefresher.run(PolicyRefresher.java:208)
2024-05-28 15:39:59 [ PolicyRefresher(serviceName=doris)-267:20467944 ] - [ ERROR ] Error getting policies; service not found. secureMode=false, user=root (auth:SIMPLE), response=404, serviceName=doris, l$stKnownVersion=-1, lastActivationTimeInMillis=1716861599375
2024-05-28 15:39:59 [ PolicyRefresher(serviceName=doris)-267:20467945 ] - [ ERROR ] PolicyRefresher(serviceName=doris): failed to find service. Will clean up local cache of policies (-1)
ranger-admin 目录下ranger-admin/ews/logs/ranger-admin-node1-root.log日志报错
2024-05-28 06:07:52,831 [http-nio-6080-exec-8] ERROR [ServiceUtil.java:1364] Requested Service not found. serviceName=doris
2024-05-28 06:07:52,832 [http-nio-6080-exec-8] INFO [RESTErrorUtil.java:346] Request failed. loginId=null, logMessage="RANGER_ERROR_SERVICE_NOT_FOUND: ServiceName=doris"
javax.ws.rs.WebApplicationException: null
