Professional Documents
Culture Documents
e1
RANGER HA RUNBOOK FOR SLB
PROD/QA/DEV ENVIRONMENTS
© Copyright 2019, ATOS PGS sp. z o.o. All rights reserved. Reproduction in whole or in part is prohibited without the prior
written consent of the copyright owner. For any questions or remarks on this document, please contact Atos Poland Global
Services, +48 22 4446500.
OWNER
HDFS HA Runbook for SLB PROD/QA/DEV environments
sys_WordMark_AT_Continued
version: 0.1
Public
document number:
Contents
1 Audience and document purpose...................................................................
2 Components in scope...................................................................................
3 Ranger.......................................................................................................
3.1 Ranger database ackup and restoration....................................................
3.2 Ranger HA configuration.........................................................................
4 Ranger KMS................................................................................................
5 Apache SOLR..............................................................................................
sys_WordMark_AT_Continued
version: 0.1
Public
document number:
List of changes
version Date Description Author(s)
0.1 20.11.2019 Initial document structure created Patryk
Palimaka
sys_WordMark_AT_Continued
version: 0.1
Public
document number:
The document has been prepared for the SLB HDP platform administrators and ATOS team
responsible for maintaining the PROD/QA and DEV environments. End-user/business team was
not meant as a participant in the process nor the document recipient.
Scope of the document describes the current (for the date of document creation) configuration,
processes and detailed steps leading to archive, update and restore the services functionality in
case of HA/DR drill or real-life issue.
Processes described in this document were based on the vendor (HortonWorks) best practices
and/or documentation. Links to them are the integral part of the knowledge required to operate
the runbook.
During this runbook creation – authors followed the suggestions brought together in the
following articles:
Part one:
https://community.cloudera.com/t5/Community-Articles/Disaster-recovery-and-Backup-best-
practices-in-a-typical/ta-p/246641
and part two:
https://community.cloudera.com/t5/Community-Articles/Disaster-recovery-and-Backup-best-
practices-in-a-typical/ta-p/246651
For the knowledge systematization – the following vendor support case was created by Arshad
Amir Jamadar:
https://my.cloudera.com/cases/639712/comments
sys_WordMark_AT_Continued
version: 0.1
Public
document number:
2 Components in scope
To cover the HA/DR processes for Ranger service = the following components were described:
1. Ranger
2. Ranger KMS
3. Apache Solr
sys_WordMark_AT_Continued
version: 0.1
Public
document number:
3 Ranger
Ranger is a framework to enable, monitor and manage comprehensive data security across
the Hadoop platform. The vision with Ranger is to provide comprehensive security across the
Apache Hadoop ecosystem.
https://docs.cloudera.com/HDPDocuments/HDP2/HDP-2.3.2/bk_Ranger_User_Guide/content/
ch09.html
https://docs.cloudera.com/HDPDocuments/Ambari-2.1.2.1/bk_upgrading_Ambari/content/
_perform_backups_mamiu.html
https://docs.cloudera.com/HDPDocuments/Ambari-2.1.1.0/bk_ambari_reference_guide/content/
_back_up_current_data.html
4. Stop Ranger
8. Update Ranger admin pass (if you change your admin pass) on Ambar/Ranger
sys_WordMark_AT_Continued
version: 0.1
Public
document number:
9. Start Ranger.
To enable Ranger in the HDFS HA environment, the HDFS plugin must be set up in each
NameNode, and then pointed to the same HDFS service set up in the Security Manager. Any
policies created within that HDFS service are automatically synchronized to the primary and
secondary NameNodes through the installed Apache Ranger plugin. That way, if the primary
NameNode fails, the secondary namenode takes over and the Ranger plugin at that NameNode
begins to enforce the same policies for access control.
https://docs.cloudera.com/HDPDocuments/HDP2/HDP-2.3.2/bk_Ranger_User_Guide/
content/ch09.html
sys_WordMark_AT_Continued
version: 0.1
Public
document number:
4 Ranger KMS
Ranger Key Management Server (KMS) is based on the Hadoop KMS developed by the Apache
community. It extends the native Hadoop KMS functions by letting you store keys in a secure
database.
https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/
TransparentEncryption.html#Key_Management_Server_KeyProvider_EDEKs
8. Update Ranger KMS admin pass (if you change your admin pass) on Ambar/Ranger KMS
sys_WordMark_AT_Continued
version: 0.1
Public
document number:
5 Apache SOLR
Solr is an open-source enterprise-search platform, written in Java, from the Apache Lucene
project. Its major features include full-text search, hit highlighting, faceted search, real-time
indexing, dynamic clustering, database integration, NoSQL features and rich document handling.
https://blog.cloudera.com/how-to-backup-and-disaster-recovery-for-apache-solr-part-i/
Collections backup:
1. Create a snapshot.