Apache Ranger provides a centralized framework for permission management, implementing fine-grained access control for components in the Hadoop ecosystem, such as HDFS, Hive, YARN, Kafka, Storm, and Solr. It also provides a UI that allows administrators to perform operations more conveniently.

Create a cluster

Select the Ranger service when you create a cluster in E-MapReduce 2.9.2/3.9.0 or later on the E-MapReduce console.

Create a cluster

If an E-MapReduce cluster 2.9.2/3.9.0 or later has been created without Ranger, you can go to the Clusters and Services page to add it.

Clusters and Services
  • When Ranger is enabled, there is no impact or limitation on the application until the security control policy is set.
  • The user policy set in Ranger is the cluster Hadoop account.

Ranger UI

After installing Ranger on the cluster, click Manage in the Actions column, and then click Access Links and Ports in the navigation pane on the left. You can then access the Ranger UI by clicking on the link, as shown in the following figure.

Access Links and Ports

Enter the Ranger UI. The default user name and password are both admin, as shown in the following figure.

Ranger UI Service Manager

Modify the password

After you first log on, the administrator needs to modify the password of the admin account, as shown in the following figure.

Modify the password Modify the password

After you change the admin password, in the admin drop-down list in the upper-right corner, click Log Out. You can then log on again with the new password.

Integrate Ranger into other services

After completing the preceding steps, you can integrate Ranger into the services in the cluster to control the relevant permissions. For more information, see the following: