Skip to main content

Privacera Documentation

Privacera Manager services and commands

Privacera Manager (privacera-manager.sh) is a Linux shell script. It functions as a:

  • Configuration controller: Handing installations and updates.

  • Vault: Handling encryption-storage and decryption-retrieval of secure configuration properties.

  • Services controller: Starting, stopping, and reporting status for Privacera service modules.

Privacera Manager is normally installed to, and runs from, ~/privacera/privacera-manager/. To update Privacera Manager, run the following commands:

cd ~/privacera/privacera-manager/
./privacera-manager.sh update

Note

The vim package has been removed from all Privacera service images due to critical vulnerabilities. By default, the privacera-manager vault uses a nano editor.

Privacera Manager as a configuration controller

As a configuration controller, Privacera Manager:

  • Parses the custom property files

  • Deploys the software components

  • Starts Privacera services

You should have passwordless SSH to run the update command. If you do not have passwordless SSH, you need to configure the password in a file to establish a SSH connection. To do so, follow these steps:

  1. Create privacera.inventory file.

    cd ~/privacera/privacera-manager
    vi config/privacera.inventory
    
  2. Add the following at the end of the line:

    ansible_sudo_pass=YOURPASSWORD
    

    Example:

    [servers]
    privacera ansible_connection=localOS_USER=privacera ansible_sudo_pass=$YOURPASSWORD
    

Privacera Manager Vault overview

The Privacera Manager Vault is a secure property vault that can be used to encrypt, store, decrypt, and retrieve properties such as passwords and access tokens from individual configuration files. Using Privacera Vault is optional.

Property values defined in the vault will override property values defined in other custom-vars/vars.*.yml files. The best practice is to delete sensitive variables from other custom-vars/vars.*.yml files as you add them to the Privacera Manager vault.

./privacera-manager.sh vault

Configure Privacera Manager Vault

  1. (Optional) After Privacera Manager is installed, run ./privacera-manager.sh vault

    You are prompted for a password.

  2. Provide a strong password using both alphanumeric and special characters. For example: 'Str0ngP@ssw0rd'.

    The vault opens and displays sample variables.

  3. Uncomment and set variables or add new variables. For example: SSL_DEFAULT_PASSWORD: “S0mOtherStr0ngP@ssw0rd”.

  4. Save and exit.

Re-run ./privacera-manager.sh vault to reopen, and reset or add additional sensitive property values at any point.

Note

The file ~/privacera/privacera-manager/config/custom-vars/vars.privacera-secrets.yml stores this encrypted data. Do not delete this file.

Privacera Manager as a services controller

As a services controller, Privacera Manager is used to start, stop, and report status for the following Privacera modules:

  • Portal

  • Data Access Server

  • Discovery

  • Ranger

  • Ranger UserSync

  • KMS

  • Solr

  • Zookeeper

  • Kafka

  • Pkafka

  • PEG

  • Grafana

  • Graphite

  • MariaDB

Privacera Manager service commands

Command

Description

Usage

stop

Stops all Privacera services. In the Kubernetes environment, once all the privacera services are stopped, run the Update action to start all the services.

./privacera-manager.sh stop

stop <service>

Stops service associated Docker containers or Kubernetes pods. In Kubernetes environment, once a service is stopped, run the update action to start the required service.

./privacera-manager.sh stop <service>

restart

Restarts all Privacera services.

./privacera-manager.sh restart

restart <service>

Restarts service associated Docker containers or Kubernetes pods.

./privacera-manager.sh restart <service>

status

Reports status of all Privacera services.

./privacera-manager.sh status

status <service>

Reports status of service associated Docker containers or Kubernetes pods.

./privacera-manager.sh status <service>

setup

Generates all the installation configurations files and scripts in the docker/output folder before the pods/containers are initialized.

./privacera-manager.sh setup

delete

Deletes the Maria DB container/pod. You can use this command when you want to move to an external database such as PostgreSQL or MySQL, instead of using the internal Maria DB.

./privacera-manager.sh delete mariadb

Verify YAML configuration files

When working with YAML configuration files in the custom-vars folder, you can verify if they are syntactically correct. Before running the install or update, you can choose to run the check command to analyze the YAML files for any formatting orsyntax errors.

Run the following command to check:

./privacera-manager.sh yaml_check

This analyzes the file config/vars.privacera.yml, and all the files under the custom-vars folder.

Note

The yaml_check command does not show all the errors existing in the YAML files, but shows a few common errors such as any extra white line, missing single or double quotes, and so on.

Remove Privacera from an instance or virtual machine

Run the following commands to stop the Privacera services and remove Privacera configuration files and folders completely from an instance or virtual machine.

cd ~/privacera/docker
./privacera_services down
cd ~/
sudo rm -rf privacera

Note

This applies only to Docker-based environments.