Skip to main content

Privacera Documentation

Ranger Admin properties on Privacera Platform

The following table contains the list of custom properties that can be configured for Ranger Admin. To use a custom property from the table, just add it to the following YML file in the custom-vars folder configured as per your environment:

  • vars.ranger.admin.yml

Property

Description

Values

Default Value

RANGER_ENABLE

RANGER_INSTALL

RANGER_IMAGE_NAME

RANGER_IMAGE_TAG

RANGER_HTTP_PORT

RANGER_EXTERNAL_HTTP_PORT

Property to change the default port number for a non-secured Ranger Admin.

6080

RANGER_HTTPS_PORT

RANGER_EXTERNAL_HTTPS_PORT

Property to change the default port number for a secured Ranger Admin.

6182

RANGER_SSL_ENABLE

RANGER_SSL_SELF_SIGNED

RANGER_HOST_NAME

RANGER_INTERNAL_HOST_NAME

RANGER_ADMIN_PORT

RANGER_ADMIN_PROTOCOL

RANGER_PROTOCOL_URL

RANGER_SVC_IP

RANGER_EXTERNAL_HOST

RANGER_URL

RANGER_EXTERNAL_URL

RANGER_URL_INTERNAL

RANGER_URL_IP

RANGER_SETUP_MODE

RANGER_DB_FLAVOR

RANGER_DB_HOST

RANGER_DB_NAME

RANGER_DB_USER

RANGER_DB_PASSWORD

RANGER_DB_ROOT_USER

RANGER_DB_ROOT_PASSWORD

RANGER_CREATE_DB

RANGER_CREATE_DB_USER

RANGER_DB_SSL_ENABLE

RANGER_DB_SSL_REQUIRED

RANGER_DB_SSL_VERIFY_CERT

RANGER_DB_SSL_AUTH_TYPE

ANGER_ADMIN_DEFAULT_PASSWORD

RANGER_ADMIN_PASSWORD

RANGER_TAGSYNC_PASSWORD

RANGER_USERSYNC_PASSWORD

RANGER_KEYADMIN_PASSWORD

RANGER_VALID_EMAIL_REGEX

Set a custom regular expression to validate an email address.

^[\\w]([\\-\\.\\w\\+])+[\\w\\+]+@[\\w]+[\\w\\-]+[\\w]*\\.([\\w]+[\\w\\-]+[\\w]*(\\.[a-z][a-z|0-9]*)?)$

RANGER_ADMIN_HTTPS_ENABLED

RANGER_ADMIN_KEYSTORE_FILE

RANGER_ADMIN_KEYSTORE_ALIAS

RANGER_ADMIN_KEYSTORE_PASSWORD

RANGER_ADMIN_TRUSTSTORE_ALIAS

RANGER_ADMIN_TRUSTSTORE_PATH

RANGER_ADMIN_TRUSTSTORE_PASSWORD

RANGER_ADMIN_SSL_SIGNED_PEM_FULL_CHAIN

RANGER_ADMIN_SSL_SIGNED_PEM_PRIVATE_KEY

RANGER_ADMIN_SSL_PKCS12_PASSWORD

RANGER_ADMIN_SSL_SIGNED_CERT_FORMAT

RANGER_ADMIN_SSL_SIGNED_PKCS12_ALIAS

RANGER_ADMIN_SSL_SIGNED_PKCS12_FILE

RANGER_SUPPORTED_COMPONENTS

RANGER_SOLR_AUDIT_STORE

RANGER_SOLR_URL

RANGER_SOLR_ZOOKEEPERS

RANGER_SOLR_COLLECTION_NAME

RANGER_SOLR_CONFIG_NAME

RANGER_SOLR_NUMBER_OF_SHARDS

RANGER_SOLR_NUMBER_OF_REPLICAS

RANGER_SOLR_MAX_SHARDS_PER_NODE

RANGER_SOLR_ACL_USER_LIST

RANGER_UNIX_USER

RANGER_UNIX_USER_PASSWORD

RANGER_UNIX_GROUP

RANGER_AUTHENTICATION_METHOD

RANGER_REMOTE_LOGIN_ENABLED

RANGER_AUTH_SERVICE_HOSTNAME

RANGER_AUTH_SERVICE_PORT

RANGER_UNIX_AUTH_SERVICE_KEYSTORE

RANGER_UNIX_AUTH_KEYSTORE_PASSWORD

RANGER_UNIX_AUTH_TRUSTSTORE

RANGER_UNIX_AUTH_TRUSTSTORE_PASSWORD

RANGER_LDAP_URL

RANGER_LDAP_USER_DN_PATTERN

RANGER_LDAP_GROUP_SEARCH_BASE

RANGER_LDAP_GROUP_SEARCH_FILTER

RANGER_LDAP_GROUP_ROLE_ATTRIBUTE

RANGER_LDAP_BASE_DN

RANGER_LDAP_BIND_DN

RANGER_LDAP_BIND_PASSWORD

RANGER_LDAP_REFERRAL

RANGER_LDAP_USER_SEARCH_FILTER

RANGER_LDAP_AD_DOMAIN

RANGER_LDAP_AD_URL

RANGER_LDAP_AD_BASE_DN

RANGER_LDAP_AD_BIND_DN

RANGER_LDAP_AD_BIND_PASSWORD

RANGER_LDAP_AD_REFERRAL

RANGER_LDAP_AD_USER_SEARCH_FILTER

RANGER_SSO_ENABLED

RANGER_SSO_PROVIDER_URL

RANGER_SSO_PUBLICKEY

RANGER_ADMIN_LOG_DIR

RANGER_ADMIN_PID_DIR_PATH

RANGER_XAPOLICYMGR_DIR

RANGER_ADMIN_MAX_HEAP_SIZE

RANGER_EXTERNAL_USER_ADMIN_AUDIT_ENABLED

Enable/disable the admin audits for external users (usersync).

true, false

false

RANGER_PLUGIN_JCEKS_STOREPASS

RANGER_PLUGIN_SSL_KEYSTORE_PASSWORD

RANGER_PLUGIN_SSL_TRUSTSTORE_PASSWORD

RANGER_PLUGIN_KEYSTORE_ALIAS

RANGER_PLUGIN_SOLR_URL_INTERNAL

RANGER_PLUGIN_SOLR_URL_EXTERNAL

RANGER_PLUGIN_SOLR_BASIC_AUTH_ENABLED

RANGER_PLUGIN_SOLR_BASIC_AUTH_USER

RANGER_PLUGIN_SOLR_BASIC_AUTH_PASSWORD

RANGER_PLUGIN_SOLR_ZOOKEEPER

RANGER_PLUGIN_SOLR_ZOOKEEPER_INTERNAL

RANGER_PLUGIN_AUDITS_TO_KAFKA

RANGER_PLUGIN_KAFKA_BROKER_LIST

AWS_RANGER_LB_CERTIFICATE_ARN

RANGER_LB_SSL_CERT

RANGER_LB_BACKEND_PROTOCOL

RANGER_LB_SSL_PORT

RANGER_LB_TARGET_PORT

RANGER_ADMIN_ENCRYPT_SECRETS

RANGER_ADMIN_SECRETS_FILE

RANGER_ADMIN_SECRETS_KEYSTORE_PASSWORD

RANGER_ADMIN_ENCRYPT_PROPS_LIST

RANGER_K8S_LOADBALANCER_EXTERNAL

RANGER_K8S_ANNOTATION_LOADBALANCER_ANNOTATION

RANGER_K8S_MEM_LIMITS

RANGER_K8S_MEM_REQUESTS

RANGER_K8S_CPU_LIMITS

RANGER_K8S_CPU_REQUESTS

RANGER_K8S_REPLICAS

RANGER_ADMIN_GENERAL_PASSWORDS_LIST

RANGER_ADMIN_SSL_PASSWORDS_LIST

RANGER_ADMIN_SIGNED_SSL_PASSWORDS_LIST

RANGER_ADMIN_ENCRYPT_PASSWORDS_LIST

RANGER_INIT_CONTAINER_CUSTOM_COMMAND_LIST

You can provide a list of commands to download custom ``.jars`` to a desired location inside the Ranger container. For example:

RANGER_INIT_CONTAINER_CUSTOM_COMMAND_LIST:-curl https://privacera/public/custom-1.jar -o /opt/ranger/ranger-admin/ews/webapp/WEB-INF/lib/custom-1.jar-curl https://privacera/public/custom-2.jar -o /opt/ranger/ranger-admin/ews/webapp/WEB-INF/lib/custom-2.jar

RANGER_INTERNAL_RESERVED_USERS_ACTIVATE

This property prohibits from any updation/deletion for users which are created as reserved users. Using this property, you can activate Ranger reserved users feature.

true,false

false

RANGER_INTERNAL_RESERVED_USERS

List of users to be marked as Ranger reserved users.

admin,rangerusersync,rangertagsync,keyadmin

Memory Variables

RANGER_HEAP_MIN_MEMORY_MB

Minimum Java Heap memory in MB used by Ranger Admin. For example, RANGER_HEAP_MIN_MEMORY_MB: "1024"

RANGER_HEAP_MIN_MEMORY

Minimum Java Heap memory used by Ranger Admin. Setting this value will override RANGER_HEAP_MIN_MEMORY_MB. For example, RANGER_HEAP_MIN_MEMORY: "1g"

RANGER_HEAP_MAX_MEMORY_MB

Maximum Java Heap memory in MB used by Ranger Admin. For example, RANGER_HEAP_MAX_MEMORY_MB: "1024"

RANGER_HEAP_MAX_MEMORY

Maximum Java Heap memory used by Ranger Admin. Setting this value will override RANGER_HEAP_MAX_MEMORY_MB. For example, RANGER_HEAP_MAX_MEMORY: "1g"

RANGER_K8S_MEM_REQUESTS_MB

Minimum amount of Kubernetes memory in MB to be requested by Ranger Admin. For example, RANGER_K8S_MEM_REQUESTS_MB: "1024"

RANGER_K8S_MEM_REQUESTS

Minimum amount of Kubernetes memory to be used by Ranger Admin. Setting this value will override RANGER_K8S_MEM_REQUESTS_MB. For example, RANGER_K8S_MEM_REQUESTS: "1G"

RANGER_K8S_MEM_LIMITS_MB

Maximum amount of Kubernetes memory in MB to be requested by Ranger Admin. For example, RANGER_K8S_MEM_LIMITS_MB: "1024"

RANGER_K8S_MEM_LIMITS

Maximum amount of Kubernetes memory to be used by Ranger Admin. Setting this value will override RANGER_K8S_MEM_LIMITS_MB. For example, RANGER_K8S_MEM_LIMITS: "1G"

RANGER_CPU_MIN

Minimum amount of Kubernetes CPU to be requested by Ranger Admin. For example, RANGER_CPU_MIN: "0.5"

RANGER_CPU_MAX

Maximum amount of Kubernetes CPU to be used by Ranger Admin. For example, RANGER_CPU_MAX: "0.5"