Skip to main content

Privacera Documentation

Table of ContentsTable of Contents

Ranger Admin properties on Privacera Platform

The following table contains the list of custom properties that can be configured for Ranger Admin. To use a custom property from the table, just add it to the following YML file in the custom-vars folder configured as per your environment:

  • vars.ranger.admin.yml

Property

Description

Values

Default Value

RANGER_ENABLE

RANGER_INSTALL

RANGER_IMAGE_NAME

RANGER_IMAGE_TAG

RANGER_HTTP_PORT

RANGER_EXTERNAL_HTTP_PORT

Property to change the default port number for a non-secured Ranger Admin.

6080

RANGER_HTTPS_PORT

RANGER_EXTERNAL_HTTPS_PORT

Property to change the default port number for a secured Ranger Admin.

6182

RANGER_SSL_ENABLE

RANGER_SSL_SELF_SIGNED

RANGER_HOST_NAME

RANGER_INTERNAL_HOST_NAME

RANGER_ADMIN_PORT

RANGER_ADMIN_PROTOCOL

RANGER_PROTOCOL_URL

RANGER_SVC_IP

RANGER_EXTERNAL_HOST

RANGER_URL

RANGER_EXTERNAL_URL

RANGER_URL_INTERNAL

RANGER_URL_IP

RANGER_SETUP_MODE

RANGER_DB_FLAVOR

RANGER_DB_HOST

RANGER_DB_NAME

RANGER_DB_USER

RANGER_DB_PASSWORD

RANGER_DB_ROOT_USER

RANGER_DB_ROOT_PASSWORD

RANGER_CREATE_DB

RANGER_CREATE_DB_USER

RANGER_DB_SSL_ENABLE

RANGER_DB_SSL_REQUIRED

RANGER_DB_SSL_VERIFY_CERT

RANGER_DB_SSL_AUTH_TYPE

ANGER_ADMIN_DEFAULT_PASSWORD

RANGER_ADMIN_PASSWORD

RANGER_TAGSYNC_PASSWORD

RANGER_USERSYNC_PASSWORD

RANGER_KEYADMIN_PASSWORD

RANGER_VALID_EMAIL_REGEX

Set a custom regular expression to validate an email address.

^[\\w]([\\-\\.\\w\\+])+[\\w\\+]+@[\\w]+[\\w\\-]+[\\w]*\\.([\\w]+[\\w\\-]+[\\w]*(\\.[a-z][a-z|0-9]*)?)$

RANGER_ADMIN_HTTPS_ENABLED

RANGER_ADMIN_KEYSTORE_FILE

RANGER_ADMIN_KEYSTORE_ALIAS

RANGER_ADMIN_KEYSTORE_PASSWORD

RANGER_ADMIN_TRUSTSTORE_ALIAS

RANGER_ADMIN_TRUSTSTORE_PATH

RANGER_ADMIN_TRUSTSTORE_PASSWORD

RANGER_ADMIN_SSL_SIGNED_PEM_FULL_CHAIN

RANGER_ADMIN_SSL_SIGNED_PEM_PRIVATE_KEY

RANGER_ADMIN_SSL_PKCS12_PASSWORD

RANGER_ADMIN_SSL_SIGNED_CERT_FORMAT

RANGER_ADMIN_SSL_SIGNED_PKCS12_ALIAS

RANGER_ADMIN_SSL_SIGNED_PKCS12_FILE

RANGER_SUPPORTED_COMPONENTS

RANGER_SOLR_AUDIT_STORE

RANGER_SOLR_URL

RANGER_SOLR_ZOOKEEPERS

RANGER_SOLR_COLLECTION_NAME

RANGER_SOLR_CONFIG_NAME

RANGER_SOLR_NUMBER_OF_SHARDS

RANGER_SOLR_NUMBER_OF_REPLICAS

RANGER_SOLR_MAX_SHARDS_PER_NODE

RANGER_SOLR_ACL_USER_LIST

RANGER_UNIX_USER

RANGER_UNIX_USER_PASSWORD

RANGER_UNIX_GROUP

RANGER_AUTHENTICATION_METHOD

RANGER_REMOTE_LOGIN_ENABLED

RANGER_AUTH_SERVICE_HOSTNAME

RANGER_AUTH_SERVICE_PORT

RANGER_UNIX_AUTH_SERVICE_KEYSTORE

RANGER_UNIX_AUTH_KEYSTORE_PASSWORD

RANGER_UNIX_AUTH_TRUSTSTORE

RANGER_UNIX_AUTH_TRUSTSTORE_PASSWORD

RANGER_LDAP_URL

RANGER_LDAP_USER_DN_PATTERN

RANGER_LDAP_GROUP_SEARCH_BASE

RANGER_LDAP_GROUP_SEARCH_FILTER

RANGER_LDAP_GROUP_ROLE_ATTRIBUTE

RANGER_LDAP_BASE_DN

RANGER_LDAP_BIND_DN

RANGER_LDAP_BIND_PASSWORD

RANGER_LDAP_REFERRAL

RANGER_LDAP_USER_SEARCH_FILTER

RANGER_LDAP_AD_DOMAIN

RANGER_LDAP_AD_URL

RANGER_LDAP_AD_BASE_DN

RANGER_LDAP_AD_BIND_DN

RANGER_LDAP_AD_BIND_PASSWORD

RANGER_LDAP_AD_REFERRAL

RANGER_LDAP_AD_USER_SEARCH_FILTER

RANGER_SSO_ENABLED

RANGER_SSO_PROVIDER_URL

RANGER_SSO_PUBLICKEY

RANGER_ADMIN_LOG_DIR

RANGER_ADMIN_PID_DIR_PATH

RANGER_XAPOLICYMGR_DIR

RANGER_ADMIN_MAX_HEAP_SIZE

RANGER_EXTERNAL_USER_ADMIN_AUDIT_ENABLED

Enable/disable the admin audits for external users (usersync).

true, false

false

RANGER_PLUGIN_JCEKS_STOREPASS

RANGER_PLUGIN_SSL_KEYSTORE_PASSWORD

RANGER_PLUGIN_SSL_TRUSTSTORE_PASSWORD

RANGER_PLUGIN_KEYSTORE_ALIAS

RANGER_PLUGIN_SOLR_URL_INTERNAL

RANGER_PLUGIN_SOLR_URL_EXTERNAL

RANGER_PLUGIN_SOLR_BASIC_AUTH_ENABLED

RANGER_PLUGIN_SOLR_BASIC_AUTH_USER

RANGER_PLUGIN_SOLR_BASIC_AUTH_PASSWORD

RANGER_PLUGIN_SOLR_ZOOKEEPER

RANGER_PLUGIN_SOLR_ZOOKEEPER_INTERNAL

RANGER_PLUGIN_AUDITS_TO_KAFKA

RANGER_PLUGIN_KAFKA_BROKER_LIST

AWS_RANGER_LB_CERTIFICATE_ARN

RANGER_LB_SSL_CERT

RANGER_LB_BACKEND_PROTOCOL

RANGER_LB_SSL_PORT

RANGER_LB_TARGET_PORT

RANGER_ADMIN_ENCRYPT_SECRETS

RANGER_ADMIN_SECRETS_FILE

RANGER_ADMIN_SECRETS_KEYSTORE_PASSWORD

RANGER_ADMIN_ENCRYPT_PROPS_LIST

RANGER_K8S_LOADBALANCER_EXTERNAL

RANGER_K8S_ANNOTATION_LOADBALANCER_ANNOTATION

RANGER_K8S_MEM_LIMITS

RANGER_K8S_MEM_REQUESTS

RANGER_K8S_CPU_LIMITS

RANGER_K8S_CPU_REQUESTS

RANGER_K8S_REPLICAS

RANGER_ADMIN_GENERAL_PASSWORDS_LIST

RANGER_ADMIN_SSL_PASSWORDS_LIST

RANGER_ADMIN_SIGNED_SSL_PASSWORDS_LIST

RANGER_ADMIN_ENCRYPT_PASSWORDS_LIST

RANGER_INIT_CONTAINER_CUSTOM_COMMAND_LIST

You can provide a list of commands to download custom ``.jars`` to a desired location inside the Ranger container. For example:

RANGER_INIT_CONTAINER_CUSTOM_COMMAND_LIST:-curl https://privacera/public/custom-1.jar -o /opt/ranger/ranger-admin/ews/webapp/WEB-INF/lib/custom-1.jar-curl https://privacera/public/custom-2.jar -o /opt/ranger/ranger-admin/ews/webapp/WEB-INF/lib/custom-2.jar

RANGER_INTERNAL_RESERVED_USERS_ACTIVATE

This property prohibits from any updation/deletion for users which are created as reserved users. Using this property, you can activate Ranger reserved users feature.

true,false

false

RANGER_INTERNAL_RESERVED_USERS

List of users to be marked as Ranger reserved users.

admin,rangerusersync,rangertagsync,keyadmin

Memory Variables

RANGER_HEAP_MIN_MEMORY_MB

Minimum Java Heap memory in MB used by Ranger Admin. For example, RANGER_HEAP_MIN_MEMORY_MB: "1024"

RANGER_HEAP_MIN_MEMORY

Minimum Java Heap memory used by Ranger Admin. Setting this value will override RANGER_HEAP_MIN_MEMORY_MB. For example, RANGER_HEAP_MIN_MEMORY: "1g"

RANGER_HEAP_MAX_MEMORY_MB

Maximum Java Heap memory in MB used by Ranger Admin. For example, RANGER_HEAP_MAX_MEMORY_MB: "1024"

RANGER_HEAP_MAX_MEMORY

Maximum Java Heap memory used by Ranger Admin. Setting this value will override RANGER_HEAP_MAX_MEMORY_MB. For example, RANGER_HEAP_MAX_MEMORY: "1g"

RANGER_K8S_MEM_REQUESTS_MB

Minimum amount of Kubernetes memory in MB to be requested by Ranger Admin. For example, RANGER_K8S_MEM_REQUESTS_MB: "1024"

RANGER_K8S_MEM_REQUESTS

Minimum amount of Kubernetes memory to be used by Ranger Admin. Setting this value will override RANGER_K8S_MEM_REQUESTS_MB. For example, RANGER_K8S_MEM_REQUESTS: "1G"

RANGER_K8S_MEM_LIMITS_MB

Maximum amount of Kubernetes memory in MB to be requested by Ranger Admin. For example, RANGER_K8S_MEM_LIMITS_MB: "1024"

RANGER_K8S_MEM_LIMITS

Maximum amount of Kubernetes memory to be used by Ranger Admin. Setting this value will override RANGER_K8S_MEM_LIMITS_MB. For example, RANGER_K8S_MEM_LIMITS: "1G"

RANGER_CPU_MIN

Minimum amount of Kubernetes CPU to be requested by Ranger Admin. For example, RANGER_CPU_MIN: "0.5"

RANGER_CPU_MAX

Maximum amount of Kubernetes CPU to be used by Ranger Admin. For example, RANGER_CPU_MAX: "0.5"