Skip to main content

Privacera Documentation

Ranger TagSync custom properties on Privacera Platform

The following table contains the list of custom properties that can be configured for Ranger Tagsync. To use a custom property from the table, just add it to the following YML file in the custom-vars folder configured as per your environment:

  • vars.ranger.tagsync.yml

Property

Description

Values

Default Value

RANGER_TAGSYNC_INSTALL

To enable Tagsync, set this property to true.

false

RANGER_TAGSYNC_IMAGE_NAME

Privacera Tagsync image name

{{privacera_hub_url}}/ranger-tagsync

RANGER_TAGSYNC_IMAGE_TAG

Privacera Tagsync image tag name

PRIVACERA_IMAGE_TAG

TAGSYNC_RANGER_URL

Ranger URL for the Tagsync to sync the tags.

http://ranger:6080

TAGSYNC_TAG_SOURCE_ATLASREST_ENDPOINT

Required only when you set the SOURCE as REST.

${ATLAS_HOST}:21000

TAGSYNC_RANGERTAGSYNC_PASSWORD

Password for Tagsync user to use an API to Ranger.

welcome1

TAGSYNC_TAG_DEST_RANGER_ENDPOINT

Ranger URL for the Tagsync to sync the tags.

http://ranger:6080

TAGSYNC_TAG_DEST_RANGER_SSL_CONFIG_FILENAME

SSL config file name is used by Tagsync to push tags to SSL-enabled Ranger and PolicyMgr files. It is required to be modified only when custom changes are made to the file.

/opt/ranger/ranger-tagsync/conf.dist/ranger-policymgr-ssl.xml

TAGSYNC_TAG_SOURCE_ATLAS_ENABLED

Enable Kafka as a SOURCE for Tagsync.

true

TAGSYNC_TAG_SOURCE_ATLAS_KAFKA_SERVICE_NAME

Service Name to be used while communicating with Kafka.

kafka

TAGSYNC_TAG_SOURCE_ATLAS_KAFKA_SECURITY_PROTOCOL

Protocol to be used to communicate to Kafka.

PLAINTEXTSASL

TAGSYNC_TAG_SOURCE_ATLAS_KERBEROS_PRINCIPAL

If Kafka is kerberos-enabled, then set the value to the principal name used by Tagsync to sync the tags.

TAGSYNC_TAG_SOURCE_ATLAS_KERBEROS_KEYTAB

If Kafka is kerberos-enabled, then set the value to the keytab location used by Tagsync to sync the tags.

TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED

Enable REST-based Tagsync to Ranger. This is not recommended as REST has limitation for number of tags it can push to Ranger.

false

TAGSYNC_TAG_SOURCE_ATLASREST_DOWNLOAD_INTERVAL_IN_MILLIS

Tagsync interval required only when TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED is set to true.

900000

TAGSYNC_TAG_SOURCE_ATLASREST_USERNAME

Atlas user name required only when TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED is set to true.

TAGSYNC_TAG_SOURCE_ATLASREST_PASSWORD

Atlas password required only when TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED is set to true.

TAGSYNC_TAG_SOURCE_FILE_ENABLED

To enable file-based TagSync.

false

TAGSYNC_TAG_SOURCE_FILE_FILENAME

Location of the file required only when TAGSYNC_TAG_SOURCE_FILE_ENABLED is set to true.

/etc/ranger/data/tags.json

TAGSYNC_TAG_SOURCE_FILE_CHECK_INTERVAL_IN_MILLIS

Tagsync interval, required only when TAGSYNC_TAG_SOURCE_FILE_ENABLED is set to true.

60000

TAGSYNC_TAGSYNC_ATLAS_CUSTOM_RESOURCE_MAPPERS

Any custom mappers to be configured in Tagsync for mapping Atlas entities to Ranger type definitions.

org.apache.ranger.tagsync.source.atlas.AtlasS3ResourceMapper

TAGSYNC_TAGSYNC_KEYSTORE_FILENAME

File will be generated to store the credentials for Ranger password for rangerTagsync user.

/etc/ranger/tagsync/conf/rangertagsync.jceks

TAGSYNC_TAG_SOURCE_ATLASREST_KEYSTORE_FILENAME

File will be generated to store the password for Atlas when TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED is set to true.

/etc/ranger/tagsync/conf/atlasuser.jceks

TAGSYNC_TAG_SOURCE_ATLASREST_SSL_CONFIG_FILENAME

SSL config file name to communicate to Atlas required when TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED is set to true.

TAGSYNC_UNIX_USER

User to run the process.

ranger

TAGSYNC_UNIX_GROUP

File permission group.

ranger

TAGSYNC_LOGDIR

Log location for Tagsync application.

log

TAGSYNC_PID_DIR_PATH

Location to store the PID file for the Java process.

/var/run/ranger

TAGSYNC_IS_SECURE

Property to check whether Tagsync Is secure (kerberos-enabled).

false

TAGSYNC_PRINCIPAL

Tagsync principal required only when the TAGSYNC_IS_SECURE is set to true.

TAGSYNC_KEYTAB

Tagsync keytab location required only when the TAGSYNC_IS_SECURE is set to true.

TAGSYNC_HADOOP_CONF

Hadoop Conf location.

/etc/hadoop/conf

TAGSYNC_FILE_PERMISSION

File permission on the PM host for the templates generated by PM. For example, file permissions on the file, install.properties.

700

TAGSYNC_K8S_SERVICE_ACCOUNT

Service Account Name to be used during installation in a Kubernetes environment.

privacera-sa

TAGSYNC_ROOT_LOG_LEVEL

Log-level for the root.

info

TAGSYNC_RANGER_LOG_LEVEL

Log-level for the org.apache.ranger.tagsync package.

info

Memory Variables

TAGSYNC_SMALL_MEMORY_MB

TAGSYNC MEMORY in MB for Java process if deployment size is set to SMALL.

1024

TAGSYNC_MEDIUM_MEMORY_MB

TAGSYNC MEMORY in MB for Java process if deployment size is set to MEDIUM.

4096

TAGSYNC_LARGE_MEMORY_MB

TAGSYNC MEMORY in MB for Java process if deployment size is set to LARGE.

8192

TAGSYNC_HEAP_MIN_MEMORY_MB

Depending upon the DEPLOYMENT SIZE the value will be calculated above properties.

1024

TAGSYNC_HEAP_MIN_MEMORY

Minimum Java Heap memory used by Ranger Tagsync. Setting this value will override TAGSYNC_HEAP_MIN_MEMORY_MB. For example, TAGSYNC_HEAP_MIN_MEMORY: "1g"

1024M

TAGSYNC_HEAP_MAX_MEMORY_MB

Maximum Java Heap memory in MB used by Ranger Tagsync. For example, TAGSYNC_HEAP_MAX_MEMORY_MB: "1024"

1024

TAGSYNC_HEAP_MAX_MEMORY

Maximum Java Heap memory used by Ranger Tagsync. Setting this value will override TAGSYNC_HEAP_MAX_MEMORY_MB. For example, TAGSYNC_HEAP_MAX_MEMORY: "1g"

1024M

TAGSYNC_K8S_MEM_REQUESTS_MB

Minimum amount of Kubernetes memory in MB to be requested by Ranger Tagsync. For example, TAGSYNC_K8S_MEM_REQUESTS_MB: "1024"

1024

TAGSYNC_K8S_MEM_REQUESTS

Minimum amount of Kubernetes memory to be used by Ranger Tagsync. Setting this value will override TAGSYNC_K8S_MEM_REQUESTS_MB. For example, TAGSYNC_K8S_MEM_REQUESTS: "1G"

1024M

TAGSYNC_K8S_MEM_LIMITS_MB

Maximum amount of Kubernetes memory in MB to be requested by Ranger Tagsync. For example, TAGSYNC_K8S_MEM_LIMITS_MB: "1024"

1024

TAGSYNC_K8S_MEM_LIMITS

Maximum amount of Kubernetes memory to be used by Ranger Tagsync. Setting this value will override TAGSYNC_K8S_MEM_LIMITS_MB. For example, TAGSYNC_K8S_MEM_LIMITS: "1G"

1024M

TAGSYNC_CPU_MIN

Minimum amount of Kubernetes CPU to be requested by Ranger Tagsync. For example, TAGSYNC_CPU_MIN: "0.5"

0.5

TAGSYNC_CPU_MAX

Maximum amount of Kubernetes CPU to be used by Ranger Tagsync. For example, TAGSYNC_CPU_MAX: "0.5"

0.5

TAGSYNC_K8S_CPU_REQUESTS

Minimum amount of Kubernetes CPU to be requested by Ranger Tagsync. For example, TAGSYNC_CPU_MIN: "0.5"

0.5

TAGSYNC_K8S_CPU_LIMITS

Maximum amount of Kubernetes CPU to be used by Ranger Tagsync. For example, TAGSYNC_CPU_MAX: "0.5"

0.5

TAGSYNC_HELM_CHART_VERSION

Tagsync Helm Chart Version

4.3.0