Skip to content

Enable or disable Ranger policy delta in Ranger Admin

Overview

Ranger Policy Delta is a feature in Apache Ranger that enhances policy loading efficiency by fetching only the incremental changes (deltas) from the database instead of reloading the entire policy set. This optimization improves performance, reduces network load, and accelerates policy synchronization across Ranger plugins. By enabling policy delta, Ranger Admin ensures streamlined policy updates, minimizing resource consumption while keeping access controls up to date.

Configure Ranger Policy Delta

Follow these steps to configure the Policy delta feature for Ranger Admin service:

  1. SSH into the instance where Privacera Manager is installed.
  2. Navigate to the privacera-manager directory using the following command:
    Bash
    1
    cd ~/privacera/privacera-manager/
  3. Run the following command to copy the sample vars. The -n flag ensures that the file is not overwritten if it already exists:
    Bash
    1
    cp -n config/sample-vars/vars.ranger.admin.yml config/custom-vars/

  4. Run the following command to open the .yml file for editing.

    Bash
    1
    vi config/custom-vars/vars.ranger.admin.yml

    1. Add or update the following property:
    Variable Definition
    ENABLE_RANGER_ADMIN_SUPPORTS_POLICY_DELTAS Enables policy delta feature. Default is "true"
    YAML
    1
    ENABLE_RANGER_ADMIN_SUPPORTS_POLICY_DELTAS: "true"

  5. Once the property is configured, update your Privacera Manager platform instance by following the

    Bash
    1
2
3
    cd ~/privacera/privacera-manager
./privacera-manager.sh setup
./pm_with_helm.sh upgrade

Ranger Policy Delta is enabled by default. To disable the feature, set the ENABLE_RANGER_ADMIN_SUPPORTS_POLICY_DELTAS property to false in the vars.ranger.admin.yml file.

Comments