Skip to main content

Privacera Platform

CLI actions

Privacera Manager CLI

Privacera Manager ( is a Linux shell script. It functions as a:

  1. Configuration controller: Handing installations and updates.

  2. Vault: Handling encryption-storage and decryption-retrieval of secure configuration properties.

  3. Service module controller: Starting, stopping, and reporting status for Privacera service modules.

Privacera Manager is normally installed to, and runs from, ~/privacera/privacera-manager/.

cd ~/privacera/privacera-manager/
./ update
Configuration Manager
./ update

As a configuration controller,

  • Parses the custom property files

  • Deploys the software components

  • Starts Privacera services

You should have passwordless SSH to run the update command. If you do not have passwordless SSH, then configure the password in a file to establish a SSH connection, as in the following procedure:

  1. Create privacera.inventory file.

    cd ~/privacera/privacera-manager
    vi config/privacera.inventory
  2. Add the following at the end of the line:



    privacera ansible_connection=localOS_USER=privacera ansible_sudo_pass=$YOURPASSWORD
Privacera Manager Vault

As a secure property vault, it can be used to securely encrypt, store, decrypt, and retrieve properties, such as passwords, or secure access tokens that are otherwise entered, insecurely, into individual configuration files. Privacera Vault usage is optional.

Property value defined in the vault will override property values stored defined in other custom-vars/vars.*.yml files. Best practice is to delete sensitive variables from other custom-vars/vars.*.yml files as they are added to the Privacera Manager vault.

./ vault


  1. Optional: After Privacera Manager is installed, run ./ vault

  2. It will prompt for a password. Provide strong password using both alphanumeric and special characters such as 'Str0ngP@ssw0rd'

  3. The vault will open to display sample variables. Uncomment and set variables or add new variables. e.g SSL_DEFAULT_PASSWORD: “S0mOtherStr0ngP@ssw0rd”.

  4. Save and exit.

Re-run ./ vault to reopen, and reset or add additional sensitive property values at any point.

Note: File ~/privacera/privacera-manager/config/custom-vars/vars.privacera-secrets.yml stores this encrypted data. Do not delete this file.


File ~/privacera/privacera-manager/config/custom-vars/vars.privacera-secrets.yml stores this encrypted data. Do not delete this file.

Services Controller

As a Services controller, Privacera Manager is used to start, stop, and report status for the following Privacera modules:

  • portal

  • dataserver

  • discovery

  • ranger

  • ranger-usersync

  • kms

  • solr

  • zookeeper

  • kafka

  • pkafka

  • peg

  • grafana

  • graphite

  • mariadb

Service Commands





Stops all Privacera services. In the Kubernetes environment, once all the privacera services are stopped, run the Update action to start all the services.

./ stop

stop <service>

Stops service associated Docker containers or Kubernetes pods. In Kubernetes environment, once a service is stopped, run the update action to start the required service.

./ stop <service>


Restarts all Privacera services.

./ restart

restart <service>

Restarts service associated Docker containers or Kubernetes pods.

./ restart <service>


Reports status of all Privacera services.

./ status

status <service>

Reports status of service associated Docker containers or Kubernetes pods.

./ status <service>


Generates all the installation configurations files and scripts in the docker/output folder before the pods/containers are initialized.

./ setup


Deletes the Maria DB container/pod. You can use this command when you want to move to an external database such as PostgreSQL or MySQL, instead of using the internal Maria DB.

./ delete mariadb

Verify YAML configuration files

When working with YAML configuration files in the custom-vars folder, you can verify if they are syntactically correct. Before running the install/update, you can choose to run the check command to analyze the YAML files for any formatting/syntax errors.

The following is the command to run the check command. It will analyze the file config/vars.privacera.yml, and all the files under the custom-vars folder.

./ yaml_check


The yaml_check command does not show all the errors existing in the YAML files, but a few common errors such as any extra white line, missing single/double quotes and so on. To troubleshoot the errors, see Common Errors/Warnings in YAML Config Files.

Remove Privacera from an instance or virtual machine

Run the following commands to stop the Privacera services and remove Privacera configuration files and folders completely from an instance or virtual machine. This is applicable only to Docker-based environments.

cd ~/privacera/docker
./privacera_services down
cd ~/
sudo rm -rf privacera