diff --git a/roles/hbase/common/templates/hbase/install_hbase.properties.j2 b/roles/hbase/common/templates/hbase/install_hbase.properties.j2 index 61fc3220..b388e045 100644 --- a/roles/hbase/common/templates/hbase/install_hbase.properties.j2 +++ b/roles/hbase/common/templates/hbase/install_hbase.properties.j2 @@ -161,3 +161,25 @@ CUSTOM_USER=hbase # CUSTOM_COMPONENT_GROUP= # keep blank if component group is default CUSTOM_GROUP=hadoop + +XAAUDIT.ELASTICSEARCH.ENABLE=false +XAAUDIT.ELASTICSEARCH.URL=NONE +XAAUDIT.ELASTICSEARCH.USER=NONE +XAAUDIT.ELASTICSEARCH.PASSWORD=NONE +XAAUDIT.ELASTICSEARCH.INDEX=NONE +XAAUDIT.ELASTICSEARCH.PORT=NONE +XAAUDIT.ELASTICSEARCH.PROTOCOL=NONE + +XAAUDIT.AMAZON_CLOUDWATCH.ENABLE=false +XAAUDIT.AMAZON_CLOUDWATCH.LOG_GROUP=NONE +XAAUDIT.AMAZON_CLOUDWATCH.LOG_STREAM_PREFIX=NONE +XAAUDIT.AMAZON_CLOUDWATCH.FILE_SPOOL_DIR=NONE +XAAUDIT.AMAZON_CLOUDWATCH.REGION=NONE + +#Log4j Audit Provider +XAAUDIT.LOG4J.ENABLE=true +XAAUDIT.LOG4J.IS_ASYNC=false +XAAUDIT.LOG4J.ASYNC.MAX.QUEUE.SIZE=10240 +XAAUDIT.LOG4J.ASYNC.MAX.FLUSH.INTERVAL.MS=30000 +XAAUDIT.LOG4J.DESTINATION.LOG4J=true +XAAUDIT.LOG4J.DESTINATION.LOG4J.LOGGER=xaaudit \ No newline at end of file diff --git a/roles/hdfs/common/templates/install_hdfs.properties.j2 b/roles/hdfs/common/templates/install_hdfs.properties.j2 index 75f7ff56..c45e3419 100644 --- a/roles/hdfs/common/templates/install_hdfs.properties.j2 +++ b/roles/hdfs/common/templates/install_hdfs.properties.j2 @@ -146,3 +146,25 @@ CUSTOM_USER=hdfs # CUSTOM_COMPONENT_GROUP= # keep blank if component group is default CUSTOM_GROUP=hadoop + +XAAUDIT.ELASTICSEARCH.ENABLE=false +XAAUDIT.ELASTICSEARCH.URL=NONE +XAAUDIT.ELASTICSEARCH.USER=NONE +XAAUDIT.ELASTICSEARCH.PASSWORD=NONE +XAAUDIT.ELASTICSEARCH.INDEX=NONE +XAAUDIT.ELASTICSEARCH.PORT=NONE +XAAUDIT.ELASTICSEARCH.PROTOCOL=NONE + +XAAUDIT.AMAZON_CLOUDWATCH.ENABLE=false +XAAUDIT.AMAZON_CLOUDWATCH.LOG_GROUP=NONE +XAAUDIT.AMAZON_CLOUDWATCH.LOG_STREAM_PREFIX=NONE +XAAUDIT.AMAZON_CLOUDWATCH.FILE_SPOOL_DIR=NONE +XAAUDIT.AMAZON_CLOUDWATCH.REGION=NONE + +#Log4j Audit Provider +XAAUDIT.LOG4J.ENABLE=true +XAAUDIT.LOG4J.IS_ASYNC=false +XAAUDIT.LOG4J.ASYNC.MAX.QUEUE.SIZE=10240 +XAAUDIT.LOG4J.ASYNC.MAX.FLUSH.INTERVAL.MS=30000 +XAAUDIT.LOG4J.DESTINATION.LOG4J=true +XAAUDIT.LOG4J.DESTINATION.LOG4J.LOGGER=xaaudit diff --git a/roles/hive/common/templates/install.properties.j2 b/roles/hive/common/templates/install.properties.j2 index e7669997..59c2b262 100755 --- a/roles/hive/common/templates/install.properties.j2 +++ b/roles/hive/common/templates/install.properties.j2 @@ -158,3 +158,25 @@ CUSTOM_USER=hive # CUSTOM_COMPONENT_GROUP= # keep blank if component group is default CUSTOM_GROUP=hadoop + +XAAUDIT.ELASTICSEARCH.ENABLE=false +XAAUDIT.ELASTICSEARCH.URL=NONE +XAAUDIT.ELASTICSEARCH.USER=NONE +XAAUDIT.ELASTICSEARCH.PASSWORD=NONE +XAAUDIT.ELASTICSEARCH.INDEX=NONE +XAAUDIT.ELASTICSEARCH.PORT=NONE +XAAUDIT.ELASTICSEARCH.PROTOCOL=NONE + +XAAUDIT.AMAZON_CLOUDWATCH.ENABLE=false +XAAUDIT.AMAZON_CLOUDWATCH.LOG_GROUP=NONE +XAAUDIT.AMAZON_CLOUDWATCH.LOG_STREAM_PREFIX=NONE +XAAUDIT.AMAZON_CLOUDWATCH.FILE_SPOOL_DIR=NONE +XAAUDIT.AMAZON_CLOUDWATCH.REGION=NONE + +#Log4j Audit Provider +XAAUDIT.LOG4J.ENABLE=true +XAAUDIT.LOG4J.IS_ASYNC=false +XAAUDIT.LOG4J.ASYNC.MAX.QUEUE.SIZE=10240 +XAAUDIT.LOG4J.ASYNC.MAX.FLUSH.INTERVAL.MS=30000 +XAAUDIT.LOG4J.DESTINATION.LOG4J=true +XAAUDIT.LOG4J.DESTINATION.LOG4J.LOGGER=xaaudit diff --git a/roles/knox/common/templates/install.properties.j2 b/roles/knox/common/templates/install.properties.j2 index 47509f7f..178100ff 100755 --- a/roles/knox/common/templates/install.properties.j2 +++ b/roles/knox/common/templates/install.properties.j2 @@ -155,3 +155,25 @@ CUSTOM_USER=knox # CUSTOM_COMPONENT_GROUP= # keep blank if component group is default CUSTOM_GROUP=hadoop + +XAAUDIT.ELASTICSEARCH.ENABLE=false +XAAUDIT.ELASTICSEARCH.URL=NONE +XAAUDIT.ELASTICSEARCH.USER=NONE +XAAUDIT.ELASTICSEARCH.PASSWORD=NONE +XAAUDIT.ELASTICSEARCH.INDEX=NONE +XAAUDIT.ELASTICSEARCH.PORT=NONE +XAAUDIT.ELASTICSEARCH.PROTOCOL=NONE + +XAAUDIT.AMAZON_CLOUDWATCH.ENABLE=false +XAAUDIT.AMAZON_CLOUDWATCH.LOG_GROUP=NONE +XAAUDIT.AMAZON_CLOUDWATCH.LOG_STREAM_PREFIX=NONE +XAAUDIT.AMAZON_CLOUDWATCH.FILE_SPOOL_DIR=NONE +XAAUDIT.AMAZON_CLOUDWATCH.REGION=NONE + +#Log4j Audit Provider +XAAUDIT.LOG4J.ENABLE=true +XAAUDIT.LOG4J.IS_ASYNC=false +XAAUDIT.LOG4J.ASYNC.MAX.QUEUE.SIZE=10240 +XAAUDIT.LOG4J.ASYNC.MAX.FLUSH.INTERVAL.MS=30000 +XAAUDIT.LOG4J.DESTINATION.LOG4J=true +XAAUDIT.LOG4J.DESTINATION.LOG4J.LOGGER=xaaudit diff --git a/roles/ranger/common/templates/install.properties.j2 b/roles/ranger/common/templates/install.properties.j2 index 0b7f38e2..1329c6a6 100644 --- a/roles/ranger/common/templates/install.properties.j2 +++ b/roles/ranger/common/templates/install.properties.j2 @@ -19,9 +19,9 @@ #------------------------- DB CONFIG - BEGIN ---------------------------------- # Uncomment the below if the DBA steps need to be run separately -setup_mode=SeparateDBA +setup_mode={{ install_properties.setup_mode }} -PYTHON_COMMAND_INVOKER=python2 +PYTHON_COMMAND_INVOKER=python3 #DB_FLAVOR=MYSQL|ORACLE|POSTGRES|MSSQL|SQLA DB_FLAVOR={{ install_properties.DB_FLAVOR }} @@ -62,6 +62,12 @@ javax_net_ssl_keyStore= javax_net_ssl_keyStorePassword= javax_net_ssl_trustStore= javax_net_ssl_trustStorePassword= +javax_net_ssl_trustStore_type=jks +javax_net_ssl_keyStore_type=jks + +# For postgresql db +# db_ssl_certificate_file= + # # DB UserId used for the Ranger schema # @@ -69,6 +75,11 @@ db_name={{ install_properties.db_name }} db_user={{ install_properties.db_user }} db_password={{ install_properties.db_password }} +#For over-riding the jdbc url. +# is_override_db_connection_string=false +# db_override_connection_string= + + # change password. Password for below mentioned users can be changed only once using this property. #PLEASE NOTE :: Password should be minimum 8 characters with min one alphabet and one numeric. rangerAdmin_password={{ ranger_admin_password }} @@ -77,10 +88,20 @@ rangerUsersync_password={{ ranger_usersync_password }} keyadmin_password={{ ranger_keyadmin_password }} -#Source for Audit Store. Currently only solr is supported. +#Source for Audit Store. Currently solr, elasticsearch and cloudwatch logs are supported. # * audit_store is solr audit_store={{ install_properties.audit_store }} +# * audit_solr_url Elasticsearch Host(s). E.g. 127.0.0.1 +audit_elasticsearch_urls= +audit_elasticsearch_port= +audit_elasticsearch_protocol= +audit_elasticsearch_user= +audit_elasticsearch_password= +audit_elasticsearch_index= +audit_elasticsearch_bootstrap_enabled=true + + # * audit_solr_url URL to Solr. E.g. http://:6083/solr/ranger_audits audit_solr_urls={{ install_properties.audit_solr_urls }} audit_solr_user= @@ -90,11 +111,17 @@ audit_solr_zookeepers= audit_solr_collection_name=ranger_audits #solr Properties for cloud mode audit_solr_config_name=ranger_audits +audit_solr_configset_location= audit_solr_no_shards=1 audit_solr_no_replica=1 audit_solr_max_shards_per_node=1 audit_solr_acl_user_list_sasl=solr,infra-solr +audit_solr_bootstrap_enabled=true +# * audit to amazon cloudwatch properties +audit_cloudwatch_region= +audit_cloudwatch_log_group= +audit_cloudwatch_log_stream_prefix= #------------------------- DB CONFIG - END ---------------------------------- @@ -216,9 +243,10 @@ sso_publickey= # Custom log directory path RANGER_ADMIN_LOG_DIR={{ ranger_log_dir }} +RANGER_ADMIN_LOGBACK_CONF_FILE= # PID file path -RANGER_PID_DIR_PATH=/var/run/ranger +RANGER_PID_DIR_PATH={{ ranger_pid_dir }} # ################# DO NOT MODIFY ANY VARIABLES BELOW ######################### # diff --git a/roles/yarn/common/templates/install_yarn.properties.j2 b/roles/yarn/common/templates/install_yarn.properties.j2 index df7aed31..af6e523b 100644 --- a/roles/yarn/common/templates/install_yarn.properties.j2 +++ b/roles/yarn/common/templates/install_yarn.properties.j2 @@ -146,3 +146,25 @@ CUSTOM_USER=yarn # CUSTOM_COMPONENT_GROUP= # keep blank if component group is default CUSTOM_GROUP=hadoop + +XAAUDIT.ELASTICSEARCH.ENABLE=false +XAAUDIT.ELASTICSEARCH.URL=NONE +XAAUDIT.ELASTICSEARCH.USER=NONE +XAAUDIT.ELASTICSEARCH.PASSWORD=NONE +XAAUDIT.ELASTICSEARCH.INDEX=NONE +XAAUDIT.ELASTICSEARCH.PORT=NONE +XAAUDIT.ELASTICSEARCH.PROTOCOL=NONE + +XAAUDIT.AMAZON_CLOUDWATCH.ENABLE=false +XAAUDIT.AMAZON_CLOUDWATCH.LOG_GROUP=NONE +XAAUDIT.AMAZON_CLOUDWATCH.LOG_STREAM_PREFIX=NONE +XAAUDIT.AMAZON_CLOUDWATCH.FILE_SPOOL_DIR=NONE +XAAUDIT.AMAZON_CLOUDWATCH.REGION=NONE + +#Log4j Audit Provider +XAAUDIT.LOG4J.ENABLE=true +XAAUDIT.LOG4J.IS_ASYNC=false +XAAUDIT.LOG4J.ASYNC.MAX.QUEUE.SIZE=10240 +XAAUDIT.LOG4J.ASYNC.MAX.FLUSH.INTERVAL.MS=30000 +XAAUDIT.LOG4J.DESTINATION.LOG4J=true +XAAUDIT.LOG4J.DESTINATION.LOG4J.LOGGER=xaaudit \ No newline at end of file