Managing Auditing
Also available as:
PDF

Configure Externally-Managed SolrCloud

How to configure externally-managed SolrCloud when using Apache Solr for Ranger audits.

  1. Open the install.properties file in the vi text editor. vi install.properties.
  2. Set the following property values, then save the changes to the install.properties file.
    Table 1. Solr install.properties Values
    Property Name Value Description
    JAVA_HOME <path_to_jdk>, for example: /usr/jdk64/jdk1.8.0_40 Provide the path to the JDK install folder. For Hadoop, you can check/etc/hadoop/conf/hadoop-env.sh for the value of JAVA_HOME. As noted previously, Solr only supports JDK 1.7 and higher.
    SOLR_USER solr The Linux user used to run Solr.
    SOLR_INSTALL_FOLDER /opt/lucidworks-hdpsearch/solr The Solr installation directory.
    SOLR_RANGER_HOME /opt/solr/ranger_audit_server The location where the Ranger-related configuration and schema files will be copied.
    SOLR_RANGER_PORT

    For HDP Search's Solr Instance: 8983

    For Ambari Infra's Solr Instance: 8886

    The Solr port for Ranger.
    SOLR_DEPLOYMENT solrcloud The deployment type.
    SOLR_ZK <ZooKeeper_host>:2181/ranger_audits The Solr ZooKeeper host and port. It is recommended to provide a sub-folder to create the Ranger Audit related configurations so you can also use ZooKeeper for other Solr instances. Due to a Solr bug, if you are using a path (sub-folder), you can only specify one ZooKeeper host.
    SOLR_SHARDS 1 If you want to distribute your audit logs, you can use multiple shards. Make sure the number of shards is equal or less than the number of Solr nodes you will be running.
    SOLR_REPLICATION 1 It is highly recommend that you set up at least two nodes and replicate the indexes. This gives redundancy to index data, and also provides load balancing of Solr queries.
    SOLR_LOG_FOLDER /var/log/solr/ranger_audits The folder for the Solr log files.
    SOLR_MAX_MEM 2g The memory allocation for Solr.
  3. Run the set up script: ./setup.sh.
  4. Run the following command only once from any node. This command adds the Ranger Audit configuration (including schema.xml) to ZooKeeper: /opt/solr/ranger_audit_server/scripts/add_ranger_audits_conf_to_zk.sh.
  5. Log in as the solr or root user and run the following command to start Solr on each node: /opt/solr/ranger_audit_server/scripts/start_solr.sh.
    When Solr starts, a confirmation message appears. Started Solr server on port 8983/8886 (pid=). Happy searching!
  6. Run the following command only once from any node. This command creates the Ranger Audit collection. /opt/solr/ranger_audit_server/scripts/create_ranger_audits_collection.sh.
  7. You can use a web browser to open the Solr Admin Console at the following address:
    1. For HDP Search's Solr Instance: http:<solr_host>:8983/solr.
    2. For Ambari Infra's Solr Instance:http:<solr_host>:8886/solr.
      Note
      Note

      You can use the following command to stop Solr:

      /opt/solr/ranger_audit_server/scripts/stop_solr.sh
  8. On the Ambari dashboard, select Ranger > Configs > Ranger Audit, then enable SolrCloud and External SolrCloud by clicking the OFF buttons. The button labels change to ON when SolrCloud and External SolrCloud are enabled.
    Under Ambari > Ranger > Configs > Ranger Audit, SolrCloud and External SolrCloud options are highlighted as toggled ON.
  9. Set the value of the ranger.audit.solr.zookeepers property to <host_name>:2181/ranger_audits.
  10. Select Ranger > Configs > Advanced, then select Advanced ranger-env and set the following properties:
    1. ranger_solr_replication_factor – set this to the same value used in the install.properties file.
    2. ranger_solr_shards – set this to the same value used in the install.properties file.
  11. Click Save, then restart Ranger and all required services.