Running Ranger
The following file and directories are relevant to running Ranger using Helm.
# resources for executing Helm
└── kubernetes
└── helm
└── ranger
└── values.yaml
# resources for running Ranger
└── kubernetes
├── ranger-conf
└── ranger-key
└── install.properties
The file kubernetes/helm/ranger/values.yaml
defines the default values for the Helm chart.
Typically the user creates another file (e.g., values-ranger.yaml
)
in order to override some of these default values.
The user can update configuration files in the directory kubernetes/ranger-conf
and kubernetes/ranger-key/install.properties
to control the behavior of Ranger.
The user should copy keytab files to the directory kubernetes/ranger-key
.
Assuming that
a new YAML file values-ranger.yaml
overrides the default values in kubernetes/helm/ranger/values.yaml
,
the user can run Ranger with namespace hivemr3
as follows:
$ ln -s $(pwd)/kubernetes/ranger-conf/ kubernetes/helm/ranger/conf
$ ln -s $(pwd)/kubernetes/ranger-key/ kubernetes/helm/ranger/key
$ helm install --namespace hivemr3 kubernetes/helm/ranger -f values-ranger.yaml
Here the first two commands create symbolic links so that Helm can access
the directories kubernetes/ranger-conf
and kubernetes/ranger-key
directly.
Enabling SSL
In order to enable SSL, the user should have a TrustStore file. Follow the instruction in Enabling SSL to perform the following:
- Create a self-signed certificate for SSL by executing the script
kubernetes/generate-hivemr3-ssl.sh
, and set the environment variableMR3_SSL_KEYSTORE_PASSWORD
inkubernetes/config-run.sh
. - Configure Ranger to use SSL.
Then execute the script kubernetes/run-ranger.sh
with an argument --generate-truststore
(which is mandatory) in order to create a KeyStore file kubernetes/ranger-key/hivemr3-ssl-certificate.jks
.
$ pwd
/home/gla/mr3-run/kubernetes
$ ./run-ranger.sh --generate-truststore
Updating kubernetes/helm/ranger/values.yaml
After updating the YAML file values-ranger.yaml
and the configuration files,
the user can use Helm in the same way to run Ranger.
Below we describe each part of kubernetes/helm/ranger/values.yaml
.
name
This part specifies the names of various Kubernetes objects. It is unnecessary to override the default values.
name:
ranger:
configMap: hivemr3-ranger-configmap
secret: hivemr3-ranger-secret
persistentVolume: workdir-ranger-pv
persistentVolumeClaim: workdir-ranger-pvc
docker
for the Docker image
docker:
image: 10.1.91.17:5000/ranger:latest
user: ranger
imagePullPolicy: Always
imagePullSecrets:
docker/image
specifies the full name of the Docker image including a tag.docker/user
should match the user specified inkubernetes/ranger/Dockerfile
when creating the Docker image.docker/imagePullPolicy
specifies the pull policy for the Docker image.docker/imagePullSecrets
specifies the pull secret for the Docker image. It is set to empty if no pull secret is necessary.
ranger
for Ranger
ranger:
httpPort: 6080
httpsPort: 6182
solrPort: 6083
externalIp: 10.1.91.41
createSecret: true
rangerResources:
requests:
cpu: 1
memory: 4Gi
limits:
cpu: 1
memory: 4Gi
solrResources:
requests:
cpu: 1
memory: 4Gi
limits:
cpu: 1
memory: 4Gi
ranger/httpPort
,ranger/httpsPort
, andranger/solrPort
specify the port numbers for exposing Ranger to the outside of the Kubernetes cluster.ranger/externalIp
specifies the host for the Service for exposing Ranger to the outside of the Kubernetes cluster.
ranger/createSecret
specifies whether or not to crate a Secret from those files in the directorykubernetes/ranger-key
.
ranger/rangerResources
specifies the resources to be allocated to the Ranger container inside the Ranger Pod.ranger/solrResources
specifies the resources to be allocated to the Solr container inside the Ranger Pod.
workDir
for PersistentVolume
workDir:
isNfs: true
nfs:
server: "10.1.91.17"
path: "/work/nfs/mr3-run-work-dir"
volumeSize: 10Gi
volumeClaimSize: 10Gi
storageClassName: ""
volumeStr:
workDir/isNfs
specifies whether the PersistentVolume uses NFS or not.workDir/nfs/server
andworkDir/nfs/path
specify the address of the NFS server and the path exported by the NFS server (whenworkDir/isNfs
is set to true).workDir/volumeSize
andworkDir/volumeClaimSize
specify the size of the PersistentVolume and the PersistentVolumeClaim.workDir/storageClassName
specifies the StorageClass of the PersistentVolume.workDir/volumeStr
specifies the PersistentVolume to use whenworkDir/isNfs
is set to false. For example,volumeStr: "hostPath:\n path: /work/nfs/mr3-run-work-dir"
creates a hostPath PersistentVolume.
logLevel
and hostAliases
logLevel: INFO
hostAliases:
- ip: "10.1.91.4"
hostnames:
- "red0"
- ip: "10.1.91.17"
hostnames:
- "indigo0"
- ip: "10.1.91.41"
hostnames:
- "indigo20"
logLevel
specifies the logging level.hostAliases
lists host aliases.