Integrating HiveServer2 with Ranger

Describes how to integrate HiveServer2 with Ranger.

Use these steps:
  1. Ensure that the mapr-ranger-hive-plugin is installed, as described in Installing Ranger. If HiveServer2 is installed in HA mode, you must ensure that the mapr-ranger-hive-plugin is installed on both nodes for which HA is enabled.
  2. Open the Ranger Admin UI using the secure address:
    • Secure address: https://<FQDN>:6182
  3. In the Service Manager screen, create a Hive (Hadoop SQL) service by providing the following properties:
    Properties Type Property Specify . . .
    Main Properties Service Name Any name for the service
    Username <cluster-admin>
    Password <cluster-admin-password>
    Jdbc.driverClassName org.apache.hive.jdbc.HiveDriver
    Jdbc.url jdbc:hive2://FQDN:10000/;ssl=true Cluster admin or component's main user
  4. Test the connection between Ranger and Hive:

  5. Modify the following properties in the in the Ranger Hive plug-in home directory (/opt/mapr/ranger/ranger-<version>/ranger-hive-plugin/
    IMPORTANT The REPOSITORY_NAME must be the same as the Service Name you specified in step 3, or the plug-in will not work.
  6. Enable the plug-in:
    sudo /opt/mapr/ranger/ranger-<version>/ranger-hive-plugin/
  7. Restart Hive services:
    maprcli node services -name hs2 -action restart -nodes `hostname` 
    maprcli node services -name hivemeta -action restart -nodes `hostname` 
    maprcli node services -name hcat -action restart -nodes `hostname`
  8. To verify that the plug-in is active, navigate to Audit > Plugin Status: