Ranger 2.3.0.100 - 2301 (EEP 9.1.0) Release Notes

Apache Ranger is a tool to help you monitor and manage security for the Hadoop components that are included in the HPE Ezmeral Ecosystem Pack. For more information about the Data Fabric implementation of Ranger, see Ranger.

The notes below relate specifically to the HPE Ezmeral Data Fabric distribution of Apache Ranger. You may also be interested in the Apache Ranger home page and the Apache Ranger changelog.

These release notes contain only HPE-specific information and are not necessarily cumulative in nature. For information about how to use the release notes, see Ecosystem Component Release Notes.

Version	2.3.0.100
Release Date	January 2023
HPE Version Interoperability	See EEP 9.1.0 Components and OS Support
Source on GitHub	https://github.com/mapr/ranger
GitHub Release Tag	2.3.0.100-eep-910
Maven Artifacts	https://repository.mapr.com/maven/
Package Names	Navigate to http://package.ezmeral.hpe.com/releases/MEP/, and select your EEP (MEP) and OS to view the list of package names.

New in this Release

This release of Ranger includes:

PrestoDB plugin for Kubernetes
New configuration properties:
- RAN-223: ranger.security.type (security_type)
- RAN-216: ranger.usersync.service.retryinmillis (RETRY_INTERVAL)
RAN-192: New package mapr-ranger-usersync to decouple services
CVE fixes
Bug fixes
Added a new property ranger.usersync.service.retryinmillis.
When UserSync fails to communicate with Admin, UserGroup initialization fails. Starting from EEP 9.1.0, you can use the ranger.usersync.service.retryinmillis property to specify the retry interval for the service start process upon failure. The default value is 15000 milliseconds and the minimum value is 10000 milliseconds.

Installation

You can install Ranger by using manual steps or by using the Installer. See these topics:

Installing Ranger (manual steps)
Installing Ranger Using the Installer

Fixes

This HPE release includes the following fixes on the base apache release. For details, refer to the commit long for this project in GitHub:

GitHub Commit Number	Date (YYYY-MM-DD)	HPE Fix Number and Description
500752ad	2023-01-05	EEP-RAN-257: Error appears during configure.sh run if user-sync is installed on a separate node
59d3bbfa6	2022-12-29	EEP-RAN-256: Remove yarn service from Ranger Admin UI home screen
3d0abff6d	2022-12-23	EEP-RAN-254: [PrestoDB] Adding row level filtering support with test cases
3621ab7b5	2022-12-23	EEP-RAN-254: [PrestoDB] Adding hadoop-shaded-guava into runtime library
2fb70b4c0	2022-12-23	EEP-RAN-254: [PrestoDB] Using HPE specific presto-*.jar
d29289998	2022-12-21	EEP-RAN-255: netty-codec-haproxy vulnerabilities
70527c5a7	2022-12-21	EEP-RAN-253: kafka-clients vulnerabilities
3d213c4dc	2022-12-21	EEP-RAN-251: commons-text vulnerabilities
e3256ea64	2022-12-21	RANGER-3960: Upgrade spring-security version to 5.7.5
659bed2db	2022-12-21	EEP-RAN-248: snakeyaml vulnerabilities
ca033e018	2022-12-21	EEP-RAN-246: woodstox-core vulnerabilities
1a53270a3	2022-12-21	EEP-RAN-245: jettison vulnerabilities
ef8e3d30a	2022-12-21	EEP-RAN-244: ivy vulnerabilities
30c9ba307	2022-12-21	EEP-RAN-243: calcite-core vulnerabilities
8b891daf1	2022-12-21	EEP-RAN-242: jackson-databind vulnerabilities
75f8dcb58	2022-12-16	RAN-239 local variable javax_net_ssl_keyStore_type referenced before assignment
f84d4a9ff	2022-12-15	EEP-RAN-238: Ranger Hive plugin fails when trying to enable it on Java 17 env
ca824cfc0	2022-12-12	EEP-RAN-237: RangerUserync's setup.py changes file permission as 750 for install.properties
098a7c79b	2022-12-02	EEP-RAN-231: Apply changes in CORE-830 to RangerClientSecurity.java
bd85740cf	2022-12-02	RAN-230 [Ranger] Update protobuf-java version to 3.21.9
223e87710	2022-12-01	EEP-RAN-229: Unable to complete Ranger configuration on env with Java 17 because of setup.sh failure
d3b6cd3ca	2022-11-23	RAN-228 Parse mapr-clusters.conf file instead of using Mapr JNI in MaprSecurity
ce87445fe	2022-11-21	EEP-RAN-141: HS2 log contains errors related to Ranger with 'couldn't find resource file location' text
bd0103100	2022-11-18	RAN-226 MapR-SASL must be configurable option (plugin side)
7bccd9bb6	2022-11-18	RAN-223 MapR-SASL must be configurable option (admin side)
6a69f00fd	2022-11-16	EZAF-238: Prepare updated Ranger plugin for Presto DB
ba96b1d50	2022-11-14	EZAF-184: Presto plugin for Ranger v2.3
2e413a357	2022-11-11	EEP-RAN-225: Optimize symlink usage for Ranger-Admin in both K8S and EEP envs
1fdcba443	2022-10-27	EEP-RAN-218: Modify HDFS plugin's install.properties
e19f5fbb3	2022-10-25	EEP-RAN-216: When failed to initialize UserGroup source/sink, it waits too long to retry
d2b621979	2022-10-24	EEP-RAN-215: Modify configuration for separated Ranger services' packages
269c6e888	2022-10-20	EEP-RAN-213: Decouple admin and usersync internal libraries
dccdbc983	2022-10-19	EEP-RAN-208: YARN plugin's connection test fails as 'Unable to retrieve any Yarn Queues using given parameters.'
7b1f5fa6a	2022-10-18	EEP-RAN-207: [Ranger-2.3] YARN plugin installation throws CNF exceptions Part-2
af706e4ac	2022-10-17	EEP-RAN-207: [Ranger-2.3] YARN plugin installation throws CNF exceptions
9f31ccd71	2022-10-14	EEP-RAN-206: YARN Client requires MapR security integration
340a31359	2022-10-13	Adding deployment phase to Jenkins file
0b4fc4ca8	2022-10-12	EEP-RAN-205: Sync Protobuf version with Core-7.1 and use it from cluster
d537241f0	2022-10-11	RAN-170 Unable to decrypt password due to error (2)
ec4435f19	2022-10-11	RAN-203 authorizer.RangerHiveAuthorizer: failed to get database object from Hive metastore
eaed5948c	2022-10-11	RAN-201 Add properties to ranger-ugsync-site.xml to be able to enable deletion of synced unix users/groups which were removed
4f6f3db8b	2022-10-11	RAN-200 DF cluster admin should be Ranger admin as well
959781089	2022-09-28	RAN-202 Could not initiate at timedTask

Known Issues and Limitations

Ranger and Mixed FIPS Configurations: The Ranger component in EEP 9.1.0 cannot be used in a mixed FIPS configuration (a cluster consisting of FIPS and non-FIPS nodes).

RAN-260

Because of conflicts between the Ranger debian packages in EEP 9.1.0, installing or upgrading multiple Ranger packages to EEP 9.1.0 on the same node causes the following installation error:

trying to overwrite '/opt/mapr/ranger/rangerversion', which is also in package <package_name>

Workaround: To avoid this issue, pass the --force-overwrite option to dpkg when installing the packages. You can accomplish this through apt by using the

-o
              DPkg::options::="--force-overwrite"

option.

For example, the following command installs the mapr-ranger and mapr-ranger-userysnc packages by passing the --force-overwrite option to dpkg through apt:

sudo apt install mapr-ranger mapr-ranger-usersync -o DPkg::options::="--force-overwrite"

Resolved Issues

HMS-related known issues are removed from the Known Issues section.

HPE Ezmeral Data Fabric – Customer-Managed 7.9.0 Documentation
Abstract	This site contains documentation for the customer-managed platform of the HPE Ezmeral Data Fabric version 7.9.0 including installation, configuration, administration, and reference content, as well as content for the associated bundled ecosystem components and drivers.
Published	November 2024
Edition	7.9.0