From debfb6dc9ffef8f2f0a9c001ced54110d704cd5a Mon Sep 17 00:00:00 2001 From: Abhishek Kumar Date: Fri, 23 Jan 2026 13:31:03 -0800 Subject: [PATCH] RANGER-5401: Use Volume Mounts for ranger-plugin configs (#733) (cherry picked from commit 692fbf9ca0d133393d9fd65df0973b1beb8bd382) --- dev-support/ranger-docker/.env | 4 +-- dev-support/ranger-docker/Dockerfile.ranger | 5 +-- .../ranger-docker/Dockerfile.ranger-hadoop | 22 ++----------- .../ranger-docker/Dockerfile.ranger-hbase | 17 ++-------- .../ranger-docker/Dockerfile.ranger-hive | 16 ++-------- .../ranger-docker/Dockerfile.ranger-kafka | 17 ++-------- .../ranger-docker/Dockerfile.ranger-kms | 4 --- .../ranger-docker/Dockerfile.ranger-knox | 17 ++-------- .../ranger-docker/Dockerfile.ranger-solr | 31 ++++++------------- .../ranger-docker/Dockerfile.ranger-tagsync | 4 --- .../ranger-docker/Dockerfile.ranger-usersync | 4 --- .../ranger-docker/Dockerfile.ranger-zk | 6 +++- .../docker-compose.ranger-hadoop.yml | 7 +++++ .../docker-compose.ranger-hbase.yml | 5 +++ .../docker-compose.ranger-hive.yml | 7 +++++ .../docker-compose.ranger-kafka.yml | 5 +++ .../docker-compose.ranger-knox.yml | 4 +++ .../ranger-docker/docker-compose.ranger.yml | 12 ++++++- .../ranger-docker/scripts/solr/ranger-solr.sh | 2 -- .../scripts/wait_for_testusers_keytab.sh | 2 +- 20 files changed, 70 insertions(+), 121 deletions(-) mode change 100644 => 100755 dev-support/ranger-docker/scripts/wait_for_testusers_keytab.sh diff --git a/dev-support/ranger-docker/.env b/dev-support/ranger-docker/.env index 2bdab3d9a5..a14c9f2923 100644 --- a/dev-support/ranger-docker/.env +++ b/dev-support/ranger-docker/.env @@ -8,9 +8,9 @@ BUILD_OPTS= # DockerHub Ranger Base Image RANGER_BASE_IMAGE=apache/ranger-base # Java version used to run Ranger and dependent services is present as suffix: -8, valid values for suffix: -8, -11, -17 -RANGER_BASE_VERSION=20251023-1-8 +RANGER_BASE_VERSION=20260123-2-8 # Java version used to build Apache Ranger is present as suffix: -8, valid values for suffix: -8, -11, -17 -RANGER_BASE_BUILD_VERSION=20251023-1-8 +RANGER_BASE_BUILD_VERSION=20260123-2-8 # third party image versions MARIADB_VERSION=10.7.3 diff --git a/dev-support/ranger-docker/Dockerfile.ranger b/dev-support/ranger-docker/Dockerfile.ranger index e9779adced..422b3e79be 100644 --- a/dev-support/ranger-docker/Dockerfile.ranger +++ b/dev-support/ranger-docker/Dockerfile.ranger @@ -26,8 +26,6 @@ ARG TARGETARCH COPY ./dist/ranger-${RANGER_VERSION}-admin.tar.gz /home/ranger/dist/ COPY ./scripts/admin/ranger.sh ${RANGER_SCRIPTS}/ COPY ./scripts/admin/create-ranger-services.py ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_testusers_keytab.sh ${RANGER_SCRIPTS}/ RUN tar xvfz /home/ranger/dist/ranger-${RANGER_VERSION}-admin.tar.gz --directory=${RANGER_HOME} \ && ln -s ${RANGER_HOME}/ranger-${RANGER_VERSION}-admin ${RANGER_HOME}/admin \ @@ -35,8 +33,7 @@ RUN tar xvfz /home/ranger/dist/ranger-${RANGER_VERSION}-admin.tar.gz --direct && rm -f /opt/ranger/admin/install.properties \ && mkdir -p /var/run/ranger /var/log/ranger /usr/share/java/ \ && chown -R ranger:ranger ${RANGER_HOME}/admin/ ${RANGER_SCRIPTS}/ /var/run/ranger/ /var/log/ranger/ \ - && chmod 755 ${RANGER_SCRIPTS}/ranger.sh ${RANGER_SCRIPTS}/wait_for_keytab.sh \ - && chmod 755 ${RANGER_SCRIPTS}/wait_for_testusers_keytab.sh + && chmod 755 ${RANGER_SCRIPTS}/ranger.sh FROM ranger AS ranger_postgres COPY ./downloads/postgresql-42.2.16.jre7.jar /home/ranger/dist/ diff --git a/dev-support/ranger-docker/Dockerfile.ranger-hadoop b/dev-support/ranger-docker/Dockerfile.ranger-hadoop index f6ae5cd601..17ff16f72a 100644 --- a/dev-support/ranger-docker/Dockerfile.ranger-hadoop +++ b/dev-support/ranger-docker/Dockerfile.ranger-hadoop @@ -22,25 +22,11 @@ ARG HADOOP_VERSION ARG HDFS_PLUGIN_VERSION ARG YARN_PLUGIN_VERSION -VOLUME /etc/keytabs - -COPY ./dist/version /home/ranger/dist/ COPY ./dist/ranger-${HDFS_PLUGIN_VERSION}-hdfs-plugin.tar.gz /home/ranger/dist/ COPY ./dist/ranger-${YARN_PLUGIN_VERSION}-yarn-plugin.tar.gz /home/ranger/dist/ COPY ./downloads/hadoop-${HADOOP_VERSION}.tar.gz /home/ranger/dist/ -COPY ./scripts/hadoop/ranger-hadoop-setup.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/hadoop/ranger-hadoop.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/hadoop/ranger-hadoop-mkdir.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/hadoop/ranger-hadoop-healthcheck.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/hadoop/ranger-hdfs-plugin-install.properties ${RANGER_SCRIPTS}/ -COPY ./scripts/hadoop/ranger-yarn-plugin-install.properties ${RANGER_SCRIPTS}/ -COPY ./scripts/hadoop/core-site.xml ${RANGER_SCRIPTS}/ -COPY ./scripts/hadoop/hdfs-site.xml ${RANGER_SCRIPTS}/ -COPY ./scripts/hadoop/yarn-site.xml ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_testusers_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/kdc/krb5.conf /etc/krb5.conf +COPY ./scripts/hadoop/*.sh ${RANGER_SCRIPTS}/ RUN tar xvfz /home/ranger/dist/hadoop-${HADOOP_VERSION}.tar.gz --directory=/opt/ && \ ln -s /opt/hadoop-${HADOOP_VERSION} /opt/hadoop && \ @@ -48,16 +34,14 @@ RUN tar xvfz /home/ranger/dist/hadoop-${HADOOP_VERSION}.tar.gz --directory=/opt/ tar xvfz /home/ranger/dist/ranger-${HDFS_PLUGIN_VERSION}-hdfs-plugin.tar.gz --directory=/opt/ranger && \ ln -s /opt/ranger/ranger-${HDFS_PLUGIN_VERSION}-hdfs-plugin /opt/ranger/ranger-hdfs-plugin && \ rm -f /home/ranger/dist/ranger-${HDFS_PLUGIN_VERSION}-hdfs-plugin.tar.gz && \ - cp -f ${RANGER_SCRIPTS}/ranger-hdfs-plugin-install.properties /opt/ranger/ranger-hdfs-plugin/install.properties && \ + rm -f /opt/ranger/ranger-hdfs-plugin/install.properties && \ tar xvfz /home/ranger/dist/ranger-${YARN_PLUGIN_VERSION}-yarn-plugin.tar.gz --directory=/opt/ranger && \ ln -s /opt/ranger/ranger-${YARN_PLUGIN_VERSION}-yarn-plugin /opt/ranger/ranger-yarn-plugin && \ rm -f /home/ranger/dist/ranger-${YARN_PLUGIN_VERSION}-yarn-plugin.tar.gz && \ - cp -f ${RANGER_SCRIPTS}/ranger-yarn-plugin-install.properties /opt/ranger/ranger-yarn-plugin/install.properties && \ + rm -f /opt/ranger/ranger-yarn-plugin/install.properties && \ chmod 744 ${RANGER_SCRIPTS}/ranger-hadoop-setup.sh ${RANGER_SCRIPTS}/ranger-hadoop.sh ${RANGER_SCRIPTS}/ranger-hadoop-mkdir.sh && \ useradd -g hadoop -ms /bin/bash healthcheck && \ chmod 744 ${RANGER_SCRIPTS}/ranger-hadoop-healthcheck.sh && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_keytab.sh && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_testusers_keytab.sh && \ chown healthcheck:hadoop ${RANGER_SCRIPTS}/ranger-hadoop-healthcheck.sh && \ chown hdfs:hadoop ${RANGER_SCRIPTS}/ranger-hadoop-mkdir.sh diff --git a/dev-support/ranger-docker/Dockerfile.ranger-hbase b/dev-support/ranger-docker/Dockerfile.ranger-hbase index 710df418e0..0e74253d17 100644 --- a/dev-support/ranger-docker/Dockerfile.ranger-hbase +++ b/dev-support/ranger-docker/Dockerfile.ranger-hbase @@ -21,20 +21,9 @@ FROM ${RANGER_BASE_IMAGE}:${RANGER_BASE_VERSION} ARG HBASE_VERSION ARG HBASE_PLUGIN_VERSION -VOLUME /etc/keytabs - -COPY ./dist/version /home/ranger/dist/ COPY ./dist/ranger-${HBASE_PLUGIN_VERSION}-hbase-plugin.tar.gz /home/ranger/dist/ COPY ./downloads/hbase-${HBASE_VERSION}-bin.tar.gz /home/ranger/dist/ - -COPY ./scripts/hbase/ranger-hbase-setup.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/hbase/ranger-hbase.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/hbase/ranger-hbase-plugin-install.properties ${RANGER_SCRIPTS}/ -COPY ./scripts/hbase/hbase-site.xml ${RANGER_SCRIPTS}/ -COPY ./scripts/hadoop/core-site.xml ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_testusers_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/kdc/krb5.conf /etc/krb5.conf +COPY ./scripts/hbase/*.sh ${RANGER_SCRIPTS}/ RUN tar xvfz /home/ranger/dist/hbase-${HBASE_VERSION}-bin.tar.gz --directory=/opt/ && \ ln -s /opt/hbase-${HBASE_VERSION} /opt/hbase && \ @@ -42,9 +31,7 @@ RUN tar xvfz /home/ranger/dist/hbase-${HBASE_VERSION}-bin.tar.gz --directory=/op tar xvfz /home/ranger/dist/ranger-${HBASE_PLUGIN_VERSION}-hbase-plugin.tar.gz --directory=/opt/ranger && \ ln -s /opt/ranger/ranger-${HBASE_PLUGIN_VERSION}-hbase-plugin /opt/ranger/ranger-hbase-plugin && \ rm -f /home/ranger/dist/ranger-${HBASE_PLUGIN_VERSION}-hbase-plugin.tar.gz && \ - cp -f ${RANGER_SCRIPTS}/ranger-hbase-plugin-install.properties /opt/ranger/ranger-hbase-plugin/install.properties && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_keytab.sh && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_testusers_keytab.sh && \ + rm -f /opt/ranger/ranger-hbase-plugin/install.properties && \ chmod 744 ${RANGER_SCRIPTS}/ranger-hbase-setup.sh ${RANGER_SCRIPTS}/ranger-hbase.sh RUN apt-get update && \ diff --git a/dev-support/ranger-docker/Dockerfile.ranger-hive b/dev-support/ranger-docker/Dockerfile.ranger-hive index a188d45f3c..045bae1dd8 100644 --- a/dev-support/ranger-docker/Dockerfile.ranger-hive +++ b/dev-support/ranger-docker/Dockerfile.ranger-hive @@ -24,23 +24,13 @@ ARG HIVE_HADOOP_VERSION ARG HIVE_PLUGIN_VERSION ARG RANGER_DB_TYPE -VOLUME /etc/keytabs - -COPY ./dist/version /home/ranger/dist/ COPY ./dist/ranger-${HIVE_PLUGIN_VERSION}-hive-plugin.tar.gz /home/ranger/dist/ COPY ./downloads/apache-hive-${HIVE_VERSION}-bin.tar.gz /home/ranger/dist/ COPY ./downloads/hadoop-${HIVE_HADOOP_VERSION}.tar.gz /home/ranger/dist/ COPY ./downloads/mysql-connector-java-8.0.28.jar /home/ranger/dist/ COPY ./downloads/ojdbc8.jar /home/ranger/dist/ -COPY ./scripts/hive/ranger-hive-setup.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/hive/ranger-hive.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/hive/ranger-hive-plugin-install.properties ${RANGER_SCRIPTS}/ -COPY ./scripts/hive/hive-site-${RANGER_DB_TYPE}.xml ${RANGER_SCRIPTS}/hive-site.xml -COPY ./scripts/hadoop/core-site.xml ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_testusers_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/kdc/krb5.conf /etc/krb5.conf +COPY ./scripts/hive/*.sh ${RANGER_SCRIPTS}/ RUN tar xvfz /home/ranger/dist/apache-hive-${HIVE_VERSION}-bin.tar.gz --directory=/opt/ && \ ln -s /opt/apache-hive-${HIVE_VERSION}-bin /opt/hive && \ @@ -53,9 +43,7 @@ RUN tar xvfz /home/ranger/dist/apache-hive-${HIVE_VERSION}-bin.tar.gz --director tar xvfz /home/ranger/dist/ranger-${HIVE_PLUGIN_VERSION}-hive-plugin.tar.gz --directory=/opt/ranger && \ ln -s /opt/ranger/ranger-${HIVE_PLUGIN_VERSION}-hive-plugin /opt/ranger/ranger-hive-plugin && \ rm -f /home/ranger/dist/ranger-${HIVE_PLUGIN_VERSION}-hive-plugin.tar.gz && \ - cp -f ${RANGER_SCRIPTS}/ranger-hive-plugin-install.properties /opt/ranger/ranger-hive-plugin/install.properties && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_keytab.sh && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_testusers_keytab.sh && \ + rm -f /opt/ranger/ranger-hive-plugin/install.properties && \ chmod 744 ${RANGER_SCRIPTS}/ranger-hive-setup.sh ${RANGER_SCRIPTS}/ranger-hive.sh ENV HIVE_HOME=/opt/hive diff --git a/dev-support/ranger-docker/Dockerfile.ranger-kafka b/dev-support/ranger-docker/Dockerfile.ranger-kafka index 9a1dc54217..03089e097f 100644 --- a/dev-support/ranger-docker/Dockerfile.ranger-kafka +++ b/dev-support/ranger-docker/Dockerfile.ranger-kafka @@ -21,20 +21,9 @@ FROM ${RANGER_BASE_IMAGE}:${RANGER_BASE_VERSION} ARG KAFKA_VERSION ARG KAFKA_PLUGIN_VERSION -VOLUME /etc/keytabs - -COPY ./dist/version /home/ranger/dist/ COPY ./dist/ranger-${KAFKA_PLUGIN_VERSION}-kafka-plugin.tar.gz /home/ranger/dist/ COPY ./downloads/kafka_2.12-${KAFKA_VERSION}.tgz /home/ranger/dist/ - -COPY ./scripts/kafka/ranger-kafka-setup.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/kafka/ranger-kafka.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/kafka/ranger-kafka-plugin-install.properties ${RANGER_SCRIPTS}/ -COPY ./scripts/kafka/kafka-server-jaas.conf ${RANGER_SCRIPTS}/ -COPY ./scripts/hadoop/core-site.xml ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_testusers_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/kdc/krb5.conf /etc/krb5.conf +COPY ./scripts/kafka/*.sh ${RANGER_SCRIPTS}/ RUN tar xvfz /home/ranger/dist/kafka_2.12-${KAFKA_VERSION}.tgz --directory=/opt/ && \ ln -s /opt/kafka_2.12-${KAFKA_VERSION} /opt/kafka && \ @@ -42,9 +31,7 @@ RUN tar xvfz /home/ranger/dist/kafka_2.12-${KAFKA_VERSION}.tgz --directory=/opt/ tar xvfz /home/ranger/dist/ranger-${KAFKA_PLUGIN_VERSION}-kafka-plugin.tar.gz --directory=/opt/ranger && \ ln -s /opt/ranger/ranger-${KAFKA_PLUGIN_VERSION}-kafka-plugin /opt/ranger/ranger-kafka-plugin && \ rm -f /home/ranger/dist/ranger-${KAFKA_PLUGIN_VERSION}-kafka-plugin.tar.gz && \ - cp -f ${RANGER_SCRIPTS}/ranger-kafka-plugin-install.properties /opt/ranger/ranger-kafka-plugin/install.properties && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_keytab.sh && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_testusers_keytab.sh && \ + rm -f /opt/ranger/ranger-kafka-plugin/install.properties && \ chmod 744 ${RANGER_SCRIPTS}/ranger-kafka-setup.sh ${RANGER_SCRIPTS}/ranger-kafka.sh ENV KAFKA_HOME=/opt/kafka diff --git a/dev-support/ranger-docker/Dockerfile.ranger-kms b/dev-support/ranger-docker/Dockerfile.ranger-kms index 384c2e0916..9858ce54b9 100644 --- a/dev-support/ranger-docker/Dockerfile.ranger-kms +++ b/dev-support/ranger-docker/Dockerfile.ranger-kms @@ -23,8 +23,6 @@ ARG RANGER_DB_TYPE COPY ./dist/ranger-${KMS_VERSION}-kms.tar.gz /home/ranger/dist/ COPY ./scripts/kms/ranger-kms.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_testusers_keytab.sh ${RANGER_SCRIPTS}/ RUN tar xvfz /home/ranger/dist/ranger-${KMS_VERSION}-kms.tar.gz --directory=${RANGER_HOME} && \ ln -s ${RANGER_HOME}/ranger-${KMS_VERSION}-kms ${RANGER_HOME}/kms && \ @@ -38,8 +36,6 @@ RUN tar xvfz /home/ranger/dist/ranger-${KMS_VERSION}-kms.tar.gz --directory=${RA ln -s /etc/init.d/ranger-kms /etc/rc3.d/K90ranger-kms && \ ln -s ${RANGER_HOME}/kms/ranger-kms-services.sh /usr/bin/ranger-kms-services.sh && \ chown -R rangerkms:ranger ${RANGER_HOME}/kms/ ${RANGER_SCRIPTS}/ /var/run/ranger_kms/ /var/log/ranger/ /etc/ranger && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_keytab.sh && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_testusers_keytab.sh && \ chmod 744 ${RANGER_SCRIPTS}/ranger-kms.sh FROM ranger-kms AS ranger_postgres diff --git a/dev-support/ranger-docker/Dockerfile.ranger-knox b/dev-support/ranger-docker/Dockerfile.ranger-knox index a21e2b81ca..351ac46677 100644 --- a/dev-support/ranger-docker/Dockerfile.ranger-knox +++ b/dev-support/ranger-docker/Dockerfile.ranger-knox @@ -21,20 +21,11 @@ FROM ${RANGER_BASE_IMAGE}:${RANGER_BASE_VERSION} ARG KNOX_VERSION ARG KNOX_PLUGIN_VERSION -VOLUME /etc/keytabs - -COPY ./dist/version /home/ranger/dist/ COPY ./dist/ranger-${KNOX_PLUGIN_VERSION}-knox-plugin.tar.gz /home/ranger/dist/ COPY ./downloads/knox-${KNOX_VERSION}.tar.gz /home/ranger/dist/ -COPY ./scripts/knox/ranger-knox-setup.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/knox/ranger-knox.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/knox/ranger-knox-plugin-install.properties ${RANGER_SCRIPTS}/ +COPY ./scripts/knox/*.sh ${RANGER_SCRIPTS}/ COPY ./scripts/knox/ranger-knox-expect.py ${RANGER_SCRIPTS}/ -COPY ./scripts/knox/ranger-knox-sandbox.xml ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_testusers_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/kdc/krb5.conf /etc/krb5.conf RUN tar xvfz /home/ranger/dist/knox-${KNOX_VERSION}.tar.gz --directory=/opt/ && \ ln -s /opt/knox-${KNOX_VERSION} /opt/knox && \ @@ -42,10 +33,8 @@ RUN tar xvfz /home/ranger/dist/knox-${KNOX_VERSION}.tar.gz --directory=/opt/ && tar xvfz /home/ranger/dist/ranger-${KNOX_PLUGIN_VERSION}-knox-plugin.tar.gz --directory=/opt/ranger && \ ln -s /opt/ranger/ranger-${KNOX_PLUGIN_VERSION}-knox-plugin /opt/ranger/ranger-knox-plugin && \ rm -f /home/ranger/dist/ranger-${KNOX_PLUGIN_VERSION}-knox-plugin.tar.gz && \ - cp -f ${RANGER_SCRIPTS}/ranger-knox-plugin-install.properties /opt/ranger/ranger-knox-plugin/install.properties && \ - cp -f ${RANGER_SCRIPTS}/ranger-knox-sandbox.xml /opt/knox/conf/topologies/sandbox.xml && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_keytab.sh && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_testusers_keytab.sh && \ + rm -f /opt/ranger/ranger-knox-plugin/install.properties && \ + rm -f /opt/knox/conf/topologies/sandbox.xml && \ chmod 744 ${RANGER_SCRIPTS}/ranger-knox-setup.sh ${RANGER_SCRIPTS}/ranger-knox.sh ${RANGER_SCRIPTS}/ranger-knox-expect.py ENV KNOX_HOME=/opt/knox diff --git a/dev-support/ranger-docker/Dockerfile.ranger-solr b/dev-support/ranger-docker/Dockerfile.ranger-solr index b85c52fc9a..82a257861d 100644 --- a/dev-support/ranger-docker/Dockerfile.ranger-solr +++ b/dev-support/ranger-docker/Dockerfile.ranger-solr @@ -14,43 +14,32 @@ # See the License for the specific language governing permissions and # limitations under the License. +ARG RANGER_BASE_IMAGE +ARG RANGER_BASE_VERSION ARG SOLR_VERSION +FROM ${RANGER_BASE_IMAGE}:${RANGER_BASE_VERSION} AS ranger-base FROM solr:${SOLR_VERSION} ARG SOLR_PLUGIN_VERSION -VOLUME /etc/keytabs - -USER 0 +USER root RUN apt update && DEBIAN_FRONTEND="noninteractive" apt-get install -y krb5-user -# Copy audit config set -RUN mkdir -p /opt/solr/server/solr/configsets/ranger_audits/conf /home/ranger/scripts - -COPY ./scripts/solr/solr-ranger_audits/* /opt/solr/server/solr/configsets/ranger_audits/conf/ -COPY ./scripts/solr/solr-jaas.conf /opt/solr/server/etc/jaas.conf -COPY ./scripts/solr/solr-security.json /var/solr/data/security.json -COPY ./scripts/solr/ranger-solr.sh /home/ranger/scripts/ -COPY ./scripts/wait_for_keytab.sh /home/ranger/scripts/ -COPY ./scripts/wait_for_testusers_keytab.sh /home/ranger/scripts/ -COPY ./scripts/kdc/krb5.conf /etc/krb5.conf - +RUN mkdir -p /opt/solr/server/solr/configsets/ranger_audits/conf /home/ranger/dist /opt/ranger /home/ranger/scripts RUN chown -R solr:solr /opt/solr/server/solr/configsets/ranger_audits/ -RUN chmod +x /home/ranger/scripts/ranger-solr.sh /home/ranger/scripts/wait_for_keytab.sh /home/ranger/scripts/wait_for_testusers_keytab.sh -# Copy Ranger plugin -RUN mkdir -p /opt/ranger /home/ranger/dist /home/ranger/scripts +COPY --from=ranger-base /home/ranger/scripts/wait_for_keytab.sh /home/ranger/scripts/wait_for_keytab.sh +COPY --from=ranger-base /home/ranger/scripts/wait_for_testusers_keytab.sh /home/ranger/scripts/wait_for_testusers_keytab.sh +# Copy Ranger plugin COPY ./dist/ranger-${SOLR_PLUGIN_VERSION}-solr-plugin.tar.gz /home/ranger/dist/ -COPY ./scripts/solr/core-site.xml /home/ranger/scripts/ -COPY ./scripts/solr/ranger-solr-plugin-install.properties /home/ranger/scripts/ RUN tar xvfz /home/ranger/dist/ranger-${SOLR_PLUGIN_VERSION}-solr-plugin.tar.gz --directory=/opt/ranger && \ ln -s /opt/ranger/ranger-${SOLR_PLUGIN_VERSION}-solr-plugin /opt/ranger/ranger-solr-plugin && \ rm -f /home/ranger/dist/ranger-${SOLR_PLUGIN_VERSION}-solr-plugin.tar.gz && \ - cp -f /home/ranger/scripts/ranger-solr-plugin-install.properties /opt/ranger/ranger-solr-plugin/install.properties && \ + rm -f /opt/ranger/ranger-solr-plugin/install.properties && \ chown -R solr:solr /opt/ranger -ENTRYPOINT [ "/home/ranger/scripts/ranger-solr.sh" ] +ENTRYPOINT [ "/opt/ranger/ranger-solr.sh" ] CMD ["solr-foreground"] diff --git a/dev-support/ranger-docker/Dockerfile.ranger-tagsync b/dev-support/ranger-docker/Dockerfile.ranger-tagsync index 7b3e4ac6dd..8ce024243b 100644 --- a/dev-support/ranger-docker/Dockerfile.ranger-tagsync +++ b/dev-support/ranger-docker/Dockerfile.ranger-tagsync @@ -22,8 +22,6 @@ ARG TAGSYNC_VERSION COPY ./dist/ranger-${TAGSYNC_VERSION}-tagsync.tar.gz /home/ranger/dist/ COPY ./scripts/tagsync/ranger-tagsync.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_testusers_keytab.sh ${RANGER_SCRIPTS}/ RUN tar xvfz /home/ranger/dist/ranger-${TAGSYNC_VERSION}-tagsync.tar.gz --directory=${RANGER_HOME} && \ ln -s ${RANGER_HOME}/ranger-${TAGSYNC_VERSION}-tagsync ${RANGER_HOME}/tagsync && \ @@ -42,8 +40,6 @@ RUN tar xvfz /home/ranger/dist/ranger-${TAGSYNC_VERSION}-tagsync.tar.gz --direct ln -s /etc/init.d/ranger-tagsync /etc/rc3.d/K00ranger-tagsync && \ ln -s ${RANGER_HOME}/tagsync/ranger-tagsync-services.sh /usr/bin/ranger-tagsync-services.sh && \ chown -R ranger:ranger ${RANGER_HOME}/tagsync/ ${RANGER_SCRIPTS}/ /var/run/ranger/ /var/log/ranger/ /etc/ranger /etc/init.d/ranger-tagsync && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_keytab.sh && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_testusers_keytab.sh && \ chmod 744 ${RANGER_SCRIPTS}/ranger-tagsync.sh USER ranger diff --git a/dev-support/ranger-docker/Dockerfile.ranger-usersync b/dev-support/ranger-docker/Dockerfile.ranger-usersync index e3f3417a87..50410f7e13 100644 --- a/dev-support/ranger-docker/Dockerfile.ranger-usersync +++ b/dev-support/ranger-docker/Dockerfile.ranger-usersync @@ -22,8 +22,6 @@ ARG USERSYNC_VERSION COPY ./dist/ranger-${USERSYNC_VERSION}-usersync.tar.gz /home/ranger/dist/ COPY ./scripts/usersync/ranger-usersync.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_keytab.sh ${RANGER_SCRIPTS}/ -COPY ./scripts/wait_for_testusers_keytab.sh ${RANGER_SCRIPTS}/ RUN tar xvfz /home/ranger/dist/ranger-${USERSYNC_VERSION}-usersync.tar.gz --directory=${RANGER_HOME} && \ ln -s ${RANGER_HOME}/ranger-${USERSYNC_VERSION}-usersync ${RANGER_HOME}/usersync && \ @@ -37,8 +35,6 @@ RUN tar xvfz /home/ranger/dist/ranger-${USERSYNC_VERSION}-usersync.tar.gz --dire ln -s /etc/init.d/ranger-usersync /etc/rc3.d/K00ranger-usersync && \ ln -s ${RANGER_HOME}/usersync/ranger-usersync-services.sh /usr/bin/ranger-usersync && \ chown -R ranger:ranger ${RANGER_HOME}/usersync/ ${RANGER_SCRIPTS}/ /var/run/ranger/ /var/log/ranger/ /etc/ranger /etc/init.d/ranger-usersync && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_keytab.sh && \ - chmod 755 ${RANGER_SCRIPTS}/wait_for_testusers_keytab.sh && \ chmod 744 ${RANGER_SCRIPTS}/ranger-usersync.sh USER ranger diff --git a/dev-support/ranger-docker/Dockerfile.ranger-zk b/dev-support/ranger-docker/Dockerfile.ranger-zk index b0fbf8588a..6576d4a0e8 100644 --- a/dev-support/ranger-docker/Dockerfile.ranger-zk +++ b/dev-support/ranger-docker/Dockerfile.ranger-zk @@ -13,6 +13,10 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - +ARG RANGER_BASE_IMAGE +ARG RANGER_BASE_VERSION ARG ZK_VERSION +FROM ${RANGER_BASE_IMAGE}:${RANGER_BASE_VERSION} AS ranger-base FROM zookeeper:${ZK_VERSION} + +COPY --from=ranger-base /home/ranger/scripts/wait_for_keytab.sh /etc/wait_for_keytab.sh diff --git a/dev-support/ranger-docker/docker-compose.ranger-hadoop.yml b/dev-support/ranger-docker/docker-compose.ranger-hadoop.yml index 95346268c6..d0ef4f61e8 100644 --- a/dev-support/ranger-docker/docker-compose.ranger-hadoop.yml +++ b/dev-support/ranger-docker/docker-compose.ranger-hadoop.yml @@ -15,6 +15,13 @@ services: hostname: ranger-hadoop.rangernw volumes: - ./dist/keytabs/ranger-hadoop:/etc/keytabs + - ./scripts/kdc/krb5.conf:/etc/krb5.conf:ro + - ./dist/version:/home/ranger/dist/version:ro + - ./scripts/hadoop/ranger-hdfs-plugin-install.properties:/opt/ranger/ranger-hdfs-plugin/install.properties + - ./scripts/hadoop/ranger-yarn-plugin-install.properties:/opt/ranger/ranger-yarn-plugin/install.properties + - ./scripts/hadoop/core-site.xml:/home/ranger/scripts/core-site.xml:ro + - ./scripts/hadoop/hdfs-site.xml:/home/ranger/scripts/hdfs-site.xml:ro + - ./scripts/hadoop/yarn-site.xml:/home/ranger/scripts/yarn-site.xml:ro stdin_open: true tty: true networks: diff --git a/dev-support/ranger-docker/docker-compose.ranger-hbase.yml b/dev-support/ranger-docker/docker-compose.ranger-hbase.yml index 103eba6615..80249cc3f8 100644 --- a/dev-support/ranger-docker/docker-compose.ranger-hbase.yml +++ b/dev-support/ranger-docker/docker-compose.ranger-hbase.yml @@ -14,6 +14,11 @@ services: hostname: ranger-hbase.rangernw volumes: - ./dist/keytabs/ranger-hbase:/etc/keytabs + - ./scripts/kdc/krb5.conf:/etc/krb5.conf:ro + - ./dist/version:/home/ranger/dist/version:ro + - ./scripts/hbase/ranger-hbase-plugin-install.properties:/opt/ranger/ranger-hbase-plugin/install.properties + - ./scripts/hbase/hbase-site.xml:/home/ranger/scripts/hbase-site.xml:ro + - ./scripts/hadoop/core-site.xml:/home/ranger/scripts/core-site.xml:ro stdin_open: true tty: true networks: diff --git a/dev-support/ranger-docker/docker-compose.ranger-hive.yml b/dev-support/ranger-docker/docker-compose.ranger-hive.yml index 25b7227b8a..ea6552168d 100644 --- a/dev-support/ranger-docker/docker-compose.ranger-hive.yml +++ b/dev-support/ranger-docker/docker-compose.ranger-hive.yml @@ -16,6 +16,13 @@ services: hostname: ranger-hive.rangernw volumes: - ./dist/keytabs/ranger-hive:/etc/keytabs + - ./scripts/kdc/krb5.conf:/etc/krb5.conf:ro + - ./dist/version:/home/ranger/dist/version:ro + - ./scripts/hive/ranger-hive-plugin-install.properties:/opt/ranger/ranger-hive-plugin/install.properties + - ./scripts/hive/hive-site-${RANGER_DB_TYPE}.xml:/home/ranger/scripts/hive-site.xml:ro + - ./scripts/hadoop/core-site.xml:/home/ranger/scripts/core-site.xml:ro + - ./scripts/hive/hive-log4j2.properties:/opt/hive/conf/hive-log4j2.properties + - ./scripts/hive/hive-metastore-log4j2.properties:/opt/hive/conf/hive-metastore-log4j2.properties stdin_open: true tty: true networks: diff --git a/dev-support/ranger-docker/docker-compose.ranger-kafka.yml b/dev-support/ranger-docker/docker-compose.ranger-kafka.yml index 7aa363c4f7..c850d6df60 100644 --- a/dev-support/ranger-docker/docker-compose.ranger-kafka.yml +++ b/dev-support/ranger-docker/docker-compose.ranger-kafka.yml @@ -14,6 +14,11 @@ services: hostname: ranger-kafka.rangernw volumes: - ./dist/keytabs/ranger-kafka:/etc/keytabs + - ./scripts/kdc/krb5.conf:/etc/krb5.conf:ro + - ./scripts/hadoop/core-site.xml:/home/ranger/scripts/core-site.xml + - ./scripts/kafka/kafka-server-jaas.conf:/home/ranger/scripts/kafka-server-jaas.conf + - ./dist/version:/home/ranger/dist/version:ro + - ./scripts/kafka/ranger-kafka-plugin-install.properties:/opt/ranger/ranger-kafka-plugin/install.properties stdin_open: true tty: true networks: diff --git a/dev-support/ranger-docker/docker-compose.ranger-knox.yml b/dev-support/ranger-docker/docker-compose.ranger-knox.yml index f9435ef459..4defd81e98 100644 --- a/dev-support/ranger-docker/docker-compose.ranger-knox.yml +++ b/dev-support/ranger-docker/docker-compose.ranger-knox.yml @@ -14,6 +14,10 @@ services: hostname: ranger-knox.rangernw volumes: - ./dist/keytabs/ranger-knox:/etc/keytabs + - ./scripts/kdc/krb5.conf:/etc/krb5.conf:ro + - ./dist/version:/home/ranger/dist/version:ro + - ./scripts/knox/ranger-knox-sandbox.xml:/opt/knox/conf/topologies/sandbox.xml + - ./scripts/knox/ranger-knox-plugin-install.properties:/opt/ranger/ranger-knox-plugin/install.properties stdin_open: true tty: true networks: diff --git a/dev-support/ranger-docker/docker-compose.ranger.yml b/dev-support/ranger-docker/docker-compose.ranger.yml index 359a94b5d2..3d92f5e065 100644 --- a/dev-support/ranger-docker/docker-compose.ranger.yml +++ b/dev-support/ranger-docker/docker-compose.ranger.yml @@ -73,6 +73,8 @@ services: context: . dockerfile: Dockerfile.ranger-zk args: + - RANGER_BASE_IMAGE=${RANGER_BASE_IMAGE} + - RANGER_BASE_VERSION=${RANGER_BASE_VERSION} - ZK_VERSION=${ZK_VERSION} - KERBEROS_ENABLED=${KERBEROS_ENABLED} image: ranger-zk @@ -80,7 +82,6 @@ services: hostname: ranger-zk.rangernw volumes: - ./dist/keytabs/ranger-zk:/etc/keytabs - - ./scripts/wait_for_keytab.sh:/etc/wait_for_keytab.sh - ./scripts/kdc/krb5.conf:/etc/krb5.conf:ro - ./scripts/zk/jaas.conf:/etc/zookeeper/jaas.conf - ./scripts/zk/zookeeper-with-kerberos.sh:/zookeeper-with-kerberos.sh:ro @@ -97,6 +98,8 @@ services: context: . dockerfile: Dockerfile.ranger-solr args: + - RANGER_BASE_IMAGE=${RANGER_BASE_IMAGE} + - RANGER_BASE_VERSION=${RANGER_BASE_VERSION} - SOLR_VERSION=${SOLR_VERSION} - SOLR_PLUGIN_VERSION=${SOLR_PLUGIN_VERSION} - KERBEROS_ENABLED=${KERBEROS_ENABLED} @@ -105,6 +108,13 @@ services: hostname: ranger-solr.rangernw volumes: - ./dist/keytabs/ranger-solr:/etc/keytabs + - ./scripts/solr/solr-ranger_audits:/opt/solr/server/solr/configsets/ranger_audits/conf + - ./scripts/solr/ranger-solr-plugin-install.properties:/opt/ranger/ranger-solr-plugin/install.properties + - ./scripts/solr/core-site.xml:/opt/solr/server/resources/core-site.xml + - ./scripts/solr/solr-jaas.conf:/opt/solr/server/etc/jaas.conf + - ./scripts/solr/solr-security.json:/var/solr/data/security.json + - ./scripts/solr/ranger-solr.sh:/opt/ranger/ranger-solr.sh + - ./scripts/kdc/krb5.conf:/etc/krb5.conf networks: - ranger ports: diff --git a/dev-support/ranger-docker/scripts/solr/ranger-solr.sh b/dev-support/ranger-docker/scripts/solr/ranger-solr.sh index a4ad4f21ff..b2aecf960a 100755 --- a/dev-support/ranger-docker/scripts/solr/ranger-solr.sh +++ b/dev-support/ranger-docker/scripts/solr/ranger-solr.sh @@ -43,8 +43,6 @@ then cd /opt/ranger/ranger-solr-plugin ./enable-solr-plugin.sh - cp /home/ranger/scripts/core-site.xml /opt/solr/server/resources/ - touch "${SOLR_INSTALL_DIR}"/.setupDone fi diff --git a/dev-support/ranger-docker/scripts/wait_for_testusers_keytab.sh b/dev-support/ranger-docker/scripts/wait_for_testusers_keytab.sh old mode 100644 new mode 100755 index 7c12000f18..7f887aff9b --- a/dev-support/ranger-docker/scripts/wait_for_testusers_keytab.sh +++ b/dev-support/ranger-docker/scripts/wait_for_testusers_keytab.sh @@ -18,4 +18,4 @@ ${RANGER_SCRIPTS}/wait_for_keytab.sh testuser1.keytab ${RANGER_SCRIPTS}/wait_for_keytab.sh testuser2.keytab -${RANGER_SCRIPTS}/wait_for_keytab.sh testuser3.keytab \ No newline at end of file +${RANGER_SCRIPTS}/wait_for_keytab.sh testuser3.keytab