RANGER-5451: Docker setup update to configure Ranger authorization in Solr #810
Conversation
There was a problem hiding this comment.
Pull request overview
This PR updates the Docker setup to integrate and configure the Ranger authorization plugin for Apache Solr. The changes enable Ranger-based authorization in the Solr container, including Kerberos authentication support and audit logging configuration.
Changes:
- Added Ranger Solr plugin installation and configuration in the Docker setup
- Updated Solr security configuration to use RangerSolrAuthorizer
- Modified Kerberos configuration to use solr service principal instead of HTTP
Reviewed changes
Copilot reviewed 15 out of 15 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuditHandler.java | Added null check before logging audit events |
| plugin-solr/conf/ranger-solr-security-changes.cfg | Added UGI (User Group Information) initialization configuration properties |
| plugin-solr/conf/ranger-solr-audit-changes.cfg | Added Kafka audit configuration options and reorganized Solr audit settings |
| distro/src/main/assembly/plugin-solr.xml | Added hadoop-shaded-guava dependency to plugin assembly |
| dev-support/ranger-docker/scripts/solr/solr-security.json | Added Ranger authorization class configuration |
| dev-support/ranger-docker/scripts/solr/solr-jaas.conf | Changed from HTTP to solr service principal for Kerberos authentication |
| dev-support/ranger-docker/scripts/solr/ranger-solr.sh | Added Ranger plugin installation and core-site.xml configuration |
| dev-support/ranger-docker/scripts/solr/ranger-solr-plugin-install.properties | New configuration file for Ranger Solr plugin installation |
| dev-support/ranger-docker/scripts/solr/core-site.xml | New Hadoop configuration file for Kerberos authentication |
| dev-support/ranger-docker/scripts/kdc/entrypoint.sh | Added solr principal and keytab creation |
| dev-support/ranger-docker/scripts/admin/create-ranger-services.py | Added Solr service definition to Ranger admin |
| dev-support/ranger-docker/docker-compose.ranger.yml | Added SOLR_PLUGIN_VERSION build argument |
| dev-support/ranger-docker/Dockerfile.ranger-solr | Added Ranger plugin installation steps |
| dev-support/ranger-docker/.env | Updated Solr version and added plugin version variable |
| dev-support/ranger-docker/.dockerignore | Added solr plugin tar.gz to allowed files |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
dev-support/ranger-docker/scripts/solr/ranger-solr-plugin-install.properties
Show resolved
Hide resolved
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 15 out of 15 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
The CI build is failing as it's not able to find |
@kumaab - .dockerignore has been updated in this PR, which should have made Solr plugin to be available for docker image build. Is this issue caused by caching? |
3 participants
What changes were proposed in this pull request?
updated docker setup to install and configure Ranger plugin in Solr
How was this patch tested?
verified that Ranger plugin initializes successfully and downloads policy details from Ranger admin.