Skip to content

Ranger Admin

The following table contains the list of custom properties that can be configured for Ranger Admin. To use a custom property from the table, just add it to the following YML file in the custom-vars folder configured as per your environment:

  • vars.ranger.admin.yml
Property Description Values Default Value
RANGER_ENABLE
RANGER_INSTALL
RANGER_IMAGE_NAME
RANGER_IMAGE_TAG
RANGER_HTTP_PORT
RANGER_EXTERNAL_HTTP_PORT Property to change the default port number for a non-secured Ranger Admin. 6080
RANGER_HTTPS_PORT
RANGER_EXTERNAL_HTTPS_PORT Property to change the default port number for a secured Ranger Admin. 6182
RANGER_SSL_ENABLE
RANGER_SSL_SELF_SIGNED
RANGER_HOST_NAME
RANGER_INTERNAL_HOST_NAME
RANGER_ADMIN_PORT
RANGER_ADMIN_PROTOCOL
RANGER_PROTOCOL_URL
RANGER_SVC_IP
RANGER_EXTERNAL_HOST
RANGER_URL
RANGER_EXTERNAL_URL
RANGER_URL_INTERNAL
RANGER_URL_IP
RANGER_SETUP_MODE
RANGER_DB_FLAVOR
RANGER_DB_HOST
RANGER_DB_NAME
RANGER_DB_USER
RANGER_DB_PASSWORD
RANGER_DB_ROOT_USER
RANGER_DB_ROOT_PASSWORD
RANGER_CREATE_DB
RANGER_CREATE_DB_USER
RANGER_DB_SSL_ENABLE
RANGER_DB_SSL_REQUIRED
RANGER_DB_SSL_VERIFY_CERT
RANGER_DB_SSL_AUTH_TYPE
ANGER_ADMIN_DEFAULT_PASSWORD
RANGER_ADMIN_PASSWORD
RANGER_TAGSYNC_PASSWORD
RANGER_USERSYNC_PASSWORD
RANGER_KEYADMIN_PASSWORD
RANGER_VALID_EMAIL_REGEX Set a custom regular expression to validate an email address. ^[\\w]([\\-\\.\\w\\+])+[\\w\\+]+@[\\w]+[\\w\\-]+[\\w]*\\.([\\w]+[\\w\\-]+[\\w]*(\\.[a-z][a-z|0-9]*)?)$
RANGER_ADMIN_HTTPS_ENABLED
RANGER_ADMIN_KEYSTORE_FILE
RANGER_ADMIN_KEYSTORE_ALIAS
RANGER_ADMIN_KEYSTORE_PASSWORD
RANGER_ADMIN_TRUSTSTORE_ALIAS
RANGER_ADMIN_TRUSTSTORE_PATH
RANGER_ADMIN_TRUSTSTORE_PASSWORD
RANGER_ADMIN_SSL_SIGNED_PEM_FULL_CHAIN
RANGER_ADMIN_SSL_SIGNED_PEM_PRIVATE_KEY
RANGER_ADMIN_SSL_PKCS12_PASSWORD
RANGER_ADMIN_SSL_SIGNED_CERT_FORMAT
RANGER_ADMIN_SSL_SIGNED_PKCS12_ALIAS
RANGER_ADMIN_SSL_SIGNED_PKCS12_FILE
RANGER_SUPPORTED_COMPONENTS
RANGER_SOLR_AUDIT_STORE
RANGER_SOLR_URL
RANGER_SOLR_ZOOKEEPERS
RANGER_SOLR_COLLECTION_NAME
RANGER_SOLR_CONFIG_NAME
RANGER_SOLR_NUMBER_OF_SHARDS
RANGER_SOLR_NUMBER_OF_REPLICAS
RANGER_SOLR_MAX_SHARDS_PER_NODE
RANGER_SOLR_ACL_USER_LIST
RANGER_UNIX_USER
RANGER_UNIX_USER_PASSWORD
RANGER_UNIX_GROUP
RANGER_AUTHENTICATION_METHOD
RANGER_REMOTE_LOGIN_ENABLED
RANGER_AUTH_SERVICE_HOSTNAME
RANGER_AUTH_SERVICE_PORT
RANGER_UNIX_AUTH_SERVICE_KEYSTORE
RANGER_UNIX_AUTH_KEYSTORE_PASSWORD
RANGER_UNIX_AUTH_TRUSTSTORE
RANGER_UNIX_AUTH_TRUSTSTORE_PASSWORD
RANGER_LDAP_URL
RANGER_LDAP_USER_DN_PATTERN
RANGER_LDAP_GROUP_SEARCH_BASE
RANGER_LDAP_GROUP_SEARCH_FILTER
RANGER_LDAP_GROUP_ROLE_ATTRIBUTE
RANGER_LDAP_BASE_DN
RANGER_LDAP_BIND_DN
RANGER_LDAP_BIND_PASSWORD
RANGER_LDAP_REFERRAL
RANGER_LDAP_USER_SEARCH_FILTER
RANGER_LDAP_AD_DOMAIN
RANGER_LDAP_AD_URL
RANGER_LDAP_AD_BASE_DN
RANGER_LDAP_AD_BIND_DN
RANGER_LDAP_AD_BIND_PASSWORD
RANGER_LDAP_AD_REFERRAL
RANGER_LDAP_AD_USER_SEARCH_FILTER
RANGER_SSO_ENABLED
RANGER_SSO_PROVIDER_URL
RANGER_SSO_PUBLICKEY
RANGER_ADMIN_LOG_DIR
RANGER_ADMIN_PID_DIR_PATH
RANGER_XAPOLICYMGR_DIR
RANGER_ADMIN_MAX_HEAP_SIZE
RANGER_EXTERNAL_USER_ADMIN_AUDIT_ENABLED Enable/disable the admin audits for external users (usersync). true, false false
RANGER_PLUGIN_JCEKS_STOREPASS
RANGER_PLUGIN_SSL_KEYSTORE_PASSWORD
RANGER_PLUGIN_SSL_TRUSTSTORE_PASSWORD
RANGER_PLUGIN_KEYSTORE_ALIAS
RANGER_PLUGIN_SOLR_URL_INTERNAL
RANGER_PLUGIN_SOLR_URL_EXTERNAL
RANGER_PLUGIN_SOLR_BASIC_AUTH_ENABLED
RANGER_PLUGIN_SOLR_BASIC_AUTH_USER
RANGER_PLUGIN_SOLR_BASIC_AUTH_PASSWORD
RANGER_PLUGIN_SOLR_ZOOKEEPER
RANGER_PLUGIN_SOLR_ZOOKEEPER_INTERNAL
RANGER_PLUGIN_AUDITS_TO_KAFKA
RANGER_PLUGIN_KAFKA_BROKER_LIST
AWS_RANGER_LB_CERTIFICATE_ARN
RANGER_LB_SSL_CERT
RANGER_LB_BACKEND_PROTOCOL
RANGER_LB_SSL_PORT
RANGER_LB_TARGET_PORT
RANGER_ADMIN_ENCRYPT_SECRETS
RANGER_ADMIN_SECRETS_FILE
RANGER_ADMIN_SECRETS_KEYSTORE_PASSWORD
RANGER_ADMIN_ENCRYPT_PROPS_LIST
RANGER_K8S_LOADBALANCER_EXTERNAL
RANGER_K8S_ANNOTATION_LOADBALANCER_ANNOTATION
RANGER_K8S_MEM_LIMITS
RANGER_K8S_MEM_REQUESTS
RANGER_K8S_CPU_LIMITS
RANGER_K8S_CPU_REQUESTS
RANGER_K8S_REPLICAS
RANGER_ADMIN_GENERAL_PASSWORDS_LIST
RANGER_ADMIN_SSL_PASSWORDS_LIST
RANGER_ADMIN_SIGNED_SSL_PASSWORDS_LIST
RANGER_ADMIN_ENCRYPT_PASSWORDS_LIST
RANGER_INIT_CONTAINER_CUSTOM_COMMAND_LIST You can provide a list of commands to download custom ``.jars`` to a desired location inside the Ranger container. For example:
RANGER_INIT_CONTAINER_CUSTOM_COMMAND_LIST:
  - curl https://privacera/public/custom-1.jar -o /opt/ranger/ranger-admin/ews/webapp/WEB-INF/lib/custom-1.jar
  - curl https://privacera/public/custom-2.jar -o /opt/ranger/ranger-admin/ews/webapp/WEB-INF/lib/custom-2.jar
RANGER_INTERNAL_RESERVED_USERS_ACTIVATE This property prohibits from any updation/deletion for users which are created as reserved users. Using this property, you can activate Ranger reserved users feature. true,false false
RANGER_INTERNAL_RESERVED_USERS List of users to be marked as Ranger reserved users.   admin,rangerusersync,rangertagsync,keyadmin
Memory Variables
RANGER_HEAP_MIN_MEMORY_MB Minimum Java Heap memory in MB used by Ranger Admin. For example, RANGER_HEAP_MIN_MEMORY_MB: "1024"  
RANGER_HEAP_MIN_MEMORY Minimum Java Heap memory used by Ranger Admin. Setting this value will override RANGER_HEAP_MIN_MEMORY_MB. For example, RANGER_HEAP_MIN_MEMORY: "1g"  
RANGER_HEAP_MAX_MEMORY_MB Maximum Java Heap memory in MB used by Ranger Admin. For example, RANGER_HEAP_MAX_MEMORY_MB: "1024"  
RANGER_HEAP_MAX_MEMORY Maximum Java Heap memory used by Ranger Admin. Setting this value will override RANGER_HEAP_MAX_MEMORY_MB. For example, RANGER_HEAP_MAX_MEMORY: "1g"  
RANGER_K8S_MEM_REQUESTS_MB Minimum amount of Kubernetes memory in MB to be requested by Ranger Admin. For example, RANGER_K8S_MEM_REQUESTS_MB: "1024"  
RANGER_K8S_MEM_REQUESTS Minimum amount of Kubernetes memory to be used by Ranger Admin. Setting this value will override RANGER_K8S_MEM_REQUESTS_MB. For example, RANGER_K8S_MEM_REQUESTS: "1G"  
RANGER_K8S_MEM_LIMITS_MB Maximum amount of Kubernetes memory in MB to be requested by Ranger Admin. For example, RANGER_K8S_MEM_LIMITS_MB: "1024"  
RANGER_K8S_MEM_LIMITS Maximum amount of Kubernetes memory to be used by Ranger Admin. Setting this value will override RANGER_K8S_MEM_LIMITS_MB. For example, RANGER_K8S_MEM_LIMITS: "1G"  
RANGER_CPU_MIN Minimum amount of Kubernetes CPU to be requested by Ranger Admin. For example, RANGER_CPU_MIN: "0.5"  
RANGER_CPU_MAX Maximum amount of Kubernetes CPU to be used by Ranger Admin. For example, RANGER_CPU_MAX: "0.5"