Repository: incubator-ranger Updated Branches: refs/heads/master f33879b4f -> fe44eb027
RANGER-664:Ranger PolicyRefresh REST Client timeout parameter should be configurable Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/fe44eb02 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/fe44eb02 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/fe44eb02 Branch: refs/heads/master Commit: fe44eb027a063739fd71d9936281338ed29285da Parents: f33879b Author: rmani <[email protected]> Authored: Mon Sep 28 22:32:41 2015 -0700 Committer: rmani <[email protected]> Committed: Mon Sep 28 22:32:41 2015 -0700 ---------------------------------------------------------------------- .../admin/client/RangerAdminRESTClient.java | 12 ++++-- .../ranger/plugin/util/RangerRESTClient.java | 40 ++++++++++++++------ .../conf/ranger-hbase-security-changes.cfg | 3 ++ hbase-agent/conf/ranger-hbase-security.xml | 16 ++++++++ .../conf/ranger-hdfs-security-changes.cfg | 2 + hdfs-agent/conf/ranger-hdfs-security.xml | 16 ++++++++ .../conf/ranger-hive-security-changes.cfg | 2 + hive-agent/conf/ranger-hive-security.xml | 16 ++++++++ .../conf/ranger-knox-security-changes.cfg | 2 + knox-agent/conf/ranger-knox-security.xml | 16 ++++++++ .../client/RangerAdminJersey2RESTClient.java | 8 ++++ .../conf/ranger-kafka-security-changes.cfg | 4 +- plugin-kafka/conf/ranger-kafka-security.xml | 16 ++++++++ plugin-kms/conf/ranger-kms-security-changes.cfg | 4 +- plugin-kms/conf/ranger-kms-security.xml | 16 ++++++++ .../conf/ranger-solr-security-changes.cfg | 4 +- plugin-solr/conf/ranger-solr-security.xml | 16 ++++++++ .../conf/ranger-yarn-security-changes.cfg | 2 + plugin-yarn/conf/ranger-yarn-security.xml | 16 ++++++++ .../conf/ranger-storm-security-changes.cfg | 4 +- storm-agent/conf/ranger-storm-security.xml | 16 ++++++++ 21 files changed, 211 insertions(+), 20 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java b/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java index f74bc6d..7f1c6b3 100644 --- a/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java +++ b/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java @@ -51,10 +51,12 @@ public class RangerAdminRESTClient implements RangerAdminClient { this.serviceName = serviceName; this.pluginId = restUtils.getPluginId(serviceName, appId); - String url = RangerConfiguration.getInstance().get(propertyPrefix + ".policy.rest.url"); - String sslConfigFileName = RangerConfiguration.getInstance().get(propertyPrefix + ".policy.rest.ssl.config.file"); + String url = RangerConfiguration.getInstance().get(propertyPrefix + ".policy.rest.url"); + String sslConfigFileName = RangerConfiguration.getInstance().get(propertyPrefix + ".policy.rest.ssl.config.file"); + int restClientConnTimeOutMs = RangerConfiguration.getInstance().getInt(propertyPrefix + ".policy.rest.client.connection.timeoutMs", 120 * 1000); + int restClientReadTimeOutMs = RangerConfiguration.getInstance().getInt(propertyPrefix + ".policy.rest.client.read.timeoutMs", 30 * 1000); - init(url, sslConfigFileName); + init(url, sslConfigFileName, restClientConnTimeOutMs , restClientReadTimeOutMs); } @Override @@ -142,12 +144,14 @@ public class RangerAdminRESTClient implements RangerAdminClient { } } - private void init(String url, String sslConfigFileName) { + private void init(String url, String sslConfigFileName, int restClientConnTimeOutMs , int restClientReadTimeOutMs ) { if(LOG.isDebugEnabled()) { LOG.debug("==> RangerAdminRESTClient.init(" + url + ", " + sslConfigFileName + ")"); } restClient = new RangerRESTClient(url, sslConfigFileName); + restClient.setRestClientConnTimeOutMs(restClientConnTimeOutMs); + restClient.setRestClientReadTimeOutMs(restClientReadTimeOutMs); if(LOG.isDebugEnabled()) { LOG.debug("<== RangerAdminRESTClient.init(" + url + ", " + sslConfigFileName + ")"); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java index 46fab40..c311670 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java @@ -83,14 +83,11 @@ public class RangerRESTClient { public static final String RANGER_SSL_TRUSTMANAGER_ALGO_TYPE = "SunX509" ; public static final String RANGER_SSL_CONTEXT_ALGO_TYPE = "SSL" ; - public static final int RANGER_POLICYMGR_CLIENT_CONNECTION_TIMEOUT = 120000; - public static final int RANGER_POLICYMGR_CLIENT_READ_TIMEOUT = 30000; - - private String mUrl = null; - private String mSslConfigFileName = null; - private String mUsername = null; - private String mPassword = null; - private boolean mIsSSL = false; + private String mUrl = null; + private String mSslConfigFileName = null; + private String mUsername = null; + private String mPassword = null; + private boolean mIsSSL = false; private String mKeyStoreURL = null; private String mKeyStoreAlias = null; @@ -101,8 +98,11 @@ public class RangerRESTClient { private String mTrustStoreFile = null; private String mTrustStoreType = null; - private Gson gsonBuilder = null; - private volatile Client client = null; + private Gson gsonBuilder = null; + private volatile Client client = null; + + private int mRestClientConnTimeOutMs; + private int mRestClientReadTimeOutMs; public RangerRESTClient() { this(RangerConfiguration.getInstance().get(RANGER_PROP_POLICYMGR_URL), @@ -132,6 +132,22 @@ public class RangerRESTClient { return mPassword; } + public int getRestClientConnTimeOutMs() { + return mRestClientConnTimeOutMs; + } + + public void setRestClientConnTimeOutMs(int mRestClientConnTimeOutMs) { + this.mRestClientConnTimeOutMs = mRestClientConnTimeOutMs; + } + + public int getRestClientReadTimeOutMs() { + return mRestClientReadTimeOutMs; + } + + public void setRestClientReadTimeOutMs(int mRestClientReadTimeOutMs) { + this.mRestClientReadTimeOutMs = mRestClientReadTimeOutMs; + } + public void setBasicAuthInfo(String username, String password) { mUsername = username; mPassword = password; @@ -202,8 +218,8 @@ public class RangerRESTClient { } // Set Connection Timeout and ReadTime for the PolicyRefresh - client.setConnectTimeout(RANGER_POLICYMGR_CLIENT_CONNECTION_TIMEOUT); - client.setReadTimeout(RANGER_POLICYMGR_CLIENT_READ_TIMEOUT); + client.setConnectTimeout(mRestClientConnTimeOutMs); + client.setReadTimeout(mRestClientReadTimeOutMs); return client; } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/hbase-agent/conf/ranger-hbase-security-changes.cfg ---------------------------------------------------------------------- diff --git a/hbase-agent/conf/ranger-hbase-security-changes.cfg b/hbase-agent/conf/ranger-hbase-security-changes.cfg index 9c74898..31505b3 100644 --- a/hbase-agent/conf/ranger-hbase-security-changes.cfg +++ b/hbase-agent/conf/ranger-hbase-security-changes.cfg @@ -24,5 +24,8 @@ ranger.plugin.hbase.policy.rest.url %POLICY_MGR_URL% ranger.plugin.hbase.policy.rest.ssl.config.file /etc/hbase/conf/ranger-policymgr-ssl.xml mod create-if-not-exists ranger.plugin.hbase.policy.pollIntervalMs 30000 mod create-if-not-exists ranger.plugin.hbase.policy.cache.dir %POLICY_CACHE_FILE_PATH% mod create-if-not-exists +ranger.plugin.hbase.policy.rest.client.connection.timeoutMs 120000 mod create-if-not-exists +ranger.plugin.hbase.policy.rest.client.read.timeoutMs 30000 mod create-if-not-exists + xasecure.hbase.update.xapolicies.on.grant.revoke %UPDATE_XAPOLICIES_ON_GRANT_REVOKE% mod create-if-not-exists http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/hbase-agent/conf/ranger-hbase-security.xml ---------------------------------------------------------------------- diff --git a/hbase-agent/conf/ranger-hbase-security.xml b/hbase-agent/conf/ranger-hbase-security.xml index 43d5d36..08716ea 100644 --- a/hbase-agent/conf/ranger-hbase-security.xml +++ b/hbase-agent/conf/ranger-hbase-security.xml @@ -72,4 +72,20 @@ Should HBase plugin update Ranger policies for updates to permissions done using GRANT/REVOKE? </description> </property> + + <property> + <name>ranger.plugin.hbase.policy.rest.client.connection.timeoutMs</name> + <value>120000</value> + <description> + RangerRestClient Connection Timeout in Milli Seconds + </description> + </property> + + <property> + <name>ranger.plugin.hbase.policy.rest.client.read.timeoutMs</name> + <value>30000</value> + <description> + RangerRestClient read Timeout in Milli Seconds + </description> + </property> </configuration> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/hdfs-agent/conf/ranger-hdfs-security-changes.cfg ---------------------------------------------------------------------- diff --git a/hdfs-agent/conf/ranger-hdfs-security-changes.cfg b/hdfs-agent/conf/ranger-hdfs-security-changes.cfg index 4bdb08f..5639c17 100644 --- a/hdfs-agent/conf/ranger-hdfs-security-changes.cfg +++ b/hdfs-agent/conf/ranger-hdfs-security-changes.cfg @@ -24,3 +24,5 @@ ranger.plugin.hdfs.policy.rest.url %POLICY_MGR_URL% ranger.plugin.hdfs.policy.rest.ssl.config.file /etc/hadoop/conf/ranger-policymgr-ssl.xml mod create-if-not-exists ranger.plugin.hdfs.policy.pollIntervalMs 30000 mod create-if-not-exists ranger.plugin.hdfs.policy.cache.dir %POLICY_CACHE_FILE_PATH% mod create-if-not-exists +ranger.plugin.hdfs.policy.rest.client.connection.timeoutMs 120000 mod create-if-not-exists +ranger.plugin.hdfs.policy.rest.client.read.timeoutMs 30000 mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/hdfs-agent/conf/ranger-hdfs-security.xml ---------------------------------------------------------------------- diff --git a/hdfs-agent/conf/ranger-hdfs-security.xml b/hdfs-agent/conf/ranger-hdfs-security.xml index 37230b7..10409d9 100644 --- a/hdfs-agent/conf/ranger-hdfs-security.xml +++ b/hdfs-agent/conf/ranger-hdfs-security.xml @@ -65,6 +65,22 @@ </description> </property> + <property> + <name>ranger.plugin.hdfs.policy.rest.client.connection.timeoutMs</name> + <value>120000</value> + <description> + Hdfs Plugin RangerRestClient Connection Timeout in Milli Seconds + </description> + </property> + + <property> + <name>ranger.plugin.hdfs.policy.rest.client.read.timeoutMs</name> + <value>30000</value> + <description> + Hdfs Plugin RangerRestClient read Timeout in Milli Seconds + </description> + </property> + <!-- The following fields are used to customize the audit logging feature --> <!-- <property> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/hive-agent/conf/ranger-hive-security-changes.cfg ---------------------------------------------------------------------- diff --git a/hive-agent/conf/ranger-hive-security-changes.cfg b/hive-agent/conf/ranger-hive-security-changes.cfg index 504bf7d..0e8d0d4 100644 --- a/hive-agent/conf/ranger-hive-security-changes.cfg +++ b/hive-agent/conf/ranger-hive-security-changes.cfg @@ -24,5 +24,7 @@ ranger.plugin.hive.policy.rest.url %POLICY_MGR_URL% ranger.plugin.hive.policy.rest.ssl.config.file /etc/hive/conf/ranger-policymgr-ssl.xml mod create-if-not-exists ranger.plugin.hive.policy.pollIntervalMs 30000 mod create-if-not-exists ranger.plugin.hive.policy.cache.dir %POLICY_CACHE_FILE_PATH% mod create-if-not-exists +ranger.plugin.hive.policy.rest.client.connection.timeoutMs 120000 mod create-if-not-exists +ranger.plugin.hive.policy.rest.client.read.timeoutMs 30000 mod create-if-not-exists xasecure.hive.update.xapolicies.on.grant.revoke %UPDATE_XAPOLICIES_ON_GRANT_REVOKE% mod create-if-not-exists http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/hive-agent/conf/ranger-hive-security.xml ---------------------------------------------------------------------- diff --git a/hive-agent/conf/ranger-hive-security.xml b/hive-agent/conf/ranger-hive-security.xml index 010debc..3a5fc54 100644 --- a/hive-agent/conf/ranger-hive-security.xml +++ b/hive-agent/conf/ranger-hive-security.xml @@ -70,4 +70,20 @@ <value>true</value> <description>Should Hive plugin update Ranger policies for updates to permissions done using GRANT/REVOKE?</description> </property> + + <property> + <name>ranger.plugin.hive.policy.rest.client.connection.timeoutMs</name> + <value>120000</value> + <description> + RangerRestClient Connection Timeout in Milli Seconds + </description> + </property> + + <property> + <name>ranger.plugin.hive.policy.rest.client.read.timeoutMs</name> + <value>30000</value> + <description> + RangerRestClient read Timeout in Milli Seconds + </description> + </property> </configuration> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/knox-agent/conf/ranger-knox-security-changes.cfg ---------------------------------------------------------------------- diff --git a/knox-agent/conf/ranger-knox-security-changes.cfg b/knox-agent/conf/ranger-knox-security-changes.cfg index 8fb8a7b..db702e5 100644 --- a/knox-agent/conf/ranger-knox-security-changes.cfg +++ b/knox-agent/conf/ranger-knox-security-changes.cfg @@ -22,3 +22,5 @@ ranger.plugin.knox.policy.rest.url %POLICY_MGR_URL% ranger.plugin.knox.policy.rest.ssl.config.file /etc/knox/conf/ranger-policymgr-ssl.xml mod create-if-not-exists ranger.plugin.knox.policy.pollIntervalMs 30000 mod create-if-not-exists ranger.plugin.knox.policy.cache.dir %POLICY_CACHE_FILE_PATH% mod create-if-not-exists +ranger.plugin.knox.policy.rest.client.connection.timeoutMs 120000 mod create-if-not-exists +ranger.plugin.knox.policy.rest.client.read.timeoutMs 30000 mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/knox-agent/conf/ranger-knox-security.xml ---------------------------------------------------------------------- diff --git a/knox-agent/conf/ranger-knox-security.xml b/knox-agent/conf/ranger-knox-security.xml index 8e442e9..e152671 100644 --- a/knox-agent/conf/ranger-knox-security.xml +++ b/knox-agent/conf/ranger-knox-security.xml @@ -65,4 +65,20 @@ Directory where Ranger policies are cached after successful retrieval from the source </description> </property> + + <property> + <name>ranger.plugin.knox.policy.rest.client.connection.timeoutMs</name> + <value>120000</value> + <description> + RangerRestClient Connection Timeout in Milli Seconds + </description> + </property> + + <property> + <name>ranger.plugin.knox.policy.rest.client.read.timeoutMs</name> + <value>30000</value> + <description> + RangerRestClient read Timeout in Milli Seconds + </description> + </property> </configuration> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java ---------------------------------------------------------------------- diff --git a/knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java b/knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java index a8020a5..c087f25 100644 --- a/knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java +++ b/knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java @@ -33,10 +33,12 @@ import javax.ws.rs.core.Response; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.hadoop.security.AccessControlException; +import org.apache.ranger.authorization.hadoop.config.RangerConfiguration; import org.apache.ranger.plugin.util.GrantRevokeRequest; import org.apache.ranger.plugin.util.RangerRESTUtils; import org.apache.ranger.plugin.util.RangerSslHelper; import org.apache.ranger.plugin.util.ServicePolicies; +import org.glassfish.jersey.client.ClientProperties; import com.google.gson.Gson; import com.google.gson.GsonBuilder; @@ -59,6 +61,8 @@ public class RangerAdminJersey2RESTClient implements RangerAdminClient { String _sslConfigFileName = null; String _serviceName = null; String _pluginId = null; + int _restClientConnTimeOutMs; + int _restClientReadTimeOutMs; @Override @@ -72,10 +76,14 @@ public class RangerAdminJersey2RESTClient implements RangerAdminClient { _baseUrl = _utils.getPolicyRestUrl(configPropertyPrefix); _sslConfigFileName = _utils.getSsslConfigFileName(configPropertyPrefix); _isSSL = _utils.isSsl(_baseUrl); + _restClientConnTimeOutMs = RangerConfiguration.getInstance().getInt(configPropertyPrefix + ".policy.rest.client.connection.timeoutMs", 120 * 1000); + _restClientReadTimeOutMs = RangerConfiguration.getInstance().getInt(configPropertyPrefix + ".policy.rest.client.read.timeoutMs", 30 * 1000); LOG.info("Init params: " + String.format("Base URL[%s], SSL Congig filename[%s], ServiceName=[%s]", _baseUrl, _sslConfigFileName, _serviceName)); _client = getClient(); + _client.property(ClientProperties.CONNECT_TIMEOUT, _restClientConnTimeOutMs); + _client.property(ClientProperties.READ_TIMEOUT, _restClientReadTimeOutMs); if(LOG.isDebugEnabled()) { LOG.debug("<== RangerAdminJersey2RESTClient.init(" + configPropertyPrefix + "): " + _client.toString()); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/plugin-kafka/conf/ranger-kafka-security-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-kafka/conf/ranger-kafka-security-changes.cfg b/plugin-kafka/conf/ranger-kafka-security-changes.cfg index fe36616..a43eb23 100644 --- a/plugin-kafka/conf/ranger-kafka-security-changes.cfg +++ b/plugin-kafka/conf/ranger-kafka-security-changes.cfg @@ -21,6 +21,8 @@ ranger.plugin.kafka.service.name %REPOSITORY_NAME% mod create-if-not-exists ranger.plugin.kafka.policy.source.impl org.apache.ranger.admin.client.RangerAdminRESTClient mod create-if-not-exists ranger.plugin.kafka.policy.rest.url %POLICY_MGR_URL% mod create-if-not-exists -ranger.plugin.kafka.policy.rest.ssl.config.file /etc/kafka/conf/ranger-policymgr-ssl.xml mod create-if-not-exists +ranger.plugin.kafka.policy.rest.ssl.config.file /etc/kafka/conf/ranger-policymgr-ssl.xml mod create-if-not-exists ranger.plugin.kafka.policy.pollIntervalMs 30000 mod create-if-not-exists ranger.plugin.kafka.policy.cache.dir %POLICY_CACHE_FILE_PATH% mod create-if-not-exists +ranger.policy.rest.client.connection.timeoutMs 120000 mod create-if-not-exists +ranger.policy.rest.client.read.timeoutMs 30000 mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/plugin-kafka/conf/ranger-kafka-security.xml ---------------------------------------------------------------------- diff --git a/plugin-kafka/conf/ranger-kafka-security.xml b/plugin-kafka/conf/ranger-kafka-security.xml index b11a71a..2c06f5c 100644 --- a/plugin-kafka/conf/ranger-kafka-security.xml +++ b/plugin-kafka/conf/ranger-kafka-security.xml @@ -64,4 +64,20 @@ Directory where Ranger policies are cached after successful retrieval from the source </description> </property> + + <property> + <name>ranger.plugin.kafka.policy.rest.client.connection.timeoutMs</name> + <value>120000</value> + <description> + RangerRestClient Connection Timeout in Milli Seconds + </description> + </property> + + <property> + <name>ranger.plugin.kafka.policy.rest.client.read.timeoutMs</name> + <value>30000</value> + <description> + RangerRestClient read Timeout in Milli Seconds + </description> + </property> </configuration> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/plugin-kms/conf/ranger-kms-security-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-kms/conf/ranger-kms-security-changes.cfg b/plugin-kms/conf/ranger-kms-security-changes.cfg index fdd1723..f4779ac 100644 --- a/plugin-kms/conf/ranger-kms-security-changes.cfg +++ b/plugin-kms/conf/ranger-kms-security-changes.cfg @@ -21,6 +21,8 @@ ranger.plugin.kms.service.name %REPOSITORY_NAME% mod create-if-not-exists ranger.plugin.kms.policy.source.impl org.apache.ranger.admin.client.RangerAdminRESTClient mod create-if-not-exists ranger.plugin.kms.policy.rest.url %POLICY_MGR_URL% mod create-if-not-exists -ranger.plugin.kms.policy.rest.ssl.config.file /etc/kms/conf/ranger-policymgr-ssl.xml mod create-if-not-exists +ranger.plugin.kms.policy.rest.ssl.config.file /etc/kms/conf/ranger-policymgr-ssl.xml mod create-if-not-exists ranger.plugin.kms.policy.pollIntervalMs 30000 mod create-if-not-exists ranger.plugin.kms.policy.cache.dir %POLICY_CACHE_FILE_PATH% mod create-if-not-exists +ranger.plugin.kms.policy.rest.client.connection.timeoutMs 120000 mod create-if-not-exists +ranger.plugin.kms.policy.rest.client.read.timeoutMs 30000 mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/plugin-kms/conf/ranger-kms-security.xml ---------------------------------------------------------------------- diff --git a/plugin-kms/conf/ranger-kms-security.xml b/plugin-kms/conf/ranger-kms-security.xml index 3aae5f1..a22e6cb 100755 --- a/plugin-kms/conf/ranger-kms-security.xml +++ b/plugin-kms/conf/ranger-kms-security.xml @@ -64,4 +64,20 @@ Directory where Ranger policies are cached after successful retrieval from the source </description> </property> + + <property> + <name>ranger.plugin.kms.policy.rest.client.connection.timeoutMs</name> + <value>120000</value> + <description> + RangerRestClient Connection Timeout in Milli Seconds + </description> + </property> + + <property> + <name>ranger.plugin.kms.policy.rest.client.read.timeoutMs</name> + <value>30000</value> + <description> + RangerRestClient read Timeout in Milli Seconds + </description> + </property> </configuration> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/plugin-solr/conf/ranger-solr-security-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-solr/conf/ranger-solr-security-changes.cfg b/plugin-solr/conf/ranger-solr-security-changes.cfg index ed8a509..7ab518a 100644 --- a/plugin-solr/conf/ranger-solr-security-changes.cfg +++ b/plugin-solr/conf/ranger-solr-security-changes.cfg @@ -21,6 +21,8 @@ ranger.plugin.solr.service.name %REPOSITORY_NAME% mod create-if-not-exists ranger.plugin.solr.policy.source.impl org.apache.ranger.admin.client.RangerAdminRESTClient mod create-if-not-exists ranger.plugin.solr.policy.rest.url %POLICY_MGR_URL% mod create-if-not-exists -ranger.plugin.solr.policy.rest.ssl.config.file /etc/solr/conf/ranger-policymgr-ssl.xml mod create-if-not-exists +ranger.plugin.solr.policy.rest.ssl.config.file /etc/solr/conf/ranger-policymgr-ssl.xml mod create-if-not-exists ranger.plugin.solr.policy.pollIntervalMs 30000 mod create-if-not-exists ranger.plugin.solr.policy.cache.dir %POLICY_CACHE_FILE_PATH% mod create-if-not-exists +ranger.plugin.solr.policy.rest.client.connection.timeoutMs 120000 mod create-if-not-exists +ranger.plugin.solr.policy.rest.client.read.timeoutMs 30000 mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/plugin-solr/conf/ranger-solr-security.xml ---------------------------------------------------------------------- diff --git a/plugin-solr/conf/ranger-solr-security.xml b/plugin-solr/conf/ranger-solr-security.xml index c865749..9e63a08 100644 --- a/plugin-solr/conf/ranger-solr-security.xml +++ b/plugin-solr/conf/ranger-solr-security.xml @@ -64,4 +64,20 @@ Directory where Ranger policies are cached after successful retrieval from the source </description> </property> + + <property> + <name>ranger.policy.rest.client.connection.timeoutMs</name> + <value>120000</value> + <description> + RangerRestClient Connection Timeout in Milli Seconds + </description> + </property> + + <property> + <name>ranger.policy.rest.client.read.timeoutMs</name> + <value>30000</value> + <description> + RangerRestClient read Timeout in Milli Seconds + </description> + </property> </configuration> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/plugin-yarn/conf/ranger-yarn-security-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-yarn/conf/ranger-yarn-security-changes.cfg b/plugin-yarn/conf/ranger-yarn-security-changes.cfg index 87fa972..d1c7308 100644 --- a/plugin-yarn/conf/ranger-yarn-security-changes.cfg +++ b/plugin-yarn/conf/ranger-yarn-security-changes.cfg @@ -24,3 +24,5 @@ ranger.plugin.yarn.policy.rest.url %POLICY_MGR_URL% ranger.plugin.yarn.policy.rest.ssl.config.file /etc/hadoop/conf/ranger-policymgr-ssl.xml mod create-if-not-exists ranger.plugin.yarn.policy.pollIntervalMs 30000 mod create-if-not-exists ranger.plugin.yarn.policy.cache.dir %POLICY_CACHE_FILE_PATH% mod create-if-not-exists +ranger.plugin.yarn.policy.rest.client.connection.timeoutMs 120000 mod create-if-not-exists +ranger.plugin.yarn.policy.rest.client.read.timeoutMs 30000 mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/plugin-yarn/conf/ranger-yarn-security.xml ---------------------------------------------------------------------- diff --git a/plugin-yarn/conf/ranger-yarn-security.xml b/plugin-yarn/conf/ranger-yarn-security.xml index f6e37f8..bb7467d 100644 --- a/plugin-yarn/conf/ranger-yarn-security.xml +++ b/plugin-yarn/conf/ranger-yarn-security.xml @@ -64,4 +64,20 @@ Directory where Ranger policies are cached after successful retrieval from the source </description> </property> + + <property> + <name>ranger.plugin.yarn.policy.rest.client.connection.timeoutMs</name> + <value>120000</value> + <description> + RangerRestClient Connection Timeout in Milli Seconds + </description> + </property> + + <property> + <name>ranger.plugin.yarn.policy.rest.client.read.timeoutMs</name> + <value>30000</value> + <description> + RangerRestClient read Timeout in Milli Seconds + </description> + </property> </configuration> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/storm-agent/conf/ranger-storm-security-changes.cfg ---------------------------------------------------------------------- diff --git a/storm-agent/conf/ranger-storm-security-changes.cfg b/storm-agent/conf/ranger-storm-security-changes.cfg index 9d3ca13..9e84c77 100644 --- a/storm-agent/conf/ranger-storm-security-changes.cfg +++ b/storm-agent/conf/ranger-storm-security-changes.cfg @@ -21,6 +21,8 @@ ranger.plugin.storm.service.name %REPOSITORY_NAME% mod create-if-not-exists ranger.plugin.storm.policy.source.impl org.apache.ranger.admin.client.RangerAdminRESTClient mod create-if-not-exists ranger.plugin.storm.policy.rest.url %POLICY_MGR_URL% mod create-if-not-exists -ranger.plugin.storm.policy.rest.ssl.config.file /etc/storm/conf/ranger-policymgr-ssl.xml mod create-if-not-exists +ranger.plugin.storm.policy.rest.ssl.config.file /etc/storm/conf/ranger-policymgr-ssl.xml mod create-if-not-exists ranger.plugin.storm.policy.pollIntervalMs 30000 mod create-if-not-exists ranger.plugin.storm.policy.cache.dir %POLICY_CACHE_FILE_PATH% mod create-if-not-exists +ranger.plugin.storm.policy.rest.client.connection.timeoutMs 120000 mod create-if-not-exists +ranger.plugin.storm.policy.rest.client.read.timeoutMs 30000 mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fe44eb02/storm-agent/conf/ranger-storm-security.xml ---------------------------------------------------------------------- diff --git a/storm-agent/conf/ranger-storm-security.xml b/storm-agent/conf/ranger-storm-security.xml index 9126fc9..e9e7ea9 100644 --- a/storm-agent/conf/ranger-storm-security.xml +++ b/storm-agent/conf/ranger-storm-security.xml @@ -64,4 +64,20 @@ Directory where Ranger policies are cached after successful retrieval from the source </description> </property> + + <property> + <name>ranger.plugin.storm.policy.rest.client.connection.timeoutMs</name> + <value>120000</value> + <description> + RangerRestClient Connection Timeout in Milli Seconds + </description> + </property> + + <property> + <name>ranger.plugin.storm.policy.rest.client.read.timeoutMs</name> + <value>30000</value> + <description> + RangerRestClient read Timeout in Milli Seconds + </description> + </property> </configuration>
