Hello. I have kafka 2.1.0 and ranger 1.2.0 embedded with hdf 3.4.1.1.
I have a client who use tls authentication. The dn in his certificate is : CN=myuser, OU=myunit,O=myorg,L=myloc,ST=mystreet,C=mycountry The authentication is ok, but the autorisation to produce or consume a specific topic is ko. In the audit log, I can see a message with reqUser identical to the DN, except that the equal character is replaced with its hexa form : \u003d. What is the username that I should put in the ranger policy to allow the user to publish/consume the topic pls ? Thanks in advance ! Lune Le mar. 15 juin 2021 à 15:49, lunescar ranger <lunesc...@gmail.com> a écrit : > Hello ! > > I send you this mail because I have a problem when I try to enable the > Ranger plugin for HBase. > I have an HDP 2.6.2 (HBase version is 1.1.2) with 500 HBase regionservers > and 2 HBase Masters. > I have around 100 000 regions in this HBase cluster. > > Without Ranger, when I start the cluster, it takes around 20-30 minuts to > be started, and then it answers normally. > > With Ranger enabled for HBase, when I start the cluster, it takes more > than an hour to start, and then when I query HBase to scan or to put, I > often encounter timeout errors from the regionservers. > > Is it a known issue that Ranger provoke a performance drop in HBase ? > Is there a way to solve this performance problem ? > > Thank you in advance for your answers. > > Best regards. > > Lune >
