The managed-schema for Ranger Audits needs to be changed by default. But until then, we can replace the existing configuration and collection with the commands below.
Credit:
- https://risdenk.github.io/2017/12/18/ambari-infra-solr-ranger.html
- https://issues.apache.org/jira/browse/RANGER-1938
Commands below assume kerberos is used.
-
SSH to ambari-infra-solr host.
-
Authenticate
sudo -u infra-solr -i
keytab=/etc/security/keytabs/ambari-infra-solr.service.keytab
kinit -kt ${keytab} $(klist -kt ${keytab}| awk '{print $NF}'|tail -1)
source /etc/ambari-infra-solr/conf/infra-solr-env.sh
export SOLR_ZK_CREDS_AND_ACLS="${SOLR_AUTHENTICATION_OPTS}"
- Edit the managed schema:
# Download from zookeeper and edit
#/usr/lib/ambari-infra-solr/server/scripts/cloud-scripts/zkcli.sh --zkhost "${ZK_HOST}" -cmd getfile /configs/ranger_audits/managed-schema managed-schema
# edits required:
# schema version to 1.6
# For the following fieldTypes add 'docValues="true"': date, double, float, int, long, tdate, tdates, tdouble, tdoubles, tfloat, tfloats, tint, tints, tlong, tlongs
# For `_version_` fieldType, set indexed=”false”
## Or Download pre-edited
#wget -O managed-schema https://gist.githubusercontent.com/risdenk/8cc8f722e200468f9aa536cee7979d06/raw/aa61053847b84e40c3bae8adf806e68b5a1408d3/managed-schema.xml
- Upload configuration back to Zookeeper
/usr/lib/ambari-infra-solr/server/scripts/cloud-scripts/zkcli.sh --zkhost "${ZK_HOST}" -cmd putfile /configs/ranger_audits/managed-schema managed-schema
- Delete and recreate the ranger_audits collection
curl -u : --negotiate -i "http://$(hostname -f):8886/solr/admin/collections?action=DELETE&name=ranger_audits"
curl -u : --negotiate -i "http://$(hostname -f):8886/solr/admin/collections?action=CREATE&name=ranger_audits&numShards=5&maxShardsPerNode=10&replicationFactor=2"