Skip to content

Ranger Tagsync#

The following table contains the list of custom properties that can be configured for Ranger Tagsync. To use a custom property from the table, just add it to the following YML file in the custom-vars folder configured as per your environment:

  • vars.ranger.tagsync.yml
Property Description Values Default Value
RANGER_TAGSYNC_INSTALL To enable Tagsync, set this property to true.   false
RANGER_TAGSYNC_IMAGE_NAME Privacera Tagsync image name   {{privacera_hub_url}}/ranger-tagsync
RANGER_TAGSYNC_IMAGE_TAG Privacera Tagsync image tag name   PRIVACERA_IMAGE_TAG
TAGSYNC_RANGER_URL Ranger URL for the Tagsync to sync the tags.   http://ranger:6080
TAGSYNC_TAG_SOURCE_ATLASREST_ENDPOINT Required only when you set the SOURCE as REST.   ${ATLAS_HOST}:21000
TAGSYNC_RANGERTAGSYNC_PASSWORD Password for Tagsync user to use an API to Ranger.   welcome1
TAGSYNC_TAG_DEST_RANGER_ENDPOINT Ranger URL for the Tagsync to sync the tags.   http://ranger:6080
TAGSYNC_TAG_DEST_RANGER_SSL_CONFIG_FILENAME SSL config file name is used by Tagsync to push tags to SSL-enabled Ranger and PolicyMgr files. It is required to be modified only when custom changes are made to the file.   /opt/ranger/ranger-tagsync/conf.dist/ranger-policymgr-ssl.xml
TAGSYNC_TAG_SOURCE_ATLAS_ENABLED Enable Kafka as a SOURCE for Tagsync.   true
TAGSYNC_TAG_SOURCE_ATLAS_KAFKA_SERVICE_NAME Service Name to be used while communicating with Kafka.   kafka
TAGSYNC_TAG_SOURCE_ATLAS_KAFKA_SECURITY_PROTOCOL Protocol to be used to communicate to Kafka.   PLAINTEXTSASL
TAGSYNC_TAG_SOURCE_ATLAS_KERBEROS_PRINCIPAL If Kafka is kerberos-enabled, then set the value to the principal name used by Tagsync to sync the tags.    
TAGSYNC_TAG_SOURCE_ATLAS_KERBEROS_KEYTAB If Kafka is kerberos-enabled, then set the value to the keytab location used by Tagsync to sync the tags.    
TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED Enable REST-based Tagsync to Ranger. This is not recommended as REST has limitation for number of tags it can push to Ranger.   false
TAGSYNC_TAG_SOURCE_ATLASREST_DOWNLOAD_INTERVAL_IN_MILLIS Tagsync interval required only when TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED is set to true.   900000
TAGSYNC_TAG_SOURCE_ATLASREST_USERNAME Atlas user name required only when TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED is set to true.    
TAGSYNC_TAG_SOURCE_ATLASREST_PASSWORD Atlas password required only when TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED is set to true.    
TAGSYNC_TAG_SOURCE_FILE_ENABLED To enable file-based TagSync.   false
TAGSYNC_TAG_SOURCE_FILE_FILENAME Location of the file required only when TAGSYNC_TAG_SOURCE_FILE_ENABLED is set to true.   /etc/ranger/data/tags.json
TAGSYNC_TAG_SOURCE_FILE_CHECK_INTERVAL_IN_MILLIS Tagsync interval, required only when TAGSYNC_TAG_SOURCE_FILE_ENABLED is set to true.   60000
TAGSYNC_TAGSYNC_ATLAS_CUSTOM_RESOURCE_MAPPERS Any custom mappers to be configured in Tagsync for mapping Atlas entities to Ranger type definitions.   org.apache.ranger.tagsync.source.atlas.AtlasS3ResourceMapper
TAGSYNC_TAGSYNC_KEYSTORE_FILENAME File will be generated to store the credentials for Ranger password for rangerTagsync user.   /etc/ranger/tagsync/conf/rangertagsync.jceks
TAGSYNC_TAG_SOURCE_ATLASREST_KEYSTORE_FILENAME File will be generated to store the password for Atlas when TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED is set to true.   /etc/ranger/tagsync/conf/atlasuser.jceks
TAGSYNC_TAG_SOURCE_ATLASREST_SSL_CONFIG_FILENAME SSL config file name to communicate to Atlas required when TAGSYNC_TAG_SOURCE_ATLASREST_ENABLED is set to true.    
TAGSYNC_UNIX_USER User to run the process.   ranger
TAGSYNC_UNIX_GROUP File permission group.   ranger
TAGSYNC_LOGDIR Log location for Tagsync application.   log
TAGSYNC_PID_DIR_PATH Location to store the PID file for the Java process.   /var/run/ranger
TAGSYNC_IS_SECURE Property to check whether Tagsync Is secure (kerberos-enabled).   false
TAGSYNC_PRINCIPAL Tagsync principal required only when the TAGSYNC_IS_SECURE is set to true.    
TAGSYNC_KEYTAB Tagsync keytab location required only when the TAGSYNC_IS_SECURE is set to true.    
TAGSYNC_HADOOP_CONF Hadoop Conf location.   /etc/hadoop/conf
TAGSYNC_FILE_PERMISSION File permission on the PM host for the templates generated by PM. For example, file permissions on the file, install.properties.   700
TAGSYNC_K8S_SERVICE_ACCOUNT Service Account Name to be used during installation in a  Kubernetes environment.   privacera-sa
TAGSYNC_ROOT_LOG_LEVEL Log-level for the root.   info
TAGSYNC_RANGER_LOG_LEVEL Log-level for the org.apache.ranger.tagsync package.   info
Memory Variables
TAGSYNC_SMALL_MEMORY_MB TAGSYNC MEMORY in MB for Java process if deployment size is set to SMALL.   1024
TAGSYNC_MEDIUM_MEMORY_MB TAGSYNC MEMORY in MB for Java process if deployment size is set to MEDIUM.   4096
TAGSYNC_LARGE_MEMORY_MB TAGSYNC MEMORY in MB for Java process if deployment size is set to LARGE.   8192
TAGSYNC_HEAP_MIN_MEMORY_MB Depending upon the DEPLOYMENT SIZE the value will be calculated above properties.   1024
TAGSYNC_HEAP_MIN_MEMORY Minimum Java Heap memory used by Ranger Tagsync. Setting this value will override TAGSYNC_HEAP_MIN_MEMORY_MB. For example, TAGSYNC_HEAP_MIN_MEMORY: "1g"   1024M
TAGSYNC_HEAP_MAX_MEMORY_MB Maximum Java Heap memory in MB used by Ranger Tagsync. For example, TAGSYNC_HEAP_MAX_MEMORY_MB: "1024"   1024
TAGSYNC_HEAP_MAX_MEMORY Maximum Java Heap memory used by Ranger Tagsync. Setting this value will override TAGSYNC_HEAP_MAX_MEMORY_MB. For example, TAGSYNC_HEAP_MAX_MEMORY: "1g"   1024M
TAGSYNC_K8S_MEM_REQUESTS_MB Minimum amount of Kubernetes memory in MB to be requested by Ranger Tagsync. For example, TAGSYNC_K8S_MEM_REQUESTS_MB: "1024"   1024
TAGSYNC_K8S_MEM_REQUESTS Minimum amount of Kubernetes memory to be used by Ranger Tagsync. Setting this value will override TAGSYNC_K8S_MEM_REQUESTS_MB. For example, TAGSYNC_K8S_MEM_REQUESTS: "1G"   1024M
TAGSYNC_K8S_MEM_LIMITS_MB Maximum amount of Kubernetes memory in MB to be requested by Ranger Tagsync. For example, TAGSYNC_K8S_MEM_LIMITS_MB: "1024"   1024
TAGSYNC_K8S_MEM_LIMITS Maximum amount of Kubernetes memory to be used by Ranger Tagsync. Setting this value will override TAGSYNC_K8S_MEM_LIMITS_MB. For example, TAGSYNC_K8S_MEM_LIMITS: "1G"   1024M
TAGSYNC_CPU_MIN Minimum amount of Kubernetes CPU to be requested by Ranger Tagsync. For example, TAGSYNC_CPU_MIN: "0.5"   0.5
TAGSYNC_CPU_MAX Maximum amount of Kubernetes CPU to be used by Ranger Tagsync. For example, TAGSYNC_CPU_MAX: "0.5"   0.5
TAGSYNC_K8S_CPU_REQUESTS Minimum amount of Kubernetes CPU to be requested by Ranger Tagsync. For example, TAGSYNC_CPU_MIN: "0.5"   0.5
TAGSYNC_K8S_CPU_LIMITS Maximum amount of Kubernetes CPU to be used by Ranger Tagsync. For example, TAGSYNC_CPU_MAX: "0.5"   0.5
TAGSYNC_HELM_CHART_VERSION Tagsync Helm Chart Version   4.3.0

Last update: July 23, 2021