About Release 7.2
This site contains documentation for HPE Ezmeral Data Fabric release 7.2, including installation, configuration, administration, and reference content, as well as content for the associated ecosystem components and drivers.
7.2 Installation
This section contains information about installing and upgrading HPE Ezmeral Data Fabric software. It also contains information about how to migrate data and applications from an Apache Hadoop cluster to a HPE Ezmeral Data Fabric cluster.
7.2 Data Fabric
HPE Ezmeral Data Fabric is the industry-leading data platform for AI and analytics that solves enterprise business needs.
7.2 Administration
This section describes how to manage the nodes and services that make up a cluster.
7.2 Development
This section contains information related to application development for Ezmeral ecosystem components and HPE Ezmeral Data Fabric products, including the file system, Database (Key-Value and JSON), and Event Streams.
- Application Development Process
  Before you start developing applications on the HPE Ezmeral Data Fabric platform, consider how you will get the data into the platform, the storage format of the data, the type of processing or modeling that is required, and how the data will be accessed.
- File Store and Apps
  The following sections provide information about accessing the File Store with C and Java applications.
- HPE Ezmeral Data Fabric Database and Apps
  This section contains information about developing client applications for JSON and key-value tables.
- Apache Kafka Wire Protocol Service
  HPE Ezmeral Data Fabric Streams supports Apache Kafka Wire Protocol Service. Apache Kafka Wire Protocol Service is a TCP/IP service that emulates a Kafka cluster backed by HPE Ezmeral Data Fabric Streams. The service makes it possible for Apache Kafka clients written in any programming language to access topics in HPE Ezmeral Data Fabric Streams.
- HPE Ezmeral Data Fabric Streams and Apps
  HPE Ezmeral Data Fabric Streams brings integrated publish and subscribe messaging to HPE Ezmeral Data Fabric.
- MapReduce and Apps
  This section contains information associated with developing YARN applications.
- Kubernetes Interfaces for Data Fabric
  This section describes how to leverage the capabilities of the Kubernetes Interfaces for Data Fabric.
- Ecosystem Components
  The following sections provide information about each open-source project that is supported by the HPE Ezmeral Data Fabric.
  - Ecosystem Packs
  - Apache Airflow
    This topic provides an overview of Apache Airflow on HPE Ezmeral Data Fabric.
  - AsyncHBase
  - Cascading
  - Apache Drill
  - Hadoop
  - HBase
  - HBase Client and HPE Ezmeral Data Fabric Database Binary Tables
  - HCatalog
  - Hive
  - HttpFS
  - Hue
  - Livy
    Apache Livy is primarily used to provide integration between Hue and Spark.
  - HPE Ezmeral Data Fabric Streams Clients and Tools
    Describes the supported HPE Ezmeral Data Fabric Streams tools and clients.
  - NiFi
    This topic provides an overview of Apache NiFi on HPE Ezmeral Data Fabric.
  - Ranger
    - Getting Started with Ranger
      Describes how to start using Apache Ranger with the HPE Ezmeral Data Fabric.
    - Configuring Ranger
      Describes how to set up Ranger services and run the configuration script.
    - Starting, Stopping, and Restarting Ranger Services
      Describes how to start, stop, and restart Ranger services on the HPE Ezmeral Data Fabric.
    - Configuring Security for Ranger
      Describes how to configure security for Ranger.
    - Configuring LDAP/AD for Ranger
      Describes how to configure Ranger security so that the Ranger Admin service authenticates users through LDAP authentication, and the Ranger UserSync service sources users and groups from LDAP storage.
    - Integrating HiveServer2 with Ranger
      Describes how to integrate HiveServer2 with Ranger.
    - Integrating Hive Metastore with Ranger
      Describes how to integrate Hive Metastore with Ranger.
    - Integrating Yarn with Ranger
      Describes how to integrate Yarn with Ranger.
    - Ranger Security and Data Fabric Security
      Describes how Ranger security supplements the security features provided by the HPE Ezmeral Data Fabric.
  - Apache Spark
  - YARN
  - Zeppelin
- Maven and the HPE Ezmeral Data Fabric
  This section discusses topics associated with Maven and the HPE Ezmeral Data Fabric.
- Developer's Reference
  This section contains in-depth information for the developer.
- API Documentation
  HPE Ezmeral Data Fabric supports public APIs for file system, HPE Ezmeral Data Fabric Database, and HPE Ezmeral Data Fabric Streams. These APIs are available for application-development purposes.
Other Docs
This section contains release-independent information, including: Installer documentation, Ecosystem release notes, interoperability matrices, security vulnerabilities, and links to other data-fabric version documentation.
Glossary
Definitions for commonly used terms in MapR Converged Data Platform environments.

Integrating Hive Metastore with Ranger

Describes how to integrate Hive Metastore with Ranger.

Hive Metastore interacts directly with external clients such as Spark and Drill. Therefore, filtering and masking functionalities are not applicable for external clients.

Hive Metastore stores and manages metadata about Hive resources such as databases, tables, and columns. It is responsible for queries such as the following (not a complete list):

CREATE
SHOW
DESCRIBE
ALTER
DROP
SELECT

Integrating Ranger with Hive Metastore protects the preceding queries but does not protect queries that work with real, physical data, such as the following (not a complete list):

UPDATE
INSERT
DELETE
TRUNCATE

After you have successfully enabled the Ranger Hive plug-in and configured policies, use the following steps to enable Ranger authorization in the Hive Metastore:

In the hive-site.xml file, set the hive.security.authorization.manager property to org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory:

<property> 

<name>hive.security.authorization.manager</name> 
<value>org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory</value>  

</property>

In the hive-site.xml file, add the HiveMetaStoreAuthorizer class to hive.metastore.pre.event.listeners:

<property> 

<name>hive.metastore.pre.event.listeners</name>
<value>org.apache.hadoop.hive.ql.security.authorization.AuthorizationPreEventListener,org.apache.hadoop.hive.ql.security.authorization.plugin.metastore.HiveMetaStoreAuthorizer</value>  

</property>

Restart the Hive Metastore. Restarting causes Ranger privilege checks to be performed on each request to the Hive Metastore:
```
maprcli node services -nodes <nodes> -name hivemeta -action restart 
```

To disable Hive Metastore authentication with Ranger, return the following properties to their default values:

<property> 

<name>hive.security.authorization.manager</name> 
<value> org.apache.hadoop.hive.ql.security.authorization.plugin.fallback.FallbackHiveAuthorizerFactory</value>  

</property> 
<property> 

<name>hive.metastore.pre.event.listeners</name> 
<value>org.apache.hadoop.hive.ql.security.authorization.AuthorizationPreEventListener</value>  

</property>