[jira] [Commented] (RANGER-1300) S3 support

Tue, 26 Jun 2018 03:51:30 -0700 


    [ 
https://issues.apache.org/jira/browse/RANGER-1300?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16523551#comment-16523551
 ] 

Bolke de Bruin commented on RANGER-1300:
----------------------------------------

[~bosco]
 # I did consider JNI integration, but doing this in Go one of the things I 
tried to do is to keep it small, simple and understandable. The proxy currently 
ways in under 8mb. This is with all dependencies statically compiled in. This 
allows us to just easily deploy it anywhere. If we would have a dependency on 
the JVM and all the dependencies it brings it would defeat the purpose. Btw the 
JNI integration you linked is really old and has not been updated since 2014. I 
also though it more fun trying to do it all in Go.
 # Although I think the policy evaluation in Ranger is complex and counter 
intuitive with all the weights etc (why not use a firewall approach and user 
the order by which it was entered? How ranger evaluates policies is pretty 
opaque), I agree that from a management perspective it might be easier to 
support using the Java framework. Might still do that. Tag based policies and 
Auditing are quite easy to add.
 # Ceph(thus RadosGW) doesnt need additional configuration at the moment. 
Basically `s3gw` functions as the frontend to Ceph's S3 and you should not 
allow anyone to connect to Ceph's S3 interface directly. Having a proxy allows 
a more flexibility and also AWS S3 support eventually. I don't know if Ranger 
knows a kind of events that fired off when a policy change happens? If that 
exists you could manage many permissions directly from ranger.

So all in all, maybe we will switch to java/scala eventually. Go is just a bit 
more fun at the moment ;).

> S3 support
> ----------
>
>                 Key: RANGER-1300
>                 URL: https://issues.apache.org/jira/browse/RANGER-1300
>             Project: Ranger
>          Issue Type: New Feature
>          Components: plugins
>            Reporter: Jose
>            Priority: Major
>         Attachments: ranger-servicedef-aws-s3.json
>
>
> As more and more people are deploying hadoop into AWS and as S3 is used in 
> lots of application. It'd be nice to have S3 support built into Ranger.
> It's not a trivial task. Right now Ranger Storage support (only hdfs) runs 
> directly in the Namenode



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to