SlideShare uma empresa Scribd logo

Alluxio and Apache Ranger Best Practices

Alluxio, Inc.
Alluxio, Inc.

As data stewards and security teams provide broader access to their organization’s data lake environments, having a centralized way to manage fine-grained access policies becomes increasingly important. Alluxio can use Apache Ranger’s centralized access policies in two ways: 1) directly controlling access to virtual paths in the Alluxio virtual file system or 2) enforcing existing access policies for the HDFS under stores. This presentation discusses how the Alluxio virtual filesystem can be integrated with Apache Ranger.

Software
1 de 20
Baixar para ler offline
Alluxio and Apache Ranger Best Practices Greg Palmer | Lead Solutions Engineer | Alluxio | greg.palmer@alluxio.com 1 Product School - May 26th, 2022
2 AGENDA: ● Why Centralized Access Policies? ● What is Apache Ranger? ● What is Alluxio? ● Alluxio & Ranger - Best Practices ● Live Demonstration ● Closing Remarks and Questions
3 Why Centralized Access Policies? From stand-alone systems to distributed systems to centralized data lakes 3 Stand-alone Systems DB 1 Single Tier (App 1 & UI) PERMS
4 Why Centralized Access Policies? From stand-alone systems to distributed systems to centralized data lakes 4 Stand-alone Systems DB 1 Single Tier (App 1 & UI) PERMS Distributed Systems DB 1 Multi-Tier (App Server 1) Multi-Tier (Client) DB 2 PERMS PERMS DW 1 DW 2 Multi-Tier (App Server 2) PERMS Multi-Tier (Client) PERMS
5 Why Centralized Access Policies? From stand-alone systems to distributed systems to centralized data lakes 5 Stand-alone Systems DB 1 Single Tier (App 1 & UI) PERMS Centralized Data Lakes Distributed Systems DB 1 DBs Multi-Tier (App Server 1) DWs Multi-Tier (Client) DB 2 PERMS PERMS Streaming Data DW 1 DW 2 Multi-Tier (App Server 2) PERMS Multi-Tier (Client) PERMS Python ML Spark ML Analytics Dashboards PERMS PERMS PERMS PERMS PERMS
6 Apache Ranger™ is a framework to enable, monitor and manage comprehensive data security across the Hadoop platform ● Ranger is bundled with HDP and Cloudera Hadoop Platforms ● Ranger is bundled with Privacera ● Ranger can be deployed stand-alone from the OSS source code What is Apache Ranger? 6
7 Apache Ranger Components 7
8 What is Alluxio? Data challenges in todayʼs disaggregated world: 8
9 What is Alluxio? The need for a new data orchestration platform: 9
10 What is Alluxio? Alluxio is an orchestration platform that brings your data closer to compute across clusters, regions, clouds, and countries 10
11 Alluxio & Ranger - Best Practices 11 Alluxio Hosts Policy Store Ranger Admin Hosts Ranger Policy Manager Ranger Plugin Alluxio Master Daemons Ranger Admins Ranger User Sync Enterprise Directory Services Worker Daemons PERMS HDFS, S3, Ceph, etc. Audit Store (ES) Read/Write Requests Alluxio Users Under File System Worker Daemons Worker Daemons Under File System Integration Architecture ML Workloads Analytics Workloads
12 • When: you only have one HDFS under file system • Why: easy to setup, no new Ranger services/policies required Alluxio & Ranger - Best Practices What: Enforce existing Ranger HDFS Access policies 12 Ranger Policy Manager HDFS UFS Alluxio Users ML Workloads Analytics Workloads Cache
13 • How: • Configure the ./conf/alluxio-site.properties file: alluxio.security.authorization.plugins.enabled=true alluxio.master.mount.table.root.option.alluxio.underfs.security.authorization.plugin.name=<plugin name> alluxio.master.mount.table.root.option.alluxio.underfs.security.authorization.plugin.paths=/opt/alluxio/conf • Configure the ./conf/ranger-hdfs-security.xml file: <property> <name>ranger.plugin.hdfs.service.name</name> <value>existing-ranger-hdfs-service-name</value> </property> Alluxio & Ranger - Best Practices What: Enforce existing Ranger HDFS Access policies 13
14 • When: no HDFS under file system or heterogeneous UFSs • Why: supports true virtual file system and unified namespace Alluxio & Ranger - Best Practices What: New Ranger policies for Alluxio file system permissions 14 Ranger Policy Manager HDFS UFS Alluxio Users ML Workloads Analytics Workloads S3 Compat UFS Google GCS UFS Azure ADLS UFS On-prem UFS Unified Namespace Cache
15 • How: • Configure the ./conf/alluxio-site.properties file: alluxio.security.authorization.plugins.enabled=true alluxio.master.mount.table.root.option.alluxio.underfs.security.authorization.plugin.name=<plugin name> alluxio.master.mount.table.root.option.alluxio.underfs.security.authorization.plugin.paths=/opt/alluxio/conf • Configure the ./conf/ranger-hdfs-security.xml file: <property> <name>ranger.plugin.hdfs.service.name</name> <value>new-ranger-hdfs-service-name</value> </property> Alluxio & Ranger - Best Practices What: New Ranger policies for Alluxio file system permissions 15
16 • How: • Define new service in Ranger service manager: Alluxio & Ranger - Best Practices What: New Ranger policies for Alluxio file system permissions 16
17 • How: • Define new access policies in Ranger: Alluxio & Ranger - Best Practices What: New Ranger policies for Alluxio file system permissions 17
18 • How: What about Alluxio file paths that have no Ranger policies? • Alluxio will fall back on POSIX style file and directory permissions • Permissions can be viewed with: $ alluxio fs ls -R /mydir/mysubdir/ • Permissions can be change with: $ alluxio fs chmod 640 • Consider configuring Alluxio default UMASK with: alluxio.security.authorization.permission.umask=077 Alluxio & Ranger - Best Practices What: New Ranger policies for Alluxio file system permissions 18
19 Demo Live Demo 19
Alluxio and Apache Ranger Best Practices Greg Palmer | Lead Solutions Engineer | Alluxio | greg.palmer@alluxio.com 20 Product School - May 26th, 2022 Explore Alluxio & Apache Ranger on your laptop or desktop computer: https://github.com/gregpalmr/alluxio-ranger-sandbox

Recomendados

Managing enterprise users in Hadoop ecosystem
Managing enterprise users in Hadoop ecosystemManaging enterprise users in Hadoop ecosystem
Managing enterprise users in Hadoop ecosystem
DataWorks Summit
 
Improvements in Hadoop Security
Improvements in Hadoop SecurityImprovements in Hadoop Security
Improvements in Hadoop Security
DataWorks Summit
 
Best Practices for Administering Hadoop with Hortonworks Data Platform (HDP) ...
Best Practices for Administering Hadoop with Hortonworks Data Platform (HDP) ...Best Practices for Administering Hadoop with Hortonworks Data Platform (HDP) ...
Best Practices for Administering Hadoop with Hortonworks Data Platform (HDP) ...
SpringPeople
 
Best Practices for Becoming an Exceptional Postgres DBA
Best Practices for Becoming an Exceptional Postgres DBA Best Practices for Becoming an Exceptional Postgres DBA
Best Practices for Becoming an Exceptional Postgres DBA
EDB
 
Postgres & Red Hat Cluster Suite
Postgres & Red Hat Cluster SuitePostgres & Red Hat Cluster Suite
Postgres & Red Hat Cluster Suite
EDB
 
Best Practices for Enterprise User Management in Hadoop Environment
Best Practices for Enterprise User Management in Hadoop EnvironmentBest Practices for Enterprise User Management in Hadoop Environment
Best Practices for Enterprise User Management in Hadoop Environment
DataWorks Summit/Hadoop Summit
 
HadoopCon- Trend Micro SPN Hadoop Overview
HadoopCon- Trend Micro SPN Hadoop OverviewHadoopCon- Trend Micro SPN Hadoop Overview
HadoopCon- Trend Micro SPN Hadoop Overview
Yafang Chang
 
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Courtney Llamas
 

Recomendados

Managing enterprise users in Hadoop ecosystem
Managing enterprise users in Hadoop ecosystemManaging enterprise users in Hadoop ecosystem
Managing enterprise users in Hadoop ecosystem
DataWorks Summit
 
Improvements in Hadoop Security
Improvements in Hadoop SecurityImprovements in Hadoop Security
Improvements in Hadoop Security
DataWorks Summit
 
Best Practices for Administering Hadoop with Hortonworks Data Platform (HDP) ...
Best Practices for Administering Hadoop with Hortonworks Data Platform (HDP) ...Best Practices for Administering Hadoop with Hortonworks Data Platform (HDP) ...
Best Practices for Administering Hadoop with Hortonworks Data Platform (HDP) ...
SpringPeople
 
Best Practices for Becoming an Exceptional Postgres DBA
Best Practices for Becoming an Exceptional Postgres DBA Best Practices for Becoming an Exceptional Postgres DBA
Best Practices for Becoming an Exceptional Postgres DBA
EDB
 
Postgres & Red Hat Cluster Suite
Postgres & Red Hat Cluster SuitePostgres & Red Hat Cluster Suite
Postgres & Red Hat Cluster Suite
EDB
 
Best Practices for Enterprise User Management in Hadoop Environment
Best Practices for Enterprise User Management in Hadoop EnvironmentBest Practices for Enterprise User Management in Hadoop Environment
Best Practices for Enterprise User Management in Hadoop Environment
DataWorks Summit/Hadoop Summit
 
HadoopCon- Trend Micro SPN Hadoop Overview
HadoopCon- Trend Micro SPN Hadoop OverviewHadoopCon- Trend Micro SPN Hadoop Overview
HadoopCon- Trend Micro SPN Hadoop Overview
Yafang Chang
 
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Courtney Llamas
 
Top10 list planningpostgresdeployment.2014
Top10 list planningpostgresdeployment.2014Top10 list planningpostgresdeployment.2014
Top10 list planningpostgresdeployment.2014
EDB
 
OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2
vasuballa
 
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
Abhiraj Butala
 
Alluxio+Presto: An Architecture for Fast SQL in the Cloud
Alluxio+Presto: An Architecture for Fast SQL in the CloudAlluxio+Presto: An Architecture for Fast SQL in the Cloud
Alluxio+Presto: An Architecture for Fast SQL in the Cloud
Alluxio, Inc.
 
Hadoop project design and a usecase
Hadoop project design and a usecaseHadoop project design and a usecase
Hadoop project design and a usecase
sudhakara st
 
End-to-End Security and Auditing in a Big Data as a Service Deployment
End-to-End Security and Auditing in a Big Data as a Service DeploymentEnd-to-End Security and Auditing in a Big Data as a Service Deployment
End-to-End Security and Auditing in a Big Data as a Service Deployment
DataWorks Summit/Hadoop Summit
 
Webinar file-director-unencrypted
Webinar file-director-unencryptedWebinar file-director-unencrypted
Webinar file-director-unencrypted
Ivanti
 
Unbreakable SharePoint 2013 with SQL Server Always On Availability Groups (HA...
Unbreakable SharePoint 2013 with SQL Server Always On Availability Groups (HA...Unbreakable SharePoint 2013 with SQL Server Always On Availability Groups (HA...
Unbreakable SharePoint 2013 with SQL Server Always On Availability Groups (HA...
serge luca
 
Discover Enterprise Security Features in Hortonworks Data Platform 2.1: Apach...
Discover Enterprise Security Features in Hortonworks Data Platform 2.1: Apach...Discover Enterprise Security Features in Hortonworks Data Platform 2.1: Apach...
Discover Enterprise Security Features in Hortonworks Data Platform 2.1: Apach...
Hortonworks
 
Best Practices for Using Alluxio with Spark
Best Practices for Using Alluxio with SparkBest Practices for Using Alluxio with Spark
Best Practices for Using Alluxio with Spark
Alluxio, Inc.
 
New Not Your Father's Enterprise Manager
New Not Your Father's Enterprise ManagerNew Not Your Father's Enterprise Manager
New Not Your Father's Enterprise Manager
Kellyn Pot'Vin-Gorman
 
Best Practices for a Complete Postgres Enterprise Architecture Setup
Best Practices for a Complete Postgres Enterprise Architecture SetupBest Practices for a Complete Postgres Enterprise Architecture Setup
Best Practices for a Complete Postgres Enterprise Architecture Setup
EDB
 
zData Inc. Big Data Consulting and Services - Overview and Summary
zData Inc. Big Data Consulting and Services - Overview and SummaryzData Inc. Big Data Consulting and Services - Overview and Summary
zData Inc. Big Data Consulting and Services - Overview and Summary
zData Inc.
 
AUSOUG - NZOUG-GroundBreakers-Jun 2019 - 19c RAC
AUSOUG - NZOUG-GroundBreakers-Jun 2019 - 19c RACAUSOUG - NZOUG-GroundBreakers-Jun 2019 - 19c RAC
AUSOUG - NZOUG-GroundBreakers-Jun 2019 - 19c RAC
Sandesh Rao
 
TTL Alfresco Product Security and Best Practices 2017
TTL Alfresco Product Security and Best Practices 2017TTL Alfresco Product Security and Best Practices 2017
TTL Alfresco Product Security and Best Practices 2017
Toni de la Fuente
 
MySQL Web Reference Architecture
MySQL Web Reference Architecture MySQL Web Reference Architecture
MySQL Web Reference Architecture
Ricky Setyawan
 
Linux Desktop Automation
Linux Desktop AutomationLinux Desktop Automation
Linux Desktop Automation
Rui Lapa
 
SQLSaturday Bulgaria : HA & DR with SQL Server AlwaysOn Availability Groups
SQLSaturday Bulgaria : HA & DR with SQL Server AlwaysOn Availability GroupsSQLSaturday Bulgaria : HA & DR with SQL Server AlwaysOn Availability Groups
SQLSaturday Bulgaria : HA & DR with SQL Server AlwaysOn Availability Groups
turgaysahtiyan
 
Oracle Database 12c Multitenant for Consolidation
Oracle Database 12c Multitenant for ConsolidationOracle Database 12c Multitenant for Consolidation
Oracle Database 12c Multitenant for Consolidation
Yudi Herdiana
 
Selinux
SelinuxSelinux
Selinux
Ankit Raj
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio, Inc.
 
Optimizing Data Access for Analytics And AI with Alluxio
Optimizing Data Access for Analytics And AI with AlluxioOptimizing Data Access for Analytics And AI with Alluxio
Optimizing Data Access for Analytics And AI with Alluxio
Alluxio, Inc.
 

Mais conteúdo relacionado

Semelhante a Alluxio and Apache Ranger Best Practices

Top10 list planningpostgresdeployment.2014
Top10 list planningpostgresdeployment.2014Top10 list planningpostgresdeployment.2014
Top10 list planningpostgresdeployment.2014
EDB
 
OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2
vasuballa
 
Best Practices for a Complete Postgres Enterprise Architecture Setup
Best Practices for a Complete Postgres Enterprise Architecture SetupBest Practices for a Complete Postgres Enterprise Architecture Setup
Best Practices for a Complete Postgres Enterprise Architecture Setup
EDB
 

Semelhante a Alluxio and Apache Ranger Best Practices (20)

Top10 list planningpostgresdeployment.2014
Top10 list planningpostgresdeployment.2014Top10 list planningpostgresdeployment.2014
Top10 list planningpostgresdeployment.2014
 
OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2
 
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
 
Alluxio+Presto: An Architecture for Fast SQL in the Cloud
Alluxio+Presto: An Architecture for Fast SQL in the CloudAlluxio+Presto: An Architecture for Fast SQL in the Cloud
Alluxio+Presto: An Architecture for Fast SQL in the Cloud
 
Hadoop project design and a usecase
Hadoop project design and a usecaseHadoop project design and a usecase
Hadoop project design and a usecase
 
End-to-End Security and Auditing in a Big Data as a Service Deployment
End-to-End Security and Auditing in a Big Data as a Service DeploymentEnd-to-End Security and Auditing in a Big Data as a Service Deployment
End-to-End Security and Auditing in a Big Data as a Service Deployment
 
Webinar file-director-unencrypted
Webinar file-director-unencryptedWebinar file-director-unencrypted
Webinar file-director-unencrypted
 
Unbreakable SharePoint 2013 with SQL Server Always On Availability Groups (HA...
Unbreakable SharePoint 2013 with SQL Server Always On Availability Groups (HA...Unbreakable SharePoint 2013 with SQL Server Always On Availability Groups (HA...
Unbreakable SharePoint 2013 with SQL Server Always On Availability Groups (HA...
 
Discover Enterprise Security Features in Hortonworks Data Platform 2.1: Apach...
Discover Enterprise Security Features in Hortonworks Data Platform 2.1: Apach...Discover Enterprise Security Features in Hortonworks Data Platform 2.1: Apach...
Discover Enterprise Security Features in Hortonworks Data Platform 2.1: Apach...
 
Best Practices for Using Alluxio with Spark
Best Practices for Using Alluxio with SparkBest Practices for Using Alluxio with Spark
Best Practices for Using Alluxio with Spark
 
New Not Your Father's Enterprise Manager
New Not Your Father's Enterprise ManagerNew Not Your Father's Enterprise Manager
New Not Your Father's Enterprise Manager
 
Best Practices for a Complete Postgres Enterprise Architecture Setup
Best Practices for a Complete Postgres Enterprise Architecture SetupBest Practices for a Complete Postgres Enterprise Architecture Setup
Best Practices for a Complete Postgres Enterprise Architecture Setup
 
zData Inc. Big Data Consulting and Services - Overview and Summary
zData Inc. Big Data Consulting and Services - Overview and SummaryzData Inc. Big Data Consulting and Services - Overview and Summary
zData Inc. Big Data Consulting and Services - Overview and Summary
 
AUSOUG - NZOUG-GroundBreakers-Jun 2019 - 19c RAC
AUSOUG - NZOUG-GroundBreakers-Jun 2019 - 19c RACAUSOUG - NZOUG-GroundBreakers-Jun 2019 - 19c RAC
AUSOUG - NZOUG-GroundBreakers-Jun 2019 - 19c RAC
 
TTL Alfresco Product Security and Best Practices 2017
TTL Alfresco Product Security and Best Practices 2017TTL Alfresco Product Security and Best Practices 2017
TTL Alfresco Product Security and Best Practices 2017
 
MySQL Web Reference Architecture
MySQL Web Reference Architecture MySQL Web Reference Architecture
MySQL Web Reference Architecture
 
Linux Desktop Automation
Linux Desktop AutomationLinux Desktop Automation
Linux Desktop Automation
 
SQLSaturday Bulgaria : HA & DR with SQL Server AlwaysOn Availability Groups
SQLSaturday Bulgaria : HA & DR with SQL Server AlwaysOn Availability GroupsSQLSaturday Bulgaria : HA & DR with SQL Server AlwaysOn Availability Groups
SQLSaturday Bulgaria : HA & DR with SQL Server AlwaysOn Availability Groups
 
Oracle Database 12c Multitenant for Consolidation
Oracle Database 12c Multitenant for ConsolidationOracle Database 12c Multitenant for Consolidation
Oracle Database 12c Multitenant for Consolidation
 
Selinux
SelinuxSelinux
Selinux
 

Mais de Alluxio, Inc.

Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio, Inc.
 
Big Data Bellevue Meetup | Enhancing Python Data Loading in the Cloud for AI/ML
Big Data Bellevue Meetup | Enhancing Python Data Loading in the Cloud for AI/MLBig Data Bellevue Meetup | Enhancing Python Data Loading in the Cloud for AI/ML
Big Data Bellevue Meetup | Enhancing Python Data Loading in the Cloud for AI/ML
Alluxio, Inc.
 
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...
Alluxio, Inc.
 
Alluxio Monthly Webinar | Five Disruptive Trends that Every Data & AI Leader...
Alluxio Monthly Webinar | Five Disruptive Trends that Every Data & AI Leader...Alluxio Monthly Webinar | Five Disruptive Trends that Every Data & AI Leader...
Alluxio Monthly Webinar | Five Disruptive Trends that Every Data & AI Leader...
Alluxio, Inc.
 
Data Infra Meetup | FIFO Queues are All You Need for Cache Eviction
Data Infra Meetup | FIFO Queues are All You Need for Cache EvictionData Infra Meetup | FIFO Queues are All You Need for Cache Eviction
Data Infra Meetup | FIFO Queues are All You Need for Cache Eviction
Alluxio, Inc.
 
Data Infra Meetup | Accelerate Distributed PyTorch/Ray Workloads in the Cloud
Data Infra Meetup | Accelerate Distributed PyTorch/Ray Workloads in the CloudData Infra Meetup | Accelerate Distributed PyTorch/Ray Workloads in the Cloud
Data Infra Meetup | Accelerate Distributed PyTorch/Ray Workloads in the Cloud
Alluxio, Inc.
 
Data Infra Meetup | Uber's Data Storage Evolution
Data Infra Meetup | Uber's Data Storage EvolutionData Infra Meetup | Uber's Data Storage Evolution
Data Infra Meetup | Uber's Data Storage Evolution
Alluxio, Inc.
 
Alluxio Monthly Webinar | Why NFS/NAS on Object Storage May Not Solve Your AI...
Alluxio Monthly Webinar | Why NFS/NAS on Object Storage May Not Solve Your AI...Alluxio Monthly Webinar | Why NFS/NAS on Object Storage May Not Solve Your AI...
Alluxio Monthly Webinar | Why NFS/NAS on Object Storage May Not Solve Your AI...
Alluxio, Inc.
 
AI Infra Day | Hands-on Lab: CV Model Training with PyTorch & Alluxio on Kube...
AI Infra Day | Hands-on Lab: CV Model Training with PyTorch & Alluxio on Kube...AI Infra Day | Hands-on Lab: CV Model Training with PyTorch & Alluxio on Kube...
AI Infra Day | Hands-on Lab: CV Model Training with PyTorch & Alluxio on Kube...
Alluxio, Inc.
 
AI Infra Day | The Generative AI Market And Intel AI Strategy and Product Up...
AI Infra Day | The Generative AI Market And Intel AI Strategy and Product Up...AI Infra Day | The Generative AI Market And Intel AI Strategy and Product Up...
AI Infra Day | The Generative AI Market And Intel AI Strategy and Product Up...
Alluxio, Inc.
 
Alluxio Monthly Webinar | Efficient Data Loading for Model Training on AWS
Alluxio Monthly Webinar | Efficient Data Loading for Model Training on AWSAlluxio Monthly Webinar | Efficient Data Loading for Model Training on AWS
Alluxio Monthly Webinar | Efficient Data Loading for Model Training on AWS
Alluxio, Inc.
 

Mais de Alluxio, Inc. (20)

Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Optimizing Data Access for Analytics And AI with Alluxio
Optimizing Data Access for Analytics And AI with AlluxioOptimizing Data Access for Analytics And AI with Alluxio
Optimizing Data Access for Analytics And AI with Alluxio
 
Speed Up Presto at Uber with Alluxio Caching
Speed Up Presto at Uber with Alluxio CachingSpeed Up Presto at Uber with Alluxio Caching
Speed Up Presto at Uber with Alluxio Caching
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at Scale
 
Big Data Bellevue Meetup | Enhancing Python Data Loading in the Cloud for AI/ML
Big Data Bellevue Meetup | Enhancing Python Data Loading in the Cloud for AI/MLBig Data Bellevue Meetup | Enhancing Python Data Loading in the Cloud for AI/ML
Big Data Bellevue Meetup | Enhancing Python Data Loading in the Cloud for AI/ML
 
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...
 
Alluxio Monthly Webinar | Five Disruptive Trends that Every Data & AI Leader...
Alluxio Monthly Webinar | Five Disruptive Trends that Every Data & AI Leader...Alluxio Monthly Webinar | Five Disruptive Trends that Every Data & AI Leader...
Alluxio Monthly Webinar | Five Disruptive Trends that Every Data & AI Leader...
 
Data Infra Meetup | FIFO Queues are All You Need for Cache Eviction
Data Infra Meetup | FIFO Queues are All You Need for Cache EvictionData Infra Meetup | FIFO Queues are All You Need for Cache Eviction
Data Infra Meetup | FIFO Queues are All You Need for Cache Eviction
 
Data Infra Meetup | Accelerate Your Trino/Presto Queries - Gain the Alluxio Edge
Data Infra Meetup | Accelerate Your Trino/Presto Queries - Gain the Alluxio EdgeData Infra Meetup | Accelerate Your Trino/Presto Queries - Gain the Alluxio Edge
Data Infra Meetup | Accelerate Your Trino/Presto Queries - Gain the Alluxio Edge
 
Data Infra Meetup | Accelerate Distributed PyTorch/Ray Workloads in the Cloud
Data Infra Meetup | Accelerate Distributed PyTorch/Ray Workloads in the CloudData Infra Meetup | Accelerate Distributed PyTorch/Ray Workloads in the Cloud
Data Infra Meetup | Accelerate Distributed PyTorch/Ray Workloads in the Cloud
 
Data Infra Meetup | ByteDance's Native Parquet Reader
Data Infra Meetup | ByteDance's Native Parquet ReaderData Infra Meetup | ByteDance's Native Parquet Reader
Data Infra Meetup | ByteDance's Native Parquet Reader
 
Data Infra Meetup | Uber's Data Storage Evolution
Data Infra Meetup | Uber's Data Storage EvolutionData Infra Meetup | Uber's Data Storage Evolution
Data Infra Meetup | Uber's Data Storage Evolution
 
Alluxio Monthly Webinar | Why NFS/NAS on Object Storage May Not Solve Your AI...
Alluxio Monthly Webinar | Why NFS/NAS on Object Storage May Not Solve Your AI...Alluxio Monthly Webinar | Why NFS/NAS on Object Storage May Not Solve Your AI...
Alluxio Monthly Webinar | Why NFS/NAS on Object Storage May Not Solve Your AI...
 
AI Infra Day | Accelerate Your Model Training and Serving with Distributed Ca...
AI Infra Day | Accelerate Your Model Training and Serving with Distributed Ca...AI Infra Day | Accelerate Your Model Training and Serving with Distributed Ca...
AI Infra Day | Accelerate Your Model Training and Serving with Distributed Ca...
 
AI Infra Day | The AI Infra in the Generative AI Era
AI Infra Day | The AI Infra in the Generative AI EraAI Infra Day | The AI Infra in the Generative AI Era
AI Infra Day | The AI Infra in the Generative AI Era
 
AI Infra Day | Hands-on Lab: CV Model Training with PyTorch & Alluxio on Kube...
AI Infra Day | Hands-on Lab: CV Model Training with PyTorch & Alluxio on Kube...AI Infra Day | Hands-on Lab: CV Model Training with PyTorch & Alluxio on Kube...
AI Infra Day | Hands-on Lab: CV Model Training with PyTorch & Alluxio on Kube...
 
AI Infra Day | The Generative AI Market And Intel AI Strategy and Product Up...
AI Infra Day | The Generative AI Market And Intel AI Strategy and Product Up...AI Infra Day | The Generative AI Market And Intel AI Strategy and Product Up...
AI Infra Day | The Generative AI Market And Intel AI Strategy and Product Up...
 
AI Infra Day | Composable PyTorch Distributed with PT2 @ Meta
AI Infra Day | Composable PyTorch Distributed with PT2 @ MetaAI Infra Day | Composable PyTorch Distributed with PT2 @ Meta
AI Infra Day | Composable PyTorch Distributed with PT2 @ Meta
 
AI Infra Day | Model Lifecycle Management Quality Assurance at Uber Scale
AI Infra Day | Model Lifecycle Management Quality Assurance at Uber ScaleAI Infra Day | Model Lifecycle Management Quality Assurance at Uber Scale
AI Infra Day | Model Lifecycle Management Quality Assurance at Uber Scale
 
Alluxio Monthly Webinar | Efficient Data Loading for Model Training on AWS
Alluxio Monthly Webinar | Efficient Data Loading for Model Training on AWSAlluxio Monthly Webinar | Efficient Data Loading for Model Training on AWS
Alluxio Monthly Webinar | Efficient Data Loading for Model Training on AWS
 

Último

%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
masabamasaba
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 

Último (20)

%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - Keynote
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 

Alluxio and Apache Ranger Best Practices

  • 1. Alluxio and Apache Ranger Best Practices Greg Palmer | Lead Solutions Engineer | Alluxio | greg.palmer@alluxio.com 1 Product School - May 26th, 2022
  • 2. 2 AGENDA: ● Why Centralized Access Policies? ● What is Apache Ranger? ● What is Alluxio? ● Alluxio & Ranger - Best Practices ● Live Demonstration ● Closing Remarks and Questions
  • 3. 3 Why Centralized Access Policies? From stand-alone systems to distributed systems to centralized data lakes 3 Stand-alone Systems DB 1 Single Tier (App 1 & UI) PERMS
  • 4. 4 Why Centralized Access Policies? From stand-alone systems to distributed systems to centralized data lakes 4 Stand-alone Systems DB 1 Single Tier (App 1 & UI) PERMS Distributed Systems DB 1 Multi-Tier (App Server 1) Multi-Tier (Client) DB 2 PERMS PERMS DW 1 DW 2 Multi-Tier (App Server 2) PERMS Multi-Tier (Client) PERMS
  • 5. 5 Why Centralized Access Policies? From stand-alone systems to distributed systems to centralized data lakes 5 Stand-alone Systems DB 1 Single Tier (App 1 & UI) PERMS Centralized Data Lakes Distributed Systems DB 1 DBs Multi-Tier (App Server 1) DWs Multi-Tier (Client) DB 2 PERMS PERMS Streaming Data DW 1 DW 2 Multi-Tier (App Server 2) PERMS Multi-Tier (Client) PERMS Python ML Spark ML Analytics Dashboards PERMS PERMS PERMS PERMS PERMS
  • 6. 6 Apache Ranger™ is a framework to enable, monitor and manage comprehensive data security across the Hadoop platform ● Ranger is bundled with HDP and Cloudera Hadoop Platforms ● Ranger is bundled with Privacera ● Ranger can be deployed stand-alone from the OSS source code What is Apache Ranger? 6
  • 8. 8 What is Alluxio? Data challenges in todayʼs disaggregated world: 8
  • 9. 9 What is Alluxio? The need for a new data orchestration platform: 9
  • 10. 10 What is Alluxio? Alluxio is an orchestration platform that brings your data closer to compute across clusters, regions, clouds, and countries 10
  • 11. 11 Alluxio & Ranger - Best Practices 11 Alluxio Hosts Policy Store Ranger Admin Hosts Ranger Policy Manager Ranger Plugin Alluxio Master Daemons Ranger Admins Ranger User Sync Enterprise Directory Services Worker Daemons PERMS HDFS, S3, Ceph, etc. Audit Store (ES) Read/Write Requests Alluxio Users Under File System Worker Daemons Worker Daemons Under File System Integration Architecture ML Workloads Analytics Workloads
  • 12. 12 • When: you only have one HDFS under file system • Why: easy to setup, no new Ranger services/policies required Alluxio & Ranger - Best Practices What: Enforce existing Ranger HDFS Access policies 12 Ranger Policy Manager HDFS UFS Alluxio Users ML Workloads Analytics Workloads Cache
  • 13. 13 • How: • Configure the ./conf/alluxio-site.properties file: alluxio.security.authorization.plugins.enabled=true alluxio.master.mount.table.root.option.alluxio.underfs.security.authorization.plugin.name=<plugin name> alluxio.master.mount.table.root.option.alluxio.underfs.security.authorization.plugin.paths=/opt/alluxio/conf • Configure the ./conf/ranger-hdfs-security.xml file: <property> <name>ranger.plugin.hdfs.service.name</name> <value>existing-ranger-hdfs-service-name</value> </property> Alluxio & Ranger - Best Practices What: Enforce existing Ranger HDFS Access policies 13
  • 14. 14 • When: no HDFS under file system or heterogeneous UFSs • Why: supports true virtual file system and unified namespace Alluxio & Ranger - Best Practices What: New Ranger policies for Alluxio file system permissions 14 Ranger Policy Manager HDFS UFS Alluxio Users ML Workloads Analytics Workloads S3 Compat UFS Google GCS UFS Azure ADLS UFS On-prem UFS Unified Namespace Cache
  • 15. 15 • How: • Configure the ./conf/alluxio-site.properties file: alluxio.security.authorization.plugins.enabled=true alluxio.master.mount.table.root.option.alluxio.underfs.security.authorization.plugin.name=<plugin name> alluxio.master.mount.table.root.option.alluxio.underfs.security.authorization.plugin.paths=/opt/alluxio/conf • Configure the ./conf/ranger-hdfs-security.xml file: <property> <name>ranger.plugin.hdfs.service.name</name> <value>new-ranger-hdfs-service-name</value> </property> Alluxio & Ranger - Best Practices What: New Ranger policies for Alluxio file system permissions 15
  • 16. 16 • How: • Define new service in Ranger service manager: Alluxio & Ranger - Best Practices What: New Ranger policies for Alluxio file system permissions 16
  • 17. 17 • How: • Define new access policies in Ranger: Alluxio & Ranger - Best Practices What: New Ranger policies for Alluxio file system permissions 17
  • 18. 18 • How: What about Alluxio file paths that have no Ranger policies? • Alluxio will fall back on POSIX style file and directory permissions • Permissions can be viewed with: $ alluxio fs ls -R /mydir/mysubdir/ • Permissions can be change with: $ alluxio fs chmod 640 • Consider configuring Alluxio default UMASK with: alluxio.security.authorization.permission.umask=077 Alluxio & Ranger - Best Practices What: New Ranger policies for Alluxio file system permissions 18
  • 20. Alluxio and Apache Ranger Best Practices Greg Palmer | Lead Solutions Engineer | Alluxio | greg.palmer@alluxio.com 20 Product School - May 26th, 2022 Explore Alluxio & Apache Ranger on your laptop or desktop computer: https://github.com/gregpalmr/alluxio-ranger-sandbox