Cloudera Community

Archives of Support Questions (Read Only)

This is an archived board for historical reference. Information and links may no longer be available or relevant
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
This board is archived and read-only for historical reference. To ask a new question, please post a new topic on the appropriate active board.
Solved Go to solution

Multiple Knox gateways?

Labels:
avatar
author-rank kabalax
New Member

Created ‎06-13-2016 02:43 PM

Hello,

Can I have multiple Knox gateways each bound to a different AD?

I got one Knox gateway authenticating to an AD and it works perfectly fine. I'd like to setup another gateway but point it to another AD. Do I need to duplicate <topology>, <gateway> or <provider>?

Thanks.

3,984 Views
1 ACCEPTED SOLUTION

avatar
author-rank emaxwell author-rank
Guru

Created ‎06-13-2016 06:02 PM

@Teddy Brewski

This can be done!

  1. Install the Knox server on multiple hosts (can be done by going to Hosts -> hostname -> Add Service -> Knox Gateway).
  2. Create a config group for Knox and assign nodes to each config group (Knox -> Configs -> Manage Config Groups)
  3. Modify the Advanced Topology for each config group (accessed with the drop down at the top of the Configs page) to change the AD configuration as appropriate.

View solution in original post

3,635 Views
4 REPLIES 4

avatar
author-rank emaxwell author-rank
Guru

Created ‎06-13-2016 06:02 PM

@Teddy Brewski

This can be done!

  1. Install the Knox server on multiple hosts (can be done by going to Hosts -> hostname -> Add Service -> Knox Gateway).
  2. Create a config group for Knox and assign nodes to each config group (Knox -> Configs -> Manage Config Groups)
  3. Modify the Advanced Topology for each config group (accessed with the drop down at the top of the Configs page) to change the AD configuration as appropriate.
3,636 Views

avatar
author-rank kabalax
New Member

Created ‎06-13-2016 06:21 PM

Perfect -- many thanks!

3,635 Views
0 Kudos

avatar
author-rank sshimpi
Super Guru

Created ‎06-13-2016 06:29 PM

@Teddy Brewski

In addition to @emaxwell also check - "Know support active directory searches using nested ou's and/or multiple AD search strings"

https://community.hortonworks.com/questions/1783/does-knox-support-active-directory-searches-using.h...

3,635 Views
0 Kudos

avatar
author-rank amiller
Guru

Created ‎06-13-2016 06:29 PM

Running each topology on its own Gateway instance is fine, but it's not necessary. You can use a single Knox Gateway instance and simply create a separate topology per-AD.

Say you have 2 topologies, ad1 and ad2, then you can connect using:

https://knox-host:8443/gateway/ad1/<service>/.

https://knox-host:8443/gateway/ad2/<service>/.

3,635 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Real time Monitoring for 7.1.9+ and 7.2.18+ with Cl...
What's New @ Cloudera
Announcing Cloudera Streaming Analytics 1.17: Python UDFs, S...
Community Announcements
Content Update: Evolving Our Community Content for Better, A...
Community Announcements
Product Name Updates — Community Label Changes & Notificatio...
What's New @ Cloudera
Announcing Cloudera Data Lineage for Trino
View More Announcements