Community Articles

Find and share helpful community-sourced technical articles.
Labels (2)
avatar
Rising Star

Short Description:

Configure Knox to access Atlas UI

Article

Here is the steps to access Atlas UI through Knox.

1. Make sure Knox is configured properly and it works fine.

2. ssh to Knox gateway host and go to /var/lib/knox/data-2.6.****/services

3. mkdir –p atlas/0.8.0/

mkdir –p atlas-api/0.8.0/

4. download the configurations from https://github.com/apache/knox/tree/v0.13.0/gateway-service-definitions/src/main/resources/services/... URL to /var/lib/knox/data-2.6.***/services/ atlas-api/0.8.0/

5. download the configurations from https://github.com/apache/knox/tree/v0.13.0/gateway-service-definitions/src/main/resources/services/... URL to /var/lib/knox/data-2.6.***/services/ atlas/0.8.0/

5. change the owner/Group permissions to Knox for /var/lib/knox/data-2.6.**/services/atlas*/ and subdirectory

6. Go to Knox configurations Modify "Advanced topology" with below service tag

  1. <service>
  2. <role>ATLAS</role>
  3. <url>sandbox.hortonworks.com:21000</url>
  4. </service>
  5. <service>

7. Restart Knox service.

8. You should be able to access Atlas UI from the below URL

https://sandbox.hortonworks.com:8443/gateway/default/atlas/

Please Note: At this point of time, it's a work-around, Hortonworks doesn't support this yet.

3,239 Views
0 Kudos
Comments
avatar
New Contributor

In "my" non sandbox envionment with HDP 2.6.4 it is not working properly!

Even the official Knox 1.0 (lasted Version) documentation says

"The initial functionality is very limited and serves more as a starting point/placeholder"

All the requests via Knox are ignored and no permissions are granted....

x 07:50:21,847 DEBUG - [pool-2-thread-21:] ~ ==> AuthorizationFilter.doFilter (AtlasAuthorizationFilter:91) x 07:50:21,847 DEBUG - [pool-2-thread-21:] ~ Ignoring request /v2/types/typedefs (AtlasAuthorizationFilter:174) x 07:50:21,849 DEBUG - [pool-2-thread-21:] ~ Cleaning stale transactions (StaleTransactionCleanupFilter:53)

To me it looks like the Knox rewrite definition or AtlasAuthorizationFilter.java is broken together with Knox & Atlas with HDP 2.6.4

avatar
Contributor

Hi,

Please try adding

<service> <role>ATLAS-API</role> <url>http://${atlas_metadata_server_host}:${atlas_metadata_server_port}/</url> </service>

(e.g. <service> <role>ATLAS-API</role> <url>http://toide-2.toide.hortonworks.com:21000/</url> </service> )

to your "Advanced topology".

I met "Something went wrong" error on Atlas WebUI before adding it.