Support Questions

nhgodwal · ‎10-06-2017

lmccay · ‎10-06-2017

Apache Knox is an HTTP Gateway - it doesn't proxy RPC calls to platform components. I will proxy REST API calls for many of the same components and provide you access to resources that you otherwise couldn't due to authentication requirements, etc.

I assume by data encryption in this context you mean on the wire. Wire level encryption for Knox interactions is based on TLS/SSL.

View solution in original post

lmccay · ‎10-06-2017

Apache Knox is an HTTP Gateway - it doesn't proxy RPC calls to platform components. I will proxy REST API calls for many of the same components and provide you access to resources that you otherwise couldn't due to authentication requirements, etc.

I assume by data encryption in this context you mean on the wire. Wire level encryption for Knox interactions is based on TLS/SSL.

nhgodwal · ‎10-09-2017

Thanks @Imccay! I have a follow question, why rpc address is mentioned for Jobtracker in the Apache Knox user's guide? Can you please help me understand how this service gets routed?

<service>
        <role>JOBTRACKER</role>
        <url>rpc://localhost:8050</url>
    </service>

lmccay · ‎10-09-2017

The JOBTRACKER and NAMENODE services are a bit odd at first glance. Don't confuse their use with proxying of RPC services. These are used in order to realize the rewrite requirements for Oozie. Oozie responses include some host and port information that we need to be able to identify internally through the ServiceRegistryService gateway service.

Cloudera Community

Support Questions

How Apache Knox gets integrated with data encryption on RPC protocols in hadoop cluster?