Support Questions

Find answers, ask questions, and share your expertise

How Apache Knox gets integrated with data encryption on RPC protocols in hadoop cluster?

Explorer
 
1 ACCEPTED SOLUTION

Contributor

Apache Knox is an HTTP Gateway - it doesn't proxy RPC calls to platform components. I will proxy REST API calls for many of the same components and provide you access to resources that you otherwise couldn't due to authentication requirements, etc.

I assume by data encryption in this context you mean on the wire. Wire level encryption for Knox interactions is based on TLS/SSL.

View solution in original post

3 REPLIES 3

Contributor

Apache Knox is an HTTP Gateway - it doesn't proxy RPC calls to platform components. I will proxy REST API calls for many of the same components and provide you access to resources that you otherwise couldn't due to authentication requirements, etc.

I assume by data encryption in this context you mean on the wire. Wire level encryption for Knox interactions is based on TLS/SSL.

Explorer

Thanks @Imccay! I have a follow question, why rpc address is mentioned for Jobtracker in the Apache Knox user's guide? Can you please help me understand how this service gets routed?

<service>
        <role>JOBTRACKER</role>
        <url>rpc://localhost:8050</url>
    </service>

Contributor

The JOBTRACKER and NAMENODE services are a bit odd at first glance. Don't confuse their use with proxying of RPC services. These are used in order to realize the rewrite requirements for Oozie. Oozie responses include some host and port information that we need to be able to identify internally through the ServiceRegistryService gateway service.