Support Questions

Find answers, ask questions, and share your expertise

Know and Edgenode configuration

avatar

Hello,

I am new to security setting and we can setup knox as gateway and it will prevent some of the security risks. If we enable Knox where we need to configure edge node? Knox suppose to be front of edge node and any command we execute in edge node go through knox? How we suppose to design edgenode and knox togerther?

thank you

1 ACCEPTED SOLUTION

avatar
Master Mentor

Anpan K

I can understand the confusion that's brewing in your mind. In a kerberized production cluster, you'd usually have Edge node, Master and slave nodes. I will not go in the description and placement of every single component but the below distribution gives you a picture.

Note: The worker node usually MUST have at least 2 slave processes Datanode & NodeManager, all the client software goes on the Edge node and the Master node holds the other components notably NameNode,RM,Zookeeper HA's etc

Master (3x)

  • Namenode
  • YARN (RM)
  • Zookeeper
  • HS2
  • .....
  • .....
  • Hbase Master

Slave(worker nodes) n

  • DataNodes
  • NodeManager
  • Region Servers
Edge Node
  • Knox
  • ZK Client
  • HDFS Client
  • MR Cllient
  • ...
  • ...
  • YARN client

Below on the knowGateway is installed all the client software, the Hadoop services here represent the Master and Slaves nodes.

76609-knox.jpg

The Knox gateway should sit on the Edge node as should be the only access to the cluster as illustrated above.

HTH

View solution in original post

5 REPLIES 5

avatar

@Anpan K Yes, Knox should be accessible to external users, so it has to be installed on node which can be access from outside the cluster. Like an edge node. This node can be still be managed by ambari.

HTH

avatar
Master Mentor

Anpan K

I can understand the confusion that's brewing in your mind. In a kerberized production cluster, you'd usually have Edge node, Master and slave nodes. I will not go in the description and placement of every single component but the below distribution gives you a picture.

Note: The worker node usually MUST have at least 2 slave processes Datanode & NodeManager, all the client software goes on the Edge node and the Master node holds the other components notably NameNode,RM,Zookeeper HA's etc

Master (3x)

  • Namenode
  • YARN (RM)
  • Zookeeper
  • HS2
  • .....
  • .....
  • Hbase Master

Slave(worker nodes) n

  • DataNodes
  • NodeManager
  • Region Servers
Edge Node
  • Knox
  • ZK Client
  • HDFS Client
  • MR Cllient
  • ...
  • ...
  • YARN client

Below on the knowGateway is installed all the client software, the Hadoop services here represent the Master and Slaves nodes.

76609-knox.jpg

The Knox gateway should sit on the Edge node as should be the only access to the cluster as illustrated above.

HTH

avatar
New Contributor

best article I have read on this blog. worth to read it thank you

avatar
Master Mentor

@Anpan K

Any updates?

If you found this answer addressed your question, please take a moment to log in and click the "Accept" link on the answer.

avatar
New Contributor

Edge nodes are the interface between the Hardtop group and the outside system. Thus they're some of the time alluded to as entryway nodes. Most normally edge nodes are utilized to run customer applications and group organization apparatuses.