Support Questions

Find answers, ask questions, and share your expertise

Multiple Knox gateways?

avatar
Contributor

Hello,

Can I have multiple Knox gateways each bound to a different AD?

I got one Knox gateway authenticating to an AD and it works perfectly fine. I'd like to setup another gateway but point it to another AD. Do I need to duplicate <topology>, <gateway> or <provider>?

Thanks.

1 ACCEPTED SOLUTION

avatar

@Teddy Brewski

This can be done!

  1. Install the Knox server on multiple hosts (can be done by going to Hosts -> hostname -> Add Service -> Knox Gateway).
  2. Create a config group for Knox and assign nodes to each config group (Knox -> Configs -> Manage Config Groups)
  3. Modify the Advanced Topology for each config group (accessed with the drop down at the top of the Configs page) to change the AD configuration as appropriate.

View solution in original post

4 REPLIES 4

avatar

@Teddy Brewski

This can be done!

  1. Install the Knox server on multiple hosts (can be done by going to Hosts -> hostname -> Add Service -> Knox Gateway).
  2. Create a config group for Knox and assign nodes to each config group (Knox -> Configs -> Manage Config Groups)
  3. Modify the Advanced Topology for each config group (accessed with the drop down at the top of the Configs page) to change the AD configuration as appropriate.

avatar
Contributor

Perfect -- many thanks!

avatar
Super Guru

@Teddy Brewski

In addition to @emaxwell also check - "Know support active directory searches using nested ou's and/or multiple AD search strings"

https://community.hortonworks.com/questions/1783/does-knox-support-active-directory-searches-using.h...

avatar

Running each topology on its own Gateway instance is fine, but it's not necessary. You can use a single Knox Gateway instance and simply create a separate topology per-AD.

Say you have 2 topologies, ad1 and ad2, then you can connect using:

https://knox-host:8443/gateway/ad1/<service>/.

https://knox-host:8443/gateway/ad2/<service>/.