Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Multiple Knox gateways?

Labels:
avatar
author-rank kabalax
Contributor

Created ‎06-13-2016 02:43 PM

Hello,

Can I have multiple Knox gateways each bound to a different AD?

I got one Knox gateway authenticating to an AD and it works perfectly fine. I'd like to setup another gateway but point it to another AD. Do I need to duplicate <topology>, <gateway> or <provider>?

Thanks.

2,750 Views
0
1 ACCEPTED SOLUTION

avatar
author-rank emaxwell author-rank
Guru

Created ‎06-13-2016 06:02 PM

@Teddy Brewski

This can be done!

  1. Install the Knox server on multiple hosts (can be done by going to Hosts -> hostname -> Add Service -> Knox Gateway).
  2. Create a config group for Knox and assign nodes to each config group (Knox -> Configs -> Manage Config Groups)
  3. Modify the Advanced Topology for each config group (accessed with the drop down at the top of the Configs page) to change the AD configuration as appropriate.

View solution in original post

2,401 Views
0
4 REPLIES 4

avatar
author-rank emaxwell author-rank
Guru

Created ‎06-13-2016 06:02 PM

@Teddy Brewski

This can be done!

  1. Install the Knox server on multiple hosts (can be done by going to Hosts -> hostname -> Add Service -> Knox Gateway).
  2. Create a config group for Knox and assign nodes to each config group (Knox -> Configs -> Manage Config Groups)
  3. Modify the Advanced Topology for each config group (accessed with the drop down at the top of the Configs page) to change the AD configuration as appropriate.
2,402 Views
0

avatar
author-rank kabalax
Contributor

Created ‎06-13-2016 06:21 PM

Perfect -- many thanks!

2,401 Views
0 Kudos

avatar
author-rank sshimpi
Super Guru

Created ‎06-13-2016 06:29 PM

@Teddy Brewski

In addition to @emaxwell also check - "Know support active directory searches using nested ou's and/or multiple AD search strings"

https://community.hortonworks.com/questions/1783/does-knox-support-active-directory-searches-using.h...

2,401 Views
0 Kudos

avatar
author-rank amiller
Guru

Created ‎06-13-2016 06:29 PM

Running each topology on its own Gateway instance is fine, but it's not necessary. You can use a single Knox Gateway instance and simply create a separate topology per-AD.

Say you have 2 topologies, ad1 and ad2, then you can connect using:

https://knox-host:8443/gateway/ad1/<service>/.

https://knox-host:8443/gateway/ad2/<service>/.

2,401 Views
0 Kudos
Announcements
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
View More Announcements