Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Multiple Knox gateways?

Solved Go to solution
Highlighted

Multiple Knox gateways?

Explorer

Hello,

Can I have multiple Knox gateways each bound to a different AD?

I got one Knox gateway authenticating to an AD and it works perfectly fine. I'd like to setup another gateway but point it to another AD. Do I need to duplicate <topology>, <gateway> or <provider>?

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: Multiple Knox gateways?

@Teddy Brewski

This can be done!

  1. Install the Knox server on multiple hosts (can be done by going to Hosts -> hostname -> Add Service -> Knox Gateway).
  2. Create a config group for Knox and assign nodes to each config group (Knox -> Configs -> Manage Config Groups)
  3. Modify the Advanced Topology for each config group (accessed with the drop down at the top of the Configs page) to change the AD configuration as appropriate.

View solution in original post

4 REPLIES 4
Highlighted

Re: Multiple Knox gateways?

@Teddy Brewski

This can be done!

  1. Install the Knox server on multiple hosts (can be done by going to Hosts -> hostname -> Add Service -> Knox Gateway).
  2. Create a config group for Knox and assign nodes to each config group (Knox -> Configs -> Manage Config Groups)
  3. Modify the Advanced Topology for each config group (accessed with the drop down at the top of the Configs page) to change the AD configuration as appropriate.

View solution in original post

Highlighted

Re: Multiple Knox gateways?

Explorer

Perfect -- many thanks!

Highlighted

Re: Multiple Knox gateways?

@Teddy Brewski

In addition to @emaxwell also check - "Know support active directory searches using nested ou's and/or multiple AD search strings"

https://community.hortonworks.com/questions/1783/does-knox-support-active-directory-searches-using.h...

Re: Multiple Knox gateways?

Running each topology on its own Gateway instance is fine, but it's not necessary. You can use a single Knox Gateway instance and simply create a separate topology per-AD.

Say you have 2 topologies, ad1 and ad2, then you can connect using:

https://knox-host:8443/gateway/ad1/<service>/.

https://knox-host:8443/gateway/ad2/<service>/.

Don't have an account?
Coming from Hortonworks? Activate your account here