Member since
09-24-2015
49
Posts
67
Kudos Received
16
Solutions
My Accepted Solutions
Title | Views | Posted |
---|---|---|
5347 | 03-29-2016 03:02 PM | |
3034 | 03-21-2016 01:34 PM | |
3505 | 03-07-2016 09:12 PM | |
2967 | 01-12-2016 10:01 PM | |
1079 | 01-11-2016 10:04 PM |
12-18-2015
03:40 PM
3 Kudos
You may find Sample 5 in my recent blog here helpful. http://kminder.github.io/knox/2015/11/18/knox-with... The only quick tip I can give you here without more information is that your authorization provider configuration should probably look like this.
<provider>
<role>authorization</role>
<name>AclsAuthz</name>
<enabled>true</enabled>
<param name="WEBHBASE.acl" value="admin;*;*"/>
</provider> For your custom services all you need to do is match the value before the ".acl" with the role of your custom service. This example may help clarify.
<provider>
<role>authorization</role>
<name>AclsAuthz</name>
<enabled>true</enabled>
<param name="WEBHBASE.acl" value="admin;*;*"/>
<param name="CUSTOM.acl" value="guest;*;*"/>
</provider> Of course you can also use the Ranger authorization plugin and instead of this "AclsAuthz" plugin and define the policy in the Ranger policy UI.
... View more
12-17-2015
04:11 AM
@Christopher Lewis < This looks like progress. I'm guessing the Demo LDAP server isn't running on your VM.
... View more
12-17-2015
02:52 AM
3 Kudos
If you've installed Knox via Ambari the topology name used is default instead of sandbox so try this command. curl -iku guest:guest-password -X GET 'https://localhost:8443/gateway/default/webhdfs/v1/?op=LISTSTATUS'
... View more
12-16-2015
05:55 PM
2 Kudos
Try: "jdbc:hive2://knoxserver.net:443/;ssl=false;transportMode=http;httpPath=knox/sandbox/hive", "username", "pwd" This assumes a few things that you should double check:
You actually have SSL disabled in knox. Check ssl.enabled in gateway-site.xml. Otherwise use transportMode=https;sslTrustStore=<trustStoreFileName>;trustStorePassword=<trustStorePassword>. The <trustStoreFileName> and <trustStorePassword> need to be replaced with the real values from your system. This trust store needs to contain the public certificate used by the Knox server.
You have gatway.path in gateway.site.xml set to knox. The default is gateway. Otherwise use httpPath=gateway/sandbox/hive Your topology file is named sandbox.xml. If for example you are using Ambari your topology file is probably named default.xml so you would use httpPath=knox/default/hive or gateway/default/hive as per #2.
... View more
12-15-2015
03:14 PM
Can you share what you have either via github or pasted here?
... View more
12-14-2015
02:52 PM
3 Kudos
This is definitely possible and encouraged. Have you taken a look at the Apache Knox Developer's Guide? I've also created a blog recently called Adding a service to Apache Knox that while not directly applicable to your use case, might answer some questions you didn't know you had.
... View more
11-18-2015
03:08 PM
I also recently created a blog related to this.
http://kminder.github.io/knox/2015/11/16/adding-a-service-to-knox.html
... View more
11-12-2015
04:35 PM
3 Kudos
These extensions are committed to the Apache Knox repo itself. They all use the config driven extension model so you need to look in the gateway-service-definitions module. In particular look in this directory. Now that you mention the openweathermap example, I need to update that to the new configuration based model at least as a comparison to the code based extension. The developers guide does briefly cover the config based extension.
... View more
11-12-2015
03:04 PM
1 Kudo
We would certainly recommend the use of Knox's extensibility models to cover any components without coverage before we get there ourselves. There have been several developed in the community already such as Falcon that we don't yet officially support. The same goes for UI coverage where the community has added coverage for things like the HDFS and YARN UIs among others. The Knox Developer's Guide is a great resource that the community has used to help them jump start these efforts. Of course looking at the implementation of the existing integrations is a great place to start as well.
... View more
11-02-2015
03:15 PM
1 Kudo
Just to add context to this correct answer, the password required here to access the gateway.jks keystore is the password provided as the Knox master secret in Ambari when Knox was installed. The Ambari install scripts for Knox use the described knoxcli.sh create-master command "under the covers".
... View more