Hello Doug, Try setting message size using the following properties gateway.websocket.max.text.size gateway.websocket.max.binary.size gateway.websocket.max.text.buffer.size gateway.websocket.max.binary.buffer.size gateway.websocket.input.buffer.size ... View more

There is some documentation on how this can be done, http://knox.apache.org/books/knox-1-1-0/user-guide.html#High+Availability and https://risdenk.github.io/2018/03/11/load-balancing-behind-apache-knox.html ... View more

@Danilo Sousa Looks like you are using demo ldap that ships with Knox, if you are using Ambari then start Demo ldap using the quicklinks on Knox components. ... View more

If you are using kerberos then you do not need LDAP, this looks like an issue with your configuration. This is an example https://community.hortonworks.com/articles/192759/knox-with-kerberos-authentication-to-proxy-to-hive.html The topology file is not formatted properly but you can compare it with yours and add the necessary configuration. ... View more

What do you see in gateway.log ? Also, is your sandbox is kerberized ? if not check whether demo ldap is running, sandbox might be using demo ldap. ... View more

I am not sure if Ambari supports HeaderPreAuth yet, it supports KnoxSSO though but it needs to be configured. ... View more

This is most likely because you are using a SSOCookie provider which checks for cookies, this is why your browser based scenario works. You can try sending the token as a cookie using curl , something like curl -ivk --cookie "hadoop-jwt= eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJndWVzdCIsImF1ZCI6InRva2VuYmFzZWQiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNTIzNTY2NzEyfQ.KwKUKLbC6nYtRSjqfbGkLSY_wUdqChLcLEgRhL5Qvsu1L0eiG-RUdKaafeIPwZ8LA-7nL7Z0CjoSjUiHGBk93cwqGOwL9hpp1_-THx8l9ingZoTw-oj1rFbL8ZWoGbhBbNox6dXfwKj3cB1Qh8iI9rpwCra4VE0ndivUyTtNkpQ" https://192.168.154.194:8443/gateway/tokenbased/webhdfs/v1/tmp?op=LISTSTATUS Here I am assuming your cookie name is "hadoop-jwt" ... View more

Hello Nick, I am not Ranger expert but I think you should be able to achieve with the Knox Ranger Plugin. If you can browse your data sets using REST APIs you can certainly use Knox to proxy them. ... View more

@Nisha that is by design, try passing cookies through Curl with the CookieProvider, I think this should work ! ... View more

ah, I see, I have had issues with using localhost, to get around this in my etc/host file I add an entry for www.local.com -> 127.0.0.1 and in your topology add it to the whitelist <param> <name>knoxsso.redirect.whitelist.regex</name> <value>^https?:\/\/(www\.local\.com|localhost|127\.0\.0\.1|0:0:0:0:0:0:0:1|::1):[0-9].*$</value> </param> Then try to access it using https://www.local.com:8443/. This should help, let me know if this does not help. Best, Sandeep ... View more

Hello @Nisha It is difficult to say anything without seeing your topology, but I am assuming you are using "SSOCookieProvider" in your topology. Try using "JWTProvider" https://knox.apache.org/books/knox-1-0-0/user-guide.html#JWT+Provider Also check this out https://knox.apache.org/books/knox-1-0-0/user-guide.html#KnoxToken+Configuration Best, Sandeep ... View more

Interesting, thanks for updating ! ... View more

This seems like an OpenJDK and OS problem. What OS are you using ? there are a bunch of such bugs with OpenJDK and Fedora/RHEL ... View more

Hello @Neha G, you cannot access "webhdfs://" protocol using Knox, Knox only supports Http, Https and WS protocols. ... View more

Hello @Neha G Sure, this guide should help you http://knox.apache.org/books/knox-0-13-0/user-guide.html#Secure+Clusters ... View more

Did you Login using kinit ? ... View more

Looks like you are missing the variable zeppelin_master_hosts ... View more

Hello @sharad vishe to use Knox you do not have to make changes to other hadoop config files. Changes to your Knox topology (sandbox.xml) should be enough for the commonly used hadoop services (There are exceptions to this though but I do not believe that is the case here.) ... View more

You should have something logged in the gateway.log file. If you do not see anything meaningful there you can turn up the debug log (by update the conf/gateway-log4j.properties file, uncomment log4j.logger.org.apache.hadoop.gateway=DEBUG property) ... View more

Knox Master Secret that is used to protect the key and credential stores for the gateway instance. To test the demo Ldap use "bin/ldap.sh start" the demo Ldap runs on localhost and port 33389 which is the default port for the ApacheDS LDAP server. That the LDAP directory in use has a set of demo users provisioned with the convention of username and username“-password” as the password. Most of the samples have some variation of this pattern with “guest” and “guest-password”. ... View more

Ah, looks like a Cognos issue to me. Did you try using Congnos without Knox ? if you see that without Knox (and with Cognos) you have improved speeds then the issue might be with Knox. ... View more

Hello @Debodipto Roy Do you have problems retrieving data only when Apache Knox is used with IBM Cognos ? ... View more

Can you access Hbase Rest API without Knox ? is the hbase-deamon running ? you can find more info at Knox user guide. If you still run into issues then something funny is going around, can you post the relevant log snippet from gateway.log. Thanks. ... View more

You are getting a 404, so there could two possibilities a) the service might be down or node not accessible b) Knox might not be rewriting the URL correctly. Do you have the output for gateway.log ? this looks like gateway-audit.log output. ... View more