Author: lmccay
Date: Mon Jul 30 17:22:08 2018
New Revision: 1837074
URL: http://svn.apache.org/viewvc?rev=1837074&view=rev
Log:
Added minimal missing documentation for Nifi
Modified:
knox/site/books/knox-1-1-0/user-guide.html
knox/trunk/books/1.1.0/book_ui_service_details.md
Modified: knox/site/books/knox-1-1-0/user-guide.html
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/user-guide.html?rev=1837074&r1=1837073&r2=1837074&view=diff
==============================================================================
--- knox/site/books/knox-1-1-0/user-guide.html (original)
+++ knox/site/books/knox-1-1-0/user-guide.html Mon Jul 30 17:22:08 2018
@@ -6912,6 +6912,7 @@ curl -i -k -u username:password -H "
<li><a href="#Ranger+Admin+Console">Ranger Admin Console</a></li>
<li><a href="#Atlas+UI">Atlas UI</a></li>
<li><a href="#Zeppelin+UI">Zeppelin UI</a></li>
+ <li><a href="#Nifi+UI">Nifi UI</a></li>
</ul><h3><a id="Assumptions">Assumptions</a> <a href="#Assumptions"><img
src="markbook-section-link.png"/></a></h3><p>This section assumes an
environment setup similar to the one in the REST services section <a
href="#Service+Details">Service Details</a></p><h3><a id="Name+Node+UI">Name
Node UI</a> <a href="#Name+Node+UI"><img
src="markbook-section-link.png"/></a></h3><p>The Name Node UI is available on
the same host and port combination that WebHDFS is available on. As mentioned
in the WebHDFS REST service configuration section, the values for the host and
port can be obtained from the following properties in hdfs-site.xml</p>
<pre><code><property>
<name>dfs.namenode.http-address</name>
@@ -7222,7 +7223,13 @@ curl -i -k -u username:password -H "
<role>ZEPPELINUI</role>
<url>http://<ZEPPELIN_HOST>:<ZEPPELIN_PORT></url>
</service>
-</code></pre><p>Knox also supports secure Zeppelin UIs, for secure UIs one
needs to provision Zeppelin certificate into Knox truststore. </p><h3><a
id="Admin+UI">Admin UI</a> <a href="#Admin+UI"><img
src="markbook-section-link.png"/></a></h3><p>The Admin UI is a web application
hosted by Knox, which provides the ability to manage provider configurations,
descriptors, and topologies.</p><p>As an authoring facility, it eliminates the
need for ssh/scp access to the Knox host(s) to effect topology changes.<br>
Furthermore, using the Admin UI simplifies the management of topologies in Knox
HA deployments by eliminating the need to copy files to multiple Knox
hosts.</p><h4><a id="Admin+UI+URL">Admin UI URL</a> <a
href="#Admin+UI+URL"><img src="markbook-section-link.png"/></a></h4><p>The URL
mapping for the Knox Admin UI is:</p>
+</code></pre><p>Knox also supports secure Zeppelin UIs, for secure UIs one
needs to provision Zeppelin certificate into Knox truststore. </p><h3><a
id="Nifi+UI">Nifi UI</a> <a href="#Nifi+UI"><img
src="markbook-section-link.png"/></a></h3><p>You can use the Apache Knox
Gateway to provide authentication access security for your NiFi
services.</p><p>The Gateway can be configured for Nifi by modifying the
topology XML file.</p><p>In the topology XML file, add the following with the
correct hostname and port:</p>
+<pre><code><service>
+ <role>NIFI</role>
+
<url><NIFI_HTTP_SCHEME>://<NIFI_HOST>:<NIFI_HTTP_SCHEME_PORT></url>
+ <param name="useTwoWaySsl" value="true"/>
+</service>
+</code></pre><p>Note the setting of the useTwoWaySsl param above. Nifi
requires mutual authentication via SSL and this param tells the dispatch to
present a client cert to the server.</p><p>The above is an example request body
to be used to create a Spark session via Livy server and illustrates the
“proxyUser” that requires rewrite.</p><h3><a id="Admin+UI">Admin
UI</a> <a href="#Admin+UI"><img
src="markbook-section-link.png"/></a></h3><p>The Admin UI is a web application
hosted by Knox, which provides the ability to manage provider configurations,
descriptors, and topologies.</p><p>As an authoring facility, it eliminates the
need for ssh/scp access to the Knox host(s) to effect topology changes.<br>
Furthermore, using the Admin UI simplifies the management of topologies in Knox
HA deployments by eliminating the need to copy files to multiple Knox
hosts.</p><h4><a id="Admin+UI+URL">Admin UI URL</a> <a
href="#Admin+UI+URL"><img src="markbook-section-link.png"/></a></h4><p>
The URL mapping for the Knox Admin UI is:</p>
<table>
<tbody>
<tr>
Modified: knox/trunk/books/1.1.0/book_ui_service_details.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.1.0/book_ui_service_details.md?rev=1837074&r1=1837073&r2=1837074&view=diff
==============================================================================
--- knox/trunk/books/1.1.0/book_ui_service_details.md (original)
+++ knox/trunk/books/1.1.0/book_ui_service_details.md Mon Jul 30 17:22:08 2018
@@ -33,6 +33,7 @@ These are the current Hadoop services wi
* #[Ranger Admin Console]
* #[Atlas UI]
* #[Zeppelin UI]
+* #[Nifi UI]
### Assumptions
@@ -448,3 +449,22 @@ Example service definition for Zeppelin
</service>
Knox also supports secure Zeppelin UIs, for secure UIs one needs to provision
Zeppelin certificate into Knox truststore.
+
+### Nifi UI ###
+
+You can use the Apache Knox Gateway to provide authentication access security
for your NiFi services.
+
+The Gateway can be configured for Nifi by modifying the topology XML file.
+
+In the topology XML file, add the following with the correct hostname and port:
+
+ <service>
+ <role>NIFI</role>
+ <url><NIFI_HTTP_SCHEME>://<NIFI_HOST>:<NIFI_HTTP_SCHEME_PORT></url>
+ <param name="useTwoWaySsl" value="true"/>
+ </service>
+
+Note the setting of the useTwoWaySsl param above. Nifi requires mutual
authentication
+via SSL and this param tells the dispatch to present a client cert to the
server.
+
+The above is an example request body to be used to create a Spark session via
Livy server and illustrates the "proxyUser" that requires rewrite.
\ No newline at end of file
