Author: krisden
Date: Thu Dec 6 17:17:03 2018
New Revision: 1848343
URL: http://svn.apache.org/viewvc?rev=1848343&view=rev
Log:
KNOX-1640 - Documentation improvements (Lars Francke via Kevin Risden)
Modified:
knox/site/books/knox-1-2-0/dev-guide.html
knox/site/books/knox-1-2-0/user-guide.html
knox/site/index.html
knox/site/issue-management.html
knox/site/licenses.html
knox/site/mailing-lists.html
knox/site/project-info.html
knox/site/team.html
knox/trunk/books/1.2.0/book.md
knox/trunk/books/1.2.0/book_gateway-details.md
knox/trunk/books/1.2.0/book_getting-started.md
knox/trunk/books/1.2.0/book_service-details.md
knox/trunk/books/1.2.0/config_authn.md
knox/trunk/books/1.2.0/dev-guide/book.md
knox/trunk/books/1.2.0/knox_cli.md
knox/trunk/books/1.2.0/service_elasticsearch.md
knox/trunk/books/1.2.0/service_service_test.md
knox/trunk/books/1.2.0/service_solr.md
Modified: knox/site/books/knox-1-2-0/dev-guide.html
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/dev-guide.html?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/site/books/knox-1-2-0/dev-guide.html (original)
+++ knox/site/books/knox-1-2-0/dev-guide.html Thu Dec 6 17:17:03 2018
@@ -985,7 +985,7 @@ rewrite.xml
<p>If Knox doesn’t find that file, it will check for a Java system
property named
<strong>org.apache.gateway.topology.discovery.ambari.config</strong>, whose
value is the fully-qualified path to an XML file. This file’s contents
must adhere to the format outlined above.</p>
<p>If this configuration exists, Knox will apply it as if it were part of the
internal configuration.</p>
<p><strong>Example</strong></p>
-<p>If Apache SOLR weren’t supported, then it could be added by creating
the following definition in
<strong><em>{GATEWAY_HOME}</em>/conf/ambari-discovery-url-mappings.xml</strong>
:</p>
+<p>If Apache Solr weren’t supported, then it could be added by creating
the following definition in
<strong><em>{GATEWAY_HOME}</em>/conf/ambari-discovery-url-mappings.xml</strong>
:</p>
<pre><code><?xml version="1.0" encoding="utf-8"?>
<service-discovery-url-mappings>
<service name="SOLR">
Modified: knox/site/books/knox-1-2-0/user-guide.html
URL:
http://svn.apache.org/viewvc/knox/site/books/knox-1-2-0/user-guide.html?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/site/books/knox-1-2-0/user-guide.html (original)
+++ knox/site/books/knox-1-2-0/user-guide.html Thu Dec 6 17:17:03 2018
@@ -123,10 +123,10 @@
<li><a href="#Yarn">Yarn</a></li>
<li><a href="#Kafka">Kafka</a></li>
<li><a href="#Storm">Storm</a></li>
- <li><a href="#SOLR">SOLR</a></li>
+ <li><a href="#Solr">Solr</a></li>
<li><a href="#Avatica">Avatica</a></li>
<li><a href="#Livy+Server">Livy Server</a></li>
- <li><a href="#ElasticSearch">ElasticSearch</a></li>
+ <li><a href="#Elasticsearch">Elasticsearch</a></li>
<li><a href="#Common+Service+Config">Common Service Config</a></li>
<li><a href="#Default+Service+HA+support">Default Service HA
support</a></li>
</ul>
@@ -457,10 +457,10 @@ curl -i -k -u guest:guest-password -X GE
<td><img src="error.png" alt="n" title="No" /></td>
</tr>
<tr>
- <td>SOLR </td>
+ <td>Solr </td>
<td>5.5+ and 6+ </td>
<td><img src="check.png" alt="y" title="Yes" /> </td>
- <td><img src="error.png" alt="n" title="No" /> </td>
+ <td><img src="check.png" alt="y" title="Yes" /> </td>
<td><img src="check.png" alt="y" title="Yes" /></td>
</tr>
</tbody>
@@ -535,7 +535,7 @@ curl -i -k -u guest:guest-password -X GE
limitations under the License.
-->
<h2><a id="Gateway+Details">Gateway Details</a> <a
href="#Gateway+Details"><img src="markbook-section-link.png"/></a></h2>
-<p>This section describes the details of the Knox Gateway itself. Including:
</p>
+<p>This section describes the details of the Knox Gateway itself.
Including:</p>
<ul>
<li>How URLs are mapped between a gateway that services multiple Hadoop
clusters and the clusters themselves</li>
<li>How the gateway is configured through <code>gateway-site.xml</code> and
cluster specific topology files</li>
@@ -547,8 +547,8 @@ curl -i -k -u guest:guest-password -X GE
<p>In order to provide compatibility with the Hadoop Java client and existing
CLI tools, the Knox Gateway has provided a feature called the <em>Default
Topology</em>. This refers to a topology deployment that will be able to route
URLs without the additional context that the gateway uses for differentiating
from one Hadoop cluster to another. This allows the URLs to match those used by
existing clients that may access WebHDFS through the Hadoop file system
abstraction.</p>
<p>When a topology file is deployed with a file name that matches the
configured default topology name, a specialized mapping for URLs is installed
for that particular topology. This allows the URLs that are expected by the
existing Hadoop CLIs for WebHDFS to be used in interacting with the specific
Hadoop cluster that is represented by the default topology file.</p>
<p>The configuration for the default topology name is found in
<code>gateway-site.xml</code> as a property called:
<code>default.app.topology.name</code>.</p>
-<p>The default value for this property is <code>sandbox</code>.</p>
-<p>Therefore, when deploying the <code>sandbox.xml</code> topology, both of
the following example URLs work for the same underlying Hadoop cluster:</p>
+<p>The default value for this property is empty.</p>
+<p>When deploying the <code>sandbox.xml</code> topology and setting
<code>default.app.topology.name</code> to <code>sandbox</code>, both of the
following example URLs work for the same underlying Hadoop cluster:</p>
<pre><code>https://{gateway-host}:{gateway-port}/webhdfs
https://{gateway-host}:{gateway-port}/{gateway-path}/{cluster-name}/webhdfs
</code></pre>
@@ -591,7 +591,7 @@ https://{gateway-host}:{gateway-port}/{g
<p>The value for <code>{cluster-name}</code> is derived from the file name of
the cluster topology descriptor (e.g.
<code>{GATEWAY_HOME}/deployments/{cluster-name}.xml</code>).</p>
<p>The value for <code>{webhdfs-host}</code>, <code>{webhcat-host}</code>,
<code>{oozie-host}</code>, <code>{hbase-host}</code> and
<code>{hive-host}</code> are provided via the cluster topology descriptor (e.g.
<code>{GATEWAY_HOME}/conf/topologies/{cluster-name}.xml</code>).</p>
<p>Note: The ports 50070 (9870 for Hadoop 3.x), 50111, 11000, 8080 and 10001
are the defaults for WebHDFS, WebHCat, Oozie, HBase and Hive respectively.
Their values can also be provided via the cluster topology descriptor if your
Hadoop cluster uses different ports.</p>
-<p>Note: The HBase REST API uses port 8080 by default. This often clashes with
other running services. In the Hortonworks Sandbox, Apache Ambari might be
running on this port, so you might have to change it to a different port (e.g.
60080). </p>
+<p>Note: The HBase REST API uses port 8080 by default. This often clashes with
other running services. In the Hortonworks Sandbox, Apache Ambari might be
running on this port, so you might have to change it to a different port (e.g.
60080).</p>
<h4><a id="Topology+Port+Mapping">Topology Port Mapping</a> <a
href="#Topology+Port+Mapping"><img src="markbook-section-link.png"/></a></h4>
<p>This feature allows mapping of a topology to a port, as a result one can
have a specific topology listening on a configured port. This feature routes
URLs to these port-mapped topologies without the additional context that the
gateway uses for differentiating from one Hadoop cluster to another, just like
the <a href="#Default+Topology+URLs">Default Topology URLs</a> feature, but on
a dedicated port. </p>
<p>The configuration for Topology Port Mapping goes in
<code>gateway-site.xml</code> file. The configuration uses the property name
and value model to configure the settings for this feature. The format for the
property name is <code>gateway.port.mapping.{topologyName}</code> and value is
the port number that this topology would listen on. </p>
@@ -1612,12 +1612,17 @@ keytool -keystore gateway.jks -storepass
<h5><a id="`bin/knoxcli.sh+version+[--help]`"><code>bin/knoxcli.sh version
[--help]</code></a> <a href="#`bin/knoxcli.sh+version+[--help]`"><img
src="markbook-section-link.png"/></a></h5>
<p>Displays Knox version information.</p>
<h4><a id="Master+secret+persistence">Master secret persistence</a> <a
href="#Master+secret+persistence"><img
src="markbook-section-link.png"/></a></h4>
-<h5><a
id="`bin/knoxcli.sh+create-master+[--force][--help]`"><code>bin/knoxcli.sh
create-master [--force][--help]</code></a> <a
href="#`bin/knoxcli.sh+create-master+[--force][--help]`"><img
src="markbook-section-link.png"/></a></h5>
-<p>Creates and persists an encrypted master secret in a file within
<code>{GATEWAY_HOME}/data/security/master</code>. </p>
+<h5><a
id="`bin/knoxcli.sh+create-master+[--force]+[--master+mastersecret]+[--generate]`"><code>bin/knoxcli.sh
create-master [--force] [--master mastersecret] [--generate]</code></a> <a
href="#`bin/knoxcli.sh+create-master+[--force]+[--master+mastersecret]+[--generate]`"><img
src="markbook-section-link.png"/></a></h5>
+<p>The create-master command persists the master secret in a file located at:
<code>{GATEWAY_HOME}/data/security/master</code>.</p>
+<p>It will prompt the user for the secret to persist.</p>
+<p>Use <code>--force</code> to overwrite the master secret.</p>
+<p>Use <code>--master</code> to pass in a master secret to persist. This can
be used to persist the secret without any user interaction. Be careful as the
secret might appear in shell histories or process listings.<br/> Instead of
<code>--master</code> it is usually a better idea to use
<code>--generate</code> instead!</p>
+<p>Use <code>--generate</code> to have Knox automatically generate a random
secret. The generated secret will not be printed or otherwise exposed.</p>
+<p>Do not specify both <code>--master</code> and <code>--generate</code> at
the same time.</p>
<p>NOTE: This command fails when there is an existing master file in the
expected location. You may force it to overwrite the master file with the
--force switch. NOTE: this will require you to change passwords protecting the
keystores for the gateway identity keystores and all credential stores.</p>
<h4><a id="Alias+creation">Alias creation</a> <a href="#Alias+creation"><img
src="markbook-section-link.png"/></a></h4>
<h5><a
id="`bin/knoxcli.sh+create-alias+name+[--cluster+c]+[--value+v]+[--generate]+[--help]`"><code>bin/knoxcli.sh
create-alias name [--cluster c] [--value v] [--generate] [--help]</code></a>
<a
href="#`bin/knoxcli.sh+create-alias+name+[--cluster+c]+[--value+v]+[--generate]+[--help]`"><img
src="markbook-section-link.png"/></a></h5>
-<p>Creates a password alias and stores it in a credential store within the
<code>{GATEWAY_HOME}/data/security/keystores</code> dir. </p>
+<p>Creates a password alias and stores it in a credential store within the
<code>{GATEWAY_HOME}/data/security/keystores</code> dir.</p>
<table>
<thead>
<tr>
@@ -1685,7 +1690,7 @@ keytool -keystore gateway.jks -storepass
</table>
<h4><a id="Self-signed+cert+creation">Self-signed cert creation</a> <a
href="#Self-signed+cert+creation"><img
src="markbook-section-link.png"/></a></h4>
<h5><a
id="`bin/knoxcli.sh+create-cert+[--hostname+n]+[--help]`"><code>bin/knoxcli.sh
create-cert [--hostname n] [--help]</code></a> <a
href="#`bin/knoxcli.sh+create-cert+[--hostname+n]+[--help]`"><img
src="markbook-section-link.png"/></a></h5>
-<p>Creates and stores a self-signed certificate to represent the identity of
the gateway instance. This is stored within the
<code>{GATEWAY_HOME}/data/security/keystores/gateway.jks</code> keystore. </p>
+<p>Creates and stores a self-signed certificate to represent the identity of
the gateway instance. This is stored within the
<code>{GATEWAY_HOME}/data/security/keystores/gateway.jks</code> keystore.</p>
<table>
<thead>
<tr>
@@ -1765,7 +1770,7 @@ keytool -keystore gateway.jks -storepass
</table>
<h4><a id="Topology+LDAP+Bind">Topology LDAP Bind</a> <a
href="#Topology+LDAP+Bind"><img src="markbook-section-link.png"/></a></h4>
<h5><a
id="`bin/knoxcli.sh+system-user-auth-test+[--cluster+c]+[--d]+[--help]`"><code>bin/knoxcli.sh
system-user-auth-test [--cluster c] [--d] [--help]</code></a> <a
href="#`bin/knoxcli.sh+system-user-auth-test+[--cluster+c]+[--d]+[--help]`"><img
src="markbook-section-link.png"/></a></h5>
-<p>This command will test a given topology’s ability to connect, bind,
and authenticate with the LDAP server from the settings specified in the
topology file. The bind currently only will with Shiro as the authentication
provider. There are also two parameters required inside of the topology for
these </p>
+<p>This command will test a given topology’s ability to connect, bind,
and authenticate with the LDAP server from the settings specified in the
topology file. The bind currently only will with Shiro as the authentication
provider. There are also two parameters required inside of the topology for
these</p>
<table>
<thead>
<tr>
@@ -2594,7 +2599,7 @@ ldapRealm.userDnTemplate=uid={0},ou=peop
<ol>
<li><strong>main.ldapRealm.contextFactory.url</strong> must be changed to
have the <code>ldaps</code> protocol scheme and the port must be the SSL
listener port on your LDAP server.</li>
<li>Identity certificate (keypair) provisioned to LDAP server - your LDAP
server specific documentation should indicate what is required for providing a
cert or keypair to represent the LDAP server identity to connecting
clients.</li>
- <li>Trusting the LDAP Server’s public key - if the LDAP Server’s
identity certificate is issued by a well known and trusted certificate
authority and is already represented in the JRE’s cacerts truststore then
you don’t need to do anything for trusting the LDAP server’s cert.
If, however, the cert is self-signed or issued by an untrusted authority you
will need to either add it to the cacerts keystore or to another truststore
that you may direct Knox to utilize through a system property.</li>
+ <li>Trusting the LDAP Server’s public key - if the LDAP Server’s
identity certificate is issued by a well known and trusted certificate
authority and is already represented in the JRE’s cacerts truststore then
you don’t need to do anything for trusting the LDAP server’s cert.
If, however, the cert is self-signed or issued by an untrusted authority you
will need to either add it to the cacerts keystore or to another truststore
that you may direct Knox to utilize through a system property
(<code>javax.net.ssl.trustStore</code> and
<code>javax.net.ssl.trustStorePassword</code>).</li>
</ol>
<h4><a id="Session+Configuration">Session Configuration</a> <a
href="#Session+Configuration"><img src="markbook-section-link.png"/></a></h4>
<p>Knox maps each cluster topology to a web application and leverages standard
JavaEE session management.</p>
@@ -5757,10 +5762,10 @@ dep/commons-codec-1.7.jar
<li><a href="#Yarn">Yarn</a></li>
<li><a href="#Kafka">Kafka</a></li>
<li><a href="#Storm">Storm</a></li>
- <li><a href="#SOLR">SOLR</a></li>
+ <li><a href="#Solr">Solr</a></li>
<li><a href="#Avatica">Avatica</a></li>
<li><a href="#Livy+Server">Livy Server</a></li>
- <li><a href="#ElasticSearch">ElasticSearch</a></li>
+ <li><a href="#Elasticsearch">Elasticsearch</a></li>
</ul>
<h3><a id="Assumptions">Assumptions</a> <a href="#Assumptions"><img
src="markbook-section-link.png"/></a></h3>
<p>This document assumes a few things about your environment in order to
simplify the examples.</p>
@@ -7725,6 +7730,13 @@ SolrJ API at this time.</p>
</service>
</code></pre>
<p>The default Solr port is 8983. Adjust the version specified to either
’5.5.0 or ‘6.0.0’.</p>
+<p>For Solr 5.5.0 you also need to change the role name to
<code>SOLRAPI</code> like this:</p>
+<pre><code><service>
+ <role>SOLRAPI</role>
+ <version>5.5.0</version>
+ <url>http://<solr-host>:<solr-port></url>
+</service>
+</code></pre>
<h4><a id="Solr+URL+Mapping">Solr URL Mapping</a> <a
href="#Solr+URL+Mapping"><img src="markbook-section-link.png"/></a></h4>
<p>For Solr URLs, the mapping of Knox Gateway accessible URLs to direct Solr
URLs is the following.</p>
<table>
@@ -7966,10 +7978,10 @@ DriverManager.getConnection(url, props);
}
</code></pre>
<p>The above is an example request body to be used to create a Spark session
via Livy server and illustrates the “proxyUser” that requires
rewrite.</p>
-<h3><a id="ElasticSearch">ElasticSearch</a> <a href="#ElasticSearch"><img
src="markbook-section-link.png"/></a></h3>
-<p>ElasticSearch provides a REST API for communicating with ElasticSearch via
JSON over HTTP. ElasticSearch uses X-Pack to do its own security
(authentication and authorization). Therefore, the Knox Gateway is to forward
the user credentials to ElasticSearch, and treats the
ElasticSearch-authenticated user as “anonymous” to the backend
service via a doas query param while Knox will authenticate to backend services
as itself.</p>
+<h3><a id="Elasticsearch">Elasticsearch</a> <a href="#Elasticsearch"><img
src="markbook-section-link.png"/></a></h3>
+<p>Elasticsearch provides a REST API for communicating with Elasticsearch via
JSON over HTTP. Elasticsearch uses X-Pack to do its own security
(authentication and authorization). Therefore, the Knox Gateway is to forward
the user credentials to Elasticsearch, and treats the
Elasticsearch-authenticated user as “anonymous” to the backend
service via a doas query param while Knox will authenticate to backend services
as itself.</p>
<h4><a id="Gateway+configuration">Gateway configuration</a> <a
href="#Gateway+configuration"><img src="markbook-section-link.png"/></a></h4>
-<p>The Gateway can be configured for ElasticSearch by modifying the topology
XML file and providing a new service XML file.</p>
+<p>The Gateway can be configured for Elasticsearch by modifying the topology
XML file and providing a new service XML file.</p>
<p>In the topology XML file, add the following new service named
“ELASTICSEARCH” with the correct elasticsearch-rest-server hostname
and port number (e.g., 9200):</p>
<pre><code> <service>
<role>ELASTICSEARCH</role>
@@ -7977,16 +7989,16 @@ DriverManager.getConnection(url, props);
<name>elasticsearch</name>
</service>
</code></pre>
-<h4><a id="ElasticSearch+via+Knox+Gateway">ElasticSearch via Knox Gateway</a>
<a href="#ElasticSearch+via+Knox+Gateway"><img
src="markbook-section-link.png"/></a></h4>
+<h4><a id="Elasticsearch+via+Knox+Gateway">Elasticsearch via Knox Gateway</a>
<a href="#Elasticsearch+via+Knox+Gateway"><img
src="markbook-section-link.png"/></a></h4>
<p>After adding the above to a topology, you can make a cURL request similar
to the following structures:</p>
-<h5><a id="1.++ElasticSearch+Node+Root+Query">1. ElasticSearch Node Root
Query</a> <a href="#1.++ElasticSearch+Node+Root+Query"><img
src="markbook-section-link.png"/></a></h5>
+<h5><a id="1.++Elasticsearch+Node+Root+Query">1. Elasticsearch Node Root
Query</a> <a href="#1.++Elasticsearch+Node+Root+Query"><img
src="markbook-section-link.png"/></a></h5>
<pre><code>curl -i -k -u username:password -H "Accept:
application/json" -X GET
"https://{gateway-hostname}:{gateway-port}/gateway/{topology-name}/elasticsearch"
or
curl -i -k -u username:password -H "Accept: application/json" -X
GET
"https://{gateway-hostname}:{gateway-port}/gateway/{topology-name}/elasticsearch/"
</code></pre>
-<p>The quotation marks around the URL, can be single quotes or double quotes
on both sides, and can also be omitted (Note: This is true for all other
ElasticSearch queries via Knox). Below is an example response:</p>
+<p>The quotation marks around the URL, can be single quotes or double quotes
on both sides, and can also be omitted (Note: This is true for all other
Elasticsearch queries via Knox). Below is an example response:</p>
<pre><code> HTTP/1.1 200 OK
Date: Wed, 23 May 2018 16:36:34 GMT
Content-Type: application/json; charset=UTF-8
@@ -7995,7 +8007,7 @@ curl -i -k -u username:password -H "
{"name":"w0A80p0","cluster_name":"elasticsearch","cluster_uuid":"poU7j48pSpu5qQONr64HLQ","version":{"number":"6.2.4","build_hash":"ccec39f","build_date":"2018-04-12T20:37:28.497551Z","build_snapshot":false,"lucene_version":"7.2.1","minimum_wire_compatibility_version":"5.6.0","minimum_index_compatibility_version":"5.0.0"},"tagline":"You
Know, for Search"}
</code></pre>
-<h5><a
id="2.++ElasticSearch+Index+-+Creation,+Deletion,+Refreshing+and+Data+Operations+-+Writing,+Updating+and+Retrieval">2.
ElasticSearch Index - Creation, Deletion, Refreshing and Data Operations -
Writing, Updating and Retrieval</a> <a
href="#2.++ElasticSearch+Index+-+Creation,+Deletion,+Refreshing+and+Data+Operations+-+Writing,+Updating+and+Retrieval"><img
src="markbook-section-link.png"/></a></h5>
+<h5><a
id="2.++Elasticsearch+Index+-+Creation,+Deletion,+Refreshing+and+Data+Operations+-+Writing,+Updating+and+Retrieval">2.
Elasticsearch Index - Creation, Deletion, Refreshing and Data Operations -
Writing, Updating and Retrieval</a> <a
href="#2.++Elasticsearch+Index+-+Creation,+Deletion,+Refreshing+and+Data+Operations+-+Writing,+Updating+and+Retrieval"><img
src="markbook-section-link.png"/></a></h5>
<h6><a id="(1)+Index+Creation">(1) Index Creation</a> <a
href="#(1)+Index+Creation"><img src="markbook-section-link.png"/></a></h6>
<pre><code>curl -i -k -u username:password -H "Content-Type:
application/json" -X PUT
"https://{gateway-hostname}:{gateway-port}/gateway/{topology-name}/elasticsearch/{index-name}"
-d '{
"settings" : {
@@ -8084,16 +8096,16 @@ curl -i -k -u username:password -H "
{"acknowledged":true}
</code></pre>
<h3><a id="Service+Test+API">Service Test API</a> <a
href="#Service+Test+API"><img src="markbook-section-link.png"/></a></h3>
-<p>The gateway supports a Service Test API that can be used to test
Knox’s ability to connect to each of the different Hadoop services via a
simple HTTP GET request. To be able to access this API, one must add the
following line into the topology for which you wish to run the service test.</p>
+<p>The gateway supports a Service Test API that can be used to test
Knox’s ability to connect to each of the different Hadoop services via a
simple HTTP GET request. To be able to access this API, one must add the
following lines into the topology for which you wish to run the service
test.</p>
<pre><code><service>
<role>SERVICE-TEST</role>
</service>
</code></pre>
<p>After adding the above to a topology, you can make a cURL request with the
following structure</p>
-<pre><code>curl -i -k
"https://{gateway-hostname}:{gateway-port}/gateway/path/{topology-name}/service-test?username=guest&password=guest-password"
+<pre><code>curl -i -k
"https://{gateway-hostname}:{gateway-port}/gateway/{topology-name}/service-test?username=guest&password=guest-password"
</code></pre>
<p>An alternate method of providing credentials:</p>
-<pre><code>curl -i -k -u guest:guest-password
https://{gateway-hostname}:{gateway-port}/gateway/path/{topology-name}/service-test
+<pre><code>curl -i -k -u guest:guest-password
https://{gateway-hostname}:{gateway-port}/gateway/{topology-name}/service-test
</code></pre>
<p>Below is an example response. The gateway is also capable of returning XML
if specified in the request’s “Accept” HTTP header.</p>
<pre><code>{
Modified: knox/site/index.html
URL:
http://svn.apache.org/viewvc/knox/site/index.html?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/site/index.html (original)
+++ knox/site/index.html Thu Dec 6 17:17:03 2018
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
src/site/markdown/index.md at 2018-11-16
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
src/site/markdown/index.md at 2018-12-06
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20181116" />
+ <meta name="Date-Revision-yyyymmdd" content="20181206" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Announcing Apache Knox 1.1.0!</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2018-11-16</li>
+ <li id="publishDate">Last Published: 2018-12-06</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/issue-management.html
URL:
http://svn.apache.org/viewvc/knox/site/issue-management.html?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/site/issue-management.html (original)
+++ knox/site/issue-management.html Thu Dec 6 17:17:03 2018
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:issue-management
at 2018-11-16
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:issue-management
at 2018-12-06
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20181116" />
+ <meta name="Date-Revision-yyyymmdd" content="20181206" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Issue Management</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2018-11-16</li>
+ <li id="publishDate">Last Published: 2018-12-06</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/licenses.html
URL:
http://svn.apache.org/viewvc/knox/site/licenses.html?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/site/licenses.html (original)
+++ knox/site/licenses.html Thu Dec 6 17:17:03 2018
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:licenses at
2018-11-16
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:licenses at
2018-12-06
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20181116" />
+ <meta name="Date-Revision-yyyymmdd" content="20181206" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Licenses</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2018-11-16</li>
+ <li id="publishDate">Last Published: 2018-12-06</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/mailing-lists.html
URL:
http://svn.apache.org/viewvc/knox/site/mailing-lists.html?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/site/mailing-lists.html (original)
+++ knox/site/mailing-lists.html Thu Dec 6 17:17:03 2018
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:mailing-lists
at 2018-11-16
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:mailing-lists
at 2018-12-06
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20181116" />
+ <meta name="Date-Revision-yyyymmdd" content="20181206" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Mailing Lists</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2018-11-16</li>
+ <li id="publishDate">Last Published: 2018-12-06</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/project-info.html
URL:
http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/site/project-info.html (original)
+++ knox/site/project-info.html Thu Dec 6 17:17:03 2018
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-site-plugin:3.7.1:CategorySummaryDocumentRenderer
at 2018-11-16
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-site-plugin:3.7.1:CategorySummaryDocumentRenderer
at 2018-12-06
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20181116" />
+ <meta name="Date-Revision-yyyymmdd" content="20181206" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Information</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2018-11-16</li>
+ <li id="publishDate">Last Published: 2018-12-06</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/site/team.html
URL:
http://svn.apache.org/viewvc/knox/site/team.html?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/site/team.html (original)
+++ knox/site/team.html Thu Dec 6 17:17:03 2018
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:team at
2018-11-16
+ | Generated by Apache Maven Doxia Site Renderer 1.8.1 from
org.apache.maven.plugins:maven-project-info-reports-plugin:3.0.0:team at
2018-12-06
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20181116" />
+ <meta name="Date-Revision-yyyymmdd" content="20181206" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Team</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.7.min.css" />
@@ -40,7 +40,7 @@
<div id="breadcrumbs">
<ul class="breadcrumb">
- <li id="publishDate">Last Published: 2018-11-16</li>
+ <li id="publishDate">Last Published: 2018-12-06</li>
</ul>
</div>
<div class="row-fluid">
Modified: knox/trunk/books/1.2.0/book.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/book.md?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/book.md (original)
+++ knox/trunk/books/1.2.0/book.md Thu Dec 6 17:17:03 2018
@@ -96,10 +96,10 @@
* #[Yarn]
* #[Kafka]
* #[Storm]
- * #[SOLR]
+ * #[Solr]
* #[Avatica]
* #[Livy Server]
- * #[ElasticSearch]
+ * #[Elasticsearch]
* #[Common Service Config]
* #[Default Service HA support]
* #[UI Service Details]
Modified: knox/trunk/books/1.2.0/book_gateway-details.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/book_gateway-details.md?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/book_gateway-details.md (original)
+++ knox/trunk/books/1.2.0/book_gateway-details.md Thu Dec 6 17:17:03 2018
@@ -17,7 +17,7 @@
## Gateway Details ##
-This section describes the details of the Knox Gateway itself. Including:
+This section describes the details of the Knox Gateway itself. Including:
* How URLs are mapped between a gateway that services multiple Hadoop clusters
and the clusters themselves
* How the gateway is configured through `gateway-site.xml` and cluster
specific topology files
@@ -35,9 +35,10 @@ When a topology file is deployed with a
The configuration for the default topology name is found in `gateway-site.xml`
as a property called: `default.app.topology.name`.
-The default value for this property is `sandbox`.
+The default value for this property is empty.
-Therefore, when deploying the `sandbox.xml` topology, both of the following
example URLs work for the same underlying Hadoop cluster:
+
+When deploying the `sandbox.xml` topology and setting
`default.app.topology.name` to `sandbox`, both of the following example URLs
work for the same underlying Hadoop cluster:
https://{gateway-host}:{gateway-port}/webhdfs
https://{gateway-host}:{gateway-port}/{gateway-path}/{cluster-name}/webhdfs
@@ -76,7 +77,7 @@ Note: The ports 50070 (9870 for Hadoop 3
Their values can also be provided via the cluster topology descriptor if your
Hadoop cluster uses different ports.
Note: The HBase REST API uses port 8080 by default. This often clashes with
other running services.
-In the Hortonworks Sandbox, Apache Ambari might be running on this port, so
you might have to change it to a different port (e.g. 60080).
+In the Hortonworks Sandbox, Apache Ambari might be running on this port, so
you might have to change it to a different port (e.g. 60080).
<<book_topology_port_mapping.md>>
<<config.md>>
Modified: knox/trunk/books/1.2.0/book_getting-started.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/book_getting-started.md?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/book_getting-started.md (original)
+++ knox/trunk/books/1.2.0/book_getting-started.md Thu Dec 6 17:17:03 2018
@@ -79,7 +79,7 @@ This table enumerates the versions of va
| Yarn ResourceManager | 2.5.0 | ![y] | ![y] |![n]|
| Kafka (via REST Proxy) | 0.10.0 | ![y] | ![y] |![y]|
| Storm | 0.9.3 | ![y] | ![n] |![n]|
-| SOLR | 5.5+ and 6+ | ![y] | ![n] |![y]|
+| Solr | 5.5+ and 6+ | ![y] | ![y] |![y]|
### More Examples ###
Modified: knox/trunk/books/1.2.0/book_service-details.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/book_service-details.md?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/book_service-details.md (original)
+++ knox/trunk/books/1.2.0/book_service-details.md Thu Dec 6 17:17:03 2018
@@ -37,10 +37,10 @@ These are the current Hadoop services wi
* #[Yarn]
* #[Kafka]
* #[Storm]
-* #[SOLR]
+* #[Solr]
* #[Avatica]
* #[Livy Server]
-* #[ElasticSearch]
+* #[Elasticsearch]
### Assumptions
@@ -94,214 +94,4 @@ Therefore each request via cURL will res
<<service_avatica.md>>
<<service_livy.md>>
<<service_elasticsearch.md>>
-
-### Service Test API
-
-The gateway supports a Service Test API that can be used to test Knox's
ability to connect to each of the different Hadoop services via a simple HTTP
GET request. To be able to access this API, one must add the following line
into the topology for which you wish to run the service test.
-
- <service>
- <role>SERVICE-TEST</role>
- </service>
-
-After adding the above to a topology, you can make a cURL request with the
following structure
-
- curl -i -k
"https://{gateway-hostname}:{gateway-port}/gateway/path/{topology-name}/service-test?username=guest&password=guest-password";
-
-An alternate method of providing credentials:
-
- curl -i -k -u guest:guest-password
https://{gateway-hostname}:{gateway-port}/gateway/path/{topology-name}/service-test
-
-Below is an example response. The gateway is also capable of returning XML if
specified in the request's "Accept" HTTP header.
-
- {
- "serviceTestWrapper": {
- "Tests": {
- "ServiceTest": [
- {
- "serviceName": "WEBHDFS",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/webhdfs/v1/?op=LISTSTATUS";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHCAT",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/status";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHCAT",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHCAT",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version/hive";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHCAT",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version/hadoop";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "OOZIE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/v1/admin/build-version";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "OOZIE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/v1/admin/status";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "OOZIE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/versions";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHBASE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase/version";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHBASE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase/version/cluster";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHBASE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase/status/cluster";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHBASE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "RESOURCEMANAGER",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/resourcemanager/v1/{topology-name}/info";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "RESOURCEMANAGER",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/resourcemanager/v1/{topology-name}/metrics";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "RESOURCEMANAGER",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/resourcemanager/v1/{topology-name}/apps";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "FALCON",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/admin/stack";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "FALCON",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/admin/version";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "FALCON",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/metadata/lineage/serialize";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "FALCON",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/metadata/lineage/vertices/all";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "FALCON",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/metadata/lineage/edges/all";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "STORM",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/cluster/configuration";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "STORM",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/cluster/summary";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "STORM",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/supervisor/summary";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "STORM",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/topology/summary";,
- "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- }
- ]
- },
- "messages": {
- "message": [
-
- ]
- }
- }
- }
-
-
-We can see that this service-test makes HTTP requests to each of the services
through Knox using the specified topology. The test will only make calls to
those services that have entries within the topology file.
-
-##### Adding and Changing test URLs
-
-URLs for each service are stored in
`{GATEWAY_HOME}/data/services/{service-name}/{service-version}/service.xml`.
Each `<testURL>` element represents a service resource that will be tested if
the service is set up in the topology. You can add or remove these from the
`service.xml` file. Just note if you add URLs there is no guarantee in the
order they will be tested. All default URLs have been tested and work on
various clusters. If a new URL is added and doesn't respond in a way the user
expects then it is up to the user to determine whether the URL is correct or
not.
-
-##### Some important things to note:
- - In the first cURL request, the quotes are necessary around the URL or else
a command line terminal will not include the `&password` query parameter in the
request.
- - This API call does not require any credentials to receive a response from
Knox, but expect to receive 401 responses from each of the services if none are
provided.
+<<service_service_test.md>>
Modified: knox/trunk/books/1.2.0/config_authn.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/config_authn.md?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/config_authn.md (original)
+++ knox/trunk/books/1.2.0/config_authn.md Thu Dec 6 17:17:03 2018
@@ -128,7 +128,7 @@ In order to communicate with your LDAP s
1. **main.ldapRealm.contextFactory.url** must be changed to have the `ldaps`
protocol scheme and the port must be the SSL listener port on your LDAP server.
2. Identity certificate (keypair) provisioned to LDAP server - your LDAP
server specific documentation should indicate what is required for providing a
cert or keypair to represent the LDAP server identity to connecting clients.
-3. Trusting the LDAP Server's public key - if the LDAP Server's identity
certificate is issued by a well known and trusted certificate authority and is
already represented in the JRE's cacerts truststore then you don't need to do
anything for trusting the LDAP server's cert. If, however, the cert is
self-signed or issued by an untrusted authority you will need to either add it
to the cacerts keystore or to another truststore that you may direct Knox to
utilize through a system property.
+3. Trusting the LDAP Server's public key - if the LDAP Server's identity
certificate is issued by a well known and trusted certificate authority and is
already represented in the JRE's cacerts truststore then you don't need to do
anything for trusting the LDAP server's cert. If, however, the cert is
self-signed or issued by an untrusted authority you will need to either add it
to the cacerts keystore or to another truststore that you may direct Knox to
utilize through a system property (`javax.net.ssl.trustStore` and
`javax.net.ssl.trustStorePassword`).
#### Session Configuration ####
Modified: knox/trunk/books/1.2.0/dev-guide/book.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/dev-guide/book.md?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/dev-guide/book.md (original)
+++ knox/trunk/books/1.2.0/dev-guide/book.md Thu Dec 6 17:17:03 2018
@@ -1167,7 +1167,7 @@ If this configuration exists, Knox will
**Example**
-If Apache SOLR weren't supported, then it could be added by creating the
following definition in
+If Apache Solr weren't supported, then it could be added by creating the
following definition in
**_{GATEWAY_HOME}_/conf/ambari-discovery-url-mappings.xml** :
<?xml version="1.0" encoding="utf-8"?>
Modified: knox/trunk/books/1.2.0/knox_cli.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/knox_cli.md?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/knox_cli.md (original)
+++ knox/trunk/books/1.2.0/knox_cli.md Thu Dec 6 17:17:03 2018
@@ -31,18 +31,30 @@ prints help for all commands
Displays Knox version information.
#### Master secret persistence ####
-##### `bin/knoxcli.sh create-master [--force][--help]` #####
-Creates and persists an encrypted master secret in a file within
`{GATEWAY_HOME}/data/security/master`.
+##### `bin/knoxcli.sh create-master [--force] [--master mastersecret]
[--generate]` #####
+The create-master command persists the master secret in a file located at:
`{GATEWAY_HOME}/data/security/master`.
+
+It will prompt the user for the secret to persist.
+
+Use `--force` to overwrite the master secret.
+
+Use `--master` to pass in a master secret to persist. This can be used to
persist the secret without any user interaction. Be careful as the secret might
appear in shell histories or process listings.<br/>
+Instead of `--master` it is usually a better idea to use `--generate` instead!
+
+Use `--generate` to have Knox automatically generate a random secret.
+The generated secret will not be printed or otherwise exposed.
+
+Do not specify both `--master` and `--generate` at the same time.
NOTE: This command fails when there is an existing master file in the expected
location. You may force it to overwrite the master file with the \-\-force
switch. NOTE: this will require you to change passwords protecting the
keystores for the gateway identity keystores and all credential stores.
#### Alias creation ####
##### `bin/knoxcli.sh create-alias name [--cluster c] [--value v] [--generate]
[--help]` #####
-Creates a password alias and stores it in a credential store within the
`{GATEWAY_HOME}/data/security/keystores` dir.
+Creates a password alias and stores it in a credential store within the
`{GATEWAY_HOME}/data/security/keystores` dir.
Argument | Description
-------------|-----------
-name | Name of the alias to create
+name | Name of the alias to create
\-\-cluster | Name of Hadoop cluster for the cluster specific credential
store otherwise assumes that it is for the gateway itself
\-\-value | Parameter for specifying the actual password otherwise
prompted. Escape complex passwords or surround with single quotes
\-\-generate | Boolean flag to indicate whether the tool should just generate
the value. This assumes that \-\-value is not set - will result in error
otherwise. User will not be prompted for the value when \-\-generate is set.
@@ -53,7 +65,7 @@ Deletes a password and alias mapping fro
Argument | Description
------------|-----------
-name | Name of the alias to delete
+name | Name of the alias to delete
\-\-cluster | Name of Hadoop cluster for the cluster specific credential store
otherwise assumes '__gateway'
#### Alias listing ####
@@ -68,7 +80,7 @@ Argument | Description
#### Self-signed cert creation ####
##### `bin/knoxcli.sh create-cert [--hostname n] [--help]` #####
-Creates and stores a self-signed certificate to represent the identity of the
gateway instance. This is stored within the
`{GATEWAY_HOME}/data/security/keystores/gateway.jks` keystore.
+Creates and stores a self-signed certificate to represent the identity of the
gateway instance. This is stored within the
`{GATEWAY_HOME}/data/security/keystores/gateway.jks` keystore.
Argument | Description
-------------|-----------
@@ -76,7 +88,7 @@ Argument | Description
#### Certificate Export ####
##### `bin/knoxcli.sh export-cert [--type JKS|PEM] [--help]` #####
-Exports and stores the gateway-identity certificate as the type indicated or
PEM by default. This is stored within the
`{GATEWAY_HOME}/data/security/keystores/` directory as either
`gateway-identity.pem` or `gateway-client-trust.jks` depending on the type
specified.
+Exports and stores the gateway-identity certificate as the type indicated or
PEM by default. This is stored within the
`{GATEWAY_HOME}/data/security/keystores/` directory as either
`gateway-identity.pem` or `gateway-client-trust.jks` depending on the type
specified.
#### Topology Redeploy ####
##### `bin/knoxcli.sh redeploy [--cluster c]` #####
@@ -109,7 +121,7 @@ Argument | Description
#### Topology LDAP Bind ####
##### `bin/knoxcli.sh system-user-auth-test [--cluster c] [--d] [--help]` ####
-This command will test a given topology's ability to connect, bind, and
authenticate with the LDAP server from the settings specified in the topology
file. The bind currently only will with Shiro as the authentication provider.
There are also two parameters required inside of the topology for these
+This command will test a given topology's ability to connect, bind, and
authenticate with the LDAP server from the settings specified in the topology
file. The bind currently only will with Shiro as the authentication provider.
There are also two parameters required inside of the topology for these
Argument | Description
------------|-----------
Modified: knox/trunk/books/1.2.0/service_elasticsearch.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/service_elasticsearch.md?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/service_elasticsearch.md (original)
+++ knox/trunk/books/1.2.0/service_elasticsearch.md Thu Dec 6 17:17:03 2018
@@ -15,13 +15,13 @@
limitations under the License.
--->
-### ElasticSearch ###
+### Elasticsearch ###
-ElasticSearch provides a REST API for communicating with ElasticSearch via
JSON over HTTP. ElasticSearch uses X-Pack to do its own security
(authentication and authorization). Therefore, the Knox Gateway is to forward
the user credentials to ElasticSearch, and treats the
ElasticSearch-authenticated user as "anonymous" to the backend service via a
doas query param while Knox will authenticate to backend services as itself.
+Elasticsearch provides a REST API for communicating with Elasticsearch via
JSON over HTTP. Elasticsearch uses X-Pack to do its own security
(authentication and authorization). Therefore, the Knox Gateway is to forward
the user credentials to Elasticsearch, and treats the
Elasticsearch-authenticated user as "anonymous" to the backend service via a
doas query param while Knox will authenticate to backend services as itself.
#### Gateway configuration ####
-The Gateway can be configured for ElasticSearch by modifying the topology XML
file and providing a new service XML file.
+The Gateway can be configured for Elasticsearch by modifying the topology XML
file and providing a new service XML file.
In the topology XML file, add the following new service named "ELASTICSEARCH"
with the correct elasticsearch-rest-server hostname and port number (e.g.,
9200):
@@ -31,11 +31,11 @@ In the topology XML file, add the follow
<name>elasticsearch</name>
</service>
-#### ElasticSearch via Knox Gateway ####
+#### Elasticsearch via Knox Gateway ####
After adding the above to a topology, you can make a cURL request similar to
the following structures:
-##### 1. ElasticSearch Node Root Query #####
+##### 1. Elasticsearch Node Root Query #####
curl -i -k -u username:password -H "Accept: application/json" -X GET
"https://{gateway-hostname}:{gateway-port}/gateway/{topology-name}/elasticsearch";
@@ -43,7 +43,7 @@ After adding the above to a topology, yo
curl -i -k -u username:password -H "Accept: application/json" -X GET
"https://{gateway-hostname}:{gateway-port}/gateway/{topology-name}/elasticsearch/";
-The quotation marks around the URL, can be single quotes or double quotes on
both sides, and can also be omitted (Note: This is true for all other
ElasticSearch queries via Knox). Below is an example response:
+The quotation marks around the URL, can be single quotes or double quotes on
both sides, and can also be omitted (Note: This is true for all other
Elasticsearch queries via Knox). Below is an example response:
HTTP/1.1 200 OK
Date: Wed, 23 May 2018 16:36:34 GMT
@@ -53,7 +53,7 @@ The quotation marks around the URL, can
{"name":"w0A80p0","cluster_name":"elasticsearch","cluster_uuid":"poU7j48pSpu5qQONr64HLQ","version":{"number":"6.2.4","build_hash":"ccec39f","build_date":"2018-04-12T20:37:28.497551Z","build_snapshot":false,"lucene_version":"7.2.1","minimum_wire_compatibility_version":"5.6.0","minimum_index_compatibility_version":"5.0.0"},"tagline":"You
Know, for Search"}
-##### 2. ElasticSearch Index - Creation, Deletion, Refreshing and Data
Operations - Writing, Updating and Retrieval #####
+##### 2. Elasticsearch Index - Creation, Deletion, Refreshing and Data
Operations - Writing, Updating and Retrieval #####
###### (1) Index Creation ######
Modified: knox/trunk/books/1.2.0/service_service_test.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/service_service_test.md?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/service_service_test.md (original)
+++ knox/trunk/books/1.2.0/service_service_test.md Thu Dec 6 17:17:03 2018
@@ -15,207 +15,214 @@
limitations under the License.
--->
-### Service Test ###
-The gateway supports a Service Test API that can be used to test Knox's
ability to connect to each of the different Hadoop services via a simple HTTP
GET request. To be able to access this API one must add the following entry
into the topology for which you wish to run the service test.
+### Service Test API
- <service>
- <role>SERVICE-TEST</role>
- </service>
+The gateway supports a Service Test API that can be used to test Knox's
ability to connect to each of the different Hadoop services via a simple HTTP
GET request. To be able to access this API, one must add the following lines
into the topology for which you wish to run the service test.
+
+ <service>
+ <role>SERVICE-TEST</role>
+ </service>
After adding the above to a topology, you can make a cURL request with the
following structure
- curl -i -k -u guest:guest-password
https://{gateway-host}:{gateway-port}/{gateway-path}/{topology-name}/service-test
+ curl -i -k
"https://{gateway-hostname}:{gateway-port}/gateway/{topology-name}/service-test?username=guest&password=guest-password";
+
+An alternate method of providing credentials:
+
+ curl -i -k -u guest:guest-password
https://{gateway-hostname}:{gateway-port}/gateway/{topology-name}/service-test
Below is an example response. The gateway is also capable of returning XML if
specified in the request's "Accept" HTTP header.
- {
- "serviceTestWrapper": {
- "Tests": {
- "ServiceTest": [
- {
- "serviceName": "WEBHDFS",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/webhdfs/v1/?op=LISTSTATUS";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHCAT",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/status";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHCAT",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHCAT",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version/hive";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHCAT",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version/hadoop";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "OOZIE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/v1/admin/build-version";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "OOZIE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/v1/admin/status";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "OOZIE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/versions";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHBASE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase/version";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHBASE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase/version/cluster";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHBASE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase/status/cluster";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "WEBHBASE",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "RESOURCEMANAGER",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/resourcemanager/v1/{topology-name}/info";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "RESOURCEMANAGER",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/resourcemanager/v1/{topology-name}/metrics";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "RESOURCEMANAGER",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/resourcemanager/v1/{topology-name}/apps";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "FALCON",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/admin/stack";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "FALCON",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/admin/version";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "FALCON",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/metadata/lineage/serialize";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "FALCON",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/metadata/lineage/vertices/all";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "FALCON",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/metadata/lineage/edges/all";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "STORM",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/cluster/configuration";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "STORM",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/cluster/summary";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "STORM",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/supervisor/summary";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- },
- {
- "serviceName": "STORM",
- "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/topology/summary";,
- "responseContent":
"Content-Length:0,Content-Type: application/json;charset=utf-8",
- "httpCode": 200,
- "message": "Request sucessful."
- }
- ]
- },
- "messages": {
- "message": [
- ]
- }
- }
- }
+ {
+ "serviceTestWrapper": {
+ "Tests": {
+ "ServiceTest": [
+ {
+ "serviceName": "WEBHDFS",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/webhdfs/v1/?op=LISTSTATUS";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "WEBHCAT",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/status";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "WEBHCAT",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "WEBHCAT",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version/hive";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "WEBHCAT",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version/hadoop";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "OOZIE",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/v1/admin/build-version";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "OOZIE",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/v1/admin/status";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "OOZIE",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/versions";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "WEBHBASE",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase/version";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "WEBHBASE",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase/version/cluster";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "WEBHBASE",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase/status/cluster";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "WEBHBASE",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "RESOURCEMANAGER",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/resourcemanager/v1/{topology-name}/info";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "RESOURCEMANAGER",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/resourcemanager/v1/{topology-name}/metrics";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "RESOURCEMANAGER",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/resourcemanager/v1/{topology-name}/apps";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "FALCON",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/admin/stack";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "FALCON",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/admin/version";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "FALCON",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/metadata/lineage/serialize";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "FALCON",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/metadata/lineage/vertices/all";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "FALCON",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/falcon/api/metadata/lineage/edges/all";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "STORM",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/cluster/configuration";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "STORM",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/cluster/summary";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "STORM",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/supervisor/summary";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ },
+ {
+ "serviceName": "STORM",
+ "requestURL":
"http://{gateway-host}:{gateway-port}/gateway/{topology-name}/storm/api/v1/topology/summary";,
+ "responseContent": "Content-Length:0,Content-Type:
application/json;charset=utf-8",
+ "httpCode": 200,
+ "message": "Request sucessful."
+ }
+ ]
+ },
+ "messages": {
+ "message": [
+
+ ]
+ }
+ }
+ }
We can see that this service-test makes HTTP requests to each of the services
through Knox using the specified topology. The test will only make calls to
those services that have entries within the topology file.
##### Adding and Changing test URLs
-URLs for each service are stored in
`{GATEWAY_HOME}/data/services/{service-name}/{service-version}/service.xml`.
Each `<testURL>` element represents a service resource that will be tested if
the service is set up in the topology. You can add or remove these from teh
service.xml files. Just note if you add URL's there is no guarantee in the
order they will be tested. All default URLs have been tested and work on
various clusters. If a new URL is added and doesn't respond in a way the user
expects then it is up to the user to determine whether the URL is correct or
not.
+URLs for each service are stored in
`{GATEWAY_HOME}/data/services/{service-name}/{service-version}/service.xml`.
Each `<testURL>` element represents a service resource that will be tested if
the service is set up in the topology. You can add or remove these from the
`service.xml` file. Just note if you add URLs there is no guarantee in the
order they will be tested. All default URLs have been tested and work on
various clusters. If a new URL is added and doesn't respond in a way the user
expects then it is up to the user to determine whether the URL is correct or
not.
##### Some important things to note:
+ - In the first cURL request, the quotes are necessary around the URL or else
a command line terminal will not include the `&password` query parameter in the
request.
- This API call does not require any credentials to receive a response from
Knox, but expect to receive 401 responses from each of the services if none are
provided.
Modified: knox/trunk/books/1.2.0/service_solr.md
URL:
http://svn.apache.org/viewvc/knox/trunk/books/1.2.0/service_solr.md?rev=1848343&r1=1848342&r2=1848343&view=diff
==============================================================================
--- knox/trunk/books/1.2.0/service_solr.md (original)
+++ knox/trunk/books/1.2.0/service_solr.md Thu Dec 6 17:17:03 2018
@@ -38,6 +38,15 @@ To enable this functionality, a topology
The default Solr port is 8983. Adjust the version specified to either '5.5.0
or '6.0.0'.
+For Solr 5.5.0 you also need to change the role name to `SOLRAPI` like this:
+
+ <service>
+ <role>SOLRAPI</role>
+ <version>5.5.0</version>
+ <url>http://<solr-host>:<solr-port></url>
+ </service>
+
+
#### Solr URL Mapping ####
For Solr URLs, the mapping of Knox Gateway accessible URLs to direct Solr URLs
is the following.
