Glad to hear, Gareth! BTW - you need to also consider who has access to the KNOX service when you deploy it in your topologies. You don't want it to be open to anyone that can authenticate usually.
If you look at admin.xml you should see that authorization setup for it. On Thu, Jan 4, 2018 at 12:13 PM, Gareth Williams <[email protected]> wrote: > Removing the KNOX service role has resolved the problem. > > Thanks very much for the speedy resolution! > > -----Original Message----- > From: larry mccay [mailto:[email protected]] > Sent: 03 January 2018 16:58 > To: [email protected] > Subject: Re: Add Apache Knox Services > > Interesting... > > I see that it is resolving to the KNOX service role from the audit log. > That is the actual issue. > > The KNOX service happens to be an odd implementation in that its path > assumes that it is deployed alone in the admin.xml topology. > Thus the URL is https://localhost:8443/gateway/admin/v1/... - note the > lack of an API context path there. > It seemed cleaner to implement that way than come up with some redundant > topology and api context path like "admin/knox" or "admin/admin". > As is often the case, the naming here was the hardest part and likely the > root of your issue. > > Please remove the KNOX service from the sandbox topology. > You are getting a 404 because index.html is definitely not a resource in > the KNOX admin API. > > > > On Wed, Jan 3, 2018 at 11:07 AM, Gareth Williams <[email protected]> > wrote: > > > I touched the sandbox.xml topology file: > > > > 2018-01-03 16:00:12,237 INFO hadoop.gateway (GatewayServer.java: > > internalDeactivateTopology(816)) - Deactivating topology sandbox > > 2018-01-03 16:00:30,568 INFO hadoop.gateway > > (DefaultGatewayServices.java=initializeContribution(201)) > > - Credential store found for the cluster: sandbox - no need to create > > one= > > 2018-01-03 16:00:44,737 INFO hadoop.gateway > > (GatewayServer.java:internal=ctivateTopology(784)) > > - Activating topology sandbox > > 2018-01-03 16:00:44,737 INFO hadoop.gateway > > (GatewayServer.java:internal=ctivateArchive(794)) > > - Activating topology sandbox archive %2F > > 2018-01-03 16:00:46,703 INFO hadoop.gateway (GatewayServer.java: > > cleanupTopologyDeployments(283)) - Deleting backup deployed topology > > C:\knox\bin\..\data\deployments\sandbox.topo.160bb92cbbd > > > > Same result, I am able to visit webhdfs via knox but not my newly > > created service. > > > > 18/01/03 16:06:34 ||22dc76f2-5b0f-4585-8620- > 157906f9977f|audit|0:0:0:0:0: > > 0:0:1|WEBHDFS||||access|uri|/gateway/sandbox/webhdfs/v1/? > > op=LISTSTATUS|unavailable|Request method: GET > > 18/01/03 16:06:34 ||22dc76f2-5b0f-4585-8620- > 157906f9977f|audit|0:0:0:0:0: > > 0:0:1|WEBHDFS|admin|||authentication|uri|/gateway/sandbox/webhdfs/v1/? > > op=3D > > LISTSTATUS|success| > > 18/01/03 16:06:34 ||22dc76f2-5b0f-4585-8620- > 157906f9977f|audit|0:0:0:0:0: > > 0:0:1|WEBHDFS|admin|||authentication|uri|/gateway/ > sandbox/webhdfs/v1/?op=3DLISTSTATUS|success|Groups: > > [] > > 18/01/03 16:06:34 ||22dc76f2-5b0f-4585-8620- > 157906f9977f|audit|0:0:0:0:0: > > 0:0:1|WEBHDFS|admin|||dispatch|uri|http://localhost:50070/webhdfs/v1/? > > op=3D LISTSTATUS&user.name=admin|unavailable|Request method: GET > > 18/01/03 16:06:35 ||22dc76f2-5b0f-4585-8620- > 157906f9977f|audit|0:0:0:0:0: > > 0:0:1|WEBHDFS|admin|||dispatch|uri|http://localhost:50070/webhdfs/v1/? > > op=3D LISTSTATUS&user.name=admin|success|Response status: 200 > > 18/01/03 16:06:35 ||22dc76f2-5b0f-4585-8620- > 157906f9977f|audit|0:0:0:0:0: > > 0:0:1|WEBHDFS|admin|||access|uri|/gateway/sandbox/webhdfs/ > > v1/?op=LISTSTATUS|success|Response status: 200 > > 18/01/03 16:06:41 ||8e1efbb0-8a1a-4c0c-8557- > 2d838fb61aae|audit|0:0:0:0:0: > > 0:0:1|KNOX||||access|uri|/gateway/sandbox/simple/index.html|unavailabl > > e|R=quest > > method: GET > > 18/01/03 16:06:41 ||8e1efbb0-8a1a-4c0c-8557- > 2d838fb61aae|audit|0:0:0:0:0: > > 0:0:1|KNOX|admin|||authentication|uri|/gateway/sandbox/simple/index.ht > > ml| > > success| > > 18/01/03 16:06:41 ||8e1efbb0-8a1a-4c0c-8557- > 2d838fb61aae|audit|0:0:0:0:0: > > 0:0:1|KNOX|admin|||authentication|uri|/gateway/ > sandbox/simple/index.html|=uccess|Groups: > > [] > > 18/01/03 16:06:41 ||8e1efbb0-8a1a-4c0c-8557- > 2d838fb61aae|audit|0:0:0:0:0: > > 0:0:1|KNOX|admin|||access|uri|/gateway/sandbox/simple/index.html|succe > > ss|=esponse > > status: 404 > > > > Thanks, > > > > Gareth > > > > -----Original Message----- > > From: larry mccay [mailto:[email protected]] > > Sent: 03 January 2018 14:43 > > To: [email protected] > > Subject: Re: Add Apache Knox Services > > > > "Yes I edited the topology file after entering the service definitions > > an= then I restarted the server." > > > > I interpret the above as: > > > > 1. added service definition to data directory 2. edited topology > > (which would deploy the new webapp without knowing about the service > def) 3. > > restart server (which would make server aware of new service def for > > new topology deployments but the webapp still not) > > > > NOTE: webapps are not recreated on restart > > > > If the above is correct then you need to touch the topology so that it > > gets redeployed. > > If you haven't done that already then just do it and see if it works. > > > > On Wed, Jan 3, 2018 at 9:20 AM, Gareth Williams > > <[email protected]> > > wrote: > > > > > Yes I edited the topology file after entering the service > > > definitions and then I restarted the server. > > > > > > Any other suggestions? > > > > > > -----Original Message----- > > > From: larry mccay [mailto:[email protected]] > > > Sent: 03 January 2018 13:15 > > > To: [email protected] > > > Subject: Re: Add Apache Knox Services > > > > > > It all looks okay to me. > > > You may need to touch the sandbox.xml file. > > > > > > If you happen to have had it configured in the topology before you > > > added the service definition AND restarted then the generated webapp > > > wouldn't have known about the service and it wouldn't have been > > > added to the gateway.xml file in the webapp. > > > > > > You can check that file - if you like or just touch the topology and > > > see if the new deployment works. > > > > > > On Wed, Jan 3, 2018 at 5:47 AM, Gareth Williams > > > <[email protected]> > > > wrote: > > > > > > > I am unable to add new services to my Apache Knox installation. > > > > For example, I have created a tomcat site which hosts a static html > file. > > > > I have added it to Knox as a service called ‘Simple’. > > > > > > > > When I attempt to visit a page within one of the new services, I > > > > receive = > > > > 404 page from jetty (not tomcat). > > > > > > > > I have attached my topology and services xml files and my log files. > > > > > > > > Thanks, > > > > > > > > Gareth > > > > > > > > > >
