Setting up and validating the Knox Gateway installation requires a fully operational Hadoop Cluster that can be accessed from the gateway. This section explains how to get the gateway up and running and then test access to your existing cluster with the minimal configuration.
Tip | |
---|---|
Use the setup in this section for initial gateway testing. For detailed configuration instructions, see the Knox Gateway Administrator Guide |
To set up the gateway and test access:
Set the master secret:
su -l knox -c "$gateway_home/bin/gateway.sh setup"
You are prompted for the master secret, enter the password at the prompts.
Start the gateway:
su -l knox -c "$gateway_home/bin/gateway.sh start" Starting Gateway succeeded with PID 1871.
The gateway starts and the PID is stored in
/var/run/knox
.Start the demo LDAP service that contains the guest user account for testing:
su -l knox -c "$gateway_home/bin/ldap.sh start" Starting LDAP succeeded with PID 1965.
Note In a production environment, we recommend using Active Directory or OpenLDAP for authentication. For detailed instructions on configuring Knox Gateway, see Configuring Authentication in the Knox Gateway Administrator Guide.
Verify that the gateway and LDAP service are running:
su -l knox -c "$gateway_home/bin/gateway.sh status" Gateway is running with PID 1871. su -l knox -c "$gateway_home/bin/ldap.sh status" LDAP is running with PID 1965.
Confirm access from gateway host to WebHDFS Service host using telnet:
telnet $webhdfs_host $webhdfs_port
Warning You must successfully be able to reach the internal cluster service from the gateway before continuing.
Update the WebHDFS host information:
Open the
file in an editor, such as vi.$gateway_home
/conf/topologies/sandbox.xmlFind service definition for WebHDFS and update it as follows:
<service> <role>WEBHDFS</role> <url>http://$webhdfs_host:$webhdfs_port/webhdfs</url> </service>
where
$webhdfs_host
and$webhdfs_port
(default port is 50070) match your environment.(Optionally) Comment out the Sandbox specific hostmap information:
<!-- REMOVE SANDBOX HOSTMAP PROVIDER <provider> <role>hostmap</role> <name>static</name> <enabled>false</enabled> <param> <name>localhost</name><value>sandbox,sandbox.hortonworks.com</value> </param> </provider> -->
(Optionally) Rename the Sandbox Topology Descriptor file to match the name of your cluster:
mv $gateway_home/conf/topologies/sandbox.xml $gateway_home/conf/topologies/cluster-name.xml
The gateway is now configured to allow access to WebHDFS.
On an external client that has curl, enter the following command:
curl -k -ssl3 -u guest:guest-password -X GET "https://$gateway_host:8443/gateway/sandbox/webhdfs/v1/?op=LISTSTATUS"
where:
sandbox
is the name of the cluster topology descriptor file that you created for testing. If you renamed it, then replacesandbox
in the command above.$gateway_host
is the Knox Gateway hostname.
The status is returned.