Example: Configure Knox Gateway for YARN UI
This example shows you how to set up a new custom Knox topology for YARN UI and installing services for YARN.
Setting up Topology File
- Login to Ambari and access Knox service page.
Knox Admin UI link could be found on the right pane of the Ambari’s Knox page.
Once this link is clicked, user will be asked to provide a username and password. This will be based on the ldap configured for the manager.
- Accessing Knox admin UI page for topology creationOnce admin lands in to the Knox admin UI, there are fundamentally three steps more to create a topology of desired use case.
- Create a custom provider configuration
- Define Descriptors for the topology to auto-discover services from Ambari
- Save and verify the topology which is created
- Creating a custom Provider Configuration
Admin can click on the “Provider Configurations” in left panel to list all available providers. Click on the “+” button on the right side to create a new provider.
Admin can select all the providers which are needed for defining “hdp_ui_provider”- Authentication (Anonymous)
- Authorization (AclsAuthz/Access Control Lists)
- HAProvider (Default)
- Identity-assertion (Default)
- Add Authentication>Anonymous.
- Add Authorization>Access Control Lists.
- Add HAProvider>Default.
- Add Identity-Assertion>Default.
- Save the provider by clicking on save button at right bottom.
- Defining Descriptors for topology: Click on “+” button near to
Descriptor to define a new custom descriptor.
- Add all details for a descriptor:
- Define a name for the descriptor
- Select YARNUI from the below list
- Configure Ambari address in “Discovery - Address”
- Configure Ambari cluster name in “Discovery - Cluster”
- Provide Ambari user name in “Discovery - Username”
- “Discovery Password Alias” could be left as it is as below manual step to be ran on knox machine to avoid configuring password.
- Creating password alias, e.g.,
[root@ctr-e138-1518143905142-240189-01-046340 services]# /usr/$REPO/$VERSION/knox/bin/knoxcli.sh create-alias ambari.discovery.password Enter password: Enter password again: ambari.discovery.password has been successfully created.
- Select provider configuration as “hdp_ui_provider”.
- Press “Ok” to save the details.
- Select “hdp_ui” descriptor to add “YARNUIV2” service.
Admin can add custom services which are see on the right pane under “Descriptor Detail”.
Not all services listed are officially supported. See “Knox- Supported Services” for details on which services are supported.
- Add all details for a descriptor:
- Verify topology:
Topologies>Select one topology: This is read-only pane where all configuration which are done for “hdp_ui” could be verified.
Changing QuickLinks for YARN UIs
- Quick Link
template
{ "name": "default", "description": "default quick links configuration", "configuration": { "protocol": { "type": "HTTPS_ONLY" }, "links": [ { "name": "resourcemanager_ui", "label": "ResourceManager UI", "requires_user_name": "false", "component_name": "KNOX_GATEWAY", "url": "%@://%@:%@/gateway/hdp_ui/yarnuiv2/", "port": { "https_property": "gateway.port", "https_default_port": "8443", "regex": "^(\\d+)$", "site": "gateway-site" } }, { "name": "resourcemanager_logs", "label": "ResourceManager logs", "requires_user_name": "false", "component_name": "KNOX_GATEWAY", "url": "%@://%@:%@/gateway/hdp_ui/yarn/logs", "port": { "https_property": "gateway.port", "https_default_port": "8443", "regex": "^(\\d+)$", "site": "gateway-site" } }, { "name": "resourcemanager_jmx", "label":"ResourceManager JMX", "requires_user_name": "false", "component_name": "KNOX_GATEWAY", "url":"%@://%@:%@/gateway/hdp_ui/yarn/jmx", "port": { "https_property": "gateway.port", "https_default_port": "8443", "regex": "^(\\d+)$", "site": "gateway-site" } }, { "name": "thread_stacks", "label":"Thread Stacks", "requires_user_name": "false", "component_name": "KNOX_GATEWAY", "url":"%@://%@:%@/gateway/hdp_ui/yarn/stacks", "port": { "https_property": "gateway.port", "https_default_port": "8443", "regex": "^(\\d+)$", "site": "gateway-site" } } ] } }
- Place quicklinks.json in Ambari: In ambari-server host, at following
path, place the quicklink file:
Please ensure that existing quicklinks.json in replaced with the attached json file from this document./var/lib/ambari-server/resources/stacks/$REPO/$VERSION/services/YARN/quicklinks/quicklinks.json
- Restart Ambari:
ambari-server restart
- Verify QuickLinks.
Post these steps, YARN Quick links will be accessible only via knox proxy.