Apache Knox Install Role Parameters
Reference information on all the parameters available for Knox service roles.
Service-level parameters
Name | In Wizard | Type | Default Value |
---|---|---|---|
kerberos.auth.enabled* | Yes | Boolean | false |
ranger_knox_plugin_hdfs_audit_directory | No | Text | ${ranger_base_audit_url}/knox |
autorestart_on_stop | No | Boolean | false |
knox_pam_realm_service | No | Text | login |
save_alias_command_input_password | No | Text | - |
Knox Gateway role parameters
Name | In Wizard | Type | Default Value |
---|---|---|---|
gateway_master_secret | Yes | Password | - |
gateway_conf_dir | Yes | Path | /var/lib/knox/gateway/conf |
gateway_data_dir | Yes | Path | /var/lib/knox/gateway/data |
gateway_port | No | Port | 8443 |
gateway_path | No | Text | gateway |
gateway_heap_size | No | Memory | 1 GB (min = 256 MB; soft min = 512 MB) |
gateway_ranger_knox_plugin_conf_path | No | Path | /var/lib/knox/ranger-knox-plugin |
gateway_ranger_knox_plugin_policy_cache_directory | No | Path | /var/lib/ranger/knox/gateway/policy-cache |
gateway_ranger_knox_plugin_hdfs_audit_spool_directory | No | Path | /var/log/knox/gateway/audit/hdfs/spool |
gateway_ranger_knox_plugin_solr_audit_spool_directory | No | Path | /var/log/knox/gateway/audit/solr/spool |
Name | Type | Default Value |
---|---|---|
gateway_default_topology_name | Text | cdp-proxy |
gateway_auto_discovery_enabled | Boolean | true |
gateway_cluster_configuration_monitor_interval | Time | 60 seconds (minimum = 30 seconds) |
gateway_auto_discovery_advanced_configuration_monitor_interval | Time | 10 seconds (minimum = 5 seconds) |
gateway_cloudera_manager_descriptors_monitor_interval | Time | 10 seconds (minimum = 5 seconds) |
gateway_auto_discovery_cdp_proxy_enabled_* | Boolean | true |
gateway_auto_discovery_cdp_proxy_api_enabled_* | Boolean | true |
gateway_descriptor_cdp_proxy | Text Array | Contains the required properties of cdp-proxy topology |
gateway_descriptor_cdp_proxy_api | Text Array | Contains the required properties of cdp-proxy-api topology |
gateway_sso_authentication_provider | Text Array |
Contains the required properties of the authentication provider used by the UIs using the Knox SSO capabilities (Admin UI and Home Page). Defaults to PAM authentication.
|
gateway_api_authentication_provider | Text Array |
Contains the required properties of the authentication provider used by pre-defined topologies such as admin, metadata or cdp-proxy-api. Defaults to PAM authentication. |
Knox IDBroker role parameters
Name | In Wizard | Type | Default Value |
---|---|---|---|
idbroker_master_secret | Yes | Password | - |
idbroker_conf_dir | Yes | Path | /var/lib/knox/idbroker/conf |
idbroker_data_dir | Yes | Path | /var/lib/knox/idbroker/data |
idbroker_gateway_port | No | Port | 8444 |
idbroker_gateway_path | No | Text | gateway |
idbroker_heap_size | No | Memory | 1 GB (min = 256 MB; soft min = 512 MB) |
Name | Type | Default Value |
---|---|---|
idbroker_aws_user_mapping | Text | - |
idbroker_aws_group_mapping | Text | - |
idbroker_aws_user_default_group_mapping | Text | - |
idbroker_aws_credentials_key | Password | - |
idbroker_aws_credentials_secret | Password | - |
idbroker_gcp_user_mapping | Text | - |
idbroker_gcp_group_mapping | Text | - |
idbroker_gcp_user_default_group_mapping | Text | - |
idbroker_gcp_credential_key | Password | - |
idbroker_gcp_credential_secret | Password | - |
idbroker_azure_user_mapping | Text | - |
idbroker_azure_group_mapping | Text | - |
idbroker_azure_user_default_group_mapping | Text | - |
idbroker_azure_adls2_tenant_name | Text | - |
idbroker_azure_vm_assumer_identity | Text | - |
idbroker_relaodable_refresh_interval_ms | Time | 10 seconds (minimum = 1 second) |
idbroker_kerberos_dt_proxyuser_block | Text Array | A comma-separated list of proxy user configuration used in Knox's dt topology in case Kerberos is enabled |
idbroker_knox_token_ttl_ms | Time | 1 hour (minimum = 1 second) |