Knox Topology Management in Cloudera Manager

In CDP Private Cloud, you can manage Apache Knox topologies via Cloudera Manager using cdp-proxy and cdp-proxy-api.

Shared providers

The Cloudera Manager configurations where the cdp-proxy and cdp-proxy-api topologies can be managed are:
  • Knox Simplified Topology Management - cdp-proxy
  • Knox Simplified Topology Management - cdp-proxy-api
  • The SSO authentication provider is used by the UIs using the Knox SSO capabilities, such as the Admin and Home Page UIs.
  • The API authentication provider is used by predefined topologies, such as admin, metadata or cdp-proxy-api.
  • You can add or modify new or existing shared provider configurations.
  • You can save aliases using a new Knox Gateway command.


You can enable or disable known or custom services in Knox proxy via Cloudera Manager.

There are two kinds of services in cdp-proxy:
  • Known: officially-supported Knox services. Cloudera Manager provides and manages all the required service definition files.
  • Custom: unofficial, tech preview, or community feature Knox services. You must supply the service definition files (service.xml and rewrite.xml) that exist in the KNOX_DATA_DIR/services folder. These are not recommended for production environments, and not supported by Cloudera.

Service parameters

You can add, modify, or remove custom service parameters in Knox proxy via Cloudera Manager.