Apache Knox AuthenticationPDF version

Knox Topology Management in Cloudera Manager

In CDP Private Cloud, you can manage Apache Knox topologies via Cloudera Manager using cdp-proxy and cdp-proxy-api.

The Cloudera Manager configurations where the cdp-proxy and cdp-proxy-api topologies can be managed are:
  • Knox Simplified Topology Management - cdp-proxy
  • Knox Simplified Topology Management - cdp-proxy-api
  • The SSO authentication provider is used by the UIs using the Knox SSO capabilities, such as the Admin and Home Page UIs.
  • The API authentication provider is used by predefined topologies, such as admin, metadata or cdp-proxy-api.
  • You can add or modify new or existing shared provider configurations.
  • You can save aliases using a new Knox Gateway command.

You can enable or disable known or custom services in Knox proxy via Cloudera Manager.

There are two kinds of services in cdp-proxy:
  • Known: officially-supported Knox services. Cloudera Manager provides and manages all the required service definition files.
  • Custom: unofficial, tech preview, or community feature Knox services. You must supply the service definition files (service.xml and rewrite.xml) exist in the KNOX_DATA_DIR/services folder. These are not recommended for production environments, and not supported by Cloudera.

You can add, modify, or remove custom service parameters in Knox proxy via Cloudera Manager.