The Knox Gateway supports one or more Hadoop clusters. Each Hadoop cluster
configuration is defined in a topology deployment descriptor file in the
/etc/knox/conf/topologies
directory and is deployed to a corresponding WAR file in the
/var/lib/knox/data/deployments
directory. These files define how the gateway communicates with each Hadoop clusters.
The descriptor is an XML file contains the following sections:
gateway/provider: Configuration settings enforced by the Knox Gateway while providing access to the Hadoop cluster.service: Defines the Hadoop service URLs used by the gateway to proxy communications from external clients.
The following table provides an overview of the providers and services:
Table 3.1. Cluster Topology Provider and Service Roles
| Type | Role | Description |
|---|---|---|
| gateway/provider | hostmap | Maps external to internal node hostnames, replacing the internal hostname with mapped external name when hostname is embedded in a response from the cluster, see Map Hadoop Cluster Host Names. |
| authentication | Integrates an LDAP store to authenticate external requests accessing the cluster via the Knox Gateway, see Set up LDAP Authentication. | |
| federation | Defines HTTP header authentication fields for an SSO or federation solution provider, see Set up HTTP Header Authentication for Federation/SSO. | |
| identity-assertion | Maps external authenticated users to an internal cluster user that the gateway asserts as the current session user or group, see Configure Identity Assertion. | |
| authorization | Service level authorization that restricts cluster access to specified users, groups and/or IP addresses, see Configure Service Level Authorization. | |
| webappsec | Configures a web application security plug-in that provides protection filtering against Cross Site Request Forgery attacks, see Configure Web Application Security. | |
| service | $service_name | Binds a Hadoop service with an internal URL that the gateway uses to proxy requests from external clients to the internal cluster services, see Configure Hadoop Service URLs. |
![[Note]](../common/images/admon/note.png) | Note |
|---|---|
The gateway automatically redeploys the cluster when a new topology descriptor file or change is detected. |
Cluster topology descriptors have the following XML format:
<topology>
<gateway>
<provider>
<role></role>
<name></name>
<enabled></enabled>
<param>
<name></name>
<value></value>
</param>
</provider>
</gateway>
<service>
</service>
</topology>