Author: lmccay Date: Wed Oct 14 15:03:30 2015 New Revision: 1708615 URL: http://svn.apache.org/viewvc?rev=1708615&view=rev Log: added configuration info to 0.7.0 book
Modified: knox/site/books/knox-0-4-0/deployment-overview.png knox/site/books/knox-0-4-0/deployment-provider.png knox/site/books/knox-0-4-0/deployment-service.png knox/site/books/knox-0-4-0/runtime-overview.png knox/site/books/knox-0-4-0/runtime-request-processing.png knox/site/books/knox-0-5-0/deployment-overview.png knox/site/books/knox-0-5-0/deployment-provider.png knox/site/books/knox-0-5-0/deployment-service.png knox/site/books/knox-0-5-0/runtime-overview.png knox/site/books/knox-0-5-0/runtime-request-processing.png knox/site/books/knox-0-6-0/deployment-overview.png knox/site/books/knox-0-6-0/deployment-provider.png knox/site/books/knox-0-6-0/deployment-service.png knox/site/books/knox-0-6-0/runtime-overview.png knox/site/books/knox-0-6-0/runtime-request-processing.png knox/site/books/knox-0-7-0/deployment-overview.png knox/site/books/knox-0-7-0/deployment-provider.png knox/site/books/knox-0-7-0/deployment-service.png knox/site/books/knox-0-7-0/runtime-overview.png knox/site/books/knox-0-7-0/runtime-request-processing.png knox/site/books/knox-0-7-0/user-guide.html knox/site/images/application-certificate.png knox/site/index.html knox/site/issue-tracking.html knox/site/license.html knox/site/mail-lists.html knox/site/project-info.html knox/site/team-list.html knox/trunk/books/0.7.0/config.md Modified: knox/site/books/knox-0-4-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/deployment-overview.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-4-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/deployment-provider.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-4-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/deployment-service.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-4-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/runtime-overview.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-4-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/runtime-request-processing.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-5-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-5-0/deployment-overview.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-5-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-5-0/deployment-provider.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-5-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-5-0/deployment-service.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-5-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-5-0/runtime-overview.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-5-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-5-0/runtime-request-processing.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-6-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-6-0/deployment-overview.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-6-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-6-0/deployment-provider.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-6-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-6-0/deployment-service.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-6-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-6-0/runtime-overview.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-6-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-6-0/runtime-request-processing.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/deployment-overview.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/deployment-provider.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/deployment-service.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/runtime-overview.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/runtime-request-processing.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/user-guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/user-guide.html?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== --- knox/site/books/knox-0-7-0/user-guide.html (original) +++ knox/site/books/knox-0-7-0/user-guide.html Wed Oct 14 15:03:30 2015 @@ -355,7 +355,12 @@ https://{gateway-host}:{gateway-port}/{g <li>Gateway: jdbc:hive2://{gateway-host}:{gateway-port}/;ssl=true;sslTrustStore={gateway-trust-store-path};trustStorePassword={gateway-trust-store-password}?hive.server2.transport.mode=http;hive.server2.thrift.http.path={gateway-path}/{cluster-name}/hive</li> <li>Cluster: <code>http://{hive-host}:10001/cliservice</code></li> </ul></li> -</ul><p>The values for <code>{gateway-host}</code>, <code>{gateway-port}</code>, <code>{gateway-path}</code> are provided via the gateway configuration file (i.e. <code>{GATEWAY_HOME}/conf/gateway-site.xml</code>).</p><p>The value for <code>{cluster-name}</code> is derived from the file name of the cluster topology descriptor (e.g. <code>{GATEWAY_HOME}/deployments/{cluster-name}.xml</code>).</p><p>The value for <code>{webhdfs-host}</code>, <code>{webhcat-host}</code>, <code>{oozie-host}</code>, <code>{hbase-host}</code> and <code>{hive-host}</code> are provided via the cluster topology descriptor (e.g. <code>{GATEWAY_HOME}/conf/topologies/{cluster-name}.xml</code>).</p><p>Note: The ports 50070, 50111, 11000, 60080 (default 8080) and 10001 are the defaults for WebHDFS, WebHCat, Oozie, Stargate/HBase and Hive respectively. Their values can also be provided via the cluster topology descriptor if your Hadoop cluster uses different ports.</p><h3><a id="Configuration"></a>Configuration</h 3><h3><a id="Related+Cluster+Configuration"></a>Related Cluster Configuration</h3><p>The following configuration changes must be made to your cluster to allow Apache Knox to dispatch requests to the various service components on behalf of end users.</p><h4><a id="Grant+Proxy+privileges+for+Knox+user+in+`core-site.xml`+on+Hadoop+master+nodes"></a>Grant Proxy privileges for Knox user in <code>core-site.xml</code> on Hadoop master nodes</h4><p>Update <code>core-site.xml</code> and add the following lines towards the end of the file.</p><p>Replace FQDN_OF_KNOX_HOST with the fully qualified domain name of the host running the gateway. You can usually find this by running <code>hostname -f</code> on that host.</p><p>You could use * for local developer testing if Knox host does not have static IP.</p> +</ul><p>The values for <code>{gateway-host}</code>, <code>{gateway-port}</code>, <code>{gateway-path}</code> are provided via the gateway configuration file (i.e. <code>{GATEWAY_HOME}/conf/gateway-site.xml</code>).</p><p>The value for <code>{cluster-name}</code> is derived from the file name of the cluster topology descriptor (e.g. <code>{GATEWAY_HOME}/deployments/{cluster-name}.xml</code>).</p><p>The value for <code>{webhdfs-host}</code>, <code>{webhcat-host}</code>, <code>{oozie-host}</code>, <code>{hbase-host}</code> and <code>{hive-host}</code> are provided via the cluster topology descriptor (e.g. <code>{GATEWAY_HOME}/conf/topologies/{cluster-name}.xml</code>).</p><p>Note: The ports 50070, 50111, 11000, 60080 (default 8080) and 10001 are the defaults for WebHDFS, WebHCat, Oozie, Stargate/HBase and Hive respectively. Their values can also be provided via the cluster topology descriptor if your Hadoop cluster uses different ports.</p><h3><a id="Configuration"></a>Configuration</h 3><p>Configuration for Apache Knox includes:</p> +<ol> + <li>Configuration that must be done within the Hadoop cluster to allow Knox to communicate with various services</li> + <li>Gateway Server Configuration - which is the configurable elements of the server itself which applies to behavior that spans all topologies or managed Hadoop clusters</li> + <li>Topology files which are the descriptors for controlling access to Hadoop clusters in various ways</li> +</ol><h3><a id="Related+Cluster+Configuration"></a>Related Cluster Configuration</h3><p>The following configuration changes must be made to your cluster to allow Apache Knox to dispatch requests to the various service components on behalf of end users.</p><h4><a id="Grant+Proxy+privileges+for+Knox+user+in+`core-site.xml`+on+Hadoop+master+nodes"></a>Grant Proxy privileges for Knox user in <code>core-site.xml</code> on Hadoop master nodes</h4><p>Update <code>core-site.xml</code> and add the following lines towards the end of the file.</p><p>Replace FQDN_OF_KNOX_HOST with the fully qualified domain name of the host running the gateway. You can usually find this by running <code>hostname -f</code> on that host.</p><p>You could use * for local developer testing if Knox host does not have static IP.</p> <pre><code><property> <name>hadoop.proxyuser.knox.groups</name> <value>users</value> @@ -405,7 +410,93 @@ https://{gateway-host}:{gateway-port}/{g <value>cliservice</value> <description>Path component of URL endpoint when in HTTP mode.</description> </property> -</code></pre><h4><a id="Topology+Descriptors"></a>Topology Descriptors</h4><p>The topology descriptor files provide the gateway with per-cluster configuration information. This includes configuration for both the providers within the gateway and the services within the Hadoop cluster. These files are located in <code>{GATEWAY_HOME}/conf/topologies</code>. The general outline of this document looks like this.</p> +</code></pre><h4><a id="Gateway+Server+Configuration"></a>Gateway Server Configuration</h4><p>The following table illustrates the configurable elements of the Apache Knox Gateway at the server level.</p> +<table> + <thead> + <tr> + <th>property </th> + <th>description </th> + <th>default</th> + </tr> + </thead> + <tbody> + <tr> + <td>gateway.deployment.dir</td> + <td>The directory within GATEWAY_HOME that contains gateway topology deployments.</td> + <td>{GATEWAY_HOME}/data/deployments</td> + </tr> + <tr> + <td>gateway.security.dir</td> + <td>The directory within GATEWAY_HOME that contains the required security artifacts</td> + <td>{GATEWAY_HOME}/data/security</td> + </tr> + <tr> + <td>gateway.data.dir</td> + <td>The directory within GATEWAY_HOME that contains the gateway instance data</td> + <td>{GATEWAY_HOME}/data</td> + </tr> + <tr> + <td>gateway.services.dir</td> + <td>The directory within GATEWAY_HOME that contains the gateway services definitions.</td> + <td>{GATEWAY_HOME}/services</td> + </tr> + <tr> + <td>gateway.hadoop.conf.dir</td> + <td>The directory within GATEWAY_HOME that contains the gateway configuration</td> + <td>{GATEWAY_HOME}/conf</td> + </tr> + <tr> + <td>gateway.frontend.url</td> + <td>The URL that should be used during rewriting so that it can rewrite the URLs with the correct “frontend” URL</td> + <td>none</td> + </tr> + <tr> + <td>gateway.xforwarded.enabled</td> + <td>Indicates whether support for some X-Forwarded-* headers is enabled</td> + <td>true</td> + </tr> + <tr> + <td>gateway.trust.all.certs</td> + <td>Indicates whether all presented client certs should establish trust</td> + <td>false</td> + </tr> + <tr> + <td>gateway.client.auth.needed</td> + <td>Indicates whether clients are required to establish a trust relationship with client certificates</td> + <td>false</td> + </tr> + <tr> + <td>gateway.truststore.path</td> + <td>Location of the truststore for client certificates to be trusted</td> + <td>gateway.jks</td> + </tr> + <tr> + <td>gateway.truststore.type</td> + <td>Indicates the type of truststore</td> + <td>JKS</td> + </tr> + <tr> + <td>gateway.keystore.type</td> + <td>Indicates the type of keystore for the identity store</td> + <td>JKS</td> + </tr> + <tr> + <td>gateway.jdk.tls.ephemeralDHKeySize</td> + <td>jdk.tls.ephemeralDHKeySize, is defined to customize the ephemeral DH key sizes. The minimum acceptable DH key size is 1024 bits, except for exportable cipher suites or legacy mode (jdk.tls.ephemeralDHKeySize=legacy)</td> + <td>2048</td> + </tr> + <tr> + <td>ssl.enabled</td> + <td>Indicates whether SSL is enabled for the Gateway</td> + <td>true</td> + </tr> + <tr> + <td>ssl.exclude.protocols</td> + <td>Excludes a comma separated list of protocols to not accept for SSL or “none”</td> + <td>SSLv3</td> + </tr> + </tbody> +</table><h4><a id="Topology+Descriptors"></a>Topology Descriptors</h4><p>The topology descriptor files provide the gateway with per-cluster configuration information. This includes configuration for both the providers within the gateway and the services within the Hadoop cluster. These files are located in <code>{GATEWAY_HOME}/conf/topologies</code>. The general outline of this document looks like this.</p> <pre><code><topology> <gateway> <provider> Modified: knox/site/images/application-certificate.png URL: http://svn.apache.org/viewvc/knox/site/images/application-certificate.png?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/index.html URL: http://svn.apache.org/viewvc/knox/site/index.html?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== --- knox/site/index.html (original) +++ knox/site/index.html Wed Oct 14 15:03:30 2015 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2015-09-30 + | Generated by Apache Maven Doxia at 2015-10-14 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20150930" /> + <meta name="Date-Revision-yyyymmdd" content="20151014" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – REST API Gateway for the Hadoop Ecosystem</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2015-09-30</li> + <li id="publishDate" class="pull-right">Last Published: 2015-10-14</li> </ul> </div> @@ -381,7 +381,7 @@ limitations under the License. --><div c </div> <?xml version="1.0" encoding="UTF-8"?> <div align="right" class="row span12"> - <img vertical-align="middle" alt="Generic placeholder image" src="images/apache-logo.gif"/> + <img src="images/apache-logo.gif" vertical-align="middle" alt="Generic placeholder image"/> </div> Modified: knox/site/issue-tracking.html URL: http://svn.apache.org/viewvc/knox/site/issue-tracking.html?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== --- knox/site/issue-tracking.html (original) +++ knox/site/issue-tracking.html Wed Oct 14 15:03:30 2015 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2015-09-30 + | Generated by Apache Maven Doxia at 2015-10-14 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20150930" /> + <meta name="Date-Revision-yyyymmdd" content="20151014" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – Issue Tracking</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2015-09-30</li> + <li id="publishDate" class="pull-right">Last Published: 2015-10-14</li> </ul> </div> @@ -322,7 +322,7 @@ </div> <?xml version="1.0" encoding="UTF-8"?> <div align="right" class="row span12"> - <img vertical-align="middle" alt="Generic placeholder image" src="images/apache-logo.gif"/> + <img src="images/apache-logo.gif" vertical-align="middle" alt="Generic placeholder image"/> </div> Modified: knox/site/license.html URL: http://svn.apache.org/viewvc/knox/site/license.html?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== --- knox/site/license.html (original) +++ knox/site/license.html Wed Oct 14 15:03:30 2015 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2015-09-30 + | Generated by Apache Maven Doxia at 2015-10-14 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20150930" /> + <meta name="Date-Revision-yyyymmdd" content="20151014" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – Project License</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2015-09-30</li> + <li id="publishDate" class="pull-right">Last Published: 2015-10-14</li> </ul> </div> @@ -524,7 +524,7 @@ </div> <?xml version="1.0" encoding="UTF-8"?> <div align="right" class="row span12"> - <img vertical-align="middle" alt="Generic placeholder image" src="images/apache-logo.gif"/> + <img src="images/apache-logo.gif" vertical-align="middle" alt="Generic placeholder image"/> </div> Modified: knox/site/mail-lists.html URL: http://svn.apache.org/viewvc/knox/site/mail-lists.html?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== --- knox/site/mail-lists.html (original) +++ knox/site/mail-lists.html Wed Oct 14 15:03:30 2015 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2015-09-30 + | Generated by Apache Maven Doxia at 2015-10-14 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20150930" /> + <meta name="Date-Revision-yyyymmdd" content="20151014" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – Project Mailing Lists</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2015-09-30</li> + <li id="publishDate" class="pull-right">Last Published: 2015-10-14</li> </ul> </div> @@ -342,7 +342,7 @@ </div> <?xml version="1.0" encoding="UTF-8"?> <div align="right" class="row span12"> - <img vertical-align="middle" alt="Generic placeholder image" src="images/apache-logo.gif"/> + <img src="images/apache-logo.gif" vertical-align="middle" alt="Generic placeholder image"/> </div> Modified: knox/site/project-info.html URL: http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== --- knox/site/project-info.html (original) +++ knox/site/project-info.html Wed Oct 14 15:03:30 2015 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2015-09-30 + | Generated by Apache Maven Doxia at 2015-10-14 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20150930" /> + <meta name="Date-Revision-yyyymmdd" content="20151014" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – Project Information</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2015-09-30</li> + <li id="publishDate" class="pull-right">Last Published: 2015-10-14</li> </ul> </div> @@ -340,7 +340,7 @@ </div> <?xml version="1.0" encoding="UTF-8"?> <div align="right" class="row span12"> - <img vertical-align="middle" alt="Generic placeholder image" src="images/apache-logo.gif"/> + <img src="images/apache-logo.gif" vertical-align="middle" alt="Generic placeholder image"/> </div> Modified: knox/site/team-list.html URL: http://svn.apache.org/viewvc/knox/site/team-list.html?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== --- knox/site/team-list.html (original) +++ knox/site/team-list.html Wed Oct 14 15:03:30 2015 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2015-09-30 + | Generated by Apache Maven Doxia at 2015-10-14 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20150930" /> + <meta name="Date-Revision-yyyymmdd" content="20151014" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – Team list</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2015-09-30</li> + <li id="publishDate" class="pull-right">Last Published: 2015-10-14</li> </ul> </div> @@ -491,7 +491,7 @@ window.onLoad = init(); </div> <?xml version="1.0" encoding="UTF-8"?> <div align="right" class="row span12"> - <img vertical-align="middle" alt="Generic placeholder image" src="images/apache-logo.gif"/> + <img src="images/apache-logo.gif" vertical-align="middle" alt="Generic placeholder image"/> </div> Modified: knox/trunk/books/0.7.0/config.md URL: http://svn.apache.org/viewvc/knox/trunk/books/0.7.0/config.md?rev=1708615&r1=1708614&r2=1708615&view=diff ============================================================================== --- knox/trunk/books/0.7.0/config.md (original) +++ knox/trunk/books/0.7.0/config.md Wed Oct 14 15:03:30 2015 @@ -17,6 +17,12 @@ ### Configuration ### +Configuration for Apache Knox includes: + +1. Configuration that must be done within the Hadoop cluster to allow Knox to communicate with various services +2. Gateway Server Configuration - which is the configurable elements of the server itself which applies to behavior that spans all topologies or managed Hadoop clusters +3. Topology files which are the descriptors for controlling access to Hadoop clusters in various ways + ### Related Cluster Configuration ### The following configuration changes must be made to your cluster to allow Apache Knox to @@ -101,6 +107,30 @@ Ensure that the values match the ones be <description>Path component of URL endpoint when in HTTP mode.</description> </property> +#### Gateway Server Configuration #### + +The following table illustrates the configurable elements of the Apache Knox Gateway at the server level. + +property | description | default +------------|-----------|----------- +gateway.deployment.dir|The directory within GATEWAY_HOME that contains gateway topology deployments.|{GATEWAY_HOME}/data/deployments +gateway.security.dir|The directory within GATEWAY_HOME that contains the required security artifacts|{GATEWAY_HOME}/data/security +gateway.data.dir|The directory within GATEWAY_HOME that contains the gateway instance data|{GATEWAY_HOME}/data +gateway.services.dir|The directory within GATEWAY_HOME that contains the gateway services definitions.|{GATEWAY_HOME}/services +gateway.hadoop.conf.dir|The directory within GATEWAY_HOME that contains the gateway configuration|{GATEWAY_HOME}/conf +gateway.frontend.url|The URL that should be used during rewriting so that it can rewrite the URLs with the correct "frontend" URL|none +gateway.xforwarded.enabled|Indicates whether support for some X-Forwarded-* headers is enabled|true +gateway.trust.all.certs|Indicates whether all presented client certs should establish trust|false +gateway.client.auth.needed|Indicates whether clients are required to establish a trust relationship with client certificates|false +gateway.truststore.path|Location of the truststore for client certificates to be trusted|gateway.jks +gateway.truststore.type|Indicates the type of truststore|JKS +gateway.keystore.type|Indicates the type of keystore for the identity store|JKS +gateway.jdk.tls.ephemeralDHKeySize|jdk.tls.ephemeralDHKeySize, is defined to customize the ephemeral DH key sizes. The minimum acceptable DH key size is 1024 bits, except for exportable cipher suites or legacy mode (jdk.tls.ephemeralDHKeySize=legacy)|2048 +ssl.enabled|Indicates whether SSL is enabled for the Gateway|true +ssl.exclude.protocols|Excludes a comma separated list of protocols to not accept for SSL or "none"|SSLv3 + + + #### Topology Descriptors #### The topology descriptor files provide the gateway with per-cluster configuration information.