Securing Hadoop Big Data Landscape with Apache Knox Gateway and Keycloak: Part 2(Introduction to Apache Knox)
This this one we will formally introduce Apache Knox Gateway and touch upon some of the problems it tries to solve.
Introduction to Apache Knox
In the simplest of terms Knox is a reverse proxy for Hadoop deployments. The Knox Gateway provides a single access point for all REST and HTTP interactions with Apache Hadoop clusters In the simplest of terms Knox is a reverse proxy for Hadoop deployments. One thing to note is Knox is not a replacement for firewalls.
Apache Knox, provides three, major modules
- Proxying Services
Primary goals of the Apache Knox project is to provide access to Apache Hadoop via proxying of HTTP resources. - Authentication Services
Authentication for REST API access as well as WebSSO flow for UIs. LDAP/AD, Header based PreAuth, Kerberos, SAML, OAuth are all available options. - Client Services
Client development can be done with scripting through DSL or using the Knox Shell classes directly as SDK.
One last thing to mention about knox is that it can also be integrated with Apache Ranger to provide finer level of authentication.
In the next segment we will look at a sample problem and solve it with knox and keycloak.
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Leave a Reply