Knox service management via ADCM

Sergei Tikhomirov

The ADCM UI provides actions to manage the Knox service and its components. For information on how to run service actions, refer to ADPS service actions.

The actions available for the Knox service are listed in the table below.

Action Description

Check

Runs service-specific tests to check the health of the service and its components

Start

Starts the service. When you run this action, the option Apply configs from ADCM is available. When selected, all service configurations defined in ADCM settings will be applied on the service startup. Otherwise, the service starts without applying configurations from ADCM

Stop

Stops the service

Restart

Restarts the service. When you run this action, the option Apply configs from ADCM is available. When selected, all service configurations defined in ADCM settings will be applied during the service restart. Otherwise, the service restarts without applying configurations from ADCM

Remove

Removes the service from the cluster. This action should be used to remove already installed services. Whereas the delete default control can be used to remove a non-mapped service (a service which components have not been distributed among cluster hosts)

Manage Ranger plugin

Enables or disables the Ranger Knox plugin

Add/Remove components

Reconfigures the service topology. With it, you can change the amount of the Knox Gateway components. Running this action opens the host-component mapping interface where you can add new service components

Reload topologies

Reloads Knox topologies

Update Knox passwords

Updates passwords in the secured JCEKS files for Knox. Run this action if the Knox master password or some passwords in the Knox configuration were changed in ADCM. All passwords will be applied from the ADCM configuration, no custom passwords (e.g. from custom topologies) will be written to the credential store

Validate configuration

Checks ports for conflicts
CAUTION

In order to protect custom topology settings from overwriting, Knox topologies don’t get automatically reloaded after a service is imported or during ADPS reconfiguration actions. In some cases, this may lead to unavailability of target services via Knox. You have to run the Reload topologies action manually in the following cases:

  • A new service was imported into Knox.

  • A new connection setting (SSL or Kerberos) was configured for one of the imported services.
Found a mistake? Seleсt text and press Ctrl+Enter to report it