Knox service management via ADCM

Sergei Tikhomirov

The ADCM UI provides actions to manage the Knox service and its components. For information on how to run service actions, refer to ADPS service actions.

The actions available for the Knox service are listed in the table below.

Action Description

Check

Runs service-specific tests to check the health of the service and its components

Start

Starts the service. When you run this action, the option Apply configs from ADCM is available. When selected, all service configurations defined in ADCM settings will be applied on the service startup. Otherwise, the service starts without applying configurations from ADCM

Stop

Stops the service

Restart

Restarts the service. When you run this action, the option Apply configs from ADCM is available. When selected, all service configurations defined in ADCM settings will be applied during the service restart. Otherwise, the service restarts without applying configurations from ADCM

Remove

Removes the service from the cluster. This action should be used to remove already installed services. Whereas the delete default control can be used to remove a non-mapped service (a service which components have not been distributed among cluster hosts)

Manage Ranger plugin

Enables or disables the Ranger Knox plugin

Add additional Knox Gateway

Adds an additional Knox Gateway to one or more hosts. Running this action opens the host-component mapping interface where you can add new Knox Gateway components

Remove Gateway(s)

Removes one or more Knox Gateway. Running this action opens the host-component mapping interface where you can remove Knox Gateway components

Reload topologies

Reloads Knox topologies

Update Knox passwords

Updates passwords in the secured JCEKS files for Knox. Run this action if the Knox master password or some passwords in the Knox configuration were changed in ADCM. All passwords will be applied from the ADCM configuration, no custom passwords (e.g. from custom topologies) will be written to the credential store
CAUTION

In order to protect custom topology settings from overwriting, Knox topologies don’t get automatically reloaded after a service is imported or during ADPS reconfiguration actions. In some cases, this may lead to unavailability of target services via Knox. You have to run the Reload topologies action manually in the following cases:

  • A new service was imported into Knox.

  • A new connection setting (SSL or Kerberos) was configured for one of the imported services.
Found a mistake? Seleсt text and press Ctrl+Enter to report it