This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Child pages
  • KNOX-20: Administrative REST API
Skip to end of metadata
Go to start of metadata

The admin API will be implemented as a separate topology.  This will allows for a separate authentication and authentication and authorization from normal topologies/clusters.  The admin topology will be called admin.  This may conflict with existing customer topologies but that could be addressed by the customer renaming the admin topology.

 

Sample Topology File
<topology>
  <gateway>
    ....
  </gateway>
  <service>
    <role>ADMIN</role>
  </service>
</topology>

 Note: The <url> element is not required as this will be an "internal" service.

The internal service will likely be implemented as a Jersey based dispatch based on the module gateway-provider-jersey. 

Open Questions/Issues

  • In order for SLA to be used directly separate services would be required to support different ATZ policy.
  • Does this highlight a need to have the service unique portion of the URL exposed in the topology file (e.g. webhdfs, hive, admin, etc?)
  • Does the work on versioned services need to come into play here?
  • No labels