You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by lm...@apache.org on 2017/08/01 18:56:33 UTC
svn commit: r1803686 [2/2] - in /knox: site/ site/books/knox-0-10-0/
site/books/knox-0-11-0/ site/books/knox-0-12-0/ site/books/knox-0-13-0/
site/books/knox-0-4-0/ site/books/knox-0-5-0/ site/books/knox-0-6-0/
site/books/knox-0-7-0/ site/books/knox-0-8...
Modified: knox/site/license.html
URL: http://svn.apache.org/viewvc/knox/site/license.html?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/site/license.html (original)
+++ knox/site/license.html Tue Aug 1 18:56:32 2017
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia at 2017-07-11
+ | Generated by Apache Maven Doxia at 2017-08-01
| Rendered using Apache Maven Fluido Skin 1.3.0
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20170711" />
+ <meta name="Date-Revision-yyyymmdd" content="20170801" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project License</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
- <li id="publishDate" class="pull-right">Last Published: 2017-07-11</li>
+ <li id="publishDate" class="pull-right">Last Published: 2017-08-01</li>
</ul>
</div>
Modified: knox/site/mail-lists.html
URL: http://svn.apache.org/viewvc/knox/site/mail-lists.html?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/site/mail-lists.html (original)
+++ knox/site/mail-lists.html Tue Aug 1 18:56:32 2017
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia at 2017-07-11
+ | Generated by Apache Maven Doxia at 2017-08-01
| Rendered using Apache Maven Fluido Skin 1.3.0
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20170711" />
+ <meta name="Date-Revision-yyyymmdd" content="20170801" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Mailing Lists</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
- <li id="publishDate" class="pull-right">Last Published: 2017-07-11</li>
+ <li id="publishDate" class="pull-right">Last Published: 2017-08-01</li>
</ul>
</div>
Modified: knox/site/project-info.html
URL: http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/site/project-info.html (original)
+++ knox/site/project-info.html Tue Aug 1 18:56:32 2017
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia at 2017-07-11
+ | Generated by Apache Maven Doxia at 2017-08-01
| Rendered using Apache Maven Fluido Skin 1.3.0
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20170711" />
+ <meta name="Date-Revision-yyyymmdd" content="20170801" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Project Information</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
- <li id="publishDate" class="pull-right">Last Published: 2017-07-11</li>
+ <li id="publishDate" class="pull-right">Last Published: 2017-08-01</li>
</ul>
</div>
Modified: knox/site/team-list.html
URL: http://svn.apache.org/viewvc/knox/site/team-list.html?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/site/team-list.html (original)
+++ knox/site/team-list.html Tue Aug 1 18:56:32 2017
@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
- | Generated by Apache Maven Doxia at 2017-07-11
+ | Generated by Apache Maven Doxia at 2017-08-01
| Rendered using Apache Maven Fluido Skin 1.3.0
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
- <meta name="Date-Revision-yyyymmdd" content="20170711" />
+ <meta name="Date-Revision-yyyymmdd" content="20170801" />
<meta http-equiv="Content-Language" content="en" />
<title>Knox Gateway – Team list</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
- <li id="publishDate" class="pull-right">Last Published: 2017-07-11</li>
+ <li id="publishDate" class="pull-right">Last Published: 2017-08-01</li>
</ul>
</div>
Modified: knox/trunk/books/0.13.0/book_gateway-details.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/book_gateway-details.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/book_gateway-details.md (original)
+++ knox/trunk/books/0.13.0/book_gateway-details.md Tue Aug 1 18:56:32 2017
@@ -29,7 +29,7 @@ The gateway functions much like a revers
As such, it maintains a mapping of URLs that are exposed externally by the gateway to URLs that are provided by the Hadoop cluster.
#### Default Topology URLs #####
-In order to provide compatibility with the Hadoop java client and existing CLI tools, the Knox Gateway has provided a feature called the Default Topology. This refers to a topology deployment that will be able to route URLs without the additional context that the gateway uses for differentiating from one Hadoop cluster to another. This allows the URLs to match those used by existing clients for that may access webhdfs through the Hadoop file system abstraction.
+In order to provide compatibility with the Hadoop java client and existing CLI tools, the Knox Gateway has provided a feature called the Default Topology. This refers to a topology deployment that will be able to route URLs without the additional context that the gateway uses for differentiating from one Hadoop cluster to another. This allows the URLs to match those used by existing clients that may access webhdfs through the Hadoop file system abstraction.
When a topology file is deployed with a file name that matches the configured default topology name, a specialized mapping for URLs is installed for that particular topology. This allows the URLs that are expected by the existing Hadoop CLIs for webhdfs to be used in interacting with the specific Hadoop cluster that is represented by the default topology file.
Modified: knox/trunk/books/0.13.0/book_getting-started.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/book_getting-started.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/book_getting-started.md (original)
+++ knox/trunk/books/0.13.0/book_getting-started.md Tue Aug 1 18:56:32 2017
@@ -42,7 +42,7 @@ All of the instructions and samples prov
Knox can be installed by expanding the zip/archive file.
-The table below provides a brief explanation of the important files and directories within `{GATEWWAY_HOME}`
+The table below provides a brief explanation of the important files and directories within `{GATEWAY_HOME}`
| Directory | Purpose |
| ------------------------ | ------- |
Modified: knox/trunk/books/0.13.0/book_service-details.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/book_service-details.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/book_service-details.md (original)
+++ knox/trunk/books/0.13.0/book_service-details.md Tue Aug 1 18:56:32 2017
@@ -17,11 +17,11 @@
## Service Details ##
-In the sections that follow the integrations currently available out of the box with the gateway will be described.
+In the sections that follow, the integrations currently available out of the box with the gateway will be described.
In general these sections will include examples that demonstrate how to access each of these services via the gateway.
In many cases this will include both the use of [cURL][curl] as a REST API client as well as the use of the Knox Client DSL.
You may notice that there are some minor differences between using the REST API of a given service via the gateway.
-In general this is necessary in order to achieve the goal of leaking internal Hadoop cluster details to the client.
+In general this is necessary in order to achieve the goal of not leaking internal Hadoop cluster details to the client.
Keep in mind that the gateway uses a plugin model for supporting Hadoop services.
Check back with the [Apache Knox][site] site for the latest news on plugin availability.
@@ -54,9 +54,9 @@ These examples are optional but to try t
### Customization
-Using these samples with other Hadoop installations will require changes to the steps describe here as well as changes to referenced sample scripts.
+Using these samples with other Hadoop installations will require changes to the steps described here as well as changes to referenced sample scripts.
This will also likely require changes to the gateway's default configuration.
-In particular host names, ports user names and password may need to be changed to match your environment.
+In particular host names, ports, user names and password may need to be changed to match your environment.
These changes may need to be made to gateway configuration and also the Groovy sample script files in the distribution.
All of the values that may need to be customized in the sample scripts can be found together at the top of each of these files.
Modified: knox/trunk/books/0.13.0/book_ui_service_details.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/book_ui_service_details.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/book_ui_service_details.md (original)
+++ knox/trunk/books/0.13.0/book_ui_service_details.md Tue Aug 1 18:56:32 2017
@@ -17,7 +17,7 @@
## UI Service Details ##
-In the sections that follow the integrations for proxying various UIs currently available out of the box with the
+In the sections that follow, the integrations for proxying various UIs currently available out of the box with the
gateway will be described. These sections will include examples that demonstrate how to access each of these services
via the gateway.
@@ -72,7 +72,7 @@ In addition to the service configuration
</service>
By default the gateway is configured to use the HTTP endpoint for WebHDFS in the Sandbox.
-This could alternatively be configured to use the HTTPS endpoint by provided the correct address.
+This could alternatively be configured to use the HTTPS endpoint by providing the correct address.
#### Name Node UI URL Mapping ####
@@ -335,4 +335,4 @@ through authentication challenge and cre
</service>
</topology>
-
\ No newline at end of file
+
Modified: knox/trunk/books/0.13.0/config.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/config.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/config.md (original)
+++ knox/trunk/books/0.13.0/config.md Tue Aug 1 18:56:32 2017
@@ -195,12 +195,12 @@ The general outline of a provider elemen
/topology/gateway/provider/role
: Defines the role of a particular provider.
There are a number of pre-defined roles used by out-of-the-box provider plugins for the gateway.
-These roles are: authentication, identity-assertion, authentication, rewrite and hostmap
+These roles are: authentication, identity-assertion, rewrite and hostmap
/topology/gateway/provider/name
: Defines the name of the provider for which this configuration applies.
There can be multiple provider implementations for a given role.
-Specifying the name is used identify which particular provider is being configured.
+Specifying the name is used to identify which particular provider is being configured.
Typically each topology descriptor should contain only one provider for each role but there are exceptions.
/topology/gateway/provider/enabled
@@ -241,7 +241,7 @@ topology/service/url
#### Hostmap Provider ####
-The purpose of the Hostmap provider is to handle situations where host are known by one name within the cluster and another name externally.
+The purpose of the Hostmap provider is to handle situations where hosts are known by one name within the cluster and another name externally.
This frequently occurs when virtual machines are used and in particular when using cloud hosting services.
Currently, the Hostmap provider is configured as part of the topology file.
The basic structure is shown below.
@@ -343,7 +343,7 @@ topology/gateway/provider/param
: Host mapping is configured by providing parameters for each external to internal mapping.
topology/gateway/provider/param/name
-: The parameter names represent an external host names associated with the internal host names provided by the value element.
+: The parameter names represent the external host names associated with the internal host names provided by the value element.
This can be a comma separated list of host names that all represent the same physical host.
When mapping from internal to external host name the first external host name in the list is used.
@@ -377,11 +377,11 @@ We do make some provisions in order to p
It is encrypted with AES 128 bit encryption and where possible the file permissions are set to only be accessible by the user that the gateway is running as.
-After persisting the secret, ensure that the file at config/security/master has the appropriate permissions set for your environment.
+After persisting the secret, ensure that the file at data/security/master has the appropriate permissions set for your environment.
This is probably the most important layer of defense for master secret.
-Do not assume that the encryption if sufficient protection.
+Do not assume that the encryption is sufficient protection.
-A specific user should be created to run the gateway this user will be the only user with permissions for the persisted master file.
+A specific user should be created to run the gateway. This user will be the only user with permissions for the persisted master file.
See the Knox CLI section for descriptions of the command line utilities related to the master secret.
@@ -411,7 +411,7 @@ Upon deployment of a Hadoop cluster topo
1. Look for a credential store for the topology. For instance, we have a sample topology that gets deployed out of the box. We look for `data/security/keystores/sandbox-credentials.jceks`. This topology specific credential store is used for storing secrets/passwords that are used for encrypting sensitive data with topology specific keys.
* If no credential store is found for the topology being deployed then one is created for it.
Population of the aliases is delegated to the configured providers within the system that will require the use of a secret for a particular task.
- They may programmatic set the value of the secret or choose to have the value for the specified alias generated through the AliasService.
+ They may programmatically set the value of the secret or choose to have the value for the specified alias generated through the AliasService.
* If a credential store is found then we ensure that it can be loaded with the provided master secret and the configured providers have the opportunity to ensure that the aliases are populated and if not to populate them.
By leveraging the algorithm described above we can provide a window of opportunity for management of these artifacts in a number of ways.
@@ -474,7 +474,7 @@ You may have to adjust according to your
General steps:
-1. Stop Knox gateway and back up all files in `{GATEWWAY_HOME}/data/security/keystores`
+1. Stop Knox gateway and back up all files in `{GATEWAY_HOME}/data/security/keystores`
gateway.sh stop
@@ -484,7 +484,7 @@ General steps:
3. Create identity keystore gateway.jks. cert in alias gateway-identity
- cd {GATEWWAY_HOME}/data/security/keystore
+ cd {GATEWAY_HOME}/data/security/keystore
keytool -genkeypair -alias gateway-identity -keyalg RSA -keysize 1024 -dname "CN=$fqdn_knox,OU=hdp,O=sdge" -keypass $keypass -keystore gateway.jks -storepass $master-key -validity 300
NOTE: `$fqdn_knox` is the hostname of the Knox host. Some may choose `$keypass` to be the same as `$master-key`.
@@ -537,4 +537,4 @@ Once you have created these keystores yo
NOTE: the SSL certificate will need special consideration depending on the type of certificate. Wildcard certs may be able to be shared across all gateway instances in a cluster.
When certs are dedicated to specific machines the gateway identity store will not be able to be blindly replicated as host name verification problems will ensue.
-Obviously, trust-stores will need to be taken into account as well.
\ No newline at end of file
+Obviously, trust-stores will need to be taken into account as well.
Modified: knox/trunk/books/0.13.0/config_authn.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/config_authn.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/config_authn.md (original)
+++ knox/trunk/books/0.13.0/config_authn.md Tue Aug 1 18:56:32 2017
@@ -96,7 +96,7 @@ This happens to be the way that we are c
This section discusses the LDAP configuration used above for the Shiro Provider. Some of these configuration elements will need to be customized to reflect your deployment environment.
-**main.ldapRealm** - this element indicates the fully qualified class name of the Shiro realm to be used in authenticating the user. The class name provided by default in the sample is the `org.apache.shiro.realm.ldap.JndiLdapRealm` this implementation provides us with the ability to authenticate but by default has authorization disabled. In order to provide authorization - which is seen by Shiro as dependent on an LDAP schema that is specific to each organization - an extension of JndiLdapRealm is generally used to override and implement the doGetAuhtorizationInfo method. In this particular release we are providing a simple authorization provider that can be used along with the Shiro authentication provider.
+**main.ldapRealm** - this element indicates the fully qualified class name of the Shiro realm to be used in authenticating the user. The class name provided by default in the sample is the `org.apache.shiro.realm.ldap.JndiLdapRealm` this implementation provides us with the ability to authenticate but by default has authorization disabled. In order to provide authorization - which is seen by Shiro as dependent on an LDAP schema that is specific to each organization - an extension of JndiLdapRealm is generally used to override and implement the doGetAuthorizationInfo method. In this particular release we are providing a simple authorization provider that can be used along with the Shiro authentication provider.
**main.ldapRealm.userDnTemplate** - in order to bind a simple username to an LDAP server that generally requires a full distinguished name (DN), we must provide the template into which the simple username will be inserted. This template allows for the creation of a DN by injecting the simple username into the common name (CN) portion of the DN. **This element will need to be customized to reflect your deployment environment.** The template provided in the sample is only an example and is valid only within the LDAP schema distributed with Knox and is represented by the users.ldif file in the `{GATEWAY_HOME}/conf` directory.
@@ -136,7 +136,7 @@ Knox maps each cluster topology to a web
To configure session idle timeout for the topology, please specify value of parameter sessionTimeout for ShiroProvider in your topology file. If you do not specify the value for this parameter, it defaults to 30 minutes.
-The definition would look like the following in the topoloogy file:
+The definition would look like the following in the topology file:
...
<provider>
@@ -156,4 +156,4 @@ The definition would look like the follo
<provider>
...
-At present, ShiroProvider in Knox leverages JavaEE session to maintain authentication state for a user across requests using JSESSIONID cookie. So, a client that authenticated with Knox could pass the JSESSIONID cookie with repeated requests as long as the session has not timed out instead of submitting userid/password with every request. Presenting a valid session cookie in place of userid/password would also perform better as additional credential store lookups are avoided.
\ No newline at end of file
+At present, ShiroProvider in Knox leverages JavaEE session to maintain authentication state for a user across requests using JSESSIONID cookie. So, a client that authenticated with Knox could pass the JSESSIONID cookie with repeated requests as long as the session has not timed out instead of submitting userid/password with every request. Presenting a valid session cookie in place of userid/password would also perform better as additional credential store lookups are avoided.
Modified: knox/trunk/books/0.13.0/config_id_assertion.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/config_id_assertion.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/config_id_assertion.md (original)
+++ knox/trunk/books/0.13.0/config_id_assertion.md Tue Aug 1 18:56:32 2017
@@ -206,7 +206,7 @@ The 'role' for this provider is 'identit
### Configuration ###
All the configuration for 'HadoopGroupProvider' resides in the provider section in a gateway topology file.
-The 'hadoop.security.group.mapping' property determines the implementation. Some of the valid implementation are as follows
+The 'hadoop.security.group.mapping' property determines the implementation. Some of the valid implementations are as follows
#### org.apache.hadoop.security.JniBasedUnixGroupsMappingWithFallback
This is the default implementation and will be picked up if 'hadoop.security.group.mapping' is not specified. This implementation will determine if the Java Native Interface (JNI) is available. If JNI is available, the implementation will use the API within Hadoop to resolve a list of groups for a user. If JNI is not available then the shell implementation, org.apache.hadoop.security.ShellBasedUnixGroupsMapping, is used, which shells out with the 'bash -c groups' command (for a Linux/Unix environment) or the 'net group' command (for a Windows environment) to resolve a list of groups for a user.
Modified: knox/trunk/books/0.13.0/config_webappsec_provider.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/config_webappsec_provider.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/config_webappsec_provider.md (original)
+++ knox/trunk/books/0.13.0/config_webappsec_provider.md Tue Aug 1 18:56:32 2017
@@ -95,7 +95,7 @@ cors.tagRequests | {true\|fa
##### X-Frame-Options
-Cross Frame Scripting and Clickjacking are attackes that can be prevented by controlling the ability for a third-party to embed an application or resource within a Frame, IFrame or Object html element. This can be done adding the X-Frame-Options HTTP header to responses.
+Cross Frame Scripting and Clickjacking are attacks that can be prevented by controlling the ability for a third-party to embed an application or resource within a Frame, IFrame or Object html element. This can be done adding the X-Frame-Options HTTP header to responses.
###### Config
Modified: knox/trunk/books/0.13.0/service_hive.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/service_hive.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/service_hive.md (original)
+++ knox/trunk/books/0.13.0/service_hive.md Tue Aug 1 18:56:32 2017
@@ -74,7 +74,7 @@ This guide provides detailed examples fo
1. Hive JDBC in HTTP mode depends on following minimal libraries set to run successfully(must be in the classpath):
* hive-jdbc-0.14.0-standalone.jar;
* commons-logging-1.1.3.jar;
- 2. Connection URL has to be following: `jdbc:hive2://{gateway-host}:{gateway-port}/;ssl=true;sslTrustStore={gateway-trust-store-path};trustStorePassword={gateway-trust-store-password};transportMode=http;httpPath={gateway-path}/{cluster-name}/hive`
+ 2. Connection URL has to be the following: `jdbc:hive2://{gateway-host}:{gateway-port}/;ssl=true;sslTrustStore={gateway-trust-store-path};trustStorePassword={gateway-trust-store-password};transportMode=http;httpPath={gateway-path}/{cluster-name}/hive`
3. Look at https://cwiki.apache.org/confluence/display/Hive/GettingStarted#GettingStarted-DDLOperations for examples.
Hint: For testing it would be better to execute `set hive.security.authorization.enabled=false` as the first statement.
Hint: Good examples of Hive DDL/DML can be found here http://gettingstarted.hadooponazure.com/hw/hive.html
@@ -176,7 +176,7 @@ Sample example for creating new table, l
###### Groovy ######
-Make sure that `{GATEWAY_HOME/ext}` directory contains following libraries for successful execution:
+Make sure that `{GATEWAY_HOME/ext}` directory contains the following libraries for successful execution:
- hive-jdbc-0.14.0-standalone.jar;
- commons-logging-1.1.3.jar;
Modified: knox/trunk/books/0.13.0/service_webhcat.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/service_webhcat.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/service_webhcat.md (original)
+++ knox/trunk/books/0.13.0/service_webhcat.md Tue Aug 1 18:56:32 2017
@@ -58,11 +58,11 @@ The values in this sample are configured
The URLs provided for the role NAMENODE and JOBTRACKER do not result in an endpoint being exposed by the gateway.
This information is only required so that other URLs can be rewritten that reference the appropriate RPC address for Hadoop services.
-This prevents clients from needed to be aware of the internal cluster details.
+This prevents clients from needing to be aware of the internal cluster details.
Note that for Hadoop 2 the JOBTRACKER RPC endpoint is provided by the Resource Manager component.
By default the gateway is configured to use the HTTP endpoint for WebHCat in the Sandbox.
-This could alternatively be configured to use the HTTPS endpoint by provided the correct address.
+This could alternatively be configured to use the HTTPS endpoint by providing the correct address.
#### WebHCat URL Mapping ####
@@ -75,7 +75,7 @@ For WebHCat URLs, the mapping of Knox Ga
#### WebHCat via cURL
-Use can use cURL to directly invoke the REST APIs via the gateway. For the full list of available REST calls look at the WebHCat documentation. This is a simple curl command to test the connection:
+Users can use cURL to directly invoke the REST APIs via the gateway. For the full list of available REST calls look at the WebHCat documentation. This is a simple curl command to test the connection:
curl -i -k -u guest:guest-password 'https://localhost:8443/gateway/sandbox/templeton/v1/status'
Modified: knox/trunk/books/0.13.0/service_webhdfs.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/service_webhdfs.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/service_webhdfs.md (original)
+++ knox/trunk/books/0.13.0/service_webhdfs.md Tue Aug 1 18:56:32 2017
@@ -56,10 +56,10 @@ The values in this sample are configured
The URL provided for the role NAMENODE does not result in an endpoint being exposed by the gateway.
This information is only required so that other URLs can be rewritten that reference the Name Node's RPC address.
-This prevents clients from needed to be aware of the internal cluster details.
+This prevents clients from needing to be aware of the internal cluster details.
By default the gateway is configured to use the HTTP endpoint for WebHDFS in the Sandbox.
-This could alternatively be configured to use the HTTPS endpoint by provided the correct address.
+This could alternatively be configured to use the HTTPS endpoint by providing the correct address.
#### WebHDFS URL Mapping ####
@@ -80,7 +80,7 @@ A WebHDFS request to the NameNode to ret
Note that this URL contains the network location of a DataNode.
The gateway will rewrite this URL to look like the URL below.
- https://{gateway-host}:{gateway-port}/{gateway-path}/{custer-name}/webhdfs/data/v1/{path}?_={encrypted-query-parameters}
+ https://{gateway-host}:{gateway-port}/{gateway-path}/{cluster-name}/webhdfs/data/v1/{path}?_={encrypted-query-parameters}
The `{encrypted-query-parameters}` will contain the `{datanode-host}` and `{datanode-port}` information.
This information along with the original query parameters are encrypted so that the internal Hadoop details are protected.
@@ -141,7 +141,7 @@ This is provided as an example to illust
##### WebHDFS via cURL
-Use can use cURL to directly invoke the REST APIs via the gateway.
+Users can use cURL to directly invoke the REST APIs via the gateway.
###### Optionally cleanup the sample directory in case a previous example was run without cleaning up.
Modified: knox/trunk/books/0.13.0/websocket-support.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/websocket-support.md?rev=1803686&r1=1803685&r2=1803686&view=diff
==============================================================================
--- knox/trunk/books/0.13.0/websocket-support.md (original)
+++ knox/trunk/books/0.13.0/websocket-support.md Tue Aug 1 18:56:32 2017
@@ -19,7 +19,7 @@
### Introduction
-Websocket is a communication protocol that allows full duplex communication over single TCP connection.
+Websocket is a communication protocol that allows full duplex communication over a single TCP connection.
Knox provides out-of-the-box support for websocket protocol, currently only text messages are supported.
### Configuration ###