knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmc...@apache.org
Subject svn commit: r1768540 - in /knox: site/ site/books/knox-0-10-0/ trunk/ trunk/books/0.10.0/
Date Mon, 07 Nov 2016 15:55:36 GMT
Author: lmccay
Date: Mon Nov  7 15:55:35 2016
New Revision: 1768540

URL: http://svn.apache.org/viewvc?rev=1768540&view=rev
Log:
added knox shell truststore and export cert docs

Modified:
    knox/site/books/knox-0-10-0/user-guide.html
    knox/site/index.html
    knox/site/issue-tracking.html
    knox/site/license.html
    knox/site/mail-lists.html
    knox/site/project-info.html
    knox/site/team-list.html
    knox/trunk/books/0.10.0/book_client-details.md
    knox/trunk/books/0.10.0/knox_cli.md
    knox/trunk/build.xml

Modified: knox/site/books/knox-0-10-0/user-guide.html
URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-10-0/user-guide.html?rev=1768540&r1=1768539&r2=1768540&view=diff
==============================================================================
--- knox/site/books/knox-0-10-0/user-guide.html (original)
+++ knox/site/books/knox-0-10-0/user-guide.html Mon Nov  7 15:55:35 2016
@@ -808,7 +808,7 @@ keytool -keystore gateway.jks -storepass
       <td>name of the host to be used in the self-signed certificate. This allows multi-host
deployments to specify the proper hostnames for hostname verification to succeed on the client
side of the SSL connection. The default is &lsquo;localhost&rsquo;.</td>
     </tr>
   </tbody>
-</table><h4><a id="Topology+Redeploy">Topology Redeploy</a> <a
href="#Topology+Redeploy"><img src="markbook-section-link.png"/></a></h4><h5><a
id="`bin/knoxcli.sh+redeploy+[--cluster+c]`"><code>bin/knoxcli.sh redeploy [--cluster
c]</code></a> <a href="#`bin/knoxcli.sh+redeploy+[--cluster+c]`"><img
src="markbook-section-link.png"/></a></h5><p>Redeploys one or all of
the gateway&rsquo;s clusters (a.k.a topologies).</p><h4><a id="Topology+Listing">Topology
Listing</a> <a href="#Topology+Listing"><img src="markbook-section-link.png"/></a></h4><h5><a
id="`bin/knoxcli.sh+list-topologies+[--help]`"><code>bin/knoxcli.sh list-topologies
[--help]</code></a> <a href="#`bin/knoxcli.sh+list-topologies+[--help]`"><img
src="markbook-section-link.png"/></a></h5><p>Lists all of the topologies
found in Knox&rsquo;s topologies directory. Useful for specifying a valid &ndash;cluster
argument.</p><h4><a id="Topology+Validation">Topology Validation</a>
<a href="#Topology+Validation"><img src="markbook-se
 ction-link.png"/></a></h4><h5><a id="`bin/knoxcli.sh+validate-topology+[--cluster+c]+[--path+path]+[--help]`"><code>bin/knoxcli.sh
validate-topology [--cluster c] [--path path] [--help]</code></a> <a href="#`bin/knoxcli.sh+validate-topology+[--cluster+c]+[--path+path]+[--help]`"><img
src="markbook-section-link.png"/></a></h5><p>This ensures that a cluster&rsquo;s
description (a.k. topology) follows the correct formatting rules. It is possible to specify
a name of a cluster already in the topology directory, or a path to any file.</p>
+</table><h4><a id="Certificate+Export">Certificate Export</a> <a
href="#Certificate+Export"><img src="markbook-section-link.png"/></a></h4><h5><a
id="`bin/knoxcli.sh+export-cert+[--type+JKS|PEM]+[--help]`"><code>bin/knoxcli.sh
export-cert [--type JKS|PEM] [--help]</code></a> <a href="#`bin/knoxcli.sh+export-cert+[--type+JKS|PEM]+[--help]`"><img
src="markbook-section-link.png"/></a></h5><p>Exports and stores the gateway-identity
certificate as the type indicated or PEM by default. This is stored within the <code>{GATEWAY_HOME}/data/security/keystores/</code>
directory as either gateway-identity.pem or gateway-client-trust.jks depending on the type
specified. </p><h4><a id="Topology+Redeploy">Topology Redeploy</a>
<a href="#Topology+Redeploy"><img src="markbook-section-link.png"/></a></h4><h5><a
id="`bin/knoxcli.sh+redeploy+[--cluster+c]`"><code>bin/knoxcli.sh redeploy [--cluster
c]</code></a> <a href="#`bin/knoxcli.sh+redeploy+[--cluster+c]`"><img
src="markbook-section-link.png"/></a
 ></h5><p>Redeploys one or all of the gateway&rsquo;s clusters (a.k.a topologies).</p><h4><a
id="Topology+Listing">Topology Listing</a> <a href="#Topology+Listing"><img
src="markbook-section-link.png"/></a></h4><h5><a id="`bin/knoxcli.sh+list-topologies+[--help]`"><code>bin/knoxcli.sh
list-topologies [--help]</code></a> <a href="#`bin/knoxcli.sh+list-topologies+[--help]`"><img
src="markbook-section-link.png"/></a></h5><p>Lists all of the topologies
found in Knox&rsquo;s topologies directory. Useful for specifying a valid &ndash;cluster
argument.</p><h4><a id="Topology+Validation">Topology Validation</a>
<a href="#Topology+Validation"><img src="markbook-section-link.png"/></a></h4><h5><a
id="`bin/knoxcli.sh+validate-topology+[--cluster+c]+[--path+path]+[--help]`"><code>bin/knoxcli.sh
validate-topology [--cluster c] [--path path] [--help]</code></a> <a href="#`bin/knoxcli.sh+validate-topology+[--cluster+c]+[--path+path]+[--help]`"><img
src="markbook-section-link.png"/></a></h5><p>This 
 ensures that a cluster&rsquo;s description (a.k. topology) follows the correct formatting
rules. It is possible to specify a name of a cluster already in the topology directory, or
a path to any file.</p>
 <table>
   <thead>
     <tr>
@@ -2754,7 +2754,14 @@ APACHE_HOME/bin/apachectl -k stop
   <li>The Apache Knox Gateway is installed and functional.</li>
   <li>The example commands are executed within the context of the <code>GATEWAY_HOME</code>
current directory. The <code>GATEWAY_HOME</code> directory is the directory within
the Apache Knox Gateway installation that contains the README file and the bin, conf and deployments
directories.</li>
   <li>A few examples require the use of commands from a standard Groovy installation.
These examples are optional but to try them you will need Groovy <a href="http://groovy.codehaus.org/Installing+Groovy">installed</a>.</li>
-</ul><h3><a id="Basics">Basics</a> <a href="#Basics"><img
src="markbook-section-link.png"/></a></h3><p>The DSL requires a shell
to interpret the Groovy script. The shell can either be used interactively or to execute a
script file. To simplify use, the distribution contains an embedded version of the Groovy
shell.</p><p>The shell can be run interactively. Use the command <code>exit</code>
to exit.</p>
+</ul><h3><a id="Basics">Basics</a> <a href="#Basics"><img
src="markbook-section-link.png"/></a></h3><p>In order for secure connections
to be made to the Knox gateway server over SSL, the user will need to trust the certificate
presented by the gateway while connecting. The knoxcli command export-cert may be used to
get access the gateway-identity cert. It can then be imported into cacerts on the client machine
or put into a keystore that will be discovered in:</p>
+<ul>
+  <li>the user&rsquo;s home directory</li>
+  <li>in a directory specified in an environment variable: KNOX_CLIENT_TRUSTSTORE_DIR</li>
+  <li>in a directory specified with the above variable with the keystore filename specified
in the variable: KNOX_CLIENT_TRUSTSTORE_FILENAME</li>
+  <li>default password &ldquo;changeit&rdquo; or password may be specified
in environment variable: KNOX_CLIENT_TRUSTSTORE_PASS</li>
+  <li>or the JSSE system property: javax.net.ssl.trustStore can be used to specify
its location</li>
+</ul><p>The DSL requires a shell to interpret the Groovy script. The shell can
either be used interactively or to execute a script file. To simplify use, the distribution
contains an embedded version of the Groovy shell.</p><p>The shell can be run interactively.
Use the command <code>exit</code> to exit.</p>
 <pre><code>java -jar bin/shell.jar
 </code></pre><p>When running interactively it may be helpful to reduce
some of the output generated by the shell console. Use the following command in the interactive
shell to reduce that output. This only needs to be done once as these preferences are persisted.</p>
 <pre><code>set verbosity QUIET

Modified: knox/site/index.html
URL: http://svn.apache.org/viewvc/knox/site/index.html?rev=1768540&r1=1768539&r2=1768540&view=diff
==============================================================================
--- knox/site/index.html (original)
+++ knox/site/index.html Mon Nov  7 15:55:35 2016
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2016-11-01
+ | Generated by Apache Maven Doxia at 2016-11-07
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20161101" />
+    <meta name="Date-Revision-yyyymmdd" content="20161107" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; REST API Gateway for the Apache Hadoop Ecosystem</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2016-11-01</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2016-11-07</li>

             
                             </ul>
       </div>

Modified: knox/site/issue-tracking.html
URL: http://svn.apache.org/viewvc/knox/site/issue-tracking.html?rev=1768540&r1=1768539&r2=1768540&view=diff
==============================================================================
--- knox/site/issue-tracking.html (original)
+++ knox/site/issue-tracking.html Mon Nov  7 15:55:35 2016
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2016-11-01
+ | Generated by Apache Maven Doxia at 2016-11-07
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20161101" />
+    <meta name="Date-Revision-yyyymmdd" content="20161107" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Issue Tracking</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2016-11-01</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2016-11-07</li>

             
                             </ul>
       </div>

Modified: knox/site/license.html
URL: http://svn.apache.org/viewvc/knox/site/license.html?rev=1768540&r1=1768539&r2=1768540&view=diff
==============================================================================
--- knox/site/license.html (original)
+++ knox/site/license.html Mon Nov  7 15:55:35 2016
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2016-11-01
+ | Generated by Apache Maven Doxia at 2016-11-07
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20161101" />
+    <meta name="Date-Revision-yyyymmdd" content="20161107" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Project License</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2016-11-01</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2016-11-07</li>

             
                             </ul>
       </div>

Modified: knox/site/mail-lists.html
URL: http://svn.apache.org/viewvc/knox/site/mail-lists.html?rev=1768540&r1=1768539&r2=1768540&view=diff
==============================================================================
--- knox/site/mail-lists.html (original)
+++ knox/site/mail-lists.html Mon Nov  7 15:55:35 2016
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2016-11-01
+ | Generated by Apache Maven Doxia at 2016-11-07
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20161101" />
+    <meta name="Date-Revision-yyyymmdd" content="20161107" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Project Mailing Lists</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2016-11-01</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2016-11-07</li>

             
                             </ul>
       </div>

Modified: knox/site/project-info.html
URL: http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1768540&r1=1768539&r2=1768540&view=diff
==============================================================================
--- knox/site/project-info.html (original)
+++ knox/site/project-info.html Mon Nov  7 15:55:35 2016
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2016-11-01
+ | Generated by Apache Maven Doxia at 2016-11-07
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20161101" />
+    <meta name="Date-Revision-yyyymmdd" content="20161107" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Project Information</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2016-11-01</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2016-11-07</li>

             
                             </ul>
       </div>

Modified: knox/site/team-list.html
URL: http://svn.apache.org/viewvc/knox/site/team-list.html?rev=1768540&r1=1768539&r2=1768540&view=diff
==============================================================================
--- knox/site/team-list.html (original)
+++ knox/site/team-list.html Mon Nov  7 15:55:35 2016
@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!--
- | Generated by Apache Maven Doxia at 2016-11-01
+ | Generated by Apache Maven Doxia at 2016-11-07
  | Rendered using Apache Maven Fluido Skin 1.3.0
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="Date-Revision-yyyymmdd" content="20161101" />
+    <meta name="Date-Revision-yyyymmdd" content="20161107" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Knox Gateway &#x2013; Team list</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
@@ -58,7 +58,7 @@
               
                 
                     
-                  <li id="publishDate" class="pull-right">Last Published: 2016-11-01</li>

+                  <li id="publishDate" class="pull-right">Last Published: 2016-11-07</li>

             
                             </ul>
       </div>

Modified: knox/trunk/books/0.10.0/book_client-details.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.10.0/book_client-details.md?rev=1768540&r1=1768539&r2=1768540&view=diff
==============================================================================
--- knox/trunk/books/0.10.0/book_client-details.md (original)
+++ knox/trunk/books/0.10.0/book_client-details.md Mon Nov  7 15:55:35 2016
@@ -61,6 +61,17 @@ The `GATEWAY_HOME` directory is the dire
 
 ### Basics ###
 
+In order for secure connections to be made to the Knox gateway server over SSL, the user
will need to trust
+the certificate presented by the gateway while connecting. The knoxcli command export-cert
may be used to get
+access the gateway-identity cert. It can then be imported into cacerts on the client machine
or put into a
+keystore that will be discovered in:
+
+* the user's home directory
+* in a directory specified in an environment variable: KNOX_CLIENT_TRUSTSTORE_DIR
+* in a directory specified with the above variable with the keystore filename specified in
the variable: KNOX_CLIENT_TRUSTSTORE_FILENAME
+* default password "changeit" or password may be specified in environment variable: KNOX_CLIENT_TRUSTSTORE_PASS
+* or the JSSE system property: javax.net.ssl.trustStore can be used to specify its location
+
 The DSL requires a shell to interpret the Groovy script.
 The shell can either be used interactively or to execute a script file.
 To simplify use, the distribution contains an embedded version of the Groovy shell.

Modified: knox/trunk/books/0.10.0/knox_cli.md
URL: http://svn.apache.org/viewvc/knox/trunk/books/0.10.0/knox_cli.md?rev=1768540&r1=1768539&r2=1768540&view=diff
==============================================================================
--- knox/trunk/books/0.10.0/knox_cli.md (original)
+++ knox/trunk/books/0.10.0/knox_cli.md Mon Nov  7 15:55:35 2016
@@ -74,6 +74,10 @@ argument | description
 ---------|-----------
 \-\-hostname|name of the host to be used in the self-signed certificate. This allows multi-host
deployments to specify the proper hostnames for hostname verification to succeed on the client
side of the SSL connection. The default is 'localhost'.
 
+#### Certificate Export ####
+##### `bin/knoxcli.sh export-cert [--type JKS|PEM] [--help]` #####
+Exports and stores the gateway-identity certificate as the type indicated or PEM by default.
This is stored within the `{GATEWAY_HOME}/data/security/keystores/` directory as either gateway-identity.pem
or gateway-client-trust.jks depending on the type specified.  
+
 #### Topology Redeploy ####
 ##### `bin/knoxcli.sh redeploy [--cluster c]` #####
 Redeploys one or all of the gateway's clusters (a.k.a topologies).

Modified: knox/trunk/build.xml
URL: http://svn.apache.org/viewvc/knox/trunk/build.xml?rev=1768540&r1=1768539&r2=1768540&view=diff
==============================================================================
--- knox/trunk/build.xml (original)
+++ knox/trunk/build.xml Mon Nov  7 15:55:35 2016
@@ -241,10 +241,10 @@
 
     <target name="review-book" depends="init" description="Open the default book in the
default browser.">
         <exec executable="${browser.cmd}">
-            <arg line="${book-0-9-1-dir}/user-guide.html" />
+            <arg line="${book-0-10-0-dir}/user-guide.html" />
         </exec>
         <exec executable="${browser.cmd}">
-            <arg line="${book-0-9-1-dir}/dev-guide.html" />
+            <arg line="${book-0-10-0-dir}/dev-guide.html" />
         </exec>
     </target>
 



Mime
View raw message