Apache DolphinScheduler 整合 Apache Knox 网关
亢雅懿
介绍
为使用者统一提供大数据生态组件UI入口,同时将所有的组件进行加密,统一ldap登录,相比较于Nginx来说Knox完美提供了这一点
Knox的规则定义
.Knox的规则通过service.xml和rewrite.xml来进行规则定义
- Apache DolphinScheduler的UI规则
service.xml
<service role="DOLPHINSCHEDULERUI" name="dolphinscheduler" version="3.1.0">
<metadata>
<type>UI</type>
<context>/dolphinscheduler/</context>
<shortDesc>Dolphinscheduler ui</shortDesc>
<description>Dolphinscheduler Manager Web interface (v1)</description>
</metadata>
<routes>
<route path="/dolphinscheduler/">
<rewrite apply="DOLPHINSCHEDULERUI/dolphinscheduler/inbound/root" to="request.body"/>
</route>
<route path="/dolphinscheduler/ui/*/*/*">
<rewrite apply="DOLPHINSCHEDULERUI/dolphinscheduler/inbound/style" to="request.body"/>
</route>
<route path="/dolphinscheduler/ui/*/*">
<rewrite apply="DOLPHINSCHEDULERUI/dolphinscheduler/inbound/statis" to="request.body"/>
</route>
</routes>
<dispatch classname="org.apache.knox.gateway.dispatch.DefaultDispatch" ha-classname="org.apache.knox.gateway.rm.dispatch.RMUIHaDispatch"/>
</service>
rewrite.xml
<rules>
<rule dir="IN" name="DOLPHINSCHEDULERUI/dolphinscheduler/inbound/root" pattern="*://*:*/**/dolphinscheduler/">
<rewrite template="{$serviceUrl[DOLPHINSCHEDULERUI]}/view/login/index.html"/>
</rule>
<rule dir="IN" name="DOLPHINSCHEDULERUI/dolphinscheduler/inbound/style" pattern="*://*:*/**/dolphinscheduler/ui/{**}/{**}/{**} ">
<rewrite template="{$serviceUrl[DOLPHINSCHEDULERUI]}/{**}"/>
</rule>
<rule dir="OUT" name="DOLPHINSCHEDULERUI/dolphinscheduler/outbound/style" pattern="/dolphinscheduler/ui/{**}/{**}/{**}">
<rewrite template="dolphinscheduler/ui/{**}"/>
</rule>
<rule dir="IN" name="DOLPHINSCHEDULERUI/dolphinscheduler/inbound/statis" pattern="*://*:*/**/dolphinscheduler/ui/{**}/{**}">
<rewrite template="{$serviceUrl[DOLPHINSCHEDULERUI]}/{**}"/>
</rule>
<rule dir="OUT" name="DOLPHINSCHEDULERUI/dolphinscheduler/outbound/statis" pattern="/dolphinscheduler/ui/{**}/{**}">
<rewrite template="dolphinscheduler/ui/{**}"/>
</rule>
</rules>
- Apache DolphinScheduler的API规则
service.xml
<service role="DOLPHINSCHEDULER-API" name="dolphinscheduler-api" version="3.0.0">
<metadata>
<type>API</type>
<context>/dolphinscheduler/api</context>
<shortDesc>dolphinscheduler API</shortDesc>
<description>Dolphinscheduler the provided scheduling system UI supports fast scheduling of DAG by dragging and dragging</description>
<samples>
<sample>
<description>Retrieve data for the specified attribute search query</description>
<method>POST</method>
<path>dolphinscheduler/login</path>
</sample>
<sample>
<description>If you want to learn more api for dolphinscheduler, please refer here</description>
<value>https://dolphinscheduler.apache.org/en-us/docs/latest/user_doc/guide/open-api.html</value>
</sample>
</samples>
</metadata>
<routes>
<route path="/dolphinscheduler/api/**"/>
</routes>
<dispatch classname="org.apache.knox.gateway.dispatch.DefaultDispatch"/>
</service>
rewrite.xml
<rules>
<!-- KNOX-1918 prevent global HDFS rules from triggering -->
<rule dir="OUT" name="DOLPHINSCHEDULER-API/dolphinscheduler/outbound" pattern="hdfs://{host}/{path=**}?{**}">
<rewrite template="hdfs://{host}/{path=**}?{**}"/>
</rule>
<rule dir="IN" name="DOLPHINSCHEDULER-API/dolphinscheduler/inbound" pattern="*://*:*/**/dolphinscheduler/api/{path=**}?{**}">
<rewrite template="{$serviceUrl[DOLPHINSCHEDULER-API]}/api/{path=**}?{**}"/>
</rule>
</rules>
配置 topologies Agent
usr/lib/knox-current/conf/topologies/cluster-topo.xml
<topology>
<gateway>
....
</gateway>
<service>
<role>DOLPHINSCHEDULER</role>
<url>http://emr-header-1:8080</url>
<version>3.1.0</version>
</service>
<service>
<role>DOLPHINSCHEDULER-API</role>
<url>http://emr-header-1:8080</url>
<version>3.1.0</version>
</service>
........
</topology>
配置 LDAP 集成
下次再写
类似资料: