Running Guzzle using nginx - ja-guzzle/guzzle_docs GitHub Wiki

Table of Contents

Install nginix

sudo apt-get install nginx

Configure atlas to run on different context path other than /

  1. Create new file jetty-web.xml in the /opt/apache-atlas-2.0.0/server/webapp/atlas/WEB-INF
  2. Put below content in the file
<?xml version="1.0" encoding="UTF-8"?>
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
  <Set name="contextPath">/atlas</Set>
</Configure>
  1. For Guzzle 1.0, update Atlas URL at $GUZZLE_HOME/conf/atlas.yml to reflect below: htts://xxxxx/atlas
atlas:
  password: admin
  url: https://guzzlemp4.southeastasia.cloudapp.azure.com/atlas
  username: admin
hdfs:
  name_node: sandbox-hdp.hortonworks.com:8020
version: 1
  1. Restart Atlas service
#To Stop
export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
export MANAGE_LOCAL_HBASE=true
export MANAGE_LOCAL_SOLR=true
/opt/apache-atlas-2.0.0/bin/atlas_stop.py 



#To start
export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
export MANAGE_LOCAL_HBASE=true
export MANAGE_LOCAL_SOLR=true
#export SERVER_SERVLET_CONTEXT_PATH=/atlas
/opt/apache-atlas-2.0.0/bin/atlas_start.py

Note: Atlas sync will not work:

  1. The self signed certificate that is being used will not work when Guzzle tries to do Atlas sync. When running sync update atlas.yml to point to 21000 port and revert back once sync is done. If you have valid certificate then this will not apply. No restart is required of API when doing this
atlas:
  password: admin
  #url: https://guzzlemp4.southeastasia.cloudapp.azure.com/atlas
  url: http://localhost:21000/atlas ## Do note use guzzlemp4.southeastasia.cloudapp.azure.com as this will route via internet where 21000 port is not open
  username: admin
hdfs:
  name_node: sandbox-hdp.hortonworks.com:8020
version: 1

Creation of self signed certificate

mkdir -p /home/guzzle/certs1 
cd /home/guzzle/certs1 #Go to appropriate directory to hold the SSL certs 
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout localhost.key -out localhost.crt # Enter all the details

image

Configure ngnix

  1. Configure default site (make it only listen on https) to have following entries in :

sudo vi /etc/nginx/sites-available/default

server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        root /guzzle/web;
        ssl_certificate /home/guzzle/certs1/localhost.crt;
        ssl_certificate_key /home/guzzle/certs1/localhost.key;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;

        server_name _;

        location / {
                try_files $uri /index.html;
        }
        location /api/ {
                proxy_pass http://localhost:9090;
        }
        location /atlas/ {
                proxy_pass http://localhost:21000;
        }
}
  1. Restart nginx
sudo service nginx  restart

Other items

  1. You need to expose only 443 port and ssh of Guzzle VM to users network (this can be selected VPNs/public IP) image
  2. Guzzle API CAN run on non-SSL as the request will be tunneled via nginx. Which means the API does not need below settings (in application.yml in guzzle 1.0 and guzzle-api.yml in 2.0): image
  3. You have to update the /guzzle/web/index.html appropriately to point to the https (443) URL of API. Do take note that this config continues to remain hard-coded image
  4. Guzzle startup script does not need to start the node HTTP server any more. Instead web server will be via nginx. image

References

  1. https://medium.com/@johnbrett/create-react-app-push-state-nginx-config-a9f7530621c1 (tough we did not put the entry if the explictly file is being requested then show 404 if they are not available)
⚠️ **GitHub.com Fallback** ⚠️