Understanding the MapR Data Access Gateway

The MapR Data Access Gateway is a service that acts as a proxy and gateway for translating requests between lightweight client applications and the MapR cluster.

For the MEP 5.0 release, the service is used by the MapR Database JSON REST API. Starting in the MEP 6.0 release, the service can be used by the Node.js, Python, C#, and Go OJAI clients. Beginning with the MEP 6.3.0 release, the service can be used by the Java OJAI thin client.

The OJAI clients that connect to the Data Access Gateway use gRPC, an open-source RPC framework, to expose the MapR Database OJAI API to the client. RPC message headers for individual messages are encoded using Protocol Buffers. The message payload is encoded using OJAI JSON encoding. Depending on whether your MapR cluster has security enabled, TLS is either enabled or disabled, by default, for the gRPC service. When TLS is enabled, the SSL provider is OpenSSL.

The service runs on nodes in your MapR cluster. You can install the service manually or by using the MapR Installer. Both installation methods support upgrades of existing MapR clusters. When installing the service, you can decide the number of nodes to install the service on. The number of nodes you need depends on your scalability requirements.

Regardless of your scalability requirements, you should install the service on at least two nodes to provide high availability. To load balance requests and to achieve high availability and failover, you must use an external load balancer. For recommendations and best practices when using an external load balancer with gRPC, see gRPC Load Balancing.

The service runs as user mapr. But the service issues all data access calls on behalf of the user requesting the data. For example, if user john is running the client application, the service reads data using the authorization of john, not mapr.

All traffic between the Data Access Gateway and other MapR services is encrypted. This is done regardless of whether the underlying MapR file system volume has encryption enabled.

Warden manages the MapR Data Access Gateway. It handles stopping and starting of the service during node failovers and also controls the amount of memory assigned to the service.