Understanding the MapR Data Access Gateway

The MapR Data Access Gateway is a service that acts as a proxy and gateway for translating requests between lightweight client applications and the MapR cluster. For the MEP 5.0 release, the service is used by the MapR Database JSON REST API. Starting in the MEP 6.0 release, the service is also used by the Node.js and Python OJAI clients.

For the OJAI clients that connect to the Data Access Gateway, MapR uses gRPC, an open-source RPC framework, to expose the MapR Database OJAI API to the client. RPC message headers for individual messages are encoded using Protocol Buffers. The message payload is encoded using an OJAI JSON encoding. Depending on whether your MapR cluster has security enabled, TLS is either enabled or disabled, by default, for the gRPC service. When TLS is enabled, the SSL provider is OpenSSL.

The service runs on nodes in your MapR cluster. You can install the service manually or using the MapR Installer. Both installation methods also support upgrades of existing MapR clusters. When installing the service, you can decide the number of nodes to install the service on. The number you need depends on your scalability requirements. Regardless of your scalability requirements, you should install the service on at least two nodes, to provide high availability. To load balance requests and to achieve high availability and failover, you must use an external load balancer. See gRPC Load Balancing for recommendations and best practices when using an external load balancer with gRPC.

The service runs as user mapr. But, the service issues all data access calls on behalf of the user requesting the data. For example, if user john is running the client application, the service reads data using the authorization of john, not mapr.

All traffic between the Data Access Gateway and other MapR services is encrypted. This is done regardless of whether the underlying MapR file system volume has encryption enabled.

Warden manages the MapR Data Access Gateway. It handles stopping and starting of the service during node failovers and also controls the amount of memory assigned to the service.