https://community.cloudera.com/t5/Support-Questions/nifi-issue-accessing-UI-after-activating-kerberos-with/m-p/234820#M196640 <P>I've this error after rollback from SSL config <BR />"nifi Cannot replicate request to Node because the node is not connected"</P><P><BR /></P><P>It's Work.</P><P>Thanks.</P> Thu, 14 Mar 2019 14:51:22 GMT poom 2019-03-14T14:51:22Z https://community.cloudera.com/t5/Support-Questions/nifi-issue-accessing-UI-after-activating-kerberos-with/m-p/234818#M196638 <P>hello,</P><P>We have installed a secured hdp 3.1 cluster on Centos 7.5.</P><P>Then we installed mpack in order to add a nifi single node.</P><P>The unsecure version worked correctly (at least it displayed the ui correctly ) but upon activating ssl ( with auto generated certificate ) and activating kerberos for authentification, when connecting, we got the following error :</P><P>Cannot replicate request to Node my_nifi_FDQN_node:9090 because the node is not connected</P><P>This is strange because we use the secure version and connect to nifi via <A rel="noopener noreferrer noopener noreferrer noopener noreferrer noopener noreferrer noopener noreferrer noopener noreferrer" href="https://opnfias11.si.reunion.ftm.francetelecom.fr:9091/nifi/" target="_blank">https://my_nifi_FDQN_node:9091/nifi/</A> and it should not try to connect to 9090.</P><P>In nifi-user.log, we can see :</P><BLOCKQUOTE>2019-02-22 11:19:10,767 INFO [NiFi Web Server-21] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for my_ldap_user<BR />2019-02-22 11:19:10,772 INFO [NiFi Web Server-21] o.a.n.w.a.c.IllegalClusterStateExceptionMapper org.apache.nifi.cluster.manager.exception.IllegalClusterStateException: Cannot replicate request to Node my_nifi_FDQN_node:9090 because the node is not connected. Returning Conflict response.</BLOCKQUOTE><P>I don't know if it has something to do with it but I also got the following audit-log error in the nifi-app.log</P><P><BR /></P><BLOCKQUOTE>2019-02-22 11:19:08,991 INFO [Clustering Tasks Thread-1] o.a.n.c.c.ClusterProtocolHeartbeater Heartbeat created at 2019-02-22 11:19:08,861 and sent to my_nifi_FDQN_node:9088 at 2019-02-22 11:19:08,991; send took 130 millis<BR />2019-02-22 11:19:11,865 INFO [org.apache.ranger.audit.queue.AuditBatchQueue0] o.a.r.audit.provider.BaseAuditHandler Audit Status Log: name=nifi.async.batch.hdfs, interval=11:42.021 minutes, events=1, deferredCount=1, totalEvents=5, totalDeferredCount=5<BR />2019-02-22 11:19:11,866 INFO [org.apache.ranger.audit.queue.AuditBatchQueue0] o.a.r.a.destination.HDFSAuditDestination Returning HDFS Filesystem Config: Configuration: core-default.xml, core-site.xml, mapred-default.xml, mapred-site.xml, yarn-default.xml, yarn-site.xml, hdfs-default.xml, hdfs-site.xml<BR />2019-02-22 11:19:11,879 INFO [org.apache.ranger.audit.queue.AuditBatchQueue0] o.a.r.a.destination.HDFSAuditDestination Checking whether log file exists. hdfPath=hdfs://my_master_node:8020/ranger/audit/nifi/20190222/nifi_ranger_audit_my_nifi_FDQN_node.log, UGI=nifi/_HOST@REALM (auth:KERBEROS)<BR />2019-02-22 11:19:11,887 ERROR [org.apache.ranger.audit.queue.AuditBatchQueue0] o.a.r.audit.provider.BaseAuditHandler Error writing to log file.<BR />java.io.IOException: DestHost:destPort my_master_node:8020 , LocalHost:localPort my_nifi_FDQN_node/my_nifi_IP_node:0. Failed on local exception: java.io.IOException: Couldn't set up IO streams: java.lang.IllegalArgumentException: Failed to specify server's Kerberos principal name<BR />2019-02-22 11:19:11,887 INFO [org.apache.ranger.audit.queue.AuditBatchQueue0] o.a.r.a.destination.HDFSAuditDestination Flushing HDFS audit. Event Size:1<BR />2019-02-22 11:19:11,887 WARN [org.apache.ranger.audit.queue.AuditBatchQueue0] o.a.r.audit.provider.BaseAuditHandler failed to log audit event: {"repoType":10,"repo":"datalake_prod_nifi","reqUser":"XXXX","evtTime":"2019-02-22 11:19:10.770","access":"READ","resource":"/flow","resType":"nifi-resource","action":"READ","result":1,"policy":18,"enforcer":"ranger-acl","cliIP":"client_ip","agentHost":"my_nifi_FDQN_node","logType":"RangerAudit","id":"cf2fd979-945c-4461-a1df-c40c42defdd1-5","seq_num":11,"event_count":1,"event_dur_ms":0,"tags":[]}, errorMessage=<BR />2019-02-22 11:19:11,887 WARN [org.apache.ranger.audit.queue.AuditBatchQueue0] o.a.r.audit.provider.BaseAuditHandler Log failure count: 1 in past 11:42.022 minutes; 6 during process lifetime<BR /><BR /></BLOCKQUOTE><P>Nifi is very new to me so I'm not sure what information to look for.</P><P><BR /></P><P>BR,</P> Sat, 23 Feb 2019 03:51:02 GMT https://community.cloudera.com/t5/Support-Questions/nifi-issue-accessing-UI-after-activating-kerberos-with/m-p/234818#M196638 obrobecker 2019-02-23T03:51:02Z https://community.cloudera.com/t5/Support-Questions/nifi-issue-accessing-UI-after-activating-kerberos-with/m-p/234819#M196639 <P>Hi,</P><P><BR /></P><P>Found out that there was a snapshot file hanging around with a reference to the old unsecure URL.</P><P>I've deleted the /var/lib/nifi/state/local/snapshot file and I nearly works. got an authorization error but some ranger tuning will overcomes it.</P><P><BR /></P><P>BR</P> Tue, 26 Feb 2019 19:34:32 GMT https://community.cloudera.com/t5/Support-Questions/nifi-issue-accessing-UI-after-activating-kerberos-with/m-p/234819#M196639 obrobecker 2019-02-26T19:34:32Z https://community.cloudera.com/t5/Support-Questions/nifi-issue-accessing-UI-after-activating-kerberos-with/m-p/234820#M196640 <P>I've this error after rollback from SSL config <BR />"nifi Cannot replicate request to Node because the node is not connected"</P><P><BR /></P><P>It's Work.</P><P>Thanks.</P> Thu, 14 Mar 2019 14:51:22 GMT https://community.cloudera.com/t5/Support-Questions/nifi-issue-accessing-UI-after-activating-kerberos-with/m-p/234820#M196640 poom 2019-03-14T14:51:22Z