Support Questions

Find answers, ask questions, and share your expertise

Error accessing NIFI remote port thru SSH tunnel

avatar
Super Collaborator

We have a NiFi instance running on a remote server where we can only access ports thru SSH Tunneling from another server. So we setup a tunnel for nifi port 9090 and was able to successfully access it from a citrix server using http://localhost:10090/Nifi where port 10090 is tunneling to http://nifiserver:9090/Nifi. This scenario is working.

i created input port and a putHDFS on the remote NiFi server and trying to access it from the NiFi instance on the citrix server , i am getting connection timeouts. The dataflow was able to recognise the fact that there is a remote port on the other machine.

Also what is the reason behind the calling NiFi needing connectivity to remote port.? it would have been better if that is handled on the remote instance , because it can connect to the web port.(9090 here) .

any ideas on what to do.??

2016-08-18 13:03:40,919 ERROR [Timer-Driven Process Thread-8] o.a.nifi.remote.StandardRemoteGroupPort RemoteGroupPort[name=POV-HDFSInput,target=http://localhost:10090/nifi] failed to communicate with http://localhost:10090/nifi due to java.net.ConnectException: Connection timed out: no further information

1 ACCEPTED SOLUTION

avatar
Super Collaborator

Its working now after I changed it to localhost, i think as you mentioned it was resolving to server’s IP address earlier and now with “localhost” as the hostname , the Tunnel is routing it to the 9091 port.

View solution in original post

7 REPLIES 7

avatar
Master Guru

On the instance where you have POV-HDFSInput, what is the value of nifi.remote.input.socket.port in nifi.properties?

You would need to be tunneled as well, and i think it would have to be tunneled to the same port, since the first NiFi is going to make a REST call http://localhost:10090/nifi and ask what port to use for site-to-site and it is going to return the value of nifi.remote.input.socket.port.

avatar
Super Collaborator

i think thats where its failing. the remote port on the input port is 9091. in the local NiFi i didn't set any remote port. so you are suggesting to set up a tunnel . what would be my local port for tunnel .?? i tried with local 9091 and to destination nifi remote 9091. but was getting the same error. i think its because its not using 9091 on local correct.?

avatar
Master Guru

Tunneling 9091 to 9091 seems correct, I'm wondering if the hostname is also a problem... did you also set a value for nifi.remote.input.socket.host? I have a feeling that its trying to connect to the hostname or ip, rather than localhost:9091.

avatar
Super Collaborator

Hi Bryan,

here are my config files and settings..

local instance of nifi

# Site to Site properties

nifi.remote.input.socket.host=

nifi.remote.input.socket.port=

nifi.remote.input.secure=false

--Remote instance of nifi

nifi.remote.input.socket.host=

nifi.remote.input.socket.port=9091

nifi.remote.input.secure=false

SSH Tunnel on local server (where local instance of NiFi is running)

6815-tunnel.png

and here is how my local dataflow looks..

6813-localnifi.png

remote

6814-remotenifi.png


tunnel.png

avatar
Master Guru

Can you try setting nifi.remote.input.socket.host=localhost on the one where 9091 is set, you'll have to restart after changing that value. Curious to see if that changes behavior.

avatar
Super Collaborator

Its working now after I changed it to localhost, i think as you mentioned it was resolving to server’s IP address earlier and now with “localhost” as the hostname , the Tunnel is routing it to the 9091 port.

avatar
Master Guru

Glad to hear it!