Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

NIFI 2.0 Cluster Set Up

avatar
New Contributor

Hello

I am trying to set up a cluster with NiFi 2.0-M3 but have an error. 
My docker-compose file is here - https://hastebin.com/share/woqezesefi.yaml
Error:

2024-06-02 08:10:54,535 INFO [main] o.a.n.c.c.n.LeaderElectionNodeProtocolSender Determined that Cluster Coordinator is located at 248301603f5c:8082; will use this address for sending heartbeat messages
2024-06-02 08:10:54,536 INFO [main] o.a.n.c.p.AbstractNodeProtocolSender Cluster Coordinator is located at 248301603f5c/<unresolved>:8082. Will send Cluster Connection Request to this address
2024-06-02 08:10:54,571 WARN [main] o.a.nifi.controller.StandardFlowService Failed to connect to cluster due to: org.apache.nifi.cluster.protocol.ProtocolException: Failed marshalling 'CONNECTION_REQUEST' protocol message due to: javax.net.ssl.SSLHandshakeException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors

The same docker-compose is working fine with NiFi v1.x but fails with 2.0-M3. I am able to ligin in UI but see just one node, others can't connect to cluster.Single instance of NiFi 2.0-M3 is running fine. Are there any new settings need to be done in NiFi 2.0-M3? 
Thank you.

1 ACCEPTED SOLUTION

avatar
Super Mentor
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login
4 REPLIES 4

avatar
Community Manager

@inkerinmaa, Welcome to our community! To help you get the best possible answer, I have tagged our NiFi experts @SAMSAL @MattWho @steven-matison  who may be able to assist you further.

Please feel free to provide any additional information or details about your query, and we hope that you will find a satisfactory solution to your question.



Regards,

Vidya Sargur,
Community Manager


Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
Learn more about the Cloudera Community:

avatar
Super Mentor
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login

avatar
New Contributor

Hi, Matt. Thank you for your reply. I was reading v2 docs https://nifi.apache.org/documentation/v2/ and in section Basic Cluster Setup they described mandatory properties for the non-secure cluster. I thought v2 has the same option to be configured in non-secure way - since there is no direct mention in docs that the only way to set up a cluster is in secure way. This configuration I am going to use just for tests - strange that even for tests now it's required to deal with certs. I will try to do as you suggested with keystore and truststore. 

avatar
Super Mentor

@inkerinmaa 
Out of the box Apache NiFi is configured to be secure.  and Most browser do not support HTTP anymore and force redirect to HTTPS.  NiFi is going to come up in secured if you have the HTTPS port property configured in the nifi.properties file.  So you would need to unset that property for NiFi to start unsecure.

Thanks,
Matt