Support Questions

Find answers, ask questions, and share your expertise

NiFi S2S between secure and unsecure clusters

avatar
Contributor

Hi

I have two HDF cluster, one secured (with SSL enabled) and the other without security.

Can I have the cluster 2 (unsecure) send data to cluster 1 (secured) with S2S ? if yes, what's the required configuration?

Thanks

1 ACCEPTED SOLUTION

avatar

Hi @Joe Harvy

The easiest way to achieve this is to pull data from the unsecure cluster rather than push to the secure cluster. You can achieve this by using an output port in the unsecure cluster and a remote process group that connect to this outport in the secure cluster. Since the RPG is directed to an unsecure cluster, no need to config certs.

The other approach is to configure your unsecure cluster by setting the Keystore/Truststore as you did for the secure cluster but without activating SSL. You will need also to add nodes in the secure cluster and give them the right to retrieve S2S details (see policies)

Edit: I've been asked this question several times by customers so I wrote a tutorial on these two option : https://community.hortonworks.com/articles/88473/site-to-site-communication-between-secured-https-a....

View solution in original post

1 REPLY 1

avatar

Hi @Joe Harvy

The easiest way to achieve this is to pull data from the unsecure cluster rather than push to the secure cluster. You can achieve this by using an output port in the unsecure cluster and a remote process group that connect to this outport in the secure cluster. Since the RPG is directed to an unsecure cluster, no need to config certs.

The other approach is to configure your unsecure cluster by setting the Keystore/Truststore as you did for the secure cluster but without activating SSL. You will need also to add nodes in the secure cluster and give them the right to retrieve S2S details (see policies)

Edit: I've been asked this question several times by customers so I wrote a tutorial on these two option : https://community.hortonworks.com/articles/88473/site-to-site-communication-between-secured-https-a....