Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

NiFi S2S between secure and unsecure clusters

Solved Go to solution
Highlighted

NiFi S2S between secure and unsecure clusters

Explorer

Hi

I have two HDF cluster, one secured (with SSL enabled) and the other without security.

Can I have the cluster 2 (unsecure) send data to cluster 1 (secured) with S2S ? if yes, what's the required configuration?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: NiFi S2S between secure and unsecure clusters

Hi @Joe Harvy

The easiest way to achieve this is to pull data from the unsecure cluster rather than push to the secure cluster. You can achieve this by using an output port in the unsecure cluster and a remote process group that connect to this outport in the secure cluster. Since the RPG is directed to an unsecure cluster, no need to config certs.

The other approach is to configure your unsecure cluster by setting the Keystore/Truststore as you did for the secure cluster but without activating SSL. You will need also to add nodes in the secure cluster and give them the right to retrieve S2S details (see policies)

Edit: I've been asked this question several times by customers so I wrote a tutorial on these two option : https://community.hortonworks.com/articles/88473/site-to-site-communication-between-secured-https-a....

View solution in original post

1 REPLY 1
Highlighted

Re: NiFi S2S between secure and unsecure clusters

Hi @Joe Harvy

The easiest way to achieve this is to pull data from the unsecure cluster rather than push to the secure cluster. You can achieve this by using an output port in the unsecure cluster and a remote process group that connect to this outport in the secure cluster. Since the RPG is directed to an unsecure cluster, no need to config certs.

The other approach is to configure your unsecure cluster by setting the Keystore/Truststore as you did for the secure cluster but without activating SSL. You will need also to add nodes in the secure cluster and give them the right to retrieve S2S details (see policies)

Edit: I've been asked this question several times by customers so I wrote a tutorial on these two option : https://community.hortonworks.com/articles/88473/site-to-site-communication-between-secured-https-a....

View solution in original post

Don't have an account?
Coming from Hortonworks? Activate your account here