Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

how to use apache Nifi on kerberized HDP Cluster nodes

avatar
author-rank kib
Expert Contributor

Created on ‎02-21-2017 09:19 AM - edited ‎08-19-2019 03:54 AM

I have 7 node Kerberized HDP cluster. I have installed apache Nifi on one of my HDP cluster nodes just for testing purpose. When I try to configure putHdfs processor, the following warning pops up:

12753-puthdfs.png

I tried to set the Kerberos properties as follows:

12755-puthdfs-kerberos.png

In addition to this, I set nifi.kerberos.krb5.file=/etc/krb5.conf

in the nifi.properties file. What is the correct configuration(on the Nifi host or HDFS host) for the putHdfs processor to work properly in this case?

Do I need to create Kerberos principal and Kerberos keytab file for the Nifi? Which service's principal or keytab file am I required to provide for "Kerberos Principal" and "Kerberos Keytab" fields in the putHdfs processor configuration?(is it the Nifi's or the Hdfs?)

Thanks,


puthdfs.png
7,375 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank pvillard author-rank
Guru

Created ‎02-21-2017 09:44 AM

Hi @Kibrom Gebrehiwot,

You need to set the

nifi.kerberos.krb5.file=/etc/krb5.conf

property so that NiFi is able to know the information about your realms/controllers and negotiate tickets. Once this property is set, NiFi must be restarted.

Then, in the PutHDFS processor, you need to use the principal and keytab of the user you want to use to push data into HDFS. It is recommended to use the principal/keytab of a user you created if you have one.

Hope this helps.

View solution in original post

5,385 Views
4 REPLIES 4

avatar
author-rank pvillard author-rank
Guru

Created ‎02-21-2017 09:44 AM

Hi @Kibrom Gebrehiwot,

You need to set the

nifi.kerberos.krb5.file=/etc/krb5.conf

property so that NiFi is able to know the information about your realms/controllers and negotiate tickets. Once this property is set, NiFi must be restarted.

Then, in the PutHDFS processor, you need to use the principal and keytab of the user you want to use to push data into HDFS. It is recommended to use the principal/keytab of a user you created if you have one.

Hope this helps.

5,386 Views

avatar
author-rank kib
Expert Contributor

Created ‎02-21-2017 12:03 PM

Thank you very much @Pierre Villard Your are answer was really helpful.

5,385 Views
0 Kudos

avatar
author-rank Guarupe
Contributor

Created ‎01-28-2021 03:26 AM

Hi @pvillard,
I have some doubts about what kind of keytab file to create. I don't know much about Kerberos and do not find much information about the kind of Keytab file I should use to connect my Nifi Cluster to a kerberized Cloudera Cluster. Can you help me?

3,763 Views

avatar
author-rank deepbaldha
Explorer

Created ‎06-11-2019 10:17 AM

The directory being specified is pointing to the NiFi server and not to the Hadoop Server Directory, please help,

Directory: /home/my_name is what i am keeping @Pierre Villard

5,385 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera DataFlow 2.9 now supports building GenAI pipelines ...
What's New @ Cloudera
Accelerate Data Scientist Productivity with Cloudera Copilot...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
Community Announcements
October 2024 Community Highlights
What's New @ Cloudera
Accelerate Your AI with the Cloudera AI Inference Service wi...
View More Announcements