Member since
08-08-2024
114
Posts
28
Kudos Received
14
Solutions
My Accepted Solutions
| Title | Views | Posted |
|---|---|---|
| 131 | 06-22-2026 10:01 AM | |
| 209 | 06-12-2026 07:16 AM | |
| 497 | 05-26-2026 11:44 AM | |
| 621 | 05-26-2026 09:56 AM | |
| 565 | 04-15-2026 11:56 AM |
07-01-2026
09:48 AM
I think this is wrong, but maybe I'm being dumb or missing something obvious here: "certs only need to have the SANs matching what the nodes uses to talk each other." I DO need public DNS names if I don't want users to see cert errors though right? The certs don't _only_ need to match the node names they need to be issued from a trusted CA which requires the nodes to have public DNS names. This is the main issue. I can easily automate issuing self-signed certs for node communication (without having to deploy a whole PKI, DNS, letsencrypt, etc) BUT because NIFI uses the same channel for APIs users will see cert errors and I wont be able to terminate SSL at the LB Perhaps there is a way to issue self-signed certs AND terminate SSL at the LB with a different public cert and then maybe do some kind of redirect? Ultimately users would still be redirected to the URL with the self-signed cert and see errors though I think? I think the only way to do this is... Drop SSL everywhere (but how ?) I've been trying to just drop all security to make it all HTTP so I can terminate SSL at the LB, but this is really poorly documented and I haven't been able to actually get it to do everything HTTP. NIFI has so many of its internals super tightly coupled to HTTPS and there are so many individual configuration fields related to this. Is there any known working config to just set it to HTTP everywhere? I have it running on k8s and I can use security features of the cluster to lock it down instead. Hell I even gave it its own cluster so its even more isolated, I definitely don't need HTTPS for intra-node communication.
... View more
06-30-2026
10:16 AM
Hello @moekraft, Thanks for reaching our community. As of now, none of the runtimes supports JDK 21. But I see there are efforts to include support for it on newer but also on those LTS releases. Still we do not have information to share about the estimated time, but you can be sure that Cloudera is actively checking on the supported depencies and their EOS to always have a supported version. You should expect that in the future, before the EOS is met, Cloudera would provide support and communications.
... View more
06-25-2026
03:08 AM
Spark lazily evaluates the workload. The actual execution happens when you write the output, usually. If it gets stuck there that means the workload is not tuned with respect to your infrastructure. Try checking the logs, most likely you need to tune your shuffle partition and/or repartition your data.🙂
... View more
06-22-2026
10:01 AM
Congratulations on your certification! Keep it up!
... View more
06-12-2026
07:16 AM
Hello @Seaport, Thanks for reaching Cloudera Community. Unfortunately, there is no option to use Airflow on base cluster. The only possible way to use it is with Data Services, in this case CDE.
... View more
06-03-2026
06:06 PM
@AlokKumar You need to make sure each user is authenticating with a unique username in order to know which user made a change If you are using the same user, then all recorded changes will show that single user. Form a pure security standpoint it is a bad practice to have multiple users share authentication credentials. Apache NiFi offers numerous methods for User Authentication. While Lightweight Directory Access Protocol (LDAP) is probably the most commonly used, there are other options to include OpenID Connect, Kerberos, SAML, JSON Web Tokens, and X.509 Client Certificates. If you are currently using the default Single User authentication which the utilizes the Single User authorizer, you will also need to select a different Multi-Tenant Authorization as well to go with the new multi user authentication methods. The most commonly used is the StandardManagedAuthorizer. Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt
... View more
06-01-2026
01:38 AM
@raghavhinduja26 kindly find below CDP installation steps from ubuntu 20 point of view https://docs.cloudera.com/cdp-private-cloud-base/7.1.9/installation/topics/cdpdc-requirements-supported-versions.html
... View more
05-29-2026
05:59 AM
Hello @LaurisG_, Glad to hear that. Have a great weekend too,
... View more
05-29-2026
03:16 AM
1 Kudo
Oh, my bad! Miss that part about CM 7.11.x is not supported with 7.3.2 runtime. Thanks guys - I've try with CM 7.13. and 7.3.2 runtime combo - Cluster shine Green! x )) Thanks, and have a good weekend x ))
... View more
05-13-2026
05:03 AM
@nisaar I agree with @vafs that sharing the completed ERROR and stack trace is always gong to be most helpful in your community questions. Those full stack traces will have classes like "net.schmizz.sshj.transport" that you could try putting in to DEBUG within the NiFi logback to see what additional logging that class (not a NiFi library, but used by NiFi) may provide. Matt
... View more