About bbende

bbende · ‎02-05-2018

So just to confirm, step 1 you did this: ambari-server install-mpack --mpack=/tmp/hdf-ambari-mpack-<version>.tar.gz ambari-server restart ? It should be hdf-ambari-mpack-3.1.0.0-564.tar.gz to be exact.

bbende · ‎02-05-2018

Step 4 should be changing the base url for HDF underneath HDP 2.6.4 where there should be three base urls (HDF, HDP, HDP Utils). There can only be one stack installed, so there shouldn't actually be an HDF 3.1 version because what you are technically doing is adding HDF 3.1 services to the HDP 2.6.4 stack.

bbende · ‎02-05-2018

Did you follow the steps here? https://docs.hortonworks.com/HDPDocuments/HDF3/HDF-3.1.0/bk_installing-hdf-on-hdp/content/ch_base-url.html Step 3 - Install the HDF mpack on your HDP Ambari without purging Step 4 - Go into Ambari and change the baseUrl for HDF under your HDP 2.6.4 version Step 5 - Add the NiFi service

bbende · ‎02-05-2018

This should be resolved in Apache NiFi 1.4.0 and HDF 3.1... https://issues.apache.org/jira/browse/NIFI-4029 The title of the issue refers to Hortonworks Schema Registry, but it was a general problem when using a default value of null.

bbende · ‎02-01-2018

Can you see what is in /var/log/nifi/nifi-ca.stderr ?

bbende · ‎01-31-2018

Apache NiFi 1.5.0 + Apache NiFi Registry 0.1.0 offers a new approach to version control of flows, please take a look at these links: https://bryanbende.com/development/2018/01/19/apache-nifi-how-do-i-deploy-my-flow https://medium.com/@abdelkrim.hadjidj/fdlc-towards-flow-development-life-cycle-with-nifi-registries-82e1ee866fab

bbende · ‎01-30-2018

You can set the Initial Admin identity to the identity of one of your LDAP users. The value will be dependent on how you have configured NiFi's LDAP login-identity-provider. <property name="Identity Strategy">USE_DN</property> If Identity Strategy is USE_DN, then the Initial Admin value should be the full DN from LDAP. If Identity Strategy is USE_USERNAME, then the Initial Admin value should be just the username. You may also need to shutdown NiFi, and manually remove /var/lib/nifi/conf/users.xml and /var/lib/nifi/conf/authorizations.xml from each node, because NiFi only makes use of the Initial Admin when there are no other users/groups/policies defined.

bbende · ‎01-23-2018

What you will want to do is split your original JSON into a flow file per id, and then send them all to a single InvokeHttp processor and reference a variable in URL of InvokeHttp. Here is a high-level of how it might work... Lets say starting JSON is: { "ids" : [ "1", "2", "3" ] } First use SplitJson processor with a Json Path of $.ids, this will produce 3 flow files where the content of each is 1, 2, and 3 respectively. Second, use ExtractText processor.. add a user defined property with the name "my.id" and the value of (.*) That will extract the content of each flow file into an attribute called my.id. Finally, in InvokeHttp set the Remote URL to http://yourhost/path/${my.id} When InvokeHttp processors a flow file, it will evaluate Remote URL against the incoming flow file attributes, and replace ${my.id} with the value of that attribute on the particular flow file, which in this case will be 1, 2, or 3.

bbende · ‎01-19-2018

Based on all this info, it sounds like you have an identity mapping setup that maps your certificate identity like "CN=myuser, OU=xyz" to just "myuser". You can setup another identity mapping to handle kerberos identities... Something like this would map "myuser@myrealm" to "myuser" # nifi.security.identity.mapping.pattern.kerb=^(.*?)/instance@(.*?)$ # nifi.security.identity.mapping.value.kerb=$1

bbende · ‎01-19-2018

Ok, it is interesting is that you mentioned you can put the URL in Google Chrome and get the JSON back... Do you have a client certificate in your browser for NiFi? In your curl examples you are using Kerberos... Normally the first time you hit the UI, it exchanges the Kerberos ticket for a JWT (just like you were doing to get the token) and then it puts the JWT in local storage of your browser. On every request after that the UI code will send the Authorization header with the JWT from local storage. When you put the API URL directly into your browser, none of NiFi's UI code is running, so there isn't anything that would perform the ticket exchange, and nothing that would send the Authorization header. So I wouldn't expect that to work unless you had a client certificate in your browser. You may want to compare the nifi-user.log above, to one when you access the URL from Chrome to see if the requests are being made as the same identities.

Online	Offline
Last Visited	‎09-10-2020 01:23 PM

Member Since	‎09-29-2015 04:02 PM
Last Visited	‎09-10-2020 01:23 PM
Posts	871
Kudos received	709

Cloudera Community

Re: Using nifi registry in a nifi cluster.

Re: Is there a way to enable a stateful status upd...

Re: Automated Start/Stop of a NiFi Processor

Re: PublishKafkaRecord_0_10 1.2.0.3.0.1.1-5 Error:...

Re: how to configure mergecontent processor

Re: NiFi install failure. HDP 2.6.4.0 and HDF 3.1...

Re: NiFi install failure. HDP 2.6.4.0 and HDF 3.1...

Re: NiFi install failure. HDP 2.6.4.0 and HDF 3.1...

Re: Default Value Error by JsonTreeReader on using...

Re: Error starting NIFI Certificate Authority via ...

Re: How to do NiFi Git Integration.?

Re: Nifi autherization using Ldap

Re: Generate processors dynamically from JSON Obje...

Re: Getting "No applicable policies could be found...

Re: Getting "No applicable policies could be found...