Member since
04-05-2016
130
Posts
93
Kudos Received
29
Solutions
My Accepted Solutions
Title | Views | Posted |
---|---|---|
3791 | 06-05-2018 01:00 AM | |
5142 | 04-10-2018 08:23 AM | |
5650 | 07-18-2017 02:16 AM | |
2914 | 07-11-2017 01:02 PM | |
3342 | 07-10-2017 02:10 AM |
11-24-2016
09:03 AM
The second error message on bulletin indicating that any Hadoop configuration file could not be found. Please check file path configured at 'Hadoop Configuration Resources' of ListHDFS. It should point at core-site.xml and hdfs-site.xml, and should be accessible by the user running NiFi.
... View more
11-24-2016
12:40 AM
Hello @mayki wogno Yes, a VIP should work as an URL of RPG. A load balancer such as HAProxy can also be used in front of a NiFi cluster and use its host:port as RPG URL. After RPG got cluster information from the such URL (propagating the request to one of NiFi node), it will access each node with its IP or hostname directly to transfer data. Also, there's an ongoing effort to allow multiple URLs as RPG URL to avoid making it a SPOF: https://issues.apache.org/jira/browse/NIFI-3026
... View more
11-24-2016
12:30 AM
@Saikrishna Tarapareddy I hadn't read this comment when I wrote a reply few seconds ago. Glad to hear that it worked!
... View more
11-24-2016
12:29 AM
Hi @Saikrishna Tarapareddy Please double check the 'CN=nifistos, OU=nestle' user has right policy settings to use Site-to-Site. The user needs 'retrieve site-to-site details' in global policies (top-right menu) 'receive data via site-to-site' policy of the Input Port (select the Input Port and click the key icon on the operation palette on the left) Once the user got authenticated, the all authorization checks the user has to pass are above two policies.
... View more
11-16-2016
12:48 AM
Hi @Saikrishna Tarapareddy Did you add the remote NiFi's cert or its CA cert to local NiFi's truststore? You also need to add the local NiFi cert or its CA cert to the remote NiFi's truststore. The error message usually indicates that the cert is not trusted because it was unable to find valid certification path. Please use keytool command looks like below, to add certs into a truststore: keytool -importcert -file certificate.cer -keystore keystore.jks -alias "Alias"
Thanks, Koji
... View more
11-15-2016
02:37 PM
@Matt Thanks for the clarification! @Saikrishna Tarapareddy I tried setup a secured NiFi instance configured with LDAP and access it from a unsecured NiFi instance. It worked as expected. I wrote up a summary in this blog. http://ijokarumawak.github.io/nifi/2016/11/15/nifi-auth/ Please let us know if you need further assistance. Thanks, Koji
... View more
11-15-2016
04:57 AM
@Saikrishna Tarapareddy Hi, 1. No, different keystore and truststore can be used. 2. Yes, you have to grant the user access to 'retrieve site-to-site' and 'receive data via site-to-site'. The remote NiFi will authenticate the local NiFi using local NiFi's client cert DN. You might have to map the DN to a LDAP user if LDAP is used to authorization. You can find following settings to map user identities among different authentication mechanisms: # Identity Mapping Properties #
# These properties allow normalizing user identities such that identities coming from different identity providers
# (certificates, LDAP, Kerberos) can be treated the same internally in NiFi. The following example demonstrates normalizing
# DNs from certificates and principals from Kerberos into a common identity string:
#
# nifi.security.identity.mapping.pattern.dn=^CN=(.*?), OU=(.*?), O=(.*?), L=(.*?), ST=(.*?), C=(.*?)$
# nifi.security.identity.mapping.value.dn=$1@$2
I haven't tried LDAP into the mix, so when I have time, I'll try to confirm it works as expected. Regards, Koji
... View more
11-14-2016
11:32 PM
3 Kudos
@Saikrishna Tarapareddy @Matt A unsecured NiFi instance can interact with a secured NiFi instancy, if it's configured with its keystore and truststore, and also the remote NiFi has a proper user and policies configured with it. I have a working example on Github, nifi-integration-test, that confirms inter connectivity among unsecured/secured/standalone/clustered NiFi instances, in which you can find example nifi.properties, keystore and truststore. Here are important properties to configure: Unsecured NiFi (local instance in your use case) nifi.web.http.port=8080
nifi.web.https.port= (blank) nifi.security.keystore=(configure keystore and truststore) e.g. nifi-sp.properties Secured NiFi (remote instance in your use case) nifi.web.http.port=(blank) nifi.web.https.port= 8443 nifi.security.keystore=(configure keystore and truststore) nifi.remote.input.secure=true e.g. nifi-ss.properties Hope this helps, Koji
... View more
11-01-2016
08:59 AM
Hello Kumar, There's an ongoing effort to provide a feature to reset Kafka offset from NiFi UI. We're trying to provide a way for NiFi user to reset state, that is managed externally, such as Kafka offset. https://issues.apache.org/jira/browse/NIFI-2078 https://github.com/apache/nifi/pull/563 Specifically, clear offset by submitting new offset as -1. https://github.com/apache/nifi/pull/563/files#diff-c473fdb0ebb08dd72a64d0e6536e85c0R396 I hope I'll be able to resume working on that JIRA soon, please watch the JIRA issue to be updated progress.
... View more
10-20-2016
12:08 PM
Hello, First of all, excuse me if I'm wrong, but HHTP is HTTP? I couldn't find resources with HHTP if it's another protocol. But for HTTP, NiFi has a lot. If it's simple GET or POST requests, I'd recommend GetHTTP, PostHTTP, or InvokeHTTP. Or if you need to do some processing after receiving HTTP request and before returning response, HandleHttpRequest and HandleHttpResponse can be helpful. Thanks!
... View more