Member since
07-19-2016
91
Posts
10
Kudos Received
1
Solution
My Accepted Solutions
Title | Views | Posted |
---|---|---|
2695 | 08-12-2016 05:05 PM |
10-17-2017
06:28 PM
Hi Guys, I have a flow to ingest files from sftp server, by ListSFTP(primary node) -> FetchSFTP(all nodes). I uploaded 20 files(5MB each) to sftp server. I found all files are fetched and processed by the primary node. I was wondering how to make the tasks evenly distributed among all nodes, rather than only primary node. Is it because 20 files is small number or each file is too small? Thanks.
... View more
Labels:
- Labels:
-
Apache NiFi
10-17-2017
02:28 PM
Hi @Wynner, When I set Volatile content repository properties: nifi.volatile.content.repository.max.size=1 GB nifi.volatile.content.repository.block.size=32 KB It shows me "Content Repository out of space " exception, when I process a 20M dataset. From the code comment, I found " If no Backup Repository has been specified, when the threshold is exceeded, an IOException will be thrown" https://github.com/apache/nifi/blob/master/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/repository/VolatileContentRepository.java 1. How to setup the Backup Repository for volatile content repository? 2. Is my above setting for "nifi.volatile.content.repository.max.size" correct? It seems still using the default 100MB. Thanks.
... View more
09-28-2017
06:50 PM
Hi @Bryan Bende I have a new issue when I tried to login Initial Admin Identity by using username and password. In previous test, I successfully made the client cert login work. I have an principle "admin@NIFI.COM" in kerberos, and "admin@NIFI.COM" as Initial Admin in authorizers.xml When I login as "admin", the user log shows: 2017-09-28 14:27:06,112 INFO [NiFi Web Server-120] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for admin@NIFI.COM 2017-09-28 14:32:13,193 ERROR [NiFi Web Server-19] o.a.nifi.web.security.jwt.JwtService There was an error validating the JWT io.jsonwebtoken.JwtException: Unable to validate the access token. Caused by: io.jsonwebtoken.SignatureException: JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted. When the nifi cluster is up, I can login in as "admin". After logout, and login again, NiFi gives me above error. Is it caused by the browser cache the token? Thanks.
... View more
09-25-2017
07:53 PM
Hi @bkosaraju, Below command works to generate a token. $ curl -k 'https://<nifi-server>:9091/nifi-api/access/token'-H 'Accept-Encoding: gzip, deflate, br'-H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8'-H 'Accept: */*'--data 'username=<username>&password=<password>'--compressed However, $ curl -k -X GET 'https://<nifi-server>:9091/nifi-api/cluster/summary' -H 'Authorization: Bearer $token' --compressed returns: Unable to validate the access token. Any idea about it? Do I need to run above commands in one nifi node, or any machine? Thanks.
... View more
09-20-2017
01:39 PM
hi @bkosaraju, Thank you for your response. I did enable the kerberos-provider section. I guess I need to install krb5-user on the machine I will run the above commends, right? I was just wondering whether I need to use keytool to import nifi-cert.pem in my machine? What's the usage of nifi-cert.pem generated by the tls-tool? Thanks.
... View more
09-19-2017
06:40 PM
Hi guys, I build a secured NiFi cluster authenticated by Kerberos and use TLS tool standalone mode to generate client certificates. I am able to use NiFi Rest Api to access the unsecured cluster. When I want to use username/password of principle created in Kerberos to build a REST call for a secured cluster in curl, I got below error. Unknown user with identity 'anonymous'. Contact the system administrator. I was wondering whether I should install some certificate in my local machine to use curl. Thanks.
... View more
Labels:
- Labels:
-
Apache NiFi
09-19-2017
06:34 PM
Hi @Arti Wadhwani, Could we use username/password of the principle created in Kerberos to login? Since I don't have kinit in nifi node. Thanks.
... View more
09-15-2017
07:12 PM
Hi @Bryan Bende, I deleted my previous replies since it's misleading. Let me restate the current issue clearly. The reason I saw below error "Unknown user with identity 'alvin@NIFI.COM'. Contact the system administrator." is due to I login Initial Admin account to add user "CN=alvin, OU=NIFI.COM" in NiFi web. The correct way is to add 'alvin@NIFI.COM' and set its policy. After that my issue is gone. Thanks.
... View more
09-08-2017
08:06 PM
Hi @Bryan Bende, It seems the authentication works now. But I have issue with authorization. I used the file-based authorization approach. After I type username and password, it says "Unknown user with identity 'alvin@NIFI.COM'. Contact the system administrator." instead of prompting out "Justification" page. Any idea? Thanks. 2017-09-08 19:48:33,294 INFO [NiFi Web Server-29] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for alvin@NIFI.COM
2017-09-08 19:48:33,295 INFO [NiFi Web Server-29] o.a.n.w.a.c.AccessDeniedExceptionMapper identity[alvin@NIFI.COM], groups[none] does not have permission to access the requested resource. Unknown user with identity 'alvin@NIFI.COM'. Returning Forbidden response. 2017-09-08 19:48:33,295 DEBUG [NiFi Web Server-29] o.a.n.w.a.c.AccessDeniedExceptionMapper
org.apache.nifi.authorization.AccessDeniedException: Unknown user with identity 'alvin@NIFI.COM'.
at org.apache.nifi.web.api.FlowResource.authorizeFlow(FlowResource.java:230)
at org.apache.nifi.web.api.FlowResource.getCurrentUser(FlowResource.java:316)
... View more
09-08-2017
03:52 PM
Hi @Bryan Bende, Thank you for this tutorial. Very helpful. May I ask do we need to also set up below properties in a cluster mode? nifi.kerberos.service.principal nifi.kerberos.service.keytab.location Is kerberos.service and kerberos.spnego one or another? Or both must be set? Since I saw some examples set up kerberos.service rather than kerberos.spnego, e.g. https://community.hortonworks.com/articles/34147/nifi-security-user-authentication-with-kerberos.html Thanks.
... View more