Cloudera Community
asand3r
user rank
Explorer

Re: NiFi: how to select specific Kerberos encrypti...

by Explorer in Support Questions
‎09-21-2025 02:55 AM
‎09-21-2025 02:55 AM
I guess, that my problem has not solution from NiFi side and we just need to correct HDFS settings to accept other encryption types in addition to arcfour-hmac-md5. ... View more

Re: NiFi stuck data in queue between processors

by Explorer in Support Questions
‎09-18-2025 03:37 AM
‎09-18-2025 03:37 AM
@MattWho wrote:  Now if there are network issues, Kafka may do a rebalance and assign more partitions to fewer consumers.  We have an issue with JVM stop-the-world because. We are still using Java 8.0 in this cluster, so periodically JVM freezes about 5-15 seconds to perform GC. May it be a cause of LoadBalance issue? ... View more

Re: NiFi: how to select specific Kerberos encrypti...

by Explorer in Support Questions
‎09-18-2025 01:33 AM
‎09-18-2025 01:33 AM
Hey, @vafs. You know, I've tried that, but seems it doesn't work with Java applications. I've add next section to my krb5.conf, that uses by NiFi server (I set custom file with nifi.kerberos.krb5.file): [appdefaults] service.name@DOMAIN.NAME.ORG = { default_tkt_enctypes = arcfour-hmac-md5 ... default_tgs_enctypes = arcfour-hmac-md5 ... permitted_enctypes = arcfour-hmac-md5 ... allow_weak_crypto = true } After that I restarted NiFi service just in case and nothing happen. But, if I return there options to [libdefaults] all works fine again. Also, I've grep JDK sources to determine is [appdefaults] sections parsed by Java Kerberos implementation and find nothing. I think, the solution with [appdefaults] just shouldn't work. =( ... View more

Re: NiFi stuck data in queue between processors

by Explorer in Support Questions
‎09-15-2025 02:59 AM
‎09-15-2025 02:59 AM
@MattWho  We have 30 partitions for that topic and Concurrent tasks set to 5. ... View more

NiFi: how to select specific Kerberos encryption t...

by Explorer in Support Questions
‎09-14-2025 02:10 AM
‎09-14-2025 02:10 AM
Hello, community. 😃 I have an interesting case with NiFi (for me =P). We have: 1. HDFS kerberized service that configured to use arcfour-hmac-md5 (rc4-hmac) for all default_tkt_enctype, default_tgs_enctypes and permitted_enctypes (yeap, it's legacy and now I cannot change it) 2. Other kerberized applications, e.g. Kafka with disabled arcfour-hmac-md5 (allow_weak_crypto = false, permitted_enctypes excludes arcfour-hmac-md5) And I have no idea how to configure NiFi to communicate with that applications on time and use exactly supported TGS enctype for each one. If I set default_tgs_enctype in krb5.conf on NiFi to:   default_tgs_enctypes = arcfour-hmac-md5 aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192   HDFS with arcfour-hmac-md5 works fine, but Kafka (where arcfour-hmac-md5 is disabled) fails. And vise versa -- moving arcfour-hmac-md5 down of the default_tgs_enctypes list broke HDFS communications but Kafka starts to work. In krb5.conf I can override it in [appdefaults] section for different applications to workaround, but I don't know how to use it within NiFi and it's processors. Is it possible?  ... View more
Labels:

Re: NiFi stuck data in queue between processors

by Explorer in Support Questions
‎09-14-2025 01:52 AM
‎09-14-2025 01:52 AM
Thank you for such detailed answer. It's very helpful. ... View more

Re: NiFi stuck data in queue between processors

by Explorer in Support Questions
‎08-18-2025 06:29 AM
‎08-18-2025 06:29 AM
Thanks, @MattWho for your points to LoadBalance. The 3rd node really had network connection issues that time, so maybe it takes place. For now it works fine, so I cannot do test steps that you offer. But I don't fully get your point about LB after ConsumeKafka. If Load balance is enabled is queue between ConsumeKafka and EvaluateJsonPath I can see that data is distributes along all cluster nodes in Data Provenance (look at screenshot below) , but if I disable it, only one node is presents here: My configuration with RoundRobin LB is wrong?   ... View more

NiFi stuck data in queue between processors

by Explorer in Support Questions
‎08-12-2025 02:54 AM
‎08-12-2025 02:54 AM
Hey, communiy! We have a NiFi Cluster 1.18.0 (still so, yeap, sorry) and next issue do my mind. Simple flow, where we read data from Kafka with ConsumeKafka Processor and process it with EvaluateJsonPath after. One time we can see that queue between processors are stuck with data and nothing happens while EvaluateJsonPath or whole canvas not restared (right click -> stop -> start): Connection settings: Back Pressure Threshold: 10 000; Size Threshold: 1 Gb LB Strategy: Round Robin Queue threshold exceeded only on 3rd cluster node:   Additional configuration data: Maximum timer driven thread count: 400 112 cores per node (2 CPU, 28 physical cores, 112 total with hyperthreading)  So, as soon as I stop and start canvas -- all works fine again. Why it happens? How can I find the reason?  ... View more
Labels:

Re: NiFi UI load balance with HAProxy to CONNECTED...

by Explorer in Support Questions
‎07-31-2025 01:58 AM
‎07-31-2025 01:58 AM
OK, @MattWho, thanks for your help. ... View more

Re: NiFi UI load balance with HAProxy to CONNECTED...

by Explorer in Support Questions
‎07-29-2025 10:27 AM
‎07-29-2025 10:27 AM
But there methods requires authentication. As I know it's not possible to create internal NiFi service user with persistent auth token to make a health check with it. So, right way is HAProxy agent check?  ... View more
Contact Me
Online
Offline
Last Visited
‎11-09-2025 03:10 PM
Community Statistics
Member Since ‎05-14-2025 04:43 AM
Last Visited ‎11-09-2025 03:10 PM
Posts 24