Cloudera Community
MattWho
user rank
user rank
Master Mentor

Re: Nifi 2.0-M2 Support with flow xml gz

by Master Mentor Master Mentor in Support Questions
‎02-03-2025 06:24 AM
‎02-03-2025 06:24 AM
@Shampy  You are saying that with no flow.json.gz file present, NIFi throws above exception on startup.  With No flow.json.gz file, NiFi will create one during startup. I also suggest using the official Apache NiFi 2.x release and stop using the pre-release Maintenance releases that were put out during development of NiFi 2.x.  There were 4 maintenance (M1 - M4) releases put out before the first official release of Apache NiFi 2.0.0. The latest official release ofd Apache NiFi 2.x is NiFi 2.2.0 which can be downloaded from here: https://nifi.apache.org/download/ Please help our community thrive. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

Re: NiFi Authentication with LDAP Groups

by Master Mentor Master Mentor in Support Questions
‎01-31-2025 08:27 AM
1 Kudo
‎01-31-2025 08:27 AM
1 Kudo
@mslnrd  While kind of related, to prevent confusing other community members, it would be better to start a new community question for this.  This question involves proper authorizers.xml configuration and the new question is specific to user-group-provider configuration.  Feel free to ping me in that new question so I get notified when it is created. Thank you, Matt ... View more

Re: Apache Nifi 2.0 Dockerized running insecure on...

by Contributor in Support Questions
‎01-31-2025 04:29 AM
‎01-31-2025 04:29 AM
Based on the initial input in the question, slightly adapted the following seems to work for me (1.27.0) docker run --rm --name nifi -p 8080:8080 \ -e NIFI_WEB_HTTP_PORT=8080 \ -e NIFI_WEB_HTTPS_PORT= \ -e NIFI_WEB_HTTPS_HOST= \ -e NIFI_SECURITY_KEYSTORE= \ -e NIFI_SECURITY_KEYSTOREPASSWD= \ -e NIFI_SECURITY_KEYPASSWD= \ -e NIFI_SECURITY_TRUSTSTORE= \ -e NIFI_SECURITY_TRUSTSTOREPASSWD= \ apache/nifi:1.27.0 --- --- from container nifi@xxxxxxxxxxxx:/opt/nifi/nifi-toolkit-current/bin$ ./cli.sh _ ___ _ Apache (_) .' ..](_) , _ .--. __ _| |_ __ )\ [ `.-. | [ |'-| |-'[ | / \ | | | | | | | | | | ' ' [___||__][___][___] [___]', ,' `' CLI v1.27.0 Type 'help' to see a list of available commands, use tab to auto-complete. Session loaded from /home/nifi/.nifi-cli.config #> nifi get-root-id xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ... View more

Re: NiFi 2.x and "file-manager.sh"

by New Contributor in Support Questions
‎01-30-2025 06:47 AM
‎01-30-2025 06:47 AM
Thank you ... View more

Re: NiFi ConsumeJMS processor error(Solace eventBr...

by Frequent Visitor in Support Questions
‎01-28-2025 02:49 AM
‎01-28-2025 02:49 AM
Hi Matt, This is the error, we receive in the log: Thanks, Amit. ... View more

Re: Nifi cluster load balance doesn't work well

by Master Mentor Master Mentor in Support Questions
‎01-27-2025 11:06 AM
‎01-27-2025 11:06 AM
@vystar  Considering the breaking changes that are part of Apache NiFi 2.0/1, there is considerably more work in preparing for an upgrade to the that new major release.  So I would recommend upgrading to the latest offering in the Apache NiFi 1.x branch.   You'll want to review all the release notes from 1.13 to the latest release: https://cwiki.apache.org/confluence/display/NIFI/Release+Notes/#ReleaseNotes-Version1.12.0 You'll want to pay close attention to any mentions of components being moved to optional build profiles.  This means that these nars and the components they contain are no longer include with the Apache NiFi download and if needed must be downloaded form Maven Central and manually added to NiFi.   Deprecated components still exist in the Download, but will not exist in NiFi 2.x releases. Make sure to maintain a copy of your flow.xml.gz/flow.json.gz (newer releases).  The newer Apache NiFi 1.x load a flow.json.gz instead of the older flow.xml.gz on startup.  However, in the absence of a flow.json.gz and the presence of flow.xml.gz, NiFi 1.x will load from the flow.xml.gz and produce the new flow.json.gz. After upgrade, you'll still need to review your dataflows.  There are some bad practices that are now blocked by Apache NiFi that may leave some components invalid until manual action is taken to resolve the bad configuration (such as using "primary node" execution on any processor that has an inbound connection). As far as FlowFile distribution, do it early in your dataflows as possible. Utilize list/fetch still processors instead of get style. (Example: use ListSFTP and FetchSFTP in place of GetSFTP.  This allows you to load-balance the 0 byte listed files before the content is fetched for the files). Other options like Remote Process Groups can be used (they come with some overhead, but do some target NiFi Cluster load based distribution when dealing with large volumes of FlowFiles.  Not so great for low volumes.).   Please help our community thrive. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

Re: Upgrade NiFi from 1.22.0 to 1.28.1

by Master Mentor Master Mentor in Support Questions
‎01-23-2025 10:27 AM
‎01-23-2025 10:27 AM
@spartakus  You will want to review the release notes for all release between 1.23. and 1.28.1  https://cwiki.apache.org/confluence/display/NIFI/Release+Notes/#ReleaseNotes-Version1.23.0 You'll notice a number of components deprecated. Deprecated components are not removed, but that are marked as deprecated and will log if used that they are deprecated.  Deprecated components will eventually be removed form Apache NiFi (most removed in NiFi 2.0). You'll also make note of any items in the release notes that state:   Moved <XYZ> to optional build profiles   This means that these components were removed from Apache NiFi.   These components can be added manually later by downloading the nars from the central maven repository and adding them to the NiFi lib directory if you need them still.  https://mvnrepository.com/artifact/org.apache.nifi Make a back up of your flow.json.gz, nifi.properties, and optionally flow.xml.gz files before you upgrade. Otherwise, I see no issues with upgrading from 1.22 -- > 1.28 directly. Please help our community thrive. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

Re: How to disable anonymous on Apache Nifi 1.25

by Community Manager Community Manager in Support Questions
‎01-23-2025 02:07 AM
‎01-23-2025 02:07 AM
@itninja, Did the response help resolve your query? If it did, kindly mark the relevant reply as the solution, as it will aid others in locating the answer more easily in the future. However, if you still have concerns, could you please provide the information that @MattWho has requested? ... View more

Re: Cloudera NiFi - Automatic policy creation

by Master Mentor Master Mentor in Support Questions
‎01-21-2025 06:16 AM
‎01-21-2025 06:16 AM
@jirungaray  Cloudera Flow Management (Based on Apache NiFi) provides multiple methods for managing user authorization.  This includes NiFi internally via the File-Access-Policy-Provider and externally via Apache Ranger.  There is no built in mechanism for auto setting up authorization policies for users or groups with the exception of the Initial Admin and Initial NiFi Node authorizations. Many of the Authorization policies are directly related to the components added to the canvas.  Those components are assigned unique IDs making it impossible to  create policies before the components exist.  File-Access-Policy-Porvider:  This provider utilizes a file on disk (authorizations.xml) to persists authorization policies.  This file is loaded when NiFi starts.  This means it is possible to manually generate this file and have NiFi load it on startup.   Also as you mentioned, you could script out the authorization creating through NiFi Rest-API calls.  Ranger provider: This moves authorization responsibility over to Apache Ranger.  Policies setup within Ranger are download by the NiFi nodes where they are locally enforced.  No matter which authorizer you choose to use, authorizations are easiest to manage via groups.  Typical users setup ldap groups for various NiFi roles (admins, team 1, team2, etc..) and makes specific users members of these groups.  This simplifies authorization since you can authorizer these groups instead of the individual users. Simply adding or removing a user as member of one of these authorized groups gives or removes authorized access to the NiFi resource identifier (NiFi policy).  The ldap-user-group-provider can be added to the NiFi authorizers.xml to auto manage syncing of user and group identities from your AD/LDAP further simplifying management over the file-user-group-provider method which requires the manual adding of user and group identifiers to the NiFi. Please help our community thrive. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt   ... View more

Re: MergeRecord generates multiple files

by Contributor in Support Questions
‎01-17-2025 07:37 AM
‎01-17-2025 07:37 AM
@MattWho  Thank you for explanation. Now I understand MergeRecord determines to which file each flowfile to be merged by schema information. I'll consider increasing "Minimum number of records" as you recommended. Thanks, ... View more
Contact Me
Online
Offline
Last Visited
‎10-23-2025 07:03 AM
Community Statistics
Member Since ‎07-30-2019 10:41 AM
Last Visited ‎10-23-2025 07:03 AM
Posts 3,389
Kudos received 1613