Cloudera Community
Announcements
Now Live: Explore expert insights and technical deep dives on the new Cloudera Community BlogsRead the Announcement
MattWho
user rank
user rank
Master Mentor

Re: Apache Nifi Control rate processor Issue

by Master Mentor Master Mentor in Support Questions
‎09-28-2023 12:54 PM
‎09-28-2023 12:54 PM
@sarithe  You may also want to take a look at Process Group (PG) FlowFile Concurrency configuration options as a possible design path since there does not  appear to be any dependency between task 1 and task 2 in your description.  You just want to make sure that not more than 2 tasks are executing concurrently. You move your processors that handle the 2 task executions inside two different child PGs configured with "Single FlowFile per Node" Process Group FlowFile Concurrency.  Within the PG you create an input port and output port.  Between these two ports you handle your task dataflow.  Outside this PG (parent PG level), you handle the triggering FlowFiles.   The task PGs will allow 1 FlowFile at a time to enter that PG and because of the FlowFile Concurrency setting, not allow any more FlowFiles to enter this PG until that FlowFile processes out.     As you can see from above example, each task PG is only processing a single FlowFile at a time.  I built this example so that task 2 always takes longer, so you see that task 1 Pg is outputting more FlowFile processed the Task 2 PG while still making sure that on two tasks are ever being executed concurrently. If you found any of the suggestions/solutions provided helped you with your issue, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt   ... View more

Re: Performance diff between single big file vs mu...

by Expert Contributor in Support Questions
‎09-27-2023 07:57 PM
‎09-27-2023 07:57 PM
Got it. Its on Data Provenance dialog box. ... View more

Re: Nifi Security harden: Missing access policies...

by Master Mentor Master Mentor in Support Questions
‎09-27-2023 06:24 AM
‎09-27-2023 06:24 AM
@techNerd  I don't see a question in your post.  I can only assume you are talking about missing "key" policy icon on your NiFi Flow root process group?  This indicates your authenticated user is not authorized to view or modify all policies.  What is also  interesting from your  screenshot is that the user identity displayed in upper right corner is a UUID and not "CN=sys_admin, OU=NIFI" from your user certificate.  So I think you have multiple issues here with your configuration.  Inspect your nifi.properties, login-identity-providers.xml, and authorizations.xml files for configuration issues.  Also take note that the file-user-group-provider ONLY creates the users.xml file if it does not already exist during startup. It does not modify an already existing file.   The file-access-policy-provider generates the authorizations.xml (different file from authorizers.xml) ONLY if it does not already exist at startup.  It will not modify an already existing file. What version of Apache NiFi is being used? Did you maybe leave remnants of the single-user-provider or single-user-authorizer configured?  If so remove these two providers from your configuration. Below is more info about the "initial admin": The intent of the "Initial Admin" is to give that user just enough authority to function as a NiFi Admin (access the UI, access to view and modify tenants/user, create new users and groups identities (assumes file based authorization configured), access to assign or remove access policies to users/groups, access the NiFi controller settings and give view modify to root process group (if first start up with no pre-existing flow.xml.gz/flow.json.gz in place.).  It is not meant to grant the admin to all policies, but admin has ability to add themselves to all policies.    There are often clear devisions of responsibility between admins and dataflow designers/engineers.  An admin not involved with creating flows would have no need to be able to build flow, access component configurations, view content, view data provenance, etc.  So policies of this nature are not assigned as part of initial admin setup. If you found any of the suggestions/solutions provided helped you with your issue, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

Re: NIFI - Set up LDAP integration on a running cl...

by Contributor in Support Questions
‎09-26-2023 07:48 AM
‎09-26-2023 07:48 AM
@MattWho My cluster is working with a single-user-authorizer . I tried your method and tested it on a running cluster with three nodes that configure as single-user-authorizer, I updated the three files (nifi.properties,login-identity-providers.xml,authorizers.xml) to work with LDAP configuration. When I restarted the first node (not primary or coordinator ), I got the following error messages in the log.  2023-09-26 11:20:34,441 ERROR [main] o.s.web.context.ContextLoader Context initialization failed 2023-09-26 11:50:19,381 ERROR [main] o.a.nifi.controller.StandardFlowService Failed to load flow from cluster due to: org.apache.nifi.controller.serialization.FlowSynchronizationException: Failed to connect node to cluster because local flow controller partially updated. Administrator should disconnect node and review flow for corruption. 2023-09-26 11:50:19,595 ERROR [main] o.a.n.c.c.node.NodeClusterCoordinator Event Reported for xxx:8443 -- Node disconnected from cluster due to org.apache.nifi.controller.serialization.FlowSynchronizationException: Failed to connect node to cluster because local flow controller partially updated. Administrator should disconnect node and review flow for corruption. The LDAP configuration takes effect only after restarting all the nodes ... View more

Re: OIDC App Role Configuration in NIFI

by Frequent Visitor in Support Questions
‎09-26-2023 04:09 AM
‎09-26-2023 04:09 AM
Thanks @MattWho  for clarifying this, so to use OIDC and fetch the groups I need to give User.Read.All and Group.Read.All permission, I think there should be a way to use App roles if I don't want to give these permissions. Anyways I will try to use AD groups in place of App Roles. Thanks for your response. ... View more

Re: MergeContent Issue Nifi Apache

by Community Manager Community Manager in Support Questions
‎09-25-2023 04:27 PM
‎09-25-2023 04:27 PM
@need_help Has the reply helped resolve your issue? If so, please mark the appropriate reply as the solution, as it will make it easier for others to find the answer in the future.  Thanks. ... View more

Re: How to autmatically terminate and restart a hu...

by Community Manager Community Manager in Support Questions
‎09-25-2023 02:45 PM
‎09-25-2023 02:45 PM
@Frank37 Has the reply helped resolve your issue? If so, please mark the appropriate reply as the solution, as it will make it easier for others to find the answer in the future. Thanks. ... View more

Re: Start a processor using Python SDK of Apache N...

by Master Mentor Master Mentor in Support Questions
‎09-22-2023 08:56 AM
‎09-22-2023 08:56 AM
@Kiranq  The NiFi rest-api endpoint for obtaining token is not rest-api/access. It is rest-api/access/token https://<nifi-hostname>:<nifi-port>/nifi-api/access/token  and data passed like: --data-raw 'username=<username>&password=<user password>' Then the token needs to be passed with every subsequent rest-api request. If you found any of the suggestions/solutions provided helped you with your issue, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

Re: Support of redis cluster in nifi - save and fe...

by Expert Contributor in Support Questions
‎09-21-2023 12:42 AM
‎09-21-2023 12:42 AM
I am also experiencing this issue when attempting to write data to a redis in cluser mode. Did you find a solution or workaround @sofronic ? ... View more
Contact Me
Online
Online
Last Visited
‎01-31-2026 11:55 AM
Community Statistics
Member Since ‎07-30-2019 10:41 AM
Last Visited ‎01-31-2026 11:55 AM
Posts 3,427
Kudos received 1628