Member since
09-18-2015
9
Posts
27
Kudos Received
1
Solution
My Accepted Solutions
Title | Views | Posted |
---|---|---|
949 | 05-01-2016 04:54 PM |
05-01-2016
04:54 PM
There is a JIRA in the community to use a NFS location as a input/output for a process (FALCON-1785).
... View more
04-26-2016
02:03 AM
3 Kudos
Using the Knox gateway-shell to make requests to the HBase APIs, I receive values that are encoded in the response. Do I have to decode each value individually or is there a way to have all the values of the response decoded?
... View more
Labels:
- Labels:
-
Apache HBase
-
Apache Knox
11-23-2015
04:22 PM
2 Kudos
When using the importtsv tool is there a way to specify a YARN queue? Despite attempting to set a YARN queue it always goes to the 'default' queue.
... View more
Labels:
- Labels:
-
Apache HBase
-
Apache YARN
10-14-2015
05:14 PM
Labels:
- Labels:
-
Apache Falcon
-
Apache Hadoop
10-08-2015
08:25 PM
Did you add the following properties to your core-site.xml? fs.s3n.awsAccessKeyId fs.s3n.awsSecretAccessKey
... View more
10-08-2015
03:54 PM
Labels:
- Labels:
-
Apache NiFi
10-05-2015
02:43 PM
22 Kudos
Note: I used TinyCert to generate my own certificate authority and certificates. Probably the easiest way to generate new certificates
Create your own certificate authority. Fill in your own values.
Create 2 new certificates. One is your client certificate (in this case, bbukacek) and a server certificate which will be used for the NiFi keystore. Client Certificate Server Certificate
Download the certificate authority, the client and server certificates and upload to your NiFi environment. Note: Easiest way is to download the client and server certificates in PKCS12 format
Create a TrustStore
We will use the certificate authority to create the TrustStore. Use the following syntax to create the TrustStore: > keytool -import -file <ca_file>.pem -alias cacert -keystore truststore.jks -storepass <password>
Configure NiFi
Now that the TrustStore is created we can configure NiFi Keystore and TrustStore. Under $NIFI_HOME/conf, open the nifi.properties. Set the web properties
First and this important, unset the property nifi.web.http.port since once the configuration is completed will be communicating with NiFi over SSL. Set the following web properties: nifi.web.https.host=<nifi_hostname> nifi.web.https.port=<port> :: Typically 8443, but pick a port Configure the Keystore
To configure the keystore we will be using the server certificate that was downloaded. Put the certificate in a location that can be referenced for the property. For the keystore there are 3 properties to set. nifi.security.keystore=<path_to_keystore_file> nifi.security.keystoreType=PKCS12 nifi.secuirty.keystorePasswd=<keystore_password> Configure the TrustStore
To configure the TrustStore we will use the TrustStore that we created above. Again, put the certificate in a location that can be reference for the property. For the truststore there are 3 properties to set. nifi.security.truststore=<path_to_truststore_file> nifi.security.truststoreType=JKS nifi.security.truststorePasswd=<truststore_password> Lastly, property to set for client authentication. For explanation, see the following Apache NiFi docs: https://nifi.apache.org/docs.html nifi.security.needClientAuth=true Configure NiFi Admin User Open the file authorized-users.xml, in the $NIFI_HOME/conf directory and create an admin user based off the DN from the client certificate. <users> <user dn="CN=bbukacek, OU=demo, O=Hortonworks, L=Minneapolis, ST=Minnesota, C=US"> <role name="ROLE_ADMIN"/> </user> </users> Add Certificate to Browser
If you downloaded the client certificate, double-click on it and will be added to the KeyChain Access (Mac).
Restart NiFi Log into NiFi https://<host>:8443/nifi The browser should ask for a certificate to select.
As the Admin user, access for other users can be controlled from the NiFi UI.
... View more
Labels: