Member since
09-06-2020
2
Posts
2
Kudos Received
1
Solution
My Accepted Solutions
| Title | Views | Posted |
|---|---|---|
| 15984 | 09-17-2020 10:14 PM |
09-17-2020
10:14 PM
2 Kudos
I have also faced the same issue, where i was running two instances of nifi on VM. As forwarding of ports and its connectivitiy from host browser(like chrome) are having issues, I recreated certificates using SAN - subjectAltNames using tls-toolkit. I was trying to access https://192.168.56.31:9441/nifi from windows maching and said address 192.168.56.31 is of local VM running centos 7.x. Earlier default certificate was not having safe IP 192.168.56.31, it was throwing error. bin/tls-toolkit.sh standalone -n '192.168.56.31(2)' -C 'CN=username,OU=NIFI' --subjectAlternativeNames '192.168.56.31,0.0.0.0' This has created necessary certificates and keystores. I have copied this keystores at appropriate nifi conf directory(excluding nifi.properties, to make sure, earlier configuration done is not messed up). Once done, import generated .p12 certifcate and password file in chrome using settings->manage certificates master:[root]/root/nifi/nifi-toolkit-1.12.0>ll
total 92
-rw-r--r--. 1 root root 6673 Jan 22 2020 NOTICE
-rw-r--r--. 1 root root 41590 Jan 22 2020 LICENSE
drwxr-xr-x. 3 root root 12288 Jan 22 2020 lib
drwxr-xr-x. 3 root root 69 Jan 22 2020 classpath
drwxr-xr-x. 4 root root 160 Sep 10 17:36 target
drwxr-xr-x. 2 root root 194 Sep 15 21:11 conf
drwxr-xr-x. 4 root root 4096 Sep 15 21:14 bin
-rw-------. 1 root root 1196 Sep 17 10:17 nifi-cert.pem
-rw-------. 1 root root 1679 Sep 17 10:17 nifi-key.key
drwx------. 2 root root 71 Sep 17 10:17 node1.nifi
drwx------. 2 root root 71 Sep 17 10:18 node2.nifi
drwxr-xr-x. 5 root root 148 Sep 17 10:25 ..
drwx------. 2 root root 71 Sep 17 16:26 192.168.56.31
drwx------. 2 root root 71 Sep 17 16:26 192.168.56.31_2
-rw-------. 1 root root 3469 Sep 17 16:26 CN=username_OU=NIFI.p12
drwxr-xr-x. 11 root root 4096 Sep 17 16:26 .
-rw-------. 1 root root 43 Sep 17 16:26 CN=username_OU=NIFI.password Above shows generated .p12 file and other configurations. In chrome, after importing certificates, it looks like this: UI looks like below:
... View more
09-07-2020
12:02 AM
We have the similar requirements. We had small POC which worked very well. When we started assessing NFR, we stuck with this bottle neck. Issue is: 1. We have a clustered environment with three nodes. 2. To check what we did, we had set of processors. And ran a flow. Then we stopped one of them from primary node. All information got reflected correctly on all nodes. 3. We scaled down primary node from where we ran the flow. 4. Earlier we were able to see replicated stuck/queued message on all non-primary nodes. As soon as, primary node was down, other nodes does not show that queued message. 5. When we started back earlier primary node, we can see everything good. Is there any plan for support for this HA scenario for apache ni-fi? https://cwiki.apache.org/confluence/display/NIFI/High+Availability+Processing Please suggest.
... View more