About Vapper

Vapper · ‎06-15-2022

hi I am using CI/CD to deploy nifi cluster in kubernetes with rolling deploy strategy and having issue with updating flow.xml file, looks like after 1st node updated with new flow file it is going in sync with old cluster and getting old flow.xml from old master and after second deploying and getting same old file e t c, could you help with solutions to avoid this ?

Vapper · ‎06-07-2022

hello, please help with below questions: 1. I have nifi cluster with 2 nodes and running ExecuteGroovyScript processor to create text formatted file generated from flow data content and save it on local filesystem but it is saving file only on one nifi node, is there any way to replicate this file on all nodes at a time? 2. Above file formatting by ExecuteGroovyScript processor as text in Prometheus format and using such flow http_request-> fetchfile-> http_response processors to create custom Prometheus healthcheckmetric web page, it worked for single node but with 2 nodes all data balanced randomly between 2 nodes so I have different content in 2 web pages ( http://node1/healthcheck/ and http://node2/healthcheck/ ) so monitoring not working properly, could you help how to add custom Prometheus metric so it will be available like regular nifi prometheus web page /metrics/ with same content on both nodes? may be other solutions?

Vapper · ‎11-22-2020

also just small clarification, I regenerated cert and tried 'CN=root, OU=ApacheNiFi' instead 'CN=admin, OU=ApacheNiFi' but still an issue, same errors in logs, please help

Vapper · ‎11-21-2020

hi found in user logs, no errors, just warns: 2020-11-21 18:36:48,717 INFO [NiFi Web Server-19] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for CN=root, OU=ApacheNiFi 2020-11-21 18:36:53,172 WARN [NiFi Web Server-23] o.a.n.w.a.c.IllegalStateExceptionMapper java.lang.IllegalStateException: Kerberos ticket login not supported by this NiFi.. Returning Conflict response. java.lang.IllegalStateException: Kerberos ticket login not supported by this NiFi. at org.apache.nifi.web.api.AccessResource.createAccessTokenFromTicket(AccessResource.java:644) 2020-11-21 18:36:53,317 WARN [NiFi Web Server-24] o.a.n.w.a.c.IllegalStateExceptionMapper java.lang.IllegalStateException: OpenId Connect is not configured.. Returning Conflict response. java.lang.IllegalStateException: OpenId Connect is not configured. at org.apache.nifi.web.api.AccessResource.oidcExchange(AccessResource.java:301) how to fix that ?

Vapper · ‎11-20-2020

hi under authorizations.xml I have: cat authorizations.xml <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <authorizations> <policies> <policy identifier="f99bccd1-a30e-3e4a-98a2-dbc708edc67f" resource="/flow" action="R"> <user identifier="6a74eaf1-1cb9-341d-be5b-ec95d3ee0ba7"/> </policy> <policy identifier="b8775bd4-704a-34c6-987b-84f2daf7a515" resource="/restricted-components" action="W"> <user identifier="6a74eaf1-1cb9-341d-be5b-ec95d3ee0ba7"/> </policy> <policy identifier="627410be-1717-35b4-a06f-e9362b89e0b7" resource="/tenants" action="R"> <user identifier="6a74eaf1-1cb9-341d-be5b-ec95d3ee0ba7"/> </policy> <policy identifier="15e4e0bd-cb28-34fd-8587-f8d15162cba5" resource="/tenants" action="W"> <user identifier="6a74eaf1-1cb9-341d-be5b-ec95d3ee0ba7"/> </policy> <policy identifier="ff96062a-fa99-36dc-9942-0f6442ae7212" resource="/policies" action="R"> <user identifier="6a74eaf1-1cb9-341d-be5b-ec95d3ee0ba7"/> </policy> <policy identifier="ad99ea98-3af6-3561-ae27-5bf09e1d969d" resource="/policies" action="W"> <user identifier="6a74eaf1-1cb9-341d-be5b-ec95d3ee0ba7"/> </policy> <policy identifier="2e1015cb-0fed-3005-8e0d-722311f21a03" resource="/controller" action="R"> <user identifier="6a74eaf1-1cb9-341d-be5b-ec95d3ee0ba7"/> </policy> <policy identifier="c6322e6c-4cc1-3bcc-91b3-2ed2111674cf" resource="/controller" action="W"> <user identifier="6a74eaf1-1cb9-341d-be5b-ec95d3ee0ba7"/> </policy> </policies> </authorizations> under user.xml: cat users.xml <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <tenants> <groups/> <users> <user identifier="6a74eaf1-1cb9-341d-be5b-ec95d3ee0ba7" identity="CN=admin, OU=ApacheNiFi"/> </users> </tenants> so user identity="CN=admin, OU=ApacheNiFi" with identifier="6a74eaf1-1cb9-341d-be5b-ec95d3ee0ba7" is present in authorizations.xml please let me know if you can see any issues or additional info needed

Vapper · ‎11-11-2020

hi, please help with access to NIfi functionality based on docker image. 1. I generated certs with nifi-toolkit-1.12.1: ./bin/tls-toolkit.sh standalone -n "acsca094a01" -C "CN=admin, OU=ApacheNiFi" -o target 2. Created Nifi docker instance with steps from https://hub.docker.com/r/apache/nifi, for this case 'Standalone Instance, Two-Way SSL'. 2. 1 Run docker with below command from link above: docker run --name nifi \ -v /home/nifi/docker:/opt/certs \ -p 8443:8443 \ -e AUTH=tls \ -e KEYSTORE_PATH=/opt/certs/keystore.jks \ -e KEYSTORE_TYPE=JKS \ -e KEYSTORE_PASSWORD=1L929SNVaMK2HINaF+6aaOaXxNzYkhCvP9F+USSPwEg \ -e TRUSTSTORE_PATH=/opt/certs/truststore.jks \ -e TRUSTSTORE_PASSWORD=3J/m5eAAJcNasdasdsasdyW7TeHH1pGkT+kEasdasda \ -e TRUSTSTORE_TYPE=JKS \ -e INITIAL_ADMIN_IDENTITY='CN=admin, OU=ApacheNiFi' \ -d \ --hostname acsca094a01 \ apache/nifi:latest and I am able to reach NIFI UI with admin cert but not able to create anything, all buttons inactive/grey, see below, please help.

Online	Offline
Last Visited	‎06-24-2022 05:17 AM

Member Since	‎11-11-2020 06:59 AM
Last Visited	‎06-24-2022 05:17 AM
Posts	8

Cloudera Community

Cloudera Community

nifi cluster rolling deploy

File replication in nifi cluster, prometheus custo...

Re: NIFI docker ssl issue

Re: NIFI docker ssl issue

Re: NIFI docker ssl issue

NIFI docker ssl issue