Since NiFi nodes have no client certificate to offer to NiFi-Registry for the purpose of authentication and then authorization, the nodes are failing to retrieve the bucket listing. That means NiFi is acting as a client and not a server in the TLS 2-way handshake. The NIFi nodes are establishing the connection to the the NIFi-registry to retrieve bucket information. I believe you have found your problem in your NiFi node certificates: If this solves your problem, please accept this as answer so others running into it can find this solution. For example, when saving a version to the Registry it will be done as the actual user who performed this action in NiFi. Proxy privileges are needed because when versioned flow actions occur, NiFi proxies the end user over to the Registry. For example, checking whether a new version of flow is available for upgrade. Read to all buckets is necessary because NiFi itself checks the status of all the flows in NiFi to determine if they are in sync with the Registry. Localhost user needs to have the following privileges: I covered this in the section "Localhost User Configuration in Registry" in this HCC article: You need to configure a localhost user in your registry. I'm sorry I didn't realize this earlier, but I believe I know the cause of your issue as I have reproduced it. that your user has privilege to access the buckets in your Registry - Yes, I have assigned new policy for the bucket createdġ) Where do you run your nifi-registry service? on Ambari server or NiFi Nodes?Ģ) Do we need to specify Node identity while configuring S that you have buckets in your Registry - Yes. 16:46:01,331 INFO o.a.n.r.w.m.ResourceNotFoundExceptionMapper .exception.ResourceNotFoundException: No policy found for action='delete', resource='/buckets/1f76510d-c48e-4ee6-b883-7edfcfe57e40'. 16:46:01,239 INFO o.a.n.r.w.m.ResourceNotFoundExceptionMapper .exception.ResourceNotFoundException: No policy found for action='write', resource='/buckets/1f76510d-c48e-4ee6-b883-7edfcfe57e40'. 16:46:01,149 INFO o.a.n.r.w.m.ResourceNotFoundExceptionMapper .exception.ResourceNotFoundException: No policy found for action='read', resource='/buckets/1f76510d-c48e-4ee6-b883-7edfcfe57e40'. Below are the lines from the nifi-registry-app.log,
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |