Hi,

How do i connect to hadoop cluster from windows using keytab, core-site and 
hdfs-site xmls?

I'm unsuccessful with this approach, is there any thing else i need to provide?


Thanks,
Naresh Korvi

> On Jan 27, 2017, at 02:59, Koji Kawamura <[email protected]> wrote:
> 
> Hi Naresh,
> 
> When I researched about NiFi authentication mechanism before, Client
> certificate is the only way for Site-to-Site protocol to authenticate
> an user who made a Site-to-Site request.
> You might find this post useful about how NiFi AuthN works.
> http://ijokarumawak.github.io/nifi/2016/11/15/nifi-auth/#different-occasions-nifi-authnauthz-requests
> 
> So I think you have to setup Client certificate on the Windows
> machine, and add it or its CA to server's trust store.
> For details configuration needed to secure Site-to-Site using Client
> certificate, this article by Bryan Bende would be helpful.
> http://bryanbende.com/development/2016/08/30/apache-nifi-1.0.0-secure-site-to-site
> 
> Even if a client running on windows, the same steps will work.
> 
>> Documentation says, i should provide site-to-site properties but i could able
>> to work it on hadoop cluster without  setting these properties but not on
>> windows.
> 
> Does this mean you were able to use Site-to-Site without Client certificate?
Yes, i did not provide any certificate for site-to-site to work(NIFI running on 
hadoop cluster, OS:centos).
> 
> Maybe I'm mis-understanding something, and hope others can chime in
> and shed a light here.
> 
> PS,
> Please send a question on how to use NiFi to Users Mailing List,
> instead of Developers.
> https://nifi.apache.org/mailing_lists.html
> 
> Thanks,
> Koji
> 
> 
> On Fri, Jan 27, 2017 at 1:40 AM, Naresh kumar
> <[email protected]> wrote:
>> Hi,
>> 
>> I'm Naresh korvi, Big data Engineer. I'm trying to install Apache NIFI on
>> Windows machine and want to implement site-to-site protocol.
>> 
>> 1.  I could able to run nifi instance but it errored out on Kerberos
>> authentication,
>> i have copied core-site and hdfs-site xmls, krb5.conf, my keytab and my
>> principle from my hadoop cluster.
>> 
>> 2. For site-to-site protocol what configuration properties do i have to set
>> on both instances?
>> 
>> Documentation says, i should provide site-to-site properties but i could able
>> to work it on hadoop cluster without  setting these properties but not on
>> windows.
>> 
>> 
>> Can you please provide some documentation to set up NIFI on windows.
>> 
>> --
>> Thanks,
>> Naresh

Reply via email to