Hi, How do i connect to hadoop cluster from windows using keytab, core-site and hdfs-site xmls?
I'm unsuccessful with this approach, is there any thing else i need to provide? Thanks, Naresh Korvi > On Jan 27, 2017, at 02:59, Koji Kawamura <[email protected]> wrote: > > Hi Naresh, > > When I researched about NiFi authentication mechanism before, Client > certificate is the only way for Site-to-Site protocol to authenticate > an user who made a Site-to-Site request. > You might find this post useful about how NiFi AuthN works. > http://ijokarumawak.github.io/nifi/2016/11/15/nifi-auth/#different-occasions-nifi-authnauthz-requests > > So I think you have to setup Client certificate on the Windows > machine, and add it or its CA to server's trust store. > For details configuration needed to secure Site-to-Site using Client > certificate, this article by Bryan Bende would be helpful. > http://bryanbende.com/development/2016/08/30/apache-nifi-1.0.0-secure-site-to-site > > Even if a client running on windows, the same steps will work. > >> Documentation says, i should provide site-to-site properties but i could able >> to work it on hadoop cluster without setting these properties but not on >> windows. > > Does this mean you were able to use Site-to-Site without Client certificate? Yes, i did not provide any certificate for site-to-site to work(NIFI running on hadoop cluster, OS:centos). > > Maybe I'm mis-understanding something, and hope others can chime in > and shed a light here. > > PS, > Please send a question on how to use NiFi to Users Mailing List, > instead of Developers. > https://nifi.apache.org/mailing_lists.html > > Thanks, > Koji > > > On Fri, Jan 27, 2017 at 1:40 AM, Naresh kumar > <[email protected]> wrote: >> Hi, >> >> I'm Naresh korvi, Big data Engineer. I'm trying to install Apache NIFI on >> Windows machine and want to implement site-to-site protocol. >> >> 1. I could able to run nifi instance but it errored out on Kerberos >> authentication, >> i have copied core-site and hdfs-site xmls, krb5.conf, my keytab and my >> principle from my hadoop cluster. >> >> 2. For site-to-site protocol what configuration properties do i have to set >> on both instances? >> >> Documentation says, i should provide site-to-site properties but i could able >> to work it on hadoop cluster without setting these properties but not on >> windows. >> >> >> Can you please provide some documentation to set up NIFI on windows. >> >> -- >> Thanks, >> Naresh
