Hello.
I am trying to set up a cluster of 3 nodes in Docker containers. I am using
configuration below. But I am getting an error:
INFO [main] o.a.n.c.c.n.LeaderElectionNodeProtocolSender Determined that
Cluster Coordinator is located at 7f0306ee9e56:8082; will use this address for
sending heartbeat messages 2024-06-01 17:31:03,529 INFO [main]
o.a.n.c.p.AbstractNodeProtocolSender Cluster Coordinator is located at
7f0306ee9e56/<unresolved>:8082. Will send Cluster Connection Request to this
address 2024-06-01 17:31:03,572 WARN [main]
o.a.nifi.controller.StandardFlowService Failed to connect to cluster due to:
org.apache.nifi.cluster.protocol.ProtocolException: Failed marshalling
'CONNECTION_REQUEST' protocol message due to:
javax.net.ssl.SSLHandshakeException: PKIX path validation failed:
java.security.cert.CertPathValidatorException: Path does not chain with any of
the trust anchors
I was using the same config for NiFi 1.x version and it was working fine, but
with NiFi 2.0 - isn't. Can you please help me with cluster set up? Do I need
to set up a truststore and keystore? Can nodes communicate in non-secure mode?
Maybe you have some example docker-compose configs or you can forward me to
right direction?
Also, is it possible to use Nginx as reverse proxy behind the cluster? LIke
this:
location / {
proxy_set_header Host $http_host;
proxy_set_header X-ProxyScheme https;
proxy_set_header X-ProxyPort 8443;
proxy_pass https://nifi01:8443/;
}
Thank you.
My docker-compose.yml:
services:
zookeeper:
hostname: zookeeper
container_name: zookeeper
image: "bitnami/zookeeper:latest"
environment:
- ALLOW_ANONYMOUS_LOGIN=yes
networks:
- nifinet
nifi01:
image: apache/nifi:2.0.0-M3
container_name: nifi01
ports:
- "8443:8443"
- "7443:7443"
- "8080:8080"
networks:
- nifinet
environment:
- NIFI_SENSITIVE_PROPS_KEY=ctsBtRBKHRAx69EqUghvvgEvjnaLjFEB
- NIFI_WEB_HTTPS_PORT=8443
- NIFI_CLUSTER_NODE_ADDRESS=nifi01
- SINGLE_USER_CREDENTIALS_USERNAME=admin
- SINGLE_USER_CREDENTIALS_PASSWORD=ctsBtRBKHRAx69EqUghvvgEvjnaLjFEB
- NIFI_WEB_HTTP_PORT=8080
- NIFI_CLUSTER_IS_NODE=true
- NIFI_CLUSTER_NODE_PROTOCOL_PORT=8082
- NIFI_ZK_CONNECT_STRING=zookeeper:2181
- NIFI_ELECTION_MAX_WAIT=1 min
nifi02:
image: apache/nifi:2.0.0-M3
container_name: nifi02
ports:
- "18443:8443"
- "17443:7443"
- "18080:8080"
networks:
- nifinet
environment:
- NIFI_SENSITIVE_PROPS_KEY=ctsBtRBKHRAx69EqUghvvgEvjnaLjFEB
- NIFI_WEB_HTTPS_PORT=8443
- NIFI_CLUSTER_NODE_ADDRESS=nifi02
- SINGLE_USER_CREDENTIALS_USERNAME=admin
- SINGLE_USER_CREDENTIALS_PASSWORD=ctsBtRBKHRAx69EqUghvvgEvjnaLjFEB
- NIFI_WEB_HTTP_PORT=8080
- NIFI_CLUSTER_IS_NODE=true
- NIFI_CLUSTER_NODE_PROTOCOL_PORT=8082
- NIFI_ZK_CONNECT_STRING=zookeeper:2181
- NIFI_ELECTION_MAX_WAIT=1 min
nifi03:
image: apache/nifi:2.0.0-M3
container_name: nifi03
ports:
- "28443:8443"
- "27443:7443"
- "28080:8080"
networks:
- nifinet
environment:
- NIFI_SENSITIVE_PROPS_KEY=ctsBtRBKHRAx69EqUghvvgEvjnaLjFEB
- NIFI_WEB_HTTPS_PORT=8443
- NIFI_CLUSTER_NODE_ADDRESS=nifi03
- SINGLE_USER_CREDENTIALS_USERNAME=admin
- SINGLE_USER_CREDENTIALS_PASSWORD=ctsBtRBKHRAx69EqUghvvgEvjnaLjFEB
- NIFI_WEB_HTTP_PORT=8080
- NIFI_CLUSTER_IS_NODE=true
- NIFI_CLUSTER_NODE_PROTOCOL_PORT=8082
- NIFI_ZK_CONNECT_STRING=zookeeper:2181
- NIFI_ELECTION_MAX_WAIT=1
networks:
nifinet:
driver: bridge
