[jira] [Commented] (NIFI-12836) Connection pool shut down and SocketException for many AWS processors

Thu, 20 Feb 2025 13:16:06 -0800 


    [ 
https://issues.apache.org/jira/browse/NIFI-12836?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17928911#comment-17928911
 ] 

Chris Sampson commented on NIFI-12836:
--------------------------------------

[~chien] to confirm, are you using the (Implicit) DefaultCredentialsProvider 
within nifi in order to authenticate with aws using STS/IRSA via a 
ServiceAccount attached to the Pod in which your nifi instance is running 
within kubernetes?

Looking at the [nifi 
code](https://github.com/apache/nifi/blob/main/nifi-extension-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/ImplicitDefaultCredentialsStrategy.java#L45)
 I wonder whether we're faking foul of the issue linked by [~pellmann]. The 
nifi aws processors (e.g. GetSQS) call the .close() method of the aws sdk 
client they're using when the processor is stopped.

This is (maybe) closing the singleton DefaultCredentialsProvider, which then 
causes future uses by a nifi processor's onTrigger use of a new aws client - 
the client is new, but the credentials provide would be the same previously 
closed instance - if the token it has is now expired, it won't be able to get 
new credentials and will throw the noted errors.

If that's the case (TBC), then the solution might be to use the aws recommended 
approach of {{DefaultCredentialsProvider.builder().build()}} instead of the 
existing .create() call - that should create a new provider with its own 
connection pool, and allow things to work again.

The difficulty is in recreating the issue and proving the solution.

> Connection pool shut down and SocketException for many AWS processors
> ---------------------------------------------------------------------
>
>                 Key: NIFI-12836
>                 URL: https://issues.apache.org/jira/browse/NIFI-12836
>             Project: Apache NiFi
>          Issue Type: Bug
>            Reporter: Lehel Boér
>            Assignee: David Handermann
>            Priority: Major
>
> Reported encountering "Connection pool shut down" errors for the 
> PutDynamoDBRecord, DeleteDynamoDB, and PutSQS processors while running in a 
> NiFi cluster on version 2.0.0-M1.
>  * [Stack Trace reported on the mailing list|https://codefile.io/f/ZMXYzHt89X]
> https://lists.apache.org/thread/5fbtwk68yr4bcxpp2h2mtzwy0566rfqz
>  
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to