Re: First steps with Nifi

2018-05-11 Thread Damian Czaja 
Here is a great repo with a lot of information about NiFi and tools
around it created by the community:
https://github.com/jfrazee/awesome-nifi

There is also some processor to submit Spark Jobs:
https://github.com/qiansl127/nifi-spark-bundle

Best regards,
Damian

On 11.05.2018 16:48, Mike Thomsen wrote:
> I was poking around the Kylo repo and noticed that they appear to have
> a processor that is designed to directly launch a Spark job from NiFi
> (ie not just work w/ Livy). Any thoughts on reviewing and possibly
> bringing that into the core bundles since IIRC it's ASL 2.0?
>
> On Fri, May 11, 2018 at 10:27 AM dan young  > wrote:
>
> Awesome! NiFi is an amazing tool. As Joe mentioned the docs are a
> great place to start along with the Hortonworks forums. Although
> we don't use HDP, the content is still very relevant.
>
> Start simple and iterate...Install on your laptop and start moving
> bits!
>
> Regards
>
> Dano
>
>
> On Fri, May 11, 2018, 7:54 AM Andrés Ivaldi  > wrote:
>
> Hello, I'm new with Nifi, 
>
> I'm working on a POC where flow must be created dinamically
> and result processed with spark, which would be the best way
> to start?
>
> I've never used Nifi before.
>
> Regards,
>
>
> -- 
> Ing. Ivaldi Andres
>

OpenID Connect and TLS termination proxy

2018-04-23 Thread Damian Czaja 

Hello,

I'm trying to enable authentication in NiFi using OpenID Connect (with 
Keycloak). I have Keycloak and NiFi behind a TLS termination proxy and a 
reverse proxy, which dispatches the requests to Keycloak and NiFi.


AFAIK, authentication is only possible, if using HTTPS directly on NiFi. 
My problem is that I have a TLS termination proxy, which terminates TLS 
and proxies pure HTTP requests to NiFi. Although I see in NiFi the Login 
button (most probably because the NiFi UI recognize https protocol in 
the browsers URL), but when I click on it, I get a popup with the 
information, that authentication works only in HTTPS.


I tried to set the X-ProxyScheme header to https, but it's still the 
same. Is there any option to have authentication with OIDC on NiFi, when 
NiFi sits behind a TLS termination proxy and the requests coming to NiFi 
are pure HTTP or do I have to proxy the TLS traffic directly to NiFi and 
configure the keystore and truststore on it?


Best regards,
Damian