RE: Process group name in S2SStatusReporterTask
Classification\_- INTERNAL & PARTNERS Hello. Like I said in my previous mail, the componentName contains the name of the current component, not the one of the containing process group. I've try to put this process group name in application, modifying the code, and it works fine. But I wonder, as the tree can be traced with parentId and componentId tags, if it worth it. 1) what is the aim of the application tag? It contains always "NiFi Flow" which make it quite useless (appart modifying directly the flow.xml, I don't see where it's configured) 2) Putting the name of the parent/containing process group for a component is convenient for things like influxdb/grafana (to put in tag) However it's still not exactly an "application". I assume modifying the status reporting framework avro schema is not worth it, but putting the container name in application tag is not coherent. I can always propose a PR for that. Any thoughts? > -Original Message- > From: Bryan Bende > Sent: jeudi 29 août 2019 15:57 > To: users@nifi.apache.org > Subject: Re: Process group name in S2SStatusReporterTask > > I think the applicationName may be left over from the provenance s2s > reporting task since I think provenance events had a field called > applicationName ? > > But I think each status event should still have the process group name in the > componentName field: > > https://github.com/apache/nifi/blob/e2ca50e66a3b1a7d810ea8eac256d21bc > a3fd07f/nifi-nar-bundles/nifi-site-to-site-reporting-bundle/nifi-site-to-site- > reporting- > task/src/main/java/org/apache/nifi/reporting/SiteToSiteStatusReportingTas > k.java#L236 > > On Thu, Aug 29, 2019 at 5:59 AM DEHAY Aurelien > wrote: > > > > Classification\_- INTERNAL & PARTNERS > > > > Hello. > > > > I'm using the site2site status reporter task to monitor my Nifi Cluster. I'm > collecting Input ports metrics and put them in InfluxDB. > > > > The applicationName is always the root process group name, wherever is > my input put, even inside a process group. > > > > Looking at the code, it seems the name is never picked up from the process > group: > > In > https://github.com/apache/nifi/blob/e2ca50e66a3b1a7d810ea8eac256d21bc > a3fd07f/nifi-nar-bundles/nifi-site-to-site-reporting-bundle/nifi-site-to-site- > reporting- > task/src/main/java/org/apache/nifi/reporting/SiteToSiteStatusReportingTas > k.java#L231 the applicationName is never updated, always taken from the > precedent call. > > > > Maybe these 2 lines: > > > https://github.com/apache/nifi/blob/e2ca50e66a3b1a7d810ea8eac256d21bc > a3fd07f/nifi-nar-bundles/nifi-site-to-site-reporting-bundle/nifi-site-to-site- > reporting- > task/src/main/java/org/apache/nifi/reporting/SiteToSiteStatusReportingTas > k.java#L124 and 125 should be adapted inside the > serializeProcessGroupStatus method? > > > > > > Thanks. > > > > Aurélien > > > > This electronic transmission (and any attachments thereto) is intended > solely for the use of the addressee(s). It may contain confidential or legally > privileged information. If you are not the intended recipient of this message, > you must delete it immediately and notify the sender. Any unauthorized use > or disclosure of this message is strictly prohibited. Faurecia does not > guarantee the integrity of this transmission and shall therefore never be > liable if the message is altered or falsified nor for any virus, interception > or > damage to your system. > > This electronic transmission (and any attachments thereto) is intended solely for the use of the addressee(s). It may contain confidential or legally privileged information. If you are not the intended recipient of this message, you must delete it immediately and notify the sender. Any unauthorized use or disclosure of this message is strictly prohibited. Faurecia does not guarantee the integrity of this transmission and shall therefore never be liable if the message is altered or falsified nor for any virus, interception or damage to your system.
In nifi-registry, why can't I edit other users privileges
Hi all I'm still trying to connect nifi to registry with both of them using authentication. So far, i've understood that, like in Nifi, I have to set identity-providers.xml and authorizers.xml to have connection to ldap configured. And I can connect to the registry using my ldap, so it works (to a certain extend). *However*, it seems like my user is not really an admin, as I can't manage other users. To say things more clearly, nifi-registry UI allow me to view my user privileges, but I can't edit my permissions, and I can edit none of the other users permissions. I can no more add/remove users. Which is weird, cosnidering I'm the initial admin of nifi-registry. Is there smothing I forgot ? Here is my authorizers.xml for nifi-registry file-user-group-provider org.apache.nifi.registry.security.authorization.file.FileUserGroupProvider ./conf/users.xml cn=nifi-runner.mycompany.com, ou=0008 43120727, ou=ssl infra server, o=mycompany, c=fr ldap-user-group-provider org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider LDAPS uid=dont-ask-me,ou=applicationAccounts,o=mycompany.com YOU_KIDDIN___DO_YOU /opt/certs/cacerts.jks pfeblelep JKS TLSv1 FOLLOW 10 secs 10 secs ldaps://ldapserver.my.company.com:636 30 mins OBJECT cn=NIFI-ADMIN,ou=DATAou=applicationRole,ou=role,ou=OU,o=mycompany.com groupofuniquenames SUBTREE cn uniqueMember composite-user-group-provider org.apache.nifi.registry.security.authorization.CompositeUserGroupProvider ldap-user-group-provider file-user-group-provider file-access-policy-provider org.apache.nifi.registry.security.authorization.file.FileAccessPolicyProvider composite-user-group-provider ./conf/authorizations.xml uid=20008203,ou=people,ou=go-lm,o=corp.leroymerlin.com cn=nifi-psh.adeo.com, ou=0002 421206079, ou=ssl infra server, o=adeo services, c=fr managed-authorizer org.apache.nifi.registry.security.authorization.StandardManagedAuthorizer file-access-policy-provider Thanks for your help
