Dan, I am wondering if it is an issue with binding to 0.0.0.0 — are there any differences between the test and production server non-NiFi configurations that would prevent this? Can you try setting nifi.web.https.host=localhost instead?
Andy LoPresto [email protected] [email protected] PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > On Jul 26, 2017, at 10:44 AM, Dan Morris <[email protected]> wrote: > > Hi Joe, > > I’ve attached relevant files… tried to redact sensitive info… hope I didn’t > cut too much from the logs… > > Thanks, > Dan > > > > On 7/26/17, 9:30 AM, "Joe Witt" <[email protected]> wrote: > > Dan - are you able to share the nifi-app and nifi-bootstrap logs? > > Thanks > > On Wed, Jul 26, 2017 at 9:21 AM, Dan Morris <[email protected]> wrote: >> Hello, >> >> >> >> I’m having an issue getting NiFi to start correctly. Here’s my situation: >> >> I’m currently running v0.7.0. >> I have a production server and a test server, with identical configurations >> (OS, Java, Java security config, nifi versions, nifi configs, >> keystores/truststores, etc). >> When I run nifi via normal HTTP (e.g. no security) in both Prod/Test they >> both start & load the UI as expected. >> When I run nifi via HTTPs (e.g. security settings) the Test server starts >> and loads UI as expected. >> However, on the Prod system, I receive the following error and java does not >> bind to 8443: >> >> >> >> 2017-07-25 16:30:51,346 WARN [main] org.apache.nifi.web.server.JettyServer >> NiFi has started, but the UI is not available on any hosts. Please verify >> the host properties. >> >> >> >> I reviewed the source code and it looks like this error is logged when the >> “URLs” is empty. >> Here is what I *think* are the relevant properties from my nifi config, when >> trying to start up using TLS (running on both Prod & Test), again, Test >> starts fine, Prod throws the error above. >> >> >> >> # Enable TLS >> >> nifi.web.http.host= >> >> nifi.web.https.host=0.0.0.0 >> >> nifi.web.http.port= >> >> nifi.web.https.port=8443 >> >> nifi.security.keystore=<path_to_keystore> >> >> nifi.security.keystoreType=JKS >> >> nifi.security.keystorePasswd=<keystore_password> >> >> nifi.security.keyPasswd=<key_password> >> >> nifi.security.truststore=<path_to_trust_store> >> >> nifi.security.truststoreType=JKS >> >> nifi.security.truststorePasswd=<trust_store_password> >> >> nifi.security.needClientAuth=true >> >> >> >> Again, I’ve manually validated the correct paths, correct passwords to JKS >> files., etc. >> I’ve verified that there are no other processes binding to 8443 possibly >> blocking nifi from the port. >> I’ve tried changing the port number (e.g. to 8445), no effect >> I’ve turned off IPTables. >> Generally, I run nifi as a “nifi” user, however, I’ve also tried running it >> as root to see if that had an effect of allowing the UI on Prod to start…no >> impact. >> I’ve tried also starting up nifi with a blank/default flow file, no effect. >> >> >> >> Any thoughts/suggestions on what I can do next, short of uninstalling nifi >> and reinstalling? >> >> >> >> Thanks, >> >> Dan >> >> > > > <bootstrap.conf><nifi-app.log><nifi-bootstrap.log><nifi.properties>
signature.asc
Description: Message signed with OpenPGP using GPGMail
