You're welcome, glad to hear that worked! Regards, David Handermann
On Mon, Aug 23, 2021 at 12:07 PM Mike Sofen <[email protected]> wrote: > That was it – *setting the **nifi.web.proxy.host to the VM’s external IP* > (and leaving the nifi.web.https.host blank) resulted in the Nifi login > screen, and I was able to log in. > > > > Whew!! Thank you so much for the information. Mike > > > > > > *From:* David Handermann <[email protected]> > *Sent:* Monday, August 23, 2021 9:28 AM > *To:* [email protected] > *Subject:* Re: Trouble accessing v 1.14.0 on GCP > > > > Hi Mike, > > > > Thanks for the reply, it looks like the request is now getting to the NiFi > server. The error message indicates that the public IP address is not one > of the expected values for the HTTP Host header, based on the NiFi > configuration. The following property should be configured with the public > DNS name of the NiFi system in order for NiFi to accept requests: > > nifi.web.proxy.host > > > > See the Web Properties section of the Administrator's Guide for more > details on that particular property: > > > > > https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#web-properties > > > > Running a reverse DNS lookup of the public IP address should return the > host value to use for that property, and for accessing NiFi through the > browser. > > > > Regards, > > David Handermann > > > > On Mon, Aug 23, 2021 at 11:16 AM Mike Sofen <[email protected]> > wrote: > > Hi David, > > > > Thanks for the tip to try a blank https host address – I hadn’t tried that > since there was a note somewhere saying something like “nifi will pick the > network, which may not be what you want”. > > > > However, trying it resulted in the same outcome – my on-prem Windows PC > browser cannot connect to the GCP nifi. but now gets the result shown > below. I never get a login screen as the docs mention. Mike > > > > > > > > > > > > > > *From:* David Handermann <[email protected]> > *Sent:* Monday, August 23, 2021 6:38 AM > *To:* [email protected] > *Subject:* Re: Trouble accessing v 1.14.0 on GCP > > > > Hi Mike, > > > > Small correction, I mistyped the property name the second time, so for > clarification, I intended to say setting a blank value for the HTTPS host > as follows: > > nifi.web.https.host= > > > > Regards, > > David Handermann > > > > On Mon, Aug 23, 2021 at 8:35 AM David Handermann < > [email protected]> wrote: > > Hi Mike, > > > > The nifi.web.https.host property must match one of the IP addresses > assigned to the system on which NiFi is running. The GCP virtual machine > has a private IP address assigned to a local interface, and uses network > address translation to send requests from the public address to the local > interface address. Setting a blank value for nifi.web.http.post will > cause NiFi to listen on all available interfaces, which should allow NiFi > to receive incoming requests. > > > > The purpose of the default 127.0.0.1 address is to avoid public access to > NiFi without additional security configuration. The default HTTPS and > single user credentials provide some measure of protection, and I recommend > reviewing the Security Configuration and User Authentication sections of > the NiFi System Administrator's Guide for more details on securing the NiFi > installation. > > > > > https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#security_configuration > > > > Regards, > > David Handermann > > > > On Mon, Aug 23, 2021 at 8:06 AM Mike Sofen <[email protected]> > wrote: > > minor correction - the port shown (8543) was from the alternate port test, > the regular port test 8443 returns a similar error: > " Nifi fails to start, with the log saying: > 2021-08-20 18:55:27,715 WARN [main] org.apache.nifi.web.server.JettyServer > Failed to start web server... shutting down. > java.io.IOException: Failed to bind to /35.xxx.xx.xxx:8543 Caused by: > java.net.BindException: Cannot assign requested address" > > Mike > > -----Original Message----- > From: Mike Sofen > Sent: Monday, August 23, 2021 6:00 AM > To: [email protected] > Subject: Trouble accessing v 1.14.0 on GCP > > At my prior company I've installed earlier versions of nifi on GCP Debian > VMs and not had a problem pointing a Windows 10 browser at them and going > to work. I'm aware v1.14.0 requires a user login when not using certs, but > I can't even get to that step. > > I'm pulling my remaining hair out trying to connect to a new Debian VM on > GCP running v 1.14.0 on Java 8. Nifi starts and runs properly, with this > caveat - I cannot reference the static external IP - only the default IP > (127.0.0.1), so my browser can't connect. I have a GCP firewall rule that > opens the 8443 port for the VM, and even added ICMP to it and can ping it > from a CMD shell on my PC. I've checked all of the file permissions on > that VM, all uniformly correct. > > Details of my nifi.properties: > > If I use: > nifi.web.https.host=127.0.0.1 (the default) > nifi.web.https.port=8443 > > Nifi starts properly and runs, but my browser returns " 127.0.0.1 refused > to connect " > > If I use the VM's static IP (which is what I've used on prior VMs): > nifi.web.https.host=35.xxx.xx.xxx > nifi.web.https.port=8443 > > Nifi fails to start, with the log saying: > 2021-08-20 18:55:27,715 WARN [main] org.apache.nifi.web.server.JettyServer > Failed to start web server... shutting down. > java.io.IOException: Failed to bind to /35.xxx.xx.xxx:8543 Caused by: > java.net.BindException: Cannot assign requested address > > Endless web searches and tests have resulted in no change of behavior - > with the default IP, Nifi runs but I can't access it, and with my external > IP, it won't start. I've even tried using a different port (8543), no > change. In this GCP project, I have just this one VM and it has > successfully been running Postgres for many months. > > Any ideas? > > Mike Sofen > >
