Re: SSLContextService Issue on Minifi
Hi Ryan, I believe this is the same core issue as described in MINIFI-403 [1]. This was addressed via PR #91 [2] where another user reported similar issues. The root cause of this was duplicate libraries that were treated in the system scope as a bundle and precluded the bundled versions from being used. Those incorrect and duplicate items were removed. If you are in a position to do so and interested, I would encourage you to perform a build and verify that it resolves your issue. If not, this fix will be in the next release which we are like due for in the near future. Sorry for the hiccup and let us know if you decide to attempt a build. --aldrin [1] https://issues.apache.org/jira/browse/MINIFI-403 [2] https://github.com/apache/nifi-minifi/pull/91 On Tue, Oct 10, 2017 at 4:52 PM, rpersaudwrote: > I have encountered a similar issue with ListenTCP, NiFi 1.3 and Minifi > 0.2.0: > > 2017-10-10 20:24:55,184 ERROR [main] o.apache.nifi.controller. > FlowController > Unable to start ListenTCP[id=f3feecbe-699d-34c5--] due to > java.lang.IllegalStateException: Processor ListenTCP is not in a valid > state > due to ['SSL Context Service' validated against > '71b53c95-b604-38c7--' is invalid because > StandardSSLContextService - 0.2.0 from org.apache.nifi.minifi - > minifi-ssl-context-service-nar is not compatible with SSLContextService - > unversioned from default - system] > > Looking at StandardSSLContextService in Github, both 1.3 and 1.2.0 (what > Minifi 0.2.0 is using) are the same version. Here is my configuration with > the sensitive bits removed: > > MiNiFi Config Version: 3 > Flow Controller: > name: LoadS3 > comment: '' > Core Properties: > flow controller graceful shutdown period: 10 sec > flow service write delay interval: 500 ms > administrative yield duration: 30 sec > bored yield duration: 10 millis > max concurrent threads: 1 > variable registry properties: '' > FlowFile Repository: > partitions: 256 > checkpoint interval: 2 mins > always sync: false > Swap: > threshold: 2 > in period: 5 sec > in threads: 1 > out period: 5 sec > out threads: 4 > Content Repository: > content claim max appendable size: 10 MB > content claim max flow files: 100 > always sync: false > Provenance Repository: > provenance rollover time: 1 min > Component Status Repository: > buffer size: 1440 > snapshot frequency: 1 min > Security Properties: > keystore: '' > keystore type: '' > keystore password: '' > key password: '' > truststore: '' > truststore type: '' > truststore password: '' > ssl protocol: '' > Sensitive Props: > key: > algorithm: PBEWITHMD5AND256BITAES-CBC-OPENSSL > provider: BC > Processors: > - id: ec6fd775-8998-36f3-- > name: CompressContent > class: org.apache.nifi.processors.standard.CompressContent > max concurrent tasks: 1 > scheduling strategy: TIMER_DRIVEN > scheduling period: 0 sec > penalization period: 30 sec > yield period: 1 sec > run duration nanos: 0 > auto-terminated relationships list: > - failure > Properties: > Compression Format: gzip > Compression Level: '9' > Mode: compress > Update Filename: 'true' > - id: f3feecbe-699d-34c5-- > name: ListenTCP > class: org.apache.nifi.processors.standard.ListenTCP > max concurrent tasks: 1 > scheduling strategy: TIMER_DRIVEN > scheduling period: 0 sec > penalization period: 30 sec > yield period: 1 sec > run duration nanos: 0 > auto-terminated relationships list: [] > Properties: > Character Set: UTF-8 > Client Auth: NONE > Local Network Interface: > Max Batch Size: '1' > Max Number of TCP Connections: '2' > Max Size of Message Queue: '1' > Max Size of Socket Buffer: 1 MB > Message Delimiter: \n > Port: '1515' > Receive Buffer Size: 65507 B > SSL Context Service: 71b53c95-b604-38c7-- > - id: 96b4f9d1-5d24-3386-- > name: MergeContent > class: org.apache.nifi.processors.standard.MergeContent > max concurrent tasks: 1 > scheduling strategy: TIMER_DRIVEN > scheduling period: 0 sec > penalization period: 30 sec > yield period: 1 sec > run duration nanos: 0 > auto-terminated relationships list: > - failure > - original > Properties: > Attribute Strategy: Keep All Unique Attributes > Compression Level: '1' > Correlation Attribute Name: > Delimiter Strategy: Text > Demarcator File: |2+ > > Footer File: > Header File: > Keep Path: 'false' > Max Bin Age: 60 sec > Maximum Group Size: > Maximum Number of Entries: '100' > Maximum number of Bins: '5' > Merge Format: Binary Concatenation > Merge Strategy: Bin-Packing Algorithm > Minimum Group Size: 0 B > Minimum Number of Entries: '100' > - id: d45e9378-054d-33fb-- > name: PutS3Object >
Re: SSLContextService Issue on Minifi
I have encountered a similar issue with ListenTCP, NiFi 1.3 and Minifi 0.2.0: 2017-10-10 20:24:55,184 ERROR [main] o.apache.nifi.controller.FlowController Unable to start ListenTCP[id=f3feecbe-699d-34c5--] due to java.lang.IllegalStateException: Processor ListenTCP is not in a valid state due to ['SSL Context Service' validated against '71b53c95-b604-38c7--' is invalid because StandardSSLContextService - 0.2.0 from org.apache.nifi.minifi - minifi-ssl-context-service-nar is not compatible with SSLContextService - unversioned from default - system] Looking at StandardSSLContextService in Github, both 1.3 and 1.2.0 (what Minifi 0.2.0 is using) are the same version. Here is my configuration with the sensitive bits removed: MiNiFi Config Version: 3 Flow Controller: name: LoadS3 comment: '' Core Properties: flow controller graceful shutdown period: 10 sec flow service write delay interval: 500 ms administrative yield duration: 30 sec bored yield duration: 10 millis max concurrent threads: 1 variable registry properties: '' FlowFile Repository: partitions: 256 checkpoint interval: 2 mins always sync: false Swap: threshold: 2 in period: 5 sec in threads: 1 out period: 5 sec out threads: 4 Content Repository: content claim max appendable size: 10 MB content claim max flow files: 100 always sync: false Provenance Repository: provenance rollover time: 1 min Component Status Repository: buffer size: 1440 snapshot frequency: 1 min Security Properties: keystore: '' keystore type: '' keystore password: '' key password: '' truststore: '' truststore type: '' truststore password: '' ssl protocol: '' Sensitive Props: key: algorithm: PBEWITHMD5AND256BITAES-CBC-OPENSSL provider: BC Processors: - id: ec6fd775-8998-36f3-- name: CompressContent class: org.apache.nifi.processors.standard.CompressContent max concurrent tasks: 1 scheduling strategy: TIMER_DRIVEN scheduling period: 0 sec penalization period: 30 sec yield period: 1 sec run duration nanos: 0 auto-terminated relationships list: - failure Properties: Compression Format: gzip Compression Level: '9' Mode: compress Update Filename: 'true' - id: f3feecbe-699d-34c5-- name: ListenTCP class: org.apache.nifi.processors.standard.ListenTCP max concurrent tasks: 1 scheduling strategy: TIMER_DRIVEN scheduling period: 0 sec penalization period: 30 sec yield period: 1 sec run duration nanos: 0 auto-terminated relationships list: [] Properties: Character Set: UTF-8 Client Auth: NONE Local Network Interface: Max Batch Size: '1' Max Number of TCP Connections: '2' Max Size of Message Queue: '1' Max Size of Socket Buffer: 1 MB Message Delimiter: \n Port: '1515' Receive Buffer Size: 65507 B SSL Context Service: 71b53c95-b604-38c7-- - id: 96b4f9d1-5d24-3386-- name: MergeContent class: org.apache.nifi.processors.standard.MergeContent max concurrent tasks: 1 scheduling strategy: TIMER_DRIVEN scheduling period: 0 sec penalization period: 30 sec yield period: 1 sec run duration nanos: 0 auto-terminated relationships list: - failure - original Properties: Attribute Strategy: Keep All Unique Attributes Compression Level: '1' Correlation Attribute Name: Delimiter Strategy: Text Demarcator File: |2+ Footer File: Header File: Keep Path: 'false' Max Bin Age: 60 sec Maximum Group Size: Maximum Number of Entries: '100' Maximum number of Bins: '5' Merge Format: Binary Concatenation Merge Strategy: Bin-Packing Algorithm Minimum Group Size: 0 B Minimum Number of Entries: '100' - id: d45e9378-054d-33fb-- name: PutS3Object class: org.apache.nifi.processors.aws.s3.PutS3Object max concurrent tasks: 1 scheduling strategy: TIMER_DRIVEN scheduling period: 0 sec penalization period: 30 sec yield period: 1 sec run duration nanos: 0 auto-terminated relationships list: - failure - success Properties: AWS Credentials Provider service: Access Key: REMOVED Bucket: REMOVED Communications Timeout: 30 secs Content Type: Credentials File: Endpoint Override URL: Expiration Time Rule: FullControl User List: ${s3.permissions.full.users} Multipart Part Size: 5 GB Multipart Threshold: 5 GB Multipart Upload AgeOff Interval: 60 min Multipart Upload Max Age Threshold: 7 days Object Key: ${now():format('-MM-dd'):prepend('dt='):append('/'):append(${filename}):prepend('logs/')} Owner: ${s3.owner} Proxy Host: Proxy Host Port: Read ACL User List: ${s3.permissions.readacl.users} Read Permission User List: ${s3.permissions.read.users} Region: us-east-1 SSL Context Service: Secret Key: REMOVED Signer Override: Default Signature
Re: SSLContextService Issue on Minifi
Hi Harrison, Sorry to have overlooked this. Would you be able to share the config you are using for your attempt? On Thu, Jul 27, 2017 at 3:24 PM, Harrison Unruhwrote: > Hello, > > I've been trying to configure Minifi to work with the SSLContextService, > and have been running into an error I can't find much documentation on: > > ERROR [main] o.apache.nifi.controller.FlowController Unable to start > PostHTTP[id=80508d8d-015d-1000--] due to > java.lang.IllegalStateException: Processor PostHTTP is not in a valid > state > due to ['SSL Context Service' validated against > '854b66f7-015d-1000--' is invalid because > StandardSSLContextService - 0.2.0 from org.apache.nifi.minifi - > minifi-ssl-context-service-nar is not compatible with SSLContextService - > unversioned from default - system] > > I've tried quite a few configurations of the StandardSSLContextService I'm > using in my flow but haven't been able to avoid this. I was wondering if > you would have any ideas on what would cause this? > > Thanks! >
SSLContextService Issue on Minifi
Hello, I've been trying to configure Minifi to work with the SSLContextService, and have been running into an error I can't find much documentation on: ERROR [main] o.apache.nifi.controller.FlowController Unable to start PostHTTP[id=80508d8d-015d-1000--] due to java.lang.IllegalStateException: Processor PostHTTP is not in a valid state due to ['SSL Context Service' validated against '854b66f7-015d-1000--' is invalid because StandardSSLContextService - 0.2.0 from org.apache.nifi.minifi - minifi-ssl-context-service-nar is not compatible with SSLContextService - unversioned from default - system] I've tried quite a few configurations of the StandardSSLContextService I'm using in my flow but haven't been able to avoid this. I was wondering if you would have any ideas on what would cause this? Thanks!