You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Bryan Bende (JIRA)" <ji...@apache.org> on 2018/08/22 18:04:00 UTC

[jira] [Created] (NIFI-5549) Handle/prevent cluster nodes with different sensitive property keys

Bryan Bende created NIFI-5549:
---------------------------------

             Summary: Handle/prevent cluster nodes with different sensitive property keys
                 Key: NIFI-5549
                 URL: https://issues.apache.org/jira/browse/NIFI-5549
             Project: Apache NiFi
          Issue Type: Improvement
    Affects Versions: 1.7.1
            Reporter: Bryan Bende


I was testing some scenarios with sensitive property keys and noticed the following behavior...

Created a two node cluster and set the sensitive property key different on each node. The cluster started up fine and I added a processor with a sensitive property and set the value, this saved fine, but behind the scenes the local flow.xml.gz on each node has the value encrypted with a different key.

I then stopped node 2 and deleted its flow.xml.gz and started it back up. When trying to inherit the flow from the cluster it failed because it can't decrypt the sensitive value, which then fails start up.

One question would be, should the original cluster ever have started successfully in the first place?

Presumably when node 1 started and became the coordinator, something could be done when the next node joins to ensure it has the same sensitive properties key and disallow it from joining if different.

Another option would be to let nodes have different values, but somehow migrate the value after receiving it.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)