You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Andy LoPresto (Jira)" <ji...@apache.org> on 2020/05/18 21:29:00 UTC
[jira] [Created] (NIFI-7467) Improve S2S peer retrieval process
Andy LoPresto created NIFI-7467:
-----------------------------------
Summary: Improve S2S peer retrieval process
Key: NIFI-7467
URL: https://issues.apache.org/jira/browse/NIFI-7467
Project: Apache NiFi
Issue Type: Bug
Components: Core Framework, Security
Affects Versions: 1.11.4
Reporter: Andy LoPresto
Assignee: Andy LoPresto
During investigation for NIFI-7407, [~thenatog] and I discovered a scenario where site to site peer retrieval was sub-optimal. Some of this was related to hosting a secure cluster with multiple nodes on the same physical/virtual server, introducing hostname and SAN resolution problems. In other instances, the retrieval has a nested {{NullPointerException}}.
{code}
2020-05-14 18:44:39,140 INFO [Clustering Tasks Thread-2] o.a.n.c.c.ClusterProtocolHeartbeater Heartbeat created at 2020-05-14 18:44:39,124 and sent to node3.nifi:11443 at 2020-05-14 18:44:39,140; send took 15 millis
2020-05-14 18:44:41,789 WARN [Http Site-to-Site PeerSelector] o.apache.nifi.remote.client.PeerSelector Could not communicate with node1.nifi:9443 to determine which nodes exist in the remote NiFi cluster, due to javax.net.ssl.SSLPeerUnverifiedException: Certificate for <node1.nifi> doesn't match any of the subject alternative names: [node3.nifi]
2020-05-14 18:44:41,789 WARN [Http Site-to-Site PeerSelector] o.apache.nifi.remote.client.PeerSelector org.apache.nifi.remote.client.PeerSelector@57dfcccd Unable to refresh Remote Group's peers due to Unable to communicate with remote NiFi cluster in order to determine which nodes exist in the remote cluster
2020-05-14 18:44:44,159 INFO [Clustering Tasks Thread-2] o.a.n.c.c.ClusterProtocolHeartbeater Heartbeat created at 2020-05-14 18:44:44,146 and sent to node3.nifi:11443 at 2020-05-14 18:44:44,159; send took 13 millis
2020-05-14 18:44:46,791 WARN [Timer-Driven Process Thread-10] o.apache.nifi.remote.client.PeerSelector Could not communicate with node1.nifi:9443 to determine which nodes exist in the remote NiFi cluster, due to javax.net.ssl.SSLPeerUnverifiedException: Certificate for <node1.nifi> doesn't match any of the subject alternative names: [node3.nifi]
2020-05-14 18:44:46,791 WARN [Timer-Driven Process Thread-10] o.apache.nifi.remote.client.PeerSelector org.apache.nifi.remote.client.PeerSelector@57dfcccd Unable to refresh Remote Group's peers due to Unable to communicate with remote NiFi cluster in order to determine which nodes exist in the remote cluster
2020-05-14 18:44:46,791 INFO [Timer-Driven Process Thread-10] o.a.nifi.remote.client.http.HttpClient Couldn't find a valid peer to communicate with.
2020-05-14 18:44:46,817 WARN [Http Site-to-Site PeerSelector] o.apache.nifi.remote.client.PeerSelector Could not communicate with node1.nifi:9443 to determine which nodes exist in the remote NiFi cluster, due to javax.net.ssl.SSLPeerUnverifiedException: Certificate for <node1.nifi> doesn't match any of the subject alternative names: [node3.nifi]
2020-05-14 18:44:46,817 WARN [Http Site-to-Site PeerSelector] o.apache.nifi.remote.client.PeerSelector org.apache.nifi.remote.client.PeerSelector@57dfcccd Unable to refresh Remote Group's peers due to Unable to communicate with remote NiFi cluster in order to determine which nodes exist in the remote cluster
2020-05-14 18:44:49,178 INFO [Clustering Tasks Thread-2] o.a.n.c.c.ClusterProtocolHeartbeater Heartbeat created at 2020-05-14 18:44:49,164 and sent to node3.nifi:11443 at 2020-05-14 18:44:49,178; send took 13 millis
2020-05-14 18:44:51,332 INFO [Timer-Driven Process Thread-6] o.a.n.remote.StandardRemoteProcessGroup Successfully refreshed Flow Contents for RemoteProcessGroup[https://node1.nifi:9441/nifi]; updated to reflect 1 Input Ports [InputPort[name=From Self, targetId=15f64e5b-0172-1000-ffff-fffff134169a]] and 0 Output Ports [OutputPort[name=From Self, targetId=15f64e5b-0172-1000-ffff-fffff134169a]]
2020-05-14 18:44:51,833 WARN [Http Site-to-Site PeerSelector] o.apache.nifi.remote.client.PeerSelector Could not communicate with node1.nifi:9443 to determine which nodes exist in the remote NiFi cluster, due to javax.net.ssl.SSLPeerUnverifiedException: Certificate for <node1.nifi> doesn't match any of the subject alternative names: [node3.nifi]
2020-05-14 18:44:51,833 WARN [Http Site-to-Site PeerSelector] o.apache.nifi.remote.client.PeerSelector org.apache.nifi.remote.client.PeerSelector@57dfcccd Unable to refresh Remote Group's peers due to Unable to communicate with remote NiFi cluster in order to determine which nodes exist in the remote cluster
{code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)