I am trying to use NIFI CLI toolkit so that I can load 100 parameters using parameter context. (doing it using UI is a tedious job and not appropriate for deployments as well)
I installed Nifi toolkit on remote server. I generally ssh into this server from local and run my commands.
To see the UI, I use ssh tunnel.
There is only one user for this Nifi Instance (admin) and it don't have https certificates. (Single User Authentication)
When i start CLI prompt it works fine (below)
# sh cli.sh
CLI v1.16.3
Type 'help' to see a list of available commands, use tab to auto-complete.
Session loaded from /root/.nifi-cli.config
#>
But when I use any Nifi commands, it throws below error:
#> nifi list-param-contexts -u http://localhost:8443/
**ERROR**: Error executing command 'list-param-contexts' : **Unexpected end of file from server**
if I use https ,
#> nifi list-param-contexts -u https://localhost:8443/
ERROR: Error executing command 'list-param-contexts' : truststore, truststoreType, and truststorePasswd are required when using an https url
But I don't use truststore or passwords for single admin user.
Also commands related to Registry working fine.
#> registry current-user -u http://localhost:18080
anonymous
#> registry list-buckets -u http://localhost:18080
# Name Id Description
- ------------ ------------------------------------ -----------
1 First-bucket 8a3da253-f635-4b01-941f-bfb6437cead7
2 delete 4df052fd-fddc-4e7b-b4ea-bb3b8b691385
Is this something related to https/URI ? Is Nifi CLI works only when truststore and keystore were used ? But if we dont want to use them, is there an alternative or this is a different issue altogether ?
I don't find much information online for this issue and I was struck from many days..
Sincere request to help me find the problem..
Related
W0111 13:21:23.866650 172 azure.go:92] WARNING: the azure auth plugin is deprecated in v1.22+, unavailable in v1.26+; use https://github.com/Azure/kubelogin instead.
To learn more, consult https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins
This is the error I get in cmd, powershell, git-bash, azure shell & vscode terminal. Also I get the same issue if I go to the azure portal and use the web shell.
Yes if I use the terminal in Mirantis lens kubectl works as expected the only difference being is that I've added a http proxy in the Proxy settings for Lens.
I belive the issue is caused by the terminal not using the http proxy.
I've added a system environment variable through advanced system settings, which doesn't appear to be used in my terminal session.
How can I use the http proxy during sessions to use kubectl to access AKS and how can I check if the terminal is using the http proxy?
Installed kubelogin as above
Checked that the proxy was running using Get-Proxess px*
Checked that the environment variable was set with the correct value by doing ls $env: and listing all envvars
You are correct, the problem is with the client.
It seems you are using a client version > 1.26, which as the error suggests its removed.
The easiest thing you can do is to use an older version of the kubectl client.
when using ansible-podman, I am unable to output the std-out of the container run command as I might do when using the command line. This means that I don't get to see the automatically generated password and keystore password, along with other details.
Even when using the tty parameter of the ansible-podman-container, the logs report:
Auto-configuration will not generate a password for the elastic built-in superuser, as we cannot determine if there is a terminal attached to the elasticsearch process. You can use the bin/elasticsearch-reset-password tool to set the password for the elastic user."
There is no elastic user created, and when I exec into the container, the bin/elasticsearch-reset-password tool fails with:
ROR: Failed to reset password for the [elasticsearch] user
As https is standard on the 8.5 image, I am unable to use it, as I cannot set up auth properly. Also, I cannot use apt to install an editor, as the user elasticsearch does not have sufficient permissions.
If you think this is a podman error then please let me know, and I will hassle the devs, and see if I can't get better output and tty detection etc.
An alternative I have tried is using ansible to run a shell command, but the output is no different.
What I really want is to be able to obtain the password to output to an ansible variable so that I can spin up a pod of containers, including elasticsearch, for running tests.
Alternatively, I can use elasticsearch 7.17.7 with http, but I am going to need encryption for production, and there doesn't seem to be a way to do it with ansible.
Perhaps there is an environment variable that I am missing that I could set to create the password? I have tried setting ELASTIC_PASSWORD, but it is of no help.
I am connecting from django using django-elasticsearch-dsl, and get the following error, when verify_cert is set to false:
AuthenticationException(401, 'security_exception', 'missing authentication credentials for REST request [/forum_posts_index/_search]')
Any help gratefully received...
I was wondering if I can ssh a local instance of Jenkins. When I go to Jenkins CLI menu in the UI, there's a comment saying the below:
You can access various features in Jenkins through a command-line
tool. See the documentation for more details of this feature. To get
started, download jenkins-cli.jar, and run it as follows:
java -jar jenkins-cli.jar -s http://localhost:8080/ -webSocket help
So I tried it and it worked but it only gave a list of limited commands which I can execute. So I searched more and found I can use -ssh instead of -webSocket but I get the same result as -webSocket.
What I want to do is accessing the Jenkins bash so I can test my build scripts.
I'm trying
ssh 127.0.0.1 -p 23 // I set this port in the settings
but I keep getting :
shell request failed on channel 0
is it impossible what I'm trying to do? if not, how can I achieve it?
How to spin up a local version of Spinnaker? This has been answered and addressed in detail here.
https://github.com/spinnaker/spinnaker/issues/1729
Ok, so I got it to work, but not without you valuable help! #lwander
So I'll leave the steps here for posterity.
Each line is a separate command in the command line, I've installed this on a virtual machine with a freshly installed Ubuntu 14.04 copy with nothing else than SSH. Then SSH as root, You will need to configure sshd on your console to allow root access.
https://askubuntu.com/questions/469143/how-to-enable-ssh-root-access-on-ubuntu-14-04
> curl -O https://raw.githubusercontent.com/spinnaker/halyard/master/install/stable/InstallHalyard.sh
created a user account member of the adm and sudo groups (is this necessary???)
then Install Halyard:
bash InstallHalyard.sh
Verify that HAL is installed and validate its version.
hal -v
Tell Hal that the deployment type will be as a local instance (this will publish all services in localhost which will be tricky later in order to access them, but I have a turnaround so keep reading)
hal config deploy edit --type localdebian
Hal will complain that a version has not been selected, just tell HAL which version:
hal config version edit --version 1.0.0
The tell HAL which storage you are going to use, in my case and since it is local I want to use redis.
hal config storage edit --type redis
So now we need to add a cloud provider to HAL, we use AWS so we add it like this:
hal config provider aws edit --access-key-idXXXXXXXXXXXXXXXXXXXX--secret-access-key
I created a user on AWS and added access keys to the user inside IAM on the user security credentials tab. Obviously my access-key-idis not XXXXXXXXXXXXXXXXXXXX, I edited it. You do not need to enter the secret-access-key because the command will prompt for it.
Then you need to create a username relative or that will only concern you spinnaker installation however this will get related to you AWS Account-ID, so in MY spinnaker local installation I chose the username spinnakermaster you should choose yours!. And my AWS Account ID is not YYYYYYYYYYYY, I've edited too.
All the configurations and steps that you'll need to do inside AWS for this to work are really well documented here:
[https://www.spinnaker.io/setup/providers/aws/](https://www.spinnaker.io/setup/providers/aws/
)
And to tell HAL of of the above here's the command:
hal config provider aws account add spinnakermaster --account-id YYYYYYYYYYYY --assume-role role/spinnakerManaged
And after all that and if everything went according to plan we can ask HAL to deploy our brand new spinnaker installation.
hal deploy apply
It will begin a long installation downloading and configuring all the services.
Once it has finished you may do whatever you like but in my case I created a monitoring script like the one described here:
https://github.com/spinnaker/spinnaker/issues/854
Which can be launched on a recursive manner as this:
watch -n1 spinnaker-status.shor until toctrl+Cit!.
then to be able to access your local VM spinnaker copy you can either setup a reverse proxy with the proxy server of your choice to forward all the requests to localhost or you can simply ssh the SH** out of this redirecting the ports;
ssh root#ZZZ.ZZZ.ZZZ.ZZZ -L 9000:127.0.0.1:9000 -L 8084:127.0.0.1:8084 -L 8083:127.0.0.1:8083 -L 7002:127.0.0.1:7002 -L 8087:127.0.0.1:8087 -L 8080:127.0.0.1:8080 -L 8088:127.0.0.1:8088 -L 8089:127.0.0.1:8089
Where obviously theZZZ.ZZZ.ZZZ.ZZZ is not an actual IP Address.
And finally to begin having fun with this cutie you have to go to your browser of choice and type into the address bar:
http://127.0.0.0:9000
Hope this helps and saves some time to everybody!.
Cheers.
EN
I am attempting to setup an LDAP server.
I installed ApacheDS and I was going through the user guide. I am trying to change the default admin password. I know I can use the Apache Directory Studio to do this, but I am required to use the command line to setup and maintain the LDAP server I create.
I found this
and it helped by showing how to use an ldif file to modify the default password.
However when I run
ldapmodify -h localhost -p 10389 -D "uid=admin,ou=system" -f conf-modify.ldif
I get the message:
'ldapmodify' is not recognized as an internal or external command, operable program or batch file.
Is there an LDAP package for windows command line tools or is there a specific directory that the ldap command must be executed from in ApacheDS
I am currently running the command from the ApacheDS install directory C:\Program Files\ApacheDS
I have been using OpenDJ and their tools. You do not need to run the LDAP server to be able to run their LDAP tools.
Runs on any(?) Java 7 or greater platform.
Open any cmd prompt and add add this command
set path=%path%;E:\Softwares\OpenLDAP\bin
and after that run your command
ldapmodify -h localhost -p 10389 -D "uid=admin,ou=system" -f conf-modify.ldif
I Hope it helps you.,
An old article, perhaps still useful for ApacheDS users.
if you have found your bin folder with dsadm.exe usw.,
then you will find your ldapsearch.exe in a parallel folder.
dsee7:
*---bin
| dsadm.exe
|
*---dsrk
+---bin
ldapsearch.exe
ldapmodify.exe
WARNING:
call pls.
ldapmodify -h
In order to see the difference between openldap and ApacheDS.
It is not working with openldap syntax.
Have a fun with experimenting. (rulez Shadows)
Hint you will see the same syntax in suchlogs in your Apache Directory Browser