Configuration
Command Line Parameters
Environment variables
This operator accepts the following environment variables:
PRODUCT_CONFIG
Default value: /etc/stackable/nifi-operator/config-spec/properties.yaml
Required: false
Multiple values: false
export PRODUCT_CONFIG=/foo/bar/properties.yaml
stackable-nifi-operator runor via docker:
docker run \
--name nifi-operator \
--network host \
--env KUBECONFIG=/home/stackable/.kube/config \
--env PRODUCT_CONFIG=/my/product/config.yaml \
--mount type=bind,source="$HOME/.kube/config",target="/home/stackable/.kube/config" \
docker.stackable.tech/stackable/nifi-operator:latest
WATCH_NAMESPACE
Default value: All namespaces
Required: false
Multiple values: false
The operator will only watch for resources in the provided namespace test:
export WATCH_NAMESPACE=test
stackable-nifi-operator runor via docker:
docker run \
--name nifi-operator \
--network host \
--env KUBECONFIG=/home/stackable/.kube/config \
--env WATCH_NAMESPACE=test \
--mount type=bind,source="$HOME/.kube/config",target="/home/stackable/.kube/config" \
docker.stackable.tech/stackable/nifi-operator:latestKubernetes custom resource options
The cluster can be configured via a YAML file. This custom resource specifies the amount of replicas for each role group or role specific configuration like port definitions etc. The following listing shows a fairly complete example that sets most available options, for more detail about the individual elements please refer to the table further down on the page.
apiVersion: nifi.stackable.tech/v1alpha1
kind: NifiCluster
metadata:
name: simple-nifi
spec:
version: 1.16.3-stackable0.1.0
zookeeperConfigMapName: simple-nifi-znode
authenticationConfig:
method:
SingleUser:
adminCredentialsSecret:
name: nifi-admin-credentials-simple
namespace: default
allowAnonymousAccess: true
nodes:
roleGroups:
default:
selector:
matchLabels:
kubernetes.io/os: linux
config:
sensitivePropertyKeySecret: nifi-sensitive-property-key
log:
rootLogLevel: INFO
replicas: 3Node Configuration
nodes:
roleGroups:
default:
selector:
matchLabels:
kubernetes.io/os: linux
config:
replicas: 3The nodes element is used to define how many pods with which configuration should be rolled out.
It is possible to define multiple groups of nodes, each with its own distinct configuration, every roleGroup has the following elements:
-
selector: a Kubernetes
Selectorto specify criteria that can be used to target nodes -
config: The NiFi config to use for this group
-
replicas: How many pods to roll out for this group
Authentication
authenticationConfig:
method:
SingleUser:
adminCredentialsSecret:
name: nifi-admin-credentials-simple
namespace: default
allowAnonymousAccess: trueAll authentication related parameters are configured in the authenticationConfig element.
Authentication Method
Currently, the only supported authentication method is "SingleUser", which allows the definition of one admin user which can then access the cluster.
Specification of these users credentials happens via referring to a Secret in Kubernetes, this secret will need to contain at least the two keys username and password.
Extra keys may be present, but will be ignored by the operator.
Anonymous Access
NiFi can be configured to allow anonymous access to the web UI, this is turned off by default, but can be enabled via the parameter allowAnonymousAccess.
This setting is independent of the configured authentication method and will override anything specified for the authentication provider.
ZooKeeper Connection
zookeeperConfigMapName: simple-nifi-znodeNiFi in cluster mode requires a ZooKeeper ensemble for state management and leader election purposes, this operator at the moment does not support single node deployments without ZooKeeper, hence this is a required setting.
Configuration happens via a ConfigMap, which needs to contain two keys called ZOOKEEPER_HOSTS with the value being the ZooKeeper connection string and ZOOKEEPER_CHROOT with the value being the ZooKeeper chroot. This ConfigMap typically is created by a ZookeeperZnode of the ZooKeeper Operator.
NiFi Configuration
config:
sensitivePropertyKeySecret: nifi-sensitive-property-key
log:
rootLogLevel: INFOThis is the actual NiFi configuration element.
At the moment only a very limited set of options is supported, but you can expect these to grow quickly over time.
Anything that is not mentioned here can be configured via configOverrides. This does not include properties for XML files like state-management.xml.
Configuration Overrides
Apache NiFi runtime configuration is stored in a file named nifi.properties. The configOverrides block allows you to add custom parameters to this file. A Full list of the available configuration options can be found in the official Apache NiFi documentation at https://nifi.apache.org/docs/nifi-docs/components/nifi-docs/html/administration-guide.html#system_properties.
Overrides consist of a key, which must match the property name in the configuration file and a value. This allows arbitrary configuration properties to be added to Spark. In the example above a property aws.region is being explicitly set to 'eu-west-1', overriding the default value.
| Please be aware that by overriding config settings in this section you have a very high risk of breaking things, because the product does not behave the way the Stackable Operator for Apache NiFi expects it to behave any more. |
The following snippet shows an example of how this would look in the NifiCluster definition:
config:
sensitivePropertyKeySecret: nifi-sensitive-property-
configOverrides:
nifi.properties:
aws.region: eu-west-1
replicas: 2