This Helm chart installs nifi in a Kubernetes cluster.
- Kubernetes cluster 1.10+
- Helm 2.8.0+
- PV provisioner support in the underlying infrastructure.
helm repo add cetic https://cetic.github.io/helm-charts
helm repo update
The following items can be set via --set
flag during installation or configured by editing the values.yaml
directly (need to download the chart first).
- Ingress: The ingress controller must be installed in the Kubernetes cluster.
- ClusterIP: Exposes the service on a cluster-internal IP. Choosing this value makes the service only reachable from within the cluster.
- NodePort: Exposes the service on each Node’s IP at a static port (the NodePort). You’ll be able to contact the NodePort service, from outside the cluster, by requesting
NodeIP:NodePort
. - LoadBalancer: Exposes the service externally using a cloud provider’s load balancer.
- Disable: The data does not survive the termination of a pod.
- Persistent Volume Claim(default): A default
StorageClass
is needed in the Kubernetes cluster to dynamic provision the volumes. Specify another StorageClass in thestorageClass
or setexistingClaim
if you have already existing persistent volumes to use.
Install the nifi helm chart with a release name my-release
:
helm install --name my-release cetic/nifi
To uninstall/delete the my-release
deployment:
helm delete --purge my-release
The following table lists the configurable parameters of the nifi chart and the default values.
Parameter | Description | Default |
---|---|---|
ReplicaCount | ||
replicaCount |
Number of nifi nodes | 1 |
Image | ||
image.repository |
nifi Image name | apache/nifi |
image.tag |
nifi Image tag | 1.9.2 |
image.pullPolicy |
nifi Image pull policy | IfNotPresent |
image.pullSecret |
nifi Image pull secret | nil |
SecurityContext | ||
securityContext.runAsUser |
nifi Docker User | 1000 |
securityContext.fsGroup |
nifi Docker Group | 1000 |
sts | ||
sts.podManagementPolicy |
Parallel podManagementPolicy | Parallel |
sts.AntiAffinity |
Affinity for pod assignment | soft |
secrets | ||
secrets |
Pass any secrets to the nifi pods. The secret can also be mounted to a specific path if required. | nil |
nifi properties | ||
properties.externalSecure |
externalSecure for when inbound SSL | false |
properties.isNode |
cluster node properties (only configure for cluster nodes) | true |
properties.httpPort |
web properties HTTP port | 8080 |
properties.httpsPort |
web properties HTTPS port | null |
properties.clusterPort |
cluster node port | 6007 |
properties.clusterSecure |
cluster nodes secure mode | false |
properties.needClientAuth |
nifi security client auth | false |
properties.provenanceStorage |
nifi provenance repository max storage size | 8 GB |
properties.siteToSite.secure |
Site to Site properties Secure mode | false |
properties.siteToSite.port |
Site to Site properties Secure port | 10000 |
properties.siteToSite.authorizer |
managed-authorizer |
|
nifi user authentication | ||
auth.ldap.enabled |
Enable User auth via ldap | false |
auth.ldap.host |
ldap hostname | ldap://<hostname>:<port> |
auth.ldap.searchBase |
ldap searchBase | CN=Users,DC=example,DC=com |
auth.ldap.searchFilter |
ldap searchFilter | CN=john |
postStart | ||
postStart |
Include additional libraries in the Nifi containers by using the postStart handler | nil |
Service | ||
service.headless.type |
Type of the headless service for nifi | ClusterIP |
service.loadBalancer.enabled |
Enable the LoadBalancerIP service | true |
service.loadBalancer.type |
Type of the LoadBalancerIP service for nifi | LoadBalancer |
service.loadBalancer.httpPort |
Port to expose service | 80 |
service.loadBalancer.httpsPort |
Port to expose service in tls | 443 |
service.loadBalancer.annotations |
Service annotations | {} |
service.loadBalancer.loadBalancerIP |
LoadBalancerIP if service type is LoadBalancer |
nil |
service.loadBalancer.loadBalancerSourceRanges |
Address that are allowed when svc is LoadBalancer |
[] |
Ingress | ||
ingress.enabled |
Enables Ingress | false |
ingress.annotations |
Ingress annotations | {} |
ingress.path |
Path to access frontend | / |
ingress.hosts |
Ingress hosts | [] |
ingress.tls |
Ingress TLS configuration | [] |
Persistence | ||
persistence.enabled |
Use persistent volume to store data | false |
persistence.storageClass |
Storage class name of PVCs (use the default type if unset) | nil |
persistence.accessMode |
ReadWriteOnce or ReadOnly | [ReadWriteOnce] |
persistence.dataStorage.size |
Size of persistent volume claim | 1Gi |
persistence.flowfileRepoStorage.size |
Size of persistent volume claim | 10Gi |
persistence.contentRepoStorage.size |
Size of persistent volume claim | 10Gi |
persistence.provenanceRepoStorage.size |
Size of persistent volume claim | 10Gi |
persistence.logStorage.size |
Size of persistent volume claim | 5Gi |
persistence.existingClaim |
Use an existing PVC to persist data | nil |
jvmMemory | ||
jvmMemory |
bootstrap jvm size | 2g |
SideCar | ||
sidecar.image |
Separate image for tailing each log separately | ez123/alpine-tini |
Resources | ||
resources |
Pod resource requests and limits for logs | {} |
logResources | ||
logresources. |
Pod resource requests and limits | {} |
nodeSelector | ||
nodeSelector |
Node labels for pod assignment | {} |
tolerations | ||
tolerations |
Tolerations for pod assignment | [] |
zookeeper | ||
zookeeper.enabled |
If true, deploy Zookeeper | true |
zookeeper.url |
If the Zookeeper Chart is disabled a URL and port are required to connect | nil |
zookeeper.port |
If the Zookeeper Chart is disabled a URL and port are required to connect | 2181 |
Initially inspired from https://github.com/YolandaMDavis/apache-nifi.
Feel free to contribute by making a pull request.
Please read the official Contribution Guide from Helm for more information on how you can contribute to this Chart.