{"id":21514909,"url":"https://github.com/getindata/apache-nifi-kubernetes","last_synced_at":"2025-06-14T08:06:36.269Z","repository":{"id":49497590,"uuid":"369097590","full_name":"getindata/apache-nifi-kubernetes","owner":"getindata","description":null,"archived":false,"fork":false,"pushed_at":"2021-10-10T20:16:29.000Z","size":44,"stargazers_count":20,"open_issues_count":1,"forks_count":16,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-04-09T20:11:38.307Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/getindata.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-05-20T06:06:04.000Z","updated_at":"2025-02-26T14:49:44.000Z","dependencies_parsed_at":"2022-08-19T00:00:50.758Z","dependency_job_id":null,"html_url":"https://github.com/getindata/apache-nifi-kubernetes","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getindata%2Fapache-nifi-kubernetes","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getindata%2Fapache-nifi-kubernetes/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getindata%2Fapache-nifi-kubernetes/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getindata%2Fapache-nifi-kubernetes/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/getindata","download_url":"https://codeload.github.com/getindata/apache-nifi-kubernetes/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248103872,"owners_count":21048245,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-23T23:53:28.783Z","updated_at":"2025-04-09T20:11:43.060Z","avatar_url":"https://github.com/getindata.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Apache NiFi and NiFi Registry on Kubernetes\n\nIt is a repository with Helm charts for Apache NiFi and Apache NiFi Registry.\n\n[Blog Post about NiFi on Kubernetes.](https://getindata.com/blog/)\n\n- [Apache NiFi GitHub Repository](https://github.com/apache/nifi)\n- [Apache NiFi Registry GitHub Repository](https://github.com/apache/nifi-registry)\n\n## Note\n\nThis repo is constantly being improved.\n\n## Prerequisites\n\nYou need the following components to use these Helm charts:\n\n- Kubernetes cluster (1.15 and newer)\n- Helm 3\n\nTested with the following Ingress:\n- [NGINX Ingress Controller](https://kubernetes.github.io/ingress-nginx/)\nHere we use featured [SSL Passthrough](https://kubernetes.github.io/ingress-nginx/user-guide/tls/#ssl-passthrough).\n\n## Tests\n\nYou can find CI pipelines for two CICD tools: GitLab CI and GitHub Actions.\n\n- GitLab CI: .gitlab-ci.yml\n- GitHub Actions: directory .github/workflows\n\n## Installation\n\nCreate your values file or use the default one.\n\nApache NiFi:\n```shell script\nhelm --namespace nifi nifi upgrade --install ./apache-nifi/chart -f ./apache-nifi/chart/values.yaml\n```\n\nApache NiFi Registry:\n```shell script\nhelm --namespace nifireg nifi upgrade --install ./apache-nifi-registry/chart -f ./apache-nifi-registry/chart/values.yaml\n```\n\n## Configuration - NiFi\n\nThe following table lists the configurable parameters of the Apache NiFi chart and the default values.\n\n| Parameter | Description | Default |\n| --------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------| ------------------------------- |\n| **ReplicaCount** |\n| `replicaCount` | Number of nifi nodes | `1` |\n| **Image** |\n| `image.repository` | nifi Image name | `apache/nifi` |\n| `image.tag` | nifi Image tag | `1.11.4` |\n| `image.pullPolicy` | nifi Image pull policy | `IfNotPresent` |\n| `image.pullSecret` | nifi Image pull secret | `nil` |\n| **SecurityContext** |\n| `securityContext.runAsUser` | nifi Docker User | `1000` |\n| `securityContext.fsGroup` | nifi Docker Group | `1000` |\n| **sts** |\n| `sts.podManagementPolicy` | Parallel podManagementPolicy | `Parallel` |\n| `sts.AntiAffinity` | Affinity for pod assignment | `soft` |\n| `sts.pod.annotations` | Pod template annotations | `security.alpha.kubernetes.io/sysctls: net.ipv4.ip_local_port_range=10000 65000` |\n| **secrets**\n| `secrets` | Pass any secrets to the nifi pods. The secret can also be mounted to a specific path if required. | `nil` |\n| **configmaps**\n| `configmaps` | Pass any configmaps to the nifi pods. The configmap can also be mounted to a specific path if required. | `nil` |\n| **nifi properties** |\n| `properties.externalSecure` | externalSecure for when inbound SSL | `false` |\n| `properties.isNode` | cluster node properties (only configure for cluster nodes) | `true` |\n| `properties.httpPort` | web properties HTTP port | `8080` |\n| `properties.httpsPort` | web properties HTTPS port | `null` |\n| `properties.clusterPort` | cluster node port | `6007` |\n| `properties.clusterSecure` | cluster nodes secure mode | `false` |\n| `properties.needClientAuth` | nifi security client auth | `false` |\n| `properties.provenanceStorage` | nifi provenance repository max storage size | `8 GB` |\n| `properties.siteToSite.secure` | Site to Site properties Secure mode | `false` |\n| `properties.siteToSite.port` | Site to Site properties Secure port | `10000` |\n| `properties.siteToSite.authorizer` | | `managed-authorizer` |\n| `properties.safetyValve` | Map of explicit 'property: value' pairs that overwrite other configuration | `nil` |\n| **nifi user authentication** |\n| `auth.ldap.enabled` | Enable User auth via ldap | `false` |\n| `auth.ldap.host` | ldap hostname | `ldap://\u003chostname\u003e:\u003cport\u003e` |\n| `auth.ldap.searchBase` | ldap searchBase | `CN=Users,DC=example,DC=com` |\n| `auth.ldap.searchFilter` | ldap searchFilter | `CN=john` |\n| **postStart** |\n| `postStart` | Include additional libraries in the Nifi containers by using the postStart handler | `nil` |\n| **Headless Service** |\n| `headless.type` | Type of the headless service for nifi | `ClusterIP` |\n| `headless.annotations` | Headless Service annotations | `service.alpha.kubernetes.io/tolerate-unready-endpoints: \"true\"`|\n| **Ingress** |\n| `ingress.enabled` | Enables Ingress | `false` |\n| `ingress.annotations` | Ingress annotations | `{}` |\n| `ingress.path` | Path to access frontend (See issue [#22](https://github.com/cetic/helm-nifi/issues/22)) | `/` |\n| `ingress.hosts` | Ingress hosts | `[]` |\n| `ingress.tls` | Ingress TLS configuration | `[]` |\n| **Persistence** |\n| `persistence.enabled` | Use persistent volume to store data | `false` |\n| `persistence.storageClass` | Storage class name of PVCs (use the default type if unset) | `nil` |\n| `persistence.accessMode` | ReadWriteOnce or ReadOnly | `[ReadWriteOnce]` |\n| `persistence.dataStorage.size` | Size of persistent volume claim | `1Gi` |\n| `persistence.flowfileRepoStorage.size` | Size of persistent volume claim | `10Gi` |\n| `persistence.contentRepoStorage.size` | Size of persistent volume claim | `10Gi` |\n| `persistence.provenanceRepoStorage.size` | Size of persistent volume claim | `10Gi` |\n| `persistence.logStorage.size` | Size of persistent volume claim | `5Gi` |\n| `persistence.existingClaim` | Use an existing PVC to persist data | `nil` |\n| **jvmMemory** |\n| `jvmMemory` | bootstrap jvm size | `2g` |\n| **SideCar** |\n| `sidecar.image` | Separate image for tailing each log separately | `ez123/alpine-tini` |\n| `sidecar.tag` | Image tag | `latest` |\n| **BusyBox** |\n| `busybox.image` | Separate image for initContainer that verifies zookeeper is accessible | `busybox` |\n| `busybox.tag` | Image tag | `latest` |\n| **Resources** |\n| `resources` | Pod resource requests and limits for logs | `{}` |\n| **logResources** |\n| `logresources.` | Pod resource requests and limits | `{}` |\n| **nodeSelector** |\n| `nodeSelector` | Node labels for pod assignment | `{}` |\n| **terminationGracePeriodSeconds** |\n| `terminationGracePeriodSeconds` | Number of seconds the pod needs to terminate gracefully. For clean scale down of the nifi-cluster the default is set to 60, opposed to k8s-default 30. | `60` |\n| **tolerations** |\n| `tolerations` | Tolerations for pod assignment | `[]` |\n| **initContainers** |\n| `initContainers` | Container definition that will be added to the pod as [initContainers](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#container-v1-core) | `[]` |\n| **extraVolumes** |\n| `extraVolumes` | Additional Volumes available within the pod (see [spec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#volume-v1-core) for format) | `[]` |\n| **extraVolumeMounts** |\n| `extraVolumeMounts` | VolumeMounts for the nifi-server container (see [spec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#volumemount-v1-core) for details) | `[]` |\n| **env** |\n| `env` | Additional environment variables for the nifi-container (see [spec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#envvar-v1-core) for details) | `[]` |\n| **extraContainers** |\n| `extraContainers` | Additional container-specifications that should run within the pod (see [spec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#container-v1-core) for details) | `[]` |\n\n## Configuration - NiFi Registry\n\nThe following table lists the configurable parameters of the Apache NiFi Registry chart and the default values.\n\n| Parameter | Description | Default |\n| --------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------| ------------------------------- |\n| **ReplicaCount** |\n| `replicaCount` | Number of nifi nodes | `1` |\n| **Image** |\n| `image.repository` | nifi Image name | `apache/nifi` |\n| `image.tag` | nifi Image tag | `1.11.4` |\n| `image.pullPolicy` | nifi Image pull policy | `IfNotPresent` |\n| `image.pullSecret` | nifi Image pull secret | `nil` |\n| **SecurityContext** |\n| `securityContext.runAsUser` | nifi Docker User | `1000` |\n| `securityContext.fsGroup` | nifi Docker Group | `1000` |\n| **sts** |\n| `sts.podManagementPolicy` | Parallel podManagementPolicy | `Parallel` |\n| `sts.AntiAffinity` | Affinity for pod assignment | `soft` |\n| `sts.pod.annotations` | Pod template annotations | `security.alpha.kubernetes.io/sysctls: net.ipv4.ip_local_port_range=10000 65000` |\n| **secrets**\n| `secrets` | Pass any secrets to the nifi pods. The secret can also be mounted to a specific path if required. | `nil` |\n| **configmaps**\n| `configmaps` | Pass any configmaps to the nifi pods. The configmap can also be mounted to a specific path if required. | `nil` |\n| **nifi properties** |\n| `properties.externalSecure` | externalSecure for when inbound SSL | `false` |\n| `properties.isNode` | cluster node properties (only configure for cluster nodes) | `true` |\n| `properties.httpPort` | web properties HTTP port | `8080` |\n| `properties.httpsPort` | web properties HTTPS port | `null` |\n| `properties.clusterPort` | cluster node port | `6007` |\n| `properties.clusterSecure` | cluster nodes secure mode | `false` |\n| `properties.needClientAuth` | nifi security client auth | `false` |\n| `properties.provenanceStorage` | nifi provenance repository max storage size | `8 GB` |\n| `properties.siteToSite.secure` | Site to Site properties Secure mode | `false` |\n| `properties.siteToSite.port` | Site to Site properties Secure port | `10000` |\n| `properties.siteToSite.authorizer` | | `managed-authorizer` |\n| `properties.safetyValve` | Map of explicit 'property: value' pairs that overwrite other configuration | `nil` |\n| **nifi user authentication** |\n| `auth.ldap.enabled` | Enable User auth via ldap | `false` |\n| `auth.ldap.host` | ldap hostname | `ldap://\u003chostname\u003e:\u003cport\u003e` |\n| `auth.ldap.searchBase` | ldap searchBase | `CN=Users,DC=example,DC=com` |\n| `auth.ldap.searchFilter` | ldap searchFilter | `CN=john` |\n| **postStart** |\n| `postStart` | Include additional libraries in the Nifi containers by using the postStart handler | `nil` |\n| **Headless Service** |\n| `headless.type` | Type of the headless service for nifi | `ClusterIP` |\n| `headless.annotations` | Headless Service annotations | `service.alpha.kubernetes.io/tolerate-unready-endpoints: \"true\"`|\n| **Ingress** |\n| `ingress.enabled` | Enables Ingress | `false` |\n| `ingress.annotations` | Ingress annotations | `{}` |\n| `ingress.path` | Path to access frontend (See issue [#22](https://github.com/cetic/helm-nifi/issues/22)) | `/` |\n| `ingress.hosts` | Ingress hosts | `[]` |\n| `ingress.tls` | Ingress TLS configuration | `[]` |\n| **Persistence** |\n| `persistence.enabled` | Use persistent volume to store data | `false` |\n| `persistence.storageClass` | Storage class name of PVCs (use the default type if unset) | `nil` |\n| `persistence.accessMode` | ReadWriteOnce or ReadOnly | `[ReadWriteOnce]` |\n| `persistence.dataStorage.size` | Size of persistent volume claim | `1Gi` |\n| `persistence.flowfileRepoStorage.size` | Size of persistent volume claim | `10Gi` |\n| `persistence.contentRepoStorage.size` | Size of persistent volume claim | `10Gi` |\n| `persistence.provenanceRepoStorage.size` | Size of persistent volume claim | `10Gi` |\n| `persistence.logStorage.size` | Size of persistent volume claim | `5Gi` |\n| `persistence.existingClaim` | Use an existing PVC to persist data | `nil` |\n| **jvmMemory** |\n| `jvmMemory` | bootstrap jvm size | `2g` |\n| **SideCar** |\n| `sidecar.image` | Separate image for tailing each log separately | `ez123/alpine-tini` |\n| `sidecar.tag` | Image tag | `latest` |\n| **BusyBox** |\n| `busybox.image` | Separate image for initContainer that verifies zookeeper is accessible | `busybox` |\n| `busybox.tag` | Image tag | `latest` |\n| **Resources** |\n| `resources` | Pod resource requests and limits for logs | `{}` |\n| **logResources** |\n| `logresources.` | Pod resource requests and limits | `{}` |\n| **nodeSelector** |\n| `nodeSelector` | Node labels for pod assignment | `{}` |\n| **terminationGracePeriodSeconds** |\n| `terminationGracePeriodSeconds` | Number of seconds the pod needs to terminate gracefully. For clean scale down of the nifi-cluster the default is set to 60, opposed to k8s-default 30. | `60` |\n| **tolerations** |\n| `tolerations` | Tolerations for pod assignment | `[]` |\n| **initContainers** |\n| `initContainers` | Container definition that will be added to the pod as [initContainers](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#container-v1-core) | `[]` |\n| **extraVolumes** |\n| `extraVolumes` | Additional Volumes available within the pod (see [spec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#volume-v1-core) for format) | `[]` |\n| **extraVolumeMounts** |\n| `extraVolumeMounts` | VolumeMounts for the nifi-server container (see [spec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#volumemount-v1-core) for details) | `[]` |\n| **env** |\n| `env` | Additional environment variables for the nifi-container (see [spec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#envvar-v1-core) for details) | `[]` |\n| **extraContainers** |\n| `extraContainers` | Additional container-specifications that should run within the pod (see [spec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#container-v1-core) for details) | `[]` |\n\n\n## Credits\n\nInspired from https://github.com/cetic/helm-nifi","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgetindata%2Fapache-nifi-kubernetes","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgetindata%2Fapache-nifi-kubernetes","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgetindata%2Fapache-nifi-kubernetes/lists"}