Hi Mike,
If Docker is preferable for anyone doing RC validation, here are the steps for
building a NiFi Registry Docker image based on the convenience binaries for
0.2.0 RC1:
# From a source code checkout or from the unzipped source artifact provided
(nifi-registry-0.2.0-source-release.zip), cd to the "dockerhub" sub directory
of the nifi-registry-docker module:
cd /path/to/nifi-registry-docker/dockerhub
# Run the following command, which will build the Dockerfile in this directory
using ARGs to override the binaries to download to point to the RC convenience
binaries:
docker build \
--build-arg UID=1000 \
--build-arg GID=1000 \
--build-arg NIFI_REGISTRY_VERSION=0.2.0 \
--build-arg MIRROR=https://dist.apache.org/repos/dist/dev \
-t apache/nifi-registry:0.2.0-rc1 .
>From there, follow the instructions in the dockerhub/README.md file for
>running the Docker image you just built in a container. Note to replace
>"apache/nifi-registry:latest" in the readme instructions with the tag in the
>command above, " apache/nifi-registry:0.2.0-rc1" For example:
docker run --name nifi-registry \
-p 18080:18080 \
-d \
apache/nifi-registry:0.2.0-rc1
This will make the container available from the host machine (via port
forwarding) on the default 18080 port.
The dockerhub/README.md file includes instructions for running the image as a
secured NiFi Registry.
Let me know if you have any questions. Thanks for taking the time to look at
the RC!
Kevin
On 6/16/18, 09:27, "Mike Thomsen" <[email protected]> wrote:
Thanks. I'll give those a look today.
On Sat, Jun 16, 2018 at 8:21 AM Bryan Bende <[email protected]> wrote:
> I can't help you with the Docker part, but there shouldn't be any
> major issues setting up secure NiFi and registry.
>
> Andrew Lim put together some great videos that are linked to from the
> registry page of the website...
>
> Setting Up a Secure Apache NiFi Registry
>
> https://youtu.be/qD03ao3R-a4
>
> Setting Up a Secure NiFi to Integrate with a Secure NiFi Registry
>
> https://youtu.be/DSO12fhnZ90
>
>
> On Sat, Jun 16, 2018 at 7:45 AM, Mike Thomsen <[email protected]>
> wrote:
> > Some of my colleagues have had real trouble with running secure NiFi and
> > the registry together (both secure). Can someone point me to build
> > instructions for the Registry's docker image so I can try to replicate
> > using 0.2 RC1?
> >
> > Thanks,
> >
> > Mike
> >
> > On Fri, Jun 15, 2018 at 9:27 PM Kevin Doran <[email protected]> wrote:
> >
> >> Hello Apache NiFi community,
> >>
> >> Please find the associated guidance to help those interested in
> >> validating/verifying the Apache NiFi Registry release so they can vote.
> >>
> >> # Download latest KEYS file:
> >> https://dist.apache.org/repos/dist/dev/nifi/KEYS
> >>
> >> # Import keys file:
> >> gpg --import KEYS
> >>
> >> # [optional] Clear out local maven artifact repository
> >>
> >> # Pull down nifi-registry-0.2.0 source release artifacts for review:
> >>
> >> wget
> >>
>
https://dist.apache.org/repos/dist/dev/nifi/nifi-registry/nifi-registry-0.2.0/nifi-registry-0.2.0-source-release.zip
> >> wget
> >>
>
https://dist.apache.org/repos/dist/dev/nifi/nifi-registry/nifi-registry-0.2.0/nifi-registry-0.2.0-source-release.zip.asc
> >> wget
> >>
>
https://dist.apache.org/repos/dist/dev/nifi/nifi-registry/nifi-registry-0.2.0/nifi-registry-0.2.0-source-release.zip.sha1
> >> wget
> >>
>
https://dist.apache.org/repos/dist/dev/nifi/nifi-registry/nifi-registry-0.2.0/nifi-registry-0.2.0-source-release.zip.sha256
> >> wget
> >>
>
https://dist.apache.org/repos/dist/dev/nifi/nifi-registry/nifi-registry-0.2.0/nifi-registry-0.2.0-source-release.zip.sha512
> >>
> >> # Verify the signature
> >> gpg --verify nifi-registry-0.2.0-source-release.zip.asc
> >>
> >> # Verify the hashes (sha1, sha256, sha512) match the source and what
was
> >> provided in the vote email thread
> >> shasum -a 1 nifi-registry-0.2.0-source-release.zip
> >> shasum -a 256 nifi-registry-0.2.0-source-release.zip
> >> shasum -a 512 nifi-registry-0.2.0-source-release.zip
> >>
> >> # Unzip nifi-registry-0.2.0-source-release.zip
> >>
> >> # Verify the build works including release audit tool (RAT) checks
> >> cd nifi-registry-0.2.0
> >> mvn clean install -Pcontrib-check
> >>
> >> # Verify the contents contain a good README, NOTICE, and LICENSE.
> >>
> >> # Verify the git commit ID is correct
> >>
> >> # Verify the RC was branched off the correct git commit ID
> >>
> >> # Look at the resulting convenience binary as found in
> >> nifi-registry-assembly/target
> >>
> >> # Make sure the README, NOTICE, and LICENSE are present and correct
> >>
> >> # Run the resulting convenience binary and make sure it works as
> expected
> >>
> >> # Test integration between the Registry and NiFi
> >>
> >> Start the registry
> >>
> >> ./bin/nifi-registry.sh start
> >>
> >> Create a bucket in the registry
> >>
> >> - Go to the registry UI at http://localhost:18080/nifi-registry
> >> - Click the tool icon in the top right corner
> >> - Click New Bucket from the bucket table
> >> - Enter a name and click create
> >>
> >> Start NiFi
> >>
> >> Tell NiFi about your local registry instance
> >>
> >> - Go the controller settings for NiFi from the top-right menu
> >> - Select the Registry Clients tab
> >> - Add a new Registry Client giving it a name and the url of
> >> http://localhost:18080
> >>
> >> Create a process group and place it under version control
> >>
> >> - Right click on the PG and select the Version menu
> >> - Select Start Version Control
> >> - Choose the registry instance and bucket you want to use
> >> - Enter a name, description, and comment
> >>
> >> Go back to the registry and refresh the main page and you should see
the
> >> versioned flow you just saved
> >>
> >> Import a new PG from a versioned flow
> >>
> >> - Drag on a new PG like normal
> >> - Instead of entering a name, click the Import link
> >> - Now choose the flow you saved before
> >>
> >> You should have a second identical PG now.
> >>
> >> # Send a response to the vote thread indicating a +1, 0, -1 based on
> your
> >> findings.
> >>
> >> Thank you for your time and effort to validate the release!
> >>
> >>
> >>
>
