thenatog commented on pull request #4753:
URL: https://github.com/apache/nifi/pull/4753#issuecomment-759015855


   Some instructions on configuration:
   
   **Generated TLS configuration:**
   
   ./tls-toolkit.sh standalone -n 'nifi[0-2].com' -C 
'CN=three-node-client-cert,OU=NIFI' -O -o security_output 
--subjectAlternativeNames localhost,127.0.0.1
   
   
   **Relevant nifi.properties:**
   
   Node 1 example (basically the same on all nodes unless keystore passwords 
are different):
   
   nifi.security.keystore=./conf/keystore.jks
   nifi.security.keystoreType=jks
   nifi.security.keystorePasswd=password
   nifi.security.keyPasswd=password
   nifi.security.truststore=./conf/truststore.jks
   nifi.security.truststoreType=jks
   nifi.security.truststorePasswd=password
   nifi.security.user.authorizer=managed-authorizer
   
   nifi.zookeeper.connect.string=nifi0.com:2281,nifi1.com:2282,nifi2.com:2283
   nifi.zookeeper.connect.timeout=10 secs
   nifi.zookeeper.session.timeout=10 secs
   nifi.zookeeper.root.node=/nifi
   nifi.zookeeper.client.secure=true
   
   nifi.state.management.configuration.file=./conf/state-management.xml
   nifi.state.management.provider.local=local-provider
   nifi.state.management.provider.cluster=zk-provider
   nifi.state.management.embedded.zookeeper.start=true
   
nifi.state.management.embedded.zookeeper.properties=./conf/zookeeper.properties
   
   
   **Zookeeper state directory with myid file for each node in:**
   
   node0/state/zookeeper/myid (contents of "1")
   node1/state/zookeeper/myid (contents of "2")
   node2/state/zookeeper/myid (contents of "3")
   
   
   **zookeeper.properties (Almost identical other than secureClientPort. If 
running on different machines then the port can be the same and the file will 
be identical across nodes):**
   
   Node 1:
   
   secureClientPort=2281
   initLimit=10
   autopurge.purgeInterval=24
   syncLimit=5
   tickTime=2000
   dataDir=./state/zookeeper
   autopurge.snapRetainCount=30
   
   server.1=nifi0.com:2880:3880
   server.2=nifi1.com:2881:3881
   server.3=nifi2.com:2882:3882
   
   Node 2:
   
   secureClientPort=2282
   initLimit=10
   autopurge.purgeInterval=24
   syncLimit=5
   tickTime=2000
   dataDir=./state/zookeeper
   autopurge.snapRetainCount=30
   
   server.1=nifi0.com:2880:3880
   server.2=nifi1.com:2881:3881
   server.3=nifi2.com:2882:3882
   
   Node 3:
   
   secureClientPort=2283
   initLimit=10
   autopurge.purgeInterval=24
   syncLimit=5
   tickTime=2000
   dataDir=./state/zookeeper
   autopurge.snapRetainCount=30
   
   server.1=nifi0.com:2880:3880
   server.2=nifi1.com:2881:3881
   server.3=nifi2.com:2882:3882
   
   
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Reply via email to