thenatog commented on pull request #4753: URL: https://github.com/apache/nifi/pull/4753#issuecomment-759015855
Some instructions on configuration: **Generated TLS configuration:** ./tls-toolkit.sh standalone -n 'nifi[0-2].com' -C 'CN=three-node-client-cert,OU=NIFI' -O -o security_output --subjectAlternativeNames localhost,127.0.0.1 **Relevant nifi.properties:** Node 1 example (basically the same on all nodes unless keystore passwords are different): nifi.security.keystore=./conf/keystore.jks nifi.security.keystoreType=jks nifi.security.keystorePasswd=password nifi.security.keyPasswd=password nifi.security.truststore=./conf/truststore.jks nifi.security.truststoreType=jks nifi.security.truststorePasswd=password nifi.security.user.authorizer=managed-authorizer nifi.zookeeper.connect.string=nifi0.com:2281,nifi1.com:2282,nifi2.com:2283 nifi.zookeeper.connect.timeout=10 secs nifi.zookeeper.session.timeout=10 secs nifi.zookeeper.root.node=/nifi nifi.zookeeper.client.secure=true nifi.state.management.configuration.file=./conf/state-management.xml nifi.state.management.provider.local=local-provider nifi.state.management.provider.cluster=zk-provider nifi.state.management.embedded.zookeeper.start=true nifi.state.management.embedded.zookeeper.properties=./conf/zookeeper.properties **Zookeeper state directory with myid file for each node in:** node0/state/zookeeper/myid (contents of "1") node1/state/zookeeper/myid (contents of "2") node2/state/zookeeper/myid (contents of "3") **zookeeper.properties (Almost identical other than secureClientPort. If running on different machines then the port can be the same and the file will be identical across nodes):** Node 1: secureClientPort=2281 initLimit=10 autopurge.purgeInterval=24 syncLimit=5 tickTime=2000 dataDir=./state/zookeeper autopurge.snapRetainCount=30 server.1=nifi0.com:2880:3880 server.2=nifi1.com:2881:3881 server.3=nifi2.com:2882:3882 Node 2: secureClientPort=2282 initLimit=10 autopurge.purgeInterval=24 syncLimit=5 tickTime=2000 dataDir=./state/zookeeper autopurge.snapRetainCount=30 server.1=nifi0.com:2880:3880 server.2=nifi1.com:2881:3881 server.3=nifi2.com:2882:3882 Node 3: secureClientPort=2283 initLimit=10 autopurge.purgeInterval=24 syncLimit=5 tickTime=2000 dataDir=./state/zookeeper autopurge.snapRetainCount=30 server.1=nifi0.com:2880:3880 server.2=nifi1.com:2881:3881 server.3=nifi2.com:2882:3882 ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org