[jira] [Commented] (NIFI-8743) Support for Kubernetes Highly available cluster and ease of use integration

Mon, 28 Jun 2021 07:19:24 -0700 


    [ 
https://issues.apache.org/jira/browse/NIFI-8743?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17370615#comment-17370615
 ] 

Nadeem commented on NIFI-8743:
------------------------------

[~emgage_manim] NiFi does support Kubernetes. To answer following your 
questions.

We are encountering major setbacks in achieving the following:
 * Highly available nifi cluster
 *Answer:* When you use RollingUpdate strategy of Statefulset, you can 
certainly achieve high availability when you are doing patches or updates to 
NiFi while still running your dataflows on nodes which are yet to be patched.
 * Wildcard TLS to support multitenant system
 *Answer:* Wildcard TLS are highly not recommended (You can follow 
administrative guide to find why). Also, we use 
 * Connecting with AWS Cognito for authentication or other identity providers.
*Answer*: I haven't actually used Cognito and note sure if there is plugin to 
support  but however other popular identity providers like ldap, saml, openid, 
knox are available. 
 * Multi-tenant configuration with isolation for resources (data, storage and 
compute)
*Answer:* You need to employ subscription based modelling to segregate data, 
storage and compute (i.e each NiFi cluster per subscription). Other than 
multi-tenant authorization, you can't really do multi-tenant configuration the 
way NiFi is designed

> Support for Kubernetes Highly available cluster and ease of use integration
> ---------------------------------------------------------------------------
>
>                 Key: NIFI-8743
>                 URL: https://issues.apache.org/jira/browse/NIFI-8743
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: NiFi Registry, NiFi Stateless
>         Environment: Kubernetes
>            Reporter: Mani M
>            Priority: Major
>              Labels: Nifi, nifi
>
> Currently, Nifi doesn't support Kubernetes. Looks like we need to set up a 
> cluster in a bare metal server. Even though there are 3rd party helm charts 
> it is still difficult to set up a production-grade system.
>  
> We are encountering major setbacks in achieving the following:
>  * Highly available nifi cluster
>  * Wildcard TLS to support multitenant system
>  * Connecting with AWS Cognito for authentication or other identity providers.
>  * Multi-tenant configuration with isolation for resources (data, storage and 
> compute)
>  
> Are there plans to resolve these or were they already resolved?
> If addressed already, Any help in guiding us to resolve the above roadblocks 
> would help us. 
> If not addressed, Any plan or Items Work in Progress to address them?
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to