[ https://issues.apache.org/jira/browse/NIFI-5443?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16631787#comment-16631787 ]
Peter Wilcsinszky edited comment on NIFI-5443 at 9/28/18 12:45 PM: ------------------------------------------------------------------- Added a link to https://issues.apache.org/jira/browse/NIFI-5542 as it is a step towards this goal. Given the "Node Group" configuration property, node identities can be added/removed to/from a single group dynamically without any manual reconfiguration. The only caveat is that the group has to exist at startup because otherwise the FileAccessPolicyProvider won't be able to autopopulate the policies for it (it requires the group identifier to do that). This feature could best work together with a UserGroupProvider that creates a static group in it's configuration phase that can be instantly autopopulated with the necessary access rights by the FileAccessPolicyProvider. Then it starts a background thread (similar to the LdapUserGroupProvider) to poll for existing nodes and sync them dynamically with the group. was (Author: pepov): Added a link to https://issues.apache.org/jira/browse/NIFI-5542 as it is a step towards this goal. Given the "Node Group" configuration property node identities can be added/removed to/from a single group dynamically without any manual reconfiguration. The only caveat is that the group has to exist at startup because otherwise the FileAccessPolicyProvider won't be able to autopopulate the policies for it (it requires the group identifier to do that). This feature could best work together with a UserGroupProvider that creates a static group in it's configuration phase that can be instantly autopopulated with the necessary access rights by the FileAccessPolicyProvider. Then it starts a background thread (similar to the LdapUserGroupProvider) to poll for existing nodes and sync them dynamically with the group. > Improve cluster configuration for dynamic scaling > ------------------------------------------------- > > Key: NIFI-5443 > URL: https://issues.apache.org/jira/browse/NIFI-5443 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework > Affects Versions: 1.7.1 > Reporter: Andy LoPresto > Priority: Critical > Labels: cluster, docker, kubernetes, rkt, scale, security > > Currently, NiFi is designed for static clusters, with frequent references in > configuration files to a priori knowledge of node hostnames, ports, etc. > Efforts should be taken to make NiFi easier to dynamically scale. This can > involve containerization improvements via Docker/rkt, deployment improvements > via Kubernetes, and abstraction of the configuration values needed to stand > up the cluster. A node should be able to join the cluster, and, given the > correct keystore and truststore, immediately communicate with other existing > nodes in the cluster without requiring direct configuration changes to them, > or a restart of any node. > * {{authorizers.xml}} > * node identities > * permissions ({{RW}} on {{/proxy}}) > * ZooKeeper configuration > * etc. -- This message was sent by Atlassian JIRA (v7.6.3#76005)