[
https://issues.apache.org/jira/browse/NIFI-5443?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16631787#comment-16631787
]
Peter Wilcsinszky edited comment on NIFI-5443 at 9/28/18 12:45 PM:
-------------------------------------------------------------------
Added a link to https://issues.apache.org/jira/browse/NIFI-5542 as it is a step
towards this goal. Given the "Node Group" configuration property, node
identities can be added/removed to/from a single group dynamically without any
manual reconfiguration. The only caveat is that the group has to exist at
startup because otherwise the FileAccessPolicyProvider won't be able to
autopopulate the policies for it (it requires the group identifier to do that).
This feature could best work together with a UserGroupProvider that creates a
static group in it's configuration phase that can be instantly autopopulated
with the necessary access rights by the FileAccessPolicyProvider. Then it
starts a background thread (similar to the LdapUserGroupProvider) to poll for
existing nodes and sync them dynamically with the group.
was (Author: pepov):
Added a link to https://issues.apache.org/jira/browse/NIFI-5542 as it is a step
towards this goal. Given the "Node Group" configuration property node
identities can be added/removed to/from a single group dynamically without any
manual reconfiguration. The only caveat is that the group has to exist at
startup because otherwise the FileAccessPolicyProvider won't be able to
autopopulate the policies for it (it requires the group identifier to do that).
This feature could best work together with a UserGroupProvider that creates a
static group in it's configuration phase that can be instantly autopopulated
with the necessary access rights by the FileAccessPolicyProvider. Then it
starts a background thread (similar to the LdapUserGroupProvider) to poll for
existing nodes and sync them dynamically with the group.
> Improve cluster configuration for dynamic scaling
> -------------------------------------------------
>
> Key: NIFI-5443
> URL: https://issues.apache.org/jira/browse/NIFI-5443
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Affects Versions: 1.7.1
> Reporter: Andy LoPresto
> Priority: Critical
> Labels: cluster, docker, kubernetes, rkt, scale, security
>
> Currently, NiFi is designed for static clusters, with frequent references in
> configuration files to a priori knowledge of node hostnames, ports, etc.
> Efforts should be taken to make NiFi easier to dynamically scale. This can
> involve containerization improvements via Docker/rkt, deployment improvements
> via Kubernetes, and abstraction of the configuration values needed to stand
> up the cluster. A node should be able to join the cluster, and, given the
> correct keystore and truststore, immediately communicate with other existing
> nodes in the cluster without requiring direct configuration changes to them,
> or a restart of any node.
> * {{authorizers.xml}}
> * node identities
> * permissions ({{RW}} on {{/proxy}})
> * ZooKeeper configuration
> * etc.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
