Hi all,
newbie questions, lost in network layers ;) I'm using NiFi via cetic/nifi helm chart deployed on an Rancher K3S Kubernetes Cluster, for a while now. Works pretty fine, but had one unsolvable for me issue reg. TLS: Found no way to tell the cetic/nifi chart NOT to use TLS on the pod/container level. Also no idea how to tell K3S (default traefik ingress) NOT to terminate TLS for (externally, Internet) inbound connections but forward them also internally via TLS. Fine for me for all my previous tests, used a kubectl port forward from Nifi pod to K3S cluster host VM, and a second (ssh) port forward from this VM to my Laptop, finally to be able to use NiFi's web GUI. But now I need it vice versa: I need to expose a NiFi defined REST API, or webhook as starting point to Internet, so no port forwarding suitable. HandleHttpRequest processor, as entrypoint. My questions: - What I found gave me the impression that both the now unmaintained cetic/nifi and it's newer descendants do not support the port etc. neccesities of HandleHttpRequest, correct? - Seems what I've read that the Stackable Nifi operators support this, but have no clue how (if possible) the "hen and egg" ingress helm chart handling works - helm install nifi itself, use the GUI, configure a HandleHttpRequest processor - which needs an ingress.... Could this also be handled via Helm, or must this be applied via kubectl? Any hints would be great!!! - Or, if exist, alternatives to the two above would be also highly appreciated! Thanks in advance, Michael
