Skip to content

Commit

Permalink
Updated node/pod HOSTNAME, HOST and IDENTITY and ADDRESS env variable…
Browse files Browse the repository at this point in the history 
… with Kubernetes pod name from metadata name

This StatefulSet of Apache NiFi deployment uses hostname as reference in the cluster names. When Apache NiFi nodes/pods occasionally terminated and redeployed old zombie nodes/pods hostnames are still list in the cluster page and can not be removed, this will/should fix that bug

The HOSTNAME env variable is never empty as Kubernetes controller will always populate it if is not set

The NIFI_CLUSTER_NODE_ADDRESS requires FQDN else it will generate it own address and that will result in error.

Added setHostnameAsFQDN to Kubernetes StatefulSet deployment, this has been added as stable in Kubernetes 1.22 and we are currently running Kubernetes 1.27
  • Loading branch information
@saidsef
saidsef committed Aug 3, 2023
1 parent 2681b5a commit dc49adb
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 14 deletions.
4 changes: 2 additions & 2 deletions deployment/nifi-ssl-configmap.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ data:
then
echo "Creating keystore"
keytool -genkey -noprompt -alias nifi-keystore \
-dname "CN=SA,OU=${ORGANISATION_UNIT},O=${ORGANISATION},L=${CITY},S=${STATE},C=${COUNTRY_CODE}" \
-dname "CN=${HOSTNAME},OU=${ORGANISATION_UNIT},O=${ORGANISATION},L=${CITY},S=${STATE},C=${COUNTRY_CODE}" \
-keystore ${NIFI_HOME}/keytool/keystore.p12 \
-storepass ${KEYSTORE_PASS:-$NIFI_SENSITIVE_PROPS_KEY} \
-KeySize 2048 \
Expand All @@ -40,7 +40,7 @@ data:
then
echo "Creating truststore"
keytool -genkey -noprompt -alias nifi-truststore \
-dname "CN=SA,OU=${ORGANISATION_UNIT},O=${ORGANISATION},L=${CITY},S=${STATE},C=${COUNTRY_CODE}" \
-dname "CN=${HOSTNAME},OU=${ORGANISATION_UNIT},O=${ORGANISATION},L=${CITY},S=${STATE},C=${COUNTRY_CODE}" \
-keystore ${NIFI_HOME}/keytool/truststore.jks \
-storetype jks \
-keypass ${KEYSTORE_PASS:-$NIFI_SENSITIVE_PROPS_KEY} \
Expand Down
30 changes: 18 additions & 12 deletions deployment/nifi.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ spec:
spec:
automountServiceAccountToken: false
enableServiceLinks: false
setHostnameAsFQDN: true
dnsPolicy: ClusterFirstWithHostNet
restartPolicy: Always
securityContext:
runAsGroup: 1000
Expand Down Expand Up @@ -74,26 +76,30 @@ spec:
- containerPort: 6342
name: cluster-lb
env:
- name: NIFI_WEB_HTTP_HOST
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: NIFI_CLUSTER_NODE_ADDRESS
fieldPath: status.podIP # Use pod ip
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: NIFI_REMOTE_INPUT_HOST
fieldPath: metadata.name # Use pod name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: status.podIP
fieldPath: metadata.namespace # Use pod namespace
- name: NIFI_WEB_HTTP_HOST
value: $(POD_IP) # Use pod ip as web host
- name: NIFI_CLUSTER_NODE_ADDRESS
value: $(POD_NAME).$(POD_NAMESPACE).svc.cluster.local # Use pod fqdn as node address
- name: NIFI_REMOTE_INPUT_SOCKET_HOST
value: $(POD_NAME).$(POD_NAMESPACE).svc.cluster.local # Use pod fqdn as input socket address
- name: NIFI_REMOTE_INPUT_HOST
value: $(POD_NAME).$(POD_NAMESPACE).svc.cluster.local # Use pod fqdn as input host address
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: status.podIP
value: $(POD_NAME) # Use pod name as hostname
- name: NODE_IDENTITY
valueFrom:
fieldRef:
fieldPath: metadata.name
value: $(POD_NAME).$(POD_NAMESPACE).svc.cluster.local # Use pod fqdn as identity
envFrom:
- configMapRef:
name: nifi-cm
Expand Down
2 changes: 2 additions & 0 deletions deployment/zookeeper.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ spec:
spec:
automountServiceAccountToken: false
enableServiceLinks: false
setHostnameAsFQDN: true
dnsPolicy: ClusterFirstWithHostNet
restartPolicy: Always
securityContext:
runAsGroup: 1000
Expand Down

0 comments on commit dc49adb

Please sign in to comment.