Skip to main content
Version 3.0.0

NiFi Configuration

The tdp-nifi chart deploys Apache NiFi with the NiFiKop operator and ZooKeeper.

Overview

PropertyValue
Charttdp-nifi
NiFi1.28.0
Chart version3.0.0

What is NiFiKop?

NiFiKop is a Kubernetes operator specialized in managing the lifecycle of Apache NiFi clusters.

Instead of managing NiFi instances manually, you describe the desired state in a Kubernetes resource called NifiCluster, and NiFiKop takes care of creating, monitoring, and updating NiFi nodes declaratively.

The tdp-nifi chart deploys both the NiFiKop operator and the NiFi cluster itself, including:

ComponentRole
NiFiKop OperatorManages the NifiCluster lifecycle (CRD)
ZooKeeperCluster coordination among NiFi nodes
NifiClusterResource that defines the cluster: nodes, listeners, external services
cert-managerIssues TLS certificates for secure inter-node communication (when webhook.enabled=true)

This operator-based model means that most NiFi configuration goes into nifiCluster.* rather than direct Helm parameters — the operator translates those values into ConfigMaps, Secrets, and Pods with the correct NiFi configuration.

Learn more

See Apache NiFi — Concepts for a complete overview of the tool, its architecture and how it works.

Prerequisites

  • Kubernetes 1.27+
  • Helm 3.2+
  • Ingress Controller — only if ingress.enabled=true
  • cert-manager — when nifikop.webhook.enabled=true (integration documented in the chart for the webhook)
Optional prerequisites — consequences if missing
  • No Ingress Controller: with ingress.enabled=true, the host configured in ingress.rules will not receive traffic.
  • No cert-manager: with nifikop.webhook.enabled=true, the NiFiKop webhook may fail to issue certificates — common symptoms are operator pods in error or a NifiCluster that never reaches ready state.

Installation (OCI)

Terminal input
helm install <release> \
  oci://registry.tecnisys.com.br/tdp/charts/tdp-nifi \
  -n <namespace> --create-namespace

Main parameters

ParameterDescriptionDefault (reference)
tdp-nifi.enabledEnable the charttrue
zookeeper.replicaCountZooKeeper replicas1
zookeeper.persistence.*ZooKeeper storagerun helm show values
nifikop.enabledNiFiKop operatortrue
nifikop.watchOwnNamespaceWatch only the release namespacetrue
nifikop.webhook.enabledOperator webhooktrue
nifikop.certManager.enabledcert-manager for webhooktrue
nifiCluster.zkAddressZooKeeper address<release>-zookeeper:2181
nifiCluster.externalServices[0].spec.typeNiFi service typeLoadBalancer
nifiCluster.externalServices[0].spec.portConfigs[0].portNiFi node HTTP port8080
nifiCluster.nodeConfigGroups.default_group.resourcesRequirementsNiFi node resources (CPU/memory)run helm show values
ingress.enabledCreate Ingresstrue
ingress.rules[0].hostIngress hostnifi.local (lab example)
ingress.ingressClassNameIngress classnginx

Adjust images, resources, NifiCluster, listeners, and health checks in the values file; the full list of keys is available via helm show values.

Access

The chart provides three ways to access the NiFi UI:

MethodBest forAccess URL
LoadBalancerDirect service access within the clusterLoadBalancer IP/hostname
IngressHost-based access with TLS and centralised routinghttp://<ingress-host>/nifi
Port-forwardTemporary local diagnosticshttp://localhost:8080/nifi

LoadBalancer

With nifiCluster.externalServices of type LoadBalancer, the default service name is usually tdp-service-ip-nifi:

Terminal input
kubectl -n <namespace> get svc tdp-service-ip-nifi

If you rename the service in the values file, use the effective name returned by kubectl get svc.

Port-forward

Terminal input
kubectl -n <namespace> port-forward svc/<nifi-external-service-name> 8080:8080

Open http://localhost:8080/nifi.

Ingress

With ingress.enabled=true, the URL follows the configured host:

http://<ingress-host>/nifi

Details at Ingress — NiFi.

Troubleshooting

Terminal input
kubectl -n <namespace> get pods
kubectl -n <namespace> get nificlusters
kubectl -n <namespace> describe nificluster <cluster-name>
kubectl -n <namespace> get events --sort-by=.lastTimestamp

Uninstallation

Terminal input
helm uninstall <release> -n <namespace>