NiFi Configuration
The tdp-nifi chart deploys Apache NiFi with the NiFiKop operator and ZooKeeper.
Overview
| Property | Value |
|---|---|
| Chart | tdp-nifi |
| NiFi | 1.28.0 |
| Chart | 3.0.0 |
What is NiFiKop?
NiFiKop is a Kubernetes operator specialized in managing the lifecycle of Apache NiFi clusters.
Instead of managing NiFi instances manually, you describe the desired state in a Kubernetes resource called NifiCluster, and NiFiKop takes care of creating, monitoring, and updating NiFi nodes declaratively.
The tdp-nifi chart deploys both the NiFiKop operator and the NiFi cluster itself, including:
| Component | Role |
|---|---|
| NiFiKop Operator | Manages the NifiCluster lifecycle (CRD) |
| ZooKeeper | Cluster coordination among NiFi nodes |
| NifiCluster | Resource that defines the cluster: nodes, listeners, external services |
| cert-manager | Issues TLS certificates for secure inter-node communication (when webhook.enabled=true) |
This operator-based model means that most NiFi configuration goes into nifiCluster.* rather than direct Helm parameters — the operator translates those values into ConfigMaps, Secrets, and Pods with the correct NiFi configuration.
See Apache NiFi — Concepts for a complete overview of the tool, its architecture and how it works.
Prerequisites
- Kubernetes 1.27+
- Helm 3.2+
- Ingress Controller — only if
ingress.enabled=true - cert-manager — when
nifikop.webhook.enabled=true(integration documented in the chart for the webhook)
Installation (OCI)
helm install <release> \
oci://registry.tecnisys.com.br/tdp/charts/tdp-nifi \
-n <namespace> --create-namespace
Main parameters
| Parameter | Description | Default (reference) |
|---|---|---|
tdp-nifi.enabled | Enable the chart | true |
zookeeper.replicaCount | ZooKeeper replicas | 1 |
zookeeper.persistence.* | ZooKeeper storage | see helm show values |
nifikop.enabled | NiFiKop operator | true |
nifikop.watchOwnNamespace | Watch only the release namespace | true |
nifikop.webhook.enabled | Operator webhook | true |
nifikop.certManager.enabled | cert-manager for webhook | true |
nifiCluster.zkAddress | ZooKeeper address | <release>-zookeeper:2181 |
nifiCluster.externalServices[0].spec.type | NiFi service type | LoadBalancer |
ingress.enabled | Create Ingress | true |
ingress.rules[0].host | Ingress host | nifi.local (lab example) |
ingress.ingressClassName | Ingress class | nginx |
Adjust images, resources, NifiCluster, listeners, and health checks in the values file; the full list of keys is available via helm show values.
Access
LoadBalancer
With nifiCluster.externalServices of type LoadBalancer, the default service name is usually tdp-service-ip-nifi:
kubectl -n <namespace> get svc tdp-service-ip-nifi
If you rename the service in the values file, use the effective name returned by kubectl get svc.
Port-forward
kubectl -n <namespace> port-forward svc/<nifi-external-service-name> 8080:8080
Open http://localhost:8080/nifi.
Ingress
With ingress.enabled=true, the URL follows the configured host:
http://<ingress-host>/nifi
Details at Ingress — NiFi.
Troubleshooting
kubectl -n <namespace> get pods
kubectl -n <namespace> get nificlusters
kubectl -n <namespace> describe nificluster <cluster-name>
kubectl -n <namespace> get events --sort-by=.lastTimestamp
Uninstallation
helm uninstall <release> -n <namespace>