From 4b989805965c8da67dd61bc81c7a68a51083510f Mon Sep 17 00:00:00 2001 From: Maxi Wittich Date: Wed, 14 May 2025 20:41:03 +0200 Subject: [PATCH 1/4] Adding if clause to deactivate service port metrics if nifi 2.x.x is deployed --- rust/operator-binary/src/controller.rs | 32 +++++++++++++++----------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/rust/operator-binary/src/controller.rs b/rust/operator-binary/src/controller.rs index cca71af6..6d73376c 100644 --- a/rust/operator-binary/src/controller.rs +++ b/rust/operator-binary/src/controller.rs @@ -810,6 +810,23 @@ fn build_node_rolegroup_service( resolved_product_image: &ResolvedProductImage, rolegroup: &RoleGroupRef, ) -> Result { + let mut enabled_ports = vec![ServicePort { + name: Some(HTTPS_PORT_NAME.to_string()), + port: HTTPS_PORT.into(), + protocol: Some("TCP".to_string()), + ..ServicePort::default() + }]; + + // Nifi 2.x.x offers nifi-api/flow/metrics/prometheus at the HTTPS_PORT, therefore METRICS_PORT is not necessary anymore. + if resolved_product_image.product_version.starts_with("1.") { + enabled_ports.push(ServicePort { + name: Some(METRICS_PORT_NAME.to_string()), + port: METRICS_PORT.into(), + protocol: Some("TCP".to_string()), + ..ServicePort::default() + }) + } + Ok(Service { metadata: ObjectMetaBuilder::new() .name_and_namespace(nifi) @@ -829,20 +846,7 @@ fn build_node_rolegroup_service( // Internal communication does not need to be exposed type_: Some("ClusterIP".to_string()), cluster_ip: Some("None".to_string()), - ports: Some(vec![ - ServicePort { - name: Some(HTTPS_PORT_NAME.to_string()), - port: HTTPS_PORT.into(), - protocol: Some("TCP".to_string()), - ..ServicePort::default() - }, - ServicePort { - name: Some(METRICS_PORT_NAME.to_string()), - port: METRICS_PORT.into(), - protocol: Some("TCP".to_string()), - ..ServicePort::default() - }, - ]), + ports: Some(enabled_ports), selector: Some( Labels::role_group_selector(nifi, APP_NAME, &rolegroup.role, &rolegroup.role_group) .context(LabelBuildSnafu)? From 56822312514bcb252fff979305b612b50ea5e70f Mon Sep 17 00:00:00 2001 From: Maxi Wittich Date: Wed, 14 May 2025 20:51:26 +0200 Subject: [PATCH 2/4] Add container port only if nifi 1xx --- rust/operator-binary/src/controller.rs | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/rust/operator-binary/src/controller.rs b/rust/operator-binary/src/controller.rs index 6d73376c..479fe1da 100644 --- a/rust/operator-binary/src/controller.rs +++ b/rust/operator-binary/src/controller.rs @@ -1072,7 +1072,7 @@ async fn build_node_rolegroup_statefulset( create_vector_shutdown_file_command = create_vector_shutdown_file_command(STACKABLE_LOG_DIR), }]; - let container_nifi = container_builder + let mut container_nifi = container_builder .image_from_product_image(resolved_product_image) .command(vec![ "/bin/bash".to_string(), @@ -1121,7 +1121,6 @@ async fn build_node_rolegroup_statefulset( .add_container_port(HTTPS_PORT_NAME, HTTPS_PORT.into()) .add_container_port(PROTOCOL_PORT_NAME, PROTOCOL_PORT.into()) .add_container_port(BALANCE_PORT_NAME, BALANCE_PORT.into()) - .add_container_port(METRICS_PORT_NAME, METRICS_PORT.into()) .liveness_probe(Probe { initial_delay_seconds: Some(10), period_seconds: Some(10), @@ -1143,6 +1142,11 @@ async fn build_node_rolegroup_statefulset( }) .resources(merged_config.resources.clone().into()); + // Nifi 2.x.x offers nifi-api/flow/metrics/prometheus at the HTTPS_PORT, therefore METRICS_PORT is not necessary anymore. + if resolved_product_image.product_version.starts_with("1.") { + container_nifi.add_container_port(METRICS_PORT_NAME, METRICS_PORT.into()); + } + let mut pod_builder = PodBuilder::new(); add_graceful_shutdown_config(merged_config, &mut pod_builder).context(GracefulShutdownSnafu)?; From 0e068d3294a4aebbc02f97c0ccd0850fd14e1a44 Mon Sep 17 00:00:00 2001 From: Maxi Wittich Date: Wed, 14 May 2025 21:10:20 +0200 Subject: [PATCH 3/4] remove mut from container_nifi --- rust/operator-binary/src/controller.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust/operator-binary/src/controller.rs b/rust/operator-binary/src/controller.rs index 479fe1da..14d1087d 100644 --- a/rust/operator-binary/src/controller.rs +++ b/rust/operator-binary/src/controller.rs @@ -1072,7 +1072,7 @@ async fn build_node_rolegroup_statefulset( create_vector_shutdown_file_command = create_vector_shutdown_file_command(STACKABLE_LOG_DIR), }]; - let mut container_nifi = container_builder + let container_nifi = container_builder .image_from_product_image(resolved_product_image) .command(vec![ "/bin/bash".to_string(), From afa25da1ec4b107bafbf7e1ce4c99e2820b5cbb7 Mon Sep 17 00:00:00 2001 From: Maxi Wittich Date: Wed, 14 May 2025 22:18:44 +0200 Subject: [PATCH 4/4] Adding interface.lo to nifi.properties --- rust/operator-binary/src/config/mod.rs | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/rust/operator-binary/src/config/mod.rs b/rust/operator-binary/src/config/mod.rs index b075c495..c311f2a1 100644 --- a/rust/operator-binary/src/config/mod.rs +++ b/rust/operator-binary/src/config/mod.rs @@ -455,6 +455,10 @@ pub fn build_nifi_properties( "nifi.web.https.network.interface.default".to_string(), "".to_string(), ); + properties.insert( + "nifi.web.https.network.interface.lo".to_string(), + "lo".to_string(), + ); properties.insert( "nifi.web.jetty.working.directory".to_string(), "./work/jetty".to_string(),