Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nifi/nifi-docker/dockermaven/sh/start.sh

135 lines
7.0 KiB
Bash
Raw Normal View History

NIFI-5249 Dockerfile enhancements: create data repository and log directories, explicit environment variable declarations to replace nifi-env.sh. Add integration tests, remove latest tag, since only one tag can be specified that will be used to build the image. Cover dockerhub image with the same tests as dockermaven Fix entrypoint to handle signals properly, also get rid of hardcoded paths This closes #2747
2018-05-29 07:27:45 -04:00
#!/bin/sh -e
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
scripts_dir='/opt/nifi/scripts'
[ -f "${scripts_dir}/common.sh" ] && . "${scripts_dir}/common.sh"
Added ability to configure JVM Memory settings via Docker ENV variables This closes #3321 Signed-off-by: Mike Thomsen <mikerthomsen@gmail.com>
2019-01-31 16:35:36 -05:00
# Override JVM memory settings
if [ ! -z "${NIFI_JVM_HEAP_INIT}" ]; then
prop_replace 'java.arg.2' "-Xms${NIFI_JVM_HEAP_INIT}" ${nifi_bootstrap_file}
fi
if [ ! -z "${NIFI_JVM_HEAP_MAX}" ]; then
prop_replace 'java.arg.3' "-Xmx${NIFI_JVM_HEAP_MAX}" ${nifi_bootstrap_file}
fi
NIFI-6067 Enabled support for the JVM remote debugger in the Docker container. This closes #3326. Signed-off-by: Aldrin Piri <aldrin@apache.org>
2019-02-21 20:39:16 -05:00
if [ ! -z "${NIFI_JVM_DEBUGGER}" ]; then
uncomment "java.arg.debug" ${nifi_bootstrap_file}
fi
NIFI-5249 Dockerfile enhancements: create data repository and log directories, explicit environment variable declarations to replace nifi-env.sh. Add integration tests, remove latest tag, since only one tag can be specified that will be used to build the image. Cover dockerhub image with the same tests as dockermaven Fix entrypoint to handle signals properly, also get rid of hardcoded paths This closes #2747
2018-05-29 07:27:45 -04:00
# Establish baseline properties
NIFI-8516 Enabled HTTPS and Single User Authentication in default configuration - Set default HTTPS Port to 9443 - Set default authorizer to single-user-authorizer - Set default login-identity-provider to single-user-provider - Updated README.md with authentication instructions using generated credentials - Updated default URL and port information in Administration and User Guides - Updated Getting Started Guide with authentication and URL changes - Updated Docker images to set HTTPS as default configuration - Updated default HTTPS port to 8443 - Set Cluster Protocol secure property in Docker start scripts - Added set-single-user-credentials command - Refactored shared classes to nifi-single-user-utils - Updated Getting Started documentation and logging - Updated documentation and TLS Toolkit default ports - Updated Toolkit Guide and Administration Guide - Updated README.md with HTTPS links
2021-05-11 13:18:08 -04:00
prop_replace 'nifi.web.https.port' "${NIFI_WEB_HTTPS_PORT:-8443}"
prop_replace 'nifi.web.https.host' "${NIFI_WEB_HTTPS_HOST:-$HOSTNAME}"
NIFI-8784 Make NIFI_WEB_PROXY_HOST work with single user auth This closes #5226 Signed-off-by: David Handermann <exceptionfactory@apache.org>
2021-07-16 16:53:53 -04:00
prop_replace 'nifi.web.proxy.host' "${NIFI_WEB_PROXY_HOST}"
NIFI-5249 Dockerfile enhancements: create data repository and log directories, explicit environment variable declarations to replace nifi-env.sh. Add integration tests, remove latest tag, since only one tag can be specified that will be used to build the image. Cover dockerhub image with the same tests as dockermaven Fix entrypoint to handle signals properly, also get rid of hardcoded paths This closes #2747
2018-05-29 07:27:45 -04:00
prop_replace 'nifi.remote.input.host' "${NIFI_REMOTE_INPUT_HOST:-$HOSTNAME}"
prop_replace 'nifi.remote.input.socket.port' "${NIFI_REMOTE_INPUT_SOCKET_PORT:-10000}"
NIFI-8516 Enabled HTTPS and Single User Authentication in default configuration - Set default HTTPS Port to 9443 - Set default authorizer to single-user-authorizer - Set default login-identity-provider to single-user-provider - Updated README.md with authentication instructions using generated credentials - Updated default URL and port information in Administration and User Guides - Updated Getting Started Guide with authentication and URL changes - Updated Docker images to set HTTPS as default configuration - Updated default HTTPS port to 8443 - Set Cluster Protocol secure property in Docker start scripts - Added set-single-user-credentials command - Refactored shared classes to nifi-single-user-utils - Updated Getting Started documentation and logging - Updated documentation and TLS Toolkit default ports - Updated Toolkit Guide and Administration Guide - Updated README.md with HTTPS links
2021-05-11 13:18:08 -04:00
prop_replace 'nifi.remote.input.secure' 'true'
prop_replace 'nifi.cluster.protocol.is.secure' 'true'
NIFI-5249 Dockerfile enhancements: create data repository and log directories, explicit environment variable declarations to replace nifi-env.sh. Add integration tests, remove latest tag, since only one tag can be specified that will be used to build the image. Cover dockerhub image with the same tests as dockermaven Fix entrypoint to handle signals properly, also get rid of hardcoded paths This closes #2747
2018-05-29 07:27:45 -04:00
NIFI-5468 Add toolkit to NiFi docker image and use zip archive NIFI-5468 add keypasswd with the default of keystorepasswd for bc compatibility NIFI-5468 Use ARG instead of ENV for PATH variables as those need to be controlled in the build NIFI-5468 Use BASE_URL for the default case when MIRROR_BASE_URL is not defined (and replace ARCHIVE_BASE_URL) This closes #2921 Signed-off-by: Andrew I. Christianson <andy@andyic.org>
2018-07-27 08:53:39 -04:00
# Set nifi-toolkit properties files and baseUrl
"${scripts_dir}/toolkit.sh"
NIFI-8516 Enabled HTTPS and Single User Authentication in default configuration - Set default HTTPS Port to 9443 - Set default authorizer to single-user-authorizer - Set default login-identity-provider to single-user-provider - Updated README.md with authentication instructions using generated credentials - Updated default URL and port information in Administration and User Guides - Updated Getting Started Guide with authentication and URL changes - Updated Docker images to set HTTPS as default configuration - Updated default HTTPS port to 8443 - Set Cluster Protocol secure property in Docker start scripts - Added set-single-user-credentials command - Refactored shared classes to nifi-single-user-utils - Updated Getting Started documentation and logging - Updated documentation and TLS Toolkit default ports - Updated Toolkit Guide and Administration Guide - Updated README.md with HTTPS links
2021-05-11 13:18:08 -04:00
prop_replace 'baseUrl' "https://${NIFI_WEB_HTTPS_HOST:-$HOSTNAME}:${NIFI_WEB_HTTPS_PORT:-8443}" ${nifi_toolkit_props_file}
NIFI-8725 Added Single User Environment Variables for Docker (#5178) * NIFI-8725 Added Single User Environment Variables for Docker - Updated Docker README.md with example command and link to Administration Guide section - Updated Docker integration test to check HTTP response status - Disabled integration test plugin for dockerhub because it depends on changes on the main branch. Can be re-enabled after 1.14.0 is released.
2021-06-23 12:42:44 -04:00
prop_replace 'keystore' "${NIFI_HOME}/conf/keystore.p12" ${nifi_toolkit_props_file}
prop_replace 'keystoreType' "PKCS12" ${nifi_toolkit_props_file}
prop_replace 'truststore' "${NIFI_HOME}/conf/truststore.p12" ${nifi_toolkit_props_file}
prop_replace 'truststoreType' "PKCS12" ${nifi_toolkit_props_file}
NIFI-8516 Enabled HTTPS and Single User Authentication in default configuration - Set default HTTPS Port to 9443 - Set default authorizer to single-user-authorizer - Set default login-identity-provider to single-user-provider - Updated README.md with authentication instructions using generated credentials - Updated default URL and port information in Administration and User Guides - Updated Getting Started Guide with authentication and URL changes - Updated Docker images to set HTTPS as default configuration - Updated default HTTPS port to 8443 - Set Cluster Protocol secure property in Docker start scripts - Added set-single-user-credentials command - Refactored shared classes to nifi-single-user-utils - Updated Getting Started documentation and logging - Updated documentation and TLS Toolkit default ports - Updated Toolkit Guide and Administration Guide - Updated README.md with HTTPS links
2021-05-11 13:18:08 -04:00
if [ -n "${NIFI_WEB_HTTP_PORT}" ]; then
prop_replace 'nifi.web.https.port' ''
prop_replace 'nifi.web.https.host' ''
prop_replace 'nifi.web.http.port' "${NIFI_WEB_HTTP_PORT}"
prop_replace 'nifi.web.http.host' "${NIFI_WEB_HTTP_HOST:-$HOSTNAME}"
prop_replace 'nifi.remote.input.secure' 'false'
prop_replace 'nifi.cluster.protocol.is.secure' 'false'
prop_replace 'nifi.security.keystore' ''
prop_replace 'nifi.security.keystoreType' ''
prop_replace 'nifi.security.truststore' ''
prop_replace 'nifi.security.truststoreType' ''
prop_replace 'nifi.security.user.login.identity.provider' ''
NIFI-8725 Added Single User Environment Variables for Docker (#5178) * NIFI-8725 Added Single User Environment Variables for Docker - Updated Docker README.md with example command and link to Administration Guide section - Updated Docker integration test to check HTTP response status - Disabled integration test plugin for dockerhub because it depends on changes on the main branch. Can be re-enabled after 1.14.0 is released.
2021-06-23 12:42:44 -04:00
prop_replace 'keystore' '' ${nifi_toolkit_props_file}
prop_replace 'keystoreType' '' ${nifi_toolkit_props_file}
prop_replace 'truststore' '' ${nifi_toolkit_props_file}
prop_replace 'truststoreType' '' ${nifi_toolkit_props_file}
NIFI-8516 Enabled HTTPS and Single User Authentication in default configuration - Set default HTTPS Port to 9443 - Set default authorizer to single-user-authorizer - Set default login-identity-provider to single-user-provider - Updated README.md with authentication instructions using generated credentials - Updated default URL and port information in Administration and User Guides - Updated Getting Started Guide with authentication and URL changes - Updated Docker images to set HTTPS as default configuration - Updated default HTTPS port to 8443 - Set Cluster Protocol secure property in Docker start scripts - Added set-single-user-credentials command - Refactored shared classes to nifi-single-user-utils - Updated Getting Started documentation and logging - Updated documentation and TLS Toolkit default ports - Updated Toolkit Guide and Administration Guide - Updated README.md with HTTPS links
2021-05-11 13:18:08 -04:00
prop_replace 'baseUrl' "http://${NIFI_WEB_HTTP_HOST:-$HOSTNAME}:${NIFI_WEB_HTTP_PORT}" ${nifi_toolkit_props_file}
NIFI-8784 Make NIFI_WEB_PROXY_HOST work with single user auth This closes #5226 Signed-off-by: David Handermann <exceptionfactory@apache.org>
2021-07-16 16:53:53 -04:00
if [ -n "${NIFI_WEB_PROXY_HOST}" ]; then
echo 'NIFI_WEB_PROXY_HOST was set but NiFi is not configured to run in a secure mode. Unsetting nifi.web.proxy.host.'
prop_replace 'nifi.web.proxy.host' ''
fi
else
if [ -z "${NIFI_WEB_PROXY_HOST}" ]; then
echo 'NIFI_WEB_PROXY_HOST was not set but NiFi is configured to run in a secure mode. The NiFi UI may be inaccessible if using port mapping or connecting through a proxy.'
fi
NIFI-8516 Enabled HTTPS and Single User Authentication in default configuration - Set default HTTPS Port to 9443 - Set default authorizer to single-user-authorizer - Set default login-identity-provider to single-user-provider - Updated README.md with authentication instructions using generated credentials - Updated default URL and port information in Administration and User Guides - Updated Getting Started Guide with authentication and URL changes - Updated Docker images to set HTTPS as default configuration - Updated default HTTPS port to 8443 - Set Cluster Protocol secure property in Docker start scripts - Added set-single-user-credentials command - Refactored shared classes to nifi-single-user-utils - Updated Getting Started documentation and logging - Updated documentation and TLS Toolkit default ports - Updated Toolkit Guide and Administration Guide - Updated README.md with HTTPS links
2021-05-11 13:18:08 -04:00
fi
NIFI-5468 Add toolkit to NiFi docker image and use zip archive NIFI-5468 add keypasswd with the default of keystorepasswd for bc compatibility NIFI-5468 Use ARG instead of ENV for PATH variables as those need to be controlled in the build NIFI-5468 Use BASE_URL for the default case when MIRROR_BASE_URL is not defined (and replace ARCHIVE_BASE_URL) This closes #2921 Signed-off-by: Andrew I. Christianson <andy@andyic.org>
2018-07-27 08:53:39 -04:00
NIFI-5359 Exposed variable registry to docker image. Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com> This closes #2829.
2018-07-02 05:57:59 -04:00
prop_replace 'nifi.variable.registry.properties' "${NIFI_VARIABLE_REGISTRY_PROPERTIES:-}"
NIFI-5195 Added clustering to the docker image and added a docker-compose file that builds a basic 3 node cluster. This closes #2828. Signed-off-by: Aldrin Piri <aldrin@apache.org>
2018-06-29 20:48:08 -04:00
prop_replace 'nifi.cluster.is.node' "${NIFI_CLUSTER_IS_NODE:-false}"
prop_replace 'nifi.cluster.node.address' "${NIFI_CLUSTER_ADDRESS:-$HOSTNAME}"
prop_replace 'nifi.cluster.node.protocol.port' "${NIFI_CLUSTER_NODE_PROTOCOL_PORT:-}"
prop_replace 'nifi.cluster.node.protocol.max.threads' "${NIFI_CLUSTER_NODE_PROTOCOL_MAX_THREADS:-50}"
prop_replace 'nifi.zookeeper.connect.string' "${NIFI_ZK_CONNECT_STRING:-}"
prop_replace 'nifi.zookeeper.root.node' "${NIFI_ZK_ROOT_NODE:-/nifi}"
prop_replace 'nifi.cluster.flow.election.max.wait.time' "${NIFI_ELECTION_MAX_WAIT:-5 mins}"
prop_replace 'nifi.cluster.flow.election.max.candidates' "${NIFI_ELECTION_MAX_CANDIDATES:-}"
NIFI-5748 Improved Proxy Header Support - Fixed proxy header support to use X-Forwarded-Host instead of X-ForwardedServer - Added support for the context path header used by Traefik when proxying a service (X-Forwarded-Prefix) - Added tests to ApplicationResourceTest for X-Forwarded-Context and X-Forwarded-Prefix - Updated administration doc to include X-Forwarded-Prefix - Added NIFI_WEB_PROXY_CONTEXT_PATH env var to dockerhub and dockermaven start.sh scripts - Added documentation for NIFI_WEB_PROXY_CONTEXT_PATH to dockerhub README.md - Updated ApplicationResource to handle a port specified in X-ProxyPort and X-Forwarded-Port headers This closes #3129. Signed-off-by: Kevin Doran <kdoran@apache.org>
2018-10-29 13:29:28 -04:00
prop_replace 'nifi.web.proxy.context.path' "${NIFI_WEB_PROXY_CONTEXT_PATH:-}"
NIFI-5195 Added clustering to the docker image and added a docker-compose file that builds a basic 3 node cluster. This closes #2828. Signed-off-by: Aldrin Piri <aldrin@apache.org>
2018-06-29 20:48:08 -04:00
NIFI-7354: Allow analytics properties to be set via environment variables in docker scripts This closes #4203. Signed-off-by: Aldrin Piri <aldrin@apache.org>
2020-04-13 09:02:05 -04:00
# Set analytics properties
prop_replace 'nifi.analytics.predict.enabled' "${NIFI_ANALYTICS_PREDICT_ENABLED:-false}"
prop_replace 'nifi.analytics.predict.interval' "${NIFI_ANALYTICS_PREDICT_INTERVAL:-3 mins}"
prop_replace 'nifi.analytics.query.interval' "${NIFI_ANALYTICS_QUERY_INTERVAL:-5 mins}"
prop_replace 'nifi.analytics.connection.model.implementation' "${NIFI_ANALYTICS_MODEL_IMPLEMENTATION:-org.apache.nifi.controller.status.analytics.models.OrdinaryLeastSquares}"
prop_replace 'nifi.analytics.connection.model.score.name' "${NIFI_ANALYTICS_MODEL_SCORE_NAME:-rSquared}"
prop_replace 'nifi.analytics.connection.model.score.threshold' "${NIFI_ANALYTICS_MODEL_SCORE_THRESHOLD:-.90}"
NIFI-8943 Corrected Sensitive Props Key handling in Docker Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com> This closes #5245.
2021-07-23 09:02:33 -04:00
if [ -n "${NIFI_SENSITIVE_PROPS_KEY}" ]; then
prop_replace 'nifi.sensitive.props.key' "${NIFI_SENSITIVE_PROPS_KEY}"
fi
NIFI-6667 Added variable to accept nifi.sensitive.props.key in Dockerfiles This closes #5128 Signed-off-by: David Handermann <exceptionfactory@apache.org>
2021-06-04 12:07:42 -04:00
NIFI-8725 Added Single User Environment Variables for Docker (#5178) * NIFI-8725 Added Single User Environment Variables for Docker - Updated Docker README.md with example command and link to Administration Guide section - Updated Docker integration test to check HTTP response status - Disabled integration test plugin for dockerhub because it depends on changes on the main branch. Can be re-enabled after 1.14.0 is released.
2021-06-23 12:42:44 -04:00
if [ -n "${SINGLE_USER_CREDENTIALS_USERNAME}" ] && [ -n "${SINGLE_USER_CREDENTIALS_PASSWORD}" ]; then
${NIFI_HOME}/bin/nifi.sh set-single-user-credentials "${SINGLE_USER_CREDENTIALS_USERNAME}" "${SINGLE_USER_CREDENTIALS_PASSWORD}"
fi
NIFI-5195 Added clustering to the docker image and added a docker-compose file that builds a basic 3 node cluster. This closes #2828. Signed-off-by: Aldrin Piri <aldrin@apache.org>
2018-06-29 20:48:08 -04:00
. "${scripts_dir}/update_cluster_state_management.sh"
NIFI-5359 Exposed variable registry to docker image. Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com> This closes #2829.
2018-07-02 05:57:59 -04:00
NIFI-5249 Dockerfile enhancements: create data repository and log directories, explicit environment variable declarations to replace nifi-env.sh. Add integration tests, remove latest tag, since only one tag can be specified that will be used to build the image. Cover dockerhub image with the same tests as dockermaven Fix entrypoint to handle signals properly, also get rid of hardcoded paths This closes #2747
2018-05-29 07:27:45 -04:00
# Check if we are secured or unsecured
case ${AUTH} in
tls)
echo 'Enabling Two-Way SSL user authentication'
. "${scripts_dir}/secure.sh"
;;
ldap)
echo 'Enabling LDAP user authentication'
# Reference ldap-provider in properties
NIFI-8516 Enabled HTTPS and Single User Authentication in default configuration - Set default HTTPS Port to 9443 - Set default authorizer to single-user-authorizer - Set default login-identity-provider to single-user-provider - Updated README.md with authentication instructions using generated credentials - Updated default URL and port information in Administration and User Guides - Updated Getting Started Guide with authentication and URL changes - Updated Docker images to set HTTPS as default configuration - Updated default HTTPS port to 8443 - Set Cluster Protocol secure property in Docker start scripts - Added set-single-user-credentials command - Refactored shared classes to nifi-single-user-utils - Updated Getting Started documentation and logging - Updated documentation and TLS Toolkit default ports - Updated Toolkit Guide and Administration Guide - Updated README.md with HTTPS links
2021-05-11 13:18:08 -04:00
export NIFI_SECURITY_USER_LOGIN_IDENTITY_PROVIDER="ldap-provider"
NIFI-5249 Dockerfile enhancements: create data repository and log directories, explicit environment variable declarations to replace nifi-env.sh. Add integration tests, remove latest tag, since only one tag can be specified that will be used to build the image. Cover dockerhub image with the same tests as dockermaven Fix entrypoint to handle signals properly, also get rid of hardcoded paths This closes #2747
2018-05-29 07:27:45 -04:00
. "${scripts_dir}/secure.sh"
. "${scripts_dir}/update_login_providers.sh"
;;
esac
NIFI-8784 Make NIFI_WEB_PROXY_HOST work with single user auth This closes #5226 Signed-off-by: David Handermann <exceptionfactory@apache.org>
2021-07-16 16:53:53 -04:00
# Continuously provide logs so that 'docker logs' can produce them
NIFI-5249 Dockerfile enhancements: create data repository and log directories, explicit environment variable declarations to replace nifi-env.sh. Add integration tests, remove latest tag, since only one tag can be specified that will be used to build the image. Cover dockerhub image with the same tests as dockermaven Fix entrypoint to handle signals properly, also get rid of hardcoded paths This closes #2747
2018-05-29 07:27:45 -04:00
tail -F "${NIFI_HOME}/logs/nifi-app.log" &
"${NIFI_HOME}/bin/nifi.sh" run &
nifi_pid="$!"
trap "echo Received trapped signal, beginning shutdown...;" KILL TERM HUP INT EXIT;
echo NiFi running with PID ${nifi_pid}.
NIFI-5195 Added clustering to the docker image and added a docker-compose file that builds a basic 3 node cluster. This closes #2828. Signed-off-by: Aldrin Piri <aldrin@apache.org>
2018-06-29 20:48:08 -04:00
wait ${nifi_pid}