nifi/c2/c2-client-bundle
dan-s1 82fe051413
NIFI-13996 Improved removal of temporary files after a build (#9551)
Signed-off-by: David Handerman <exceptionfactory@apache.org>
Co-authored-by: David Handermann <exceptionfactory@apache.org>
2024-12-02 17:39:31 -06:00
..
c2-client-api NIFI-13915 Updated version to 2.1.0-SNAPSHOT 2024-11-01 22:56:08 -05:00
c2-client-base NIFI-13915 Updated version to 2.1.0-SNAPSHOT 2024-11-01 22:56:08 -05:00
c2-client-http NIFI-13915 Updated version to 2.1.0-SNAPSHOT 2024-11-01 22:56:08 -05:00
c2-client-service NIFI-13996 Improved removal of temporary files after a build (#9551) 2024-12-02 17:39:31 -06:00
README.md NIFI-12657 Removed MiNiFi C2 Server modules 2024-01-22 17:51:29 -07:00
pom.xml NIFI-13915 Updated version to 2.1.0-SNAPSHOT 2024-11-01 22:56:08 -05:00

README.md

Apache NiFi MiNiFi Command and Control (C2) Client

The c2-client-bundle provides implementation for the client aspect of the C2 Protocol. The essence of the implementation is the heartbeat construction and the communication with the C2 server via the C2HttpClient.

Currently, relying on the C2 Protocol API is limited to sending heartbeats and processing/acknowledging UPDATE configuration operation in the response (if any). When exposed the new configuration will be downloaded and passed back to the system using the C2 protocol.

When C2 is enabled, C2ClientService will be scheduled to send heartbeats periodically, so the C2 Server can notify the client about any operations that is defined by the protocol and needs to be executed on the client side.

Using the client means that configuration changes and other operations can be triggered and controlled centrally via the C2 server making the management of clients more simple and configuring them more flexible. The client supports bidirectional TLS authentication.

Configuration

To use the client, the parameters coming from C2ClientConfig need to be properly set (this configuration class is also used for instantiating C2HeartbeatFactory and C2HttpClient)

    # The C2 Server endpoint where the heartbeat is sent
    private final String c2Url;
    
    # The C2 Server endpoint where the acknowledge is sent
    private final String c2AckUrl;
    
    # The class the agent belongs to (flow definition is tied to agent class on the server side)
    private final String agentClass;
    
    # Unique identifier for the agent if not provided it will be generated
    private final String agentIdentifier;
    
    # Directory where persistent configuration (e.g.: generated agent and device id will be persisted)
    private final String confDirectory;
    
    # Property of RuntimeManifest defined in c2-protocol. A unique identifier for the manifest
    private final String runtimeManifestIdentifier;
    
    # Property of RuntimeManifest defined in c2-protocol. The type of the runtime binary. Usually set when the runtime is built
    private final String runtimeType;
    
    # The frequency of sending the heartbeats. This property is used by the c2-client-bundle user who should schedule the client
    private final Long heartbeatPeriod;
    
    # Security properties for communication with the C2 Server
    private final String keystoreFilename;
    private final String keystorePass;
    private final String keyPass;
    private final KeystoreType keystoreType;
    private final String truststoreFilename;
    private final String truststorePass;
    private final KeystoreType truststoreType;
    private final HostnameVerifier hostnameVerifier;