nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy Christianson <aichr...@protonmail.com.INVALID>
Subject "Node Group" property of FileAccessPolicyProvider
Date Tue, 21 Aug 2018 14:18:11 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi All,

Currently FileAccessPolicyProvider supports specification of a static set of
node identities. This is limiting in environments where the set of node
identities is changing over time, for example during scale-up/down operations
when NiFi is deployed to a clustering environment (e.g. Kubernetes).

I have authored ticket NIFI-5542 [1] proposing a new "Node Group" property. All
users added to this group will be treated as nodes. The group will be populated
by a UserGroupProvider which dynamically provides the set of node identities
that exist in the cluster. The UserGroupProvider will depend on the cluster
environment NiFi is currently deployed to. In the future we may want to
consider offering UserGroupProviders for a set of standard cluster
environments, but that is out of scope for this initial change.

How does the community feel about this proposed change? Is this a good way to
add initial support for authorizing a dynamic set of NiFi nodes in a dynamic
cluster environment?

Regards,

Andy I.C.

1: https://issues.apache.org/jira/browse/NIFI-5542?filter=-2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJbfB6/AAoJEG1+mBKNMpID1kYH/2Fl6nTnunKkV1L0P1ls/gAZ
Nu4KGS4RB0KZLl910IuYznIaRerQPIfw/bcJUJvcMJUGaSItxqRZkd7XuucjM2dj
MoFIbvoiAGbTfKteF41yuj6iWmDuDGTMFRDf2ZDwuo4bbHdbXIt0IpEAzYW186e0
D+Mzyz53/kkHxyKFFhuIII1hr93yG9leN+E7HTtEeZplpmuXQGXwf9s470TuD9mw
7YVeF9fLt8JB52hZ6E3s9q0wvf2ORkSNAL87YEN++ojPIcQOPyslIsyyu/zwycw5
lWHeDZKh+SvS2IE2jwefSOPRYl6Z9wp0uggRMayiU4+7z5XtlVsdn7TtGYR7nFA=
=NNPm
-----END PGP SIGNATURE-----

Sent from [ProtonMail](https://protonmail.com), Swiss-based encrypted email.
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message