Skip to content

NIFI-14826 Correct the enabling HTTP mode in the start.sh script #10177

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

NIFI-14826 Correct the enabling HTTP mode in the start.sh script #10177

wants to merge 1 commit into from

Conversation

peter279k
Copy link
Contributor

@peter279k peter279k commented Aug 7, 2025
edited
Loading

Summary

NIFI-14826

Tracking

Please complete the following tracking steps prior to pull request creation.

Issue Tracking

Pull Request Tracking

  • Pull Request title starts with Apache NiFi Jira issue number, such as NIFI-00000
  • Pull Request commit message starts with Apache NiFi Jira issue number, as such NIFI-00000

Pull Request Formatting

  • Pull Request based on current revision of the main branch
  • Pull Request refers to a feature branch with one commit containing changes

Verification

The verification steps are as follows:

  • Preparing for the Docker environment and the docker command is available.
  • Creating the Dockerfile and apply these modified start.sh and common.sh files.
FROM apache/nifi:2.5.0

COPY start.sh /opt/nifi/scripts/start.sh
COPY common.sh /opt/nifi/scripts/common.sh
RUN chown nifi:nifi /opt/nifi/scripts/start.sh && \
    chmod +x /opt/nifi/scripts/start.sh && \
    chown nifi:nifi /opt/nifi/scripts/common.sh &&\
    chmod +x /opt/nifi/scripts/common.sh
  • Creating the docker-compose.yml file to define some configurations to enable the HTTP mode without the NIFI_WEB_HTTPS_ENABLE environment variable:
services:
  # configuration manager for NiFi
  zookeeper:
    image: 'bitnami/zookeeper:latest'
    restart: on-failure
    environment:
      - ALLOW_ANONYMOUS_LOGIN=yes
  # data extraction, transformation and load service
  nifi:
    build: .
    restart: on-failure
    ports:
      - '8091:8080'
    environment:
      - NIFI_CLUSTER_IS_NODE=true
      - NIFI_CLUSTER_NODE_PROTOCOL_PORT=8082
      - NIFI_ZK_CONNECT_STRING=zookeeper:2181
      - NIFI_ELECTION_MAX_WAIT=30 sec
      - NIFI_SENSITIVE_PROPS_KEY=${NIFI_SENSITIVE_PROPS_KEY:-12345678901234567890A}
      - NIFI_REMOTE_INPUT_SECURE=false
      - NIFI_CLUSTER_PROTOCOL_IS_SECURE=false
    healthcheck:
      test: ["CMD", "curl", "http://nifi:8080/nifi-api/access/config"]
      interval: "60s"
      timeout: "3s"
      start_period: "5s"
      retries: 5
    volumes:
      - nifi_database_repository:/opt/nifi/nifi-current/database_repository
      - nifi_flowfile_repository:/opt/nifi/nifi-current/flowfile_repository
      - nifi_content_repository:/opt/nifi/nifi-current/content_repository
      - nifi_provenance_repository:/opt/nifi/nifi-current/provenance_repository
      - nifi_state:/opt/nifi/nifi-current/state
      - nifi_logs:/opt/nifi/nifi-current/logs

volumes:
  nifi_database_repository:
  nifi_flowfile_repository:
  nifi_content_repository:
  nifi_provenance_repository:
  nifi_state:
  nifi_logs:
  • Once configuring the related files is completed, running the docker compose up -d --build to run the NiFi.
  • It will expect to present the NIFI_WEB_HTTPS_ENABLE was not set and disable the secure mode. message when browsing this Docker container log.
$ docker compose logs nifi | grep 'NIFI_WEB_HTTPS_ENABLE' -A 5 -B 5
nifi-1  | File [/opt/nifi/nifi-current/conf/nifi.properties] replacing [nifi.web.proxy.host]
nifi-1  | File [/opt/nifi/nifi-current/conf/nifi.properties] replacing [nifi.remote.input.host]
nifi-1  | File [/opt/nifi/nifi-current/conf/nifi.properties] replacing [nifi.remote.input.socket.port]
nifi-1  | File [/opt/nifi/nifi-current/conf/nifi.properties] replacing [nifi.remote.input.secure]
nifi-1  | File [/opt/nifi/nifi-current/conf/nifi.properties] replacing [nifi.cluster.protocol.is.secure]
nifi-1  | NIFI_WEB_HTTPS_ENABLE was not set and disable the secure mode.
nifi-1  | File [/opt/nifi/nifi-current/conf/nifi.properties] commenting [nifi.web.https.port]
nifi-1  | File [/opt/nifi/nifi-current/conf/nifi.properties] commenting [nifi.web.https.host]
nifi-1  | File [/opt/nifi/nifi-current/conf/nifi.properties] replacing [nifi.web.http.port]
nifi-1  | File [/opt/nifi/nifi-current/conf/nifi.properties] replacing [nifi.web.http.host]
nifi-1  | File [/opt/nifi/nifi-current/conf/nifi.properties] replacing [nifi.security.keystore]
  • Modifying the docker-compose.yml file to define some configurations to enable the HTTP mode with the NIFI_WEB_HTTPS_ENABLE environment variable:
services:
  # configuration manager for NiFi
  zookeeper:
    image: 'bitnami/zookeeper:latest'
    restart: on-failure
    environment:
      - ALLOW_ANONYMOUS_LOGIN=yes
  # data extraction, transformation and load service
  nifi:
    build: .
    restart: on-failure
    ports:
      - '8091:8080'
    environment:
      - NIFI_CLUSTER_IS_NODE=true
      - NIFI_CLUSTER_NODE_PROTOCOL_PORT=8082
      - NIFI_ZK_CONNECT_STRING=zookeeper:2181
      - NIFI_ELECTION_MAX_WAIT=30 sec
      - NIFI_SENSITIVE_PROPS_KEY=${NIFI_SENSITIVE_PROPS_KEY:-12345678901234567890A}
      - NIFI_REMOTE_INPUT_SECURE=true
      - NIFI_CLUSTER_PROTOCOL_IS_SECURE=true
      - NIFI_WEB_HTTPS_ENABLE=true
    healthcheck:
      test: ["CMD", "curl", "http://nifi:8080/nifi-api/access/config"]
      interval: "60s"
      timeout: "3s"
      start_period: "5s"
      retries: 5
    volumes:
      - nifi_database_repository:/opt/nifi/nifi-current/database_repository
      - nifi_flowfile_repository:/opt/nifi/nifi-current/flowfile_repository
      - nifi_content_repository:/opt/nifi/nifi-current/content_repository
      - nifi_provenance_repository:/opt/nifi/nifi-current/provenance_repository
      - nifi_state:/opt/nifi/nifi-current/state
      - nifi_logs:/opt/nifi/nifi-current/logs

volumes:
  nifi_database_repository:
  nifi_flowfile_repository:
  nifi_content_repository:
  nifi_provenance_repository:
  nifi_state:
  nifi_logs:
  • Once configuring the related files is completed, running the docker compose stop and docker compose up -d --build commands to run the NiFi.
  • It will not present the NIFI_WEB_HTTPS_ENABLE was not set and disable the secure mode. message when browsing this Docker container log.
$ docker compose logs nifi | grep 'NIFI_WEB_HTTPS_ENABLE' -A 5 -B 5
$

Build

  • Build completed using mvn clean install -P contrib-check
    • JDK 21

Licensing

  • New dependencies are compatible with the Apache License 2.0 according to the License Policy
  • New dependencies are documented in applicable LICENSE and NOTICE files

Documentation

  • Documentation formatting appears as expected in rendered files

exceptionfactory
exceptionfactory requested changes Aug 7, 2025
View reviewed changes
Copy link
Contributor

@exceptionfactory exceptionfactory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for proposing the changes @peter279k. However, changes for NiFi 2 included removal of support for plain HTTP in NIFI-12074.

It would be helpful to consider updating the Docker image README.md for clarity, and although NiFi retains internal support for plain HTTP, it is strongly discouraged, which is the reason it will not be supported in the Docker image.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@exceptionfactory exceptionfactory exceptionfactory requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@peter279k @exceptionfactory