域名解析,修改本地 /etc/hosts
vim /etc/hosts
内网解析
172.30.224.x zookeeper1 nifi1
172.30.224.x zookeeper2 nifi2
172.30.224.x zookeeper3 nifi3
外网解析
10.8.8.x nifi1
10.8.8.x nifi2
10.8.8.x nifi3
三台机器相互做免密
ssh-copy-id -f -i ~/.ssh/id_rsa.pub root@openstack.nifi1
ssh-copy-id -f -i ~/.ssh/id_rsa.pub root@openstack.nifi2
ssh-copy-id -f -i ~/.ssh/id_rsa.pub root@openstack.nifi3
以域名生成证书
使用 nifi-toolkit-1.16.3-bin.zip 解压后,生成证书
bin/tls-toolkit.sh standalone -O -n ‘openstack.nifi1’ -C ‘CN=nifi, OU=NIFI’ --subjectAlternativeNames ‘openstack.nifi1’ -o ‘target1’
bin/tls-toolkit.sh standalone -O -n ‘openstack.nifi2’ -C ‘CN=nifi, OU=NIFI’ --subjectAlternativeNames ‘openstack.nifi2’ -o ‘target1’
bin/tls-toolkit.sh standalone -O -n ‘openstack.nifi3’ -C ‘CN=nifi, OU=NIFI’ --subjectAlternativeNames ‘openstack.nifi3’ -o ‘target1’
scp -r target1/openstack.nifi1/* root@openstack.nifi1:/home/nifi-1.16.0/conf
scp -r target1/openstack.nifi2/* root@openstack.nifi2:/home/nifi-1.16.0/conf
scp -r target1/openstack.nifi3/* root@openstack.nifi3:/home/nifi-1.16.0/conf
修改nifi配置文件
conf/state-management.xml
zk-provider
org.apache.nifi.controller.state.providers.zookeeper.ZooKeeperStateProvider
zookeeper1:2181,zookeeper2:2181,zookeeper3:2181
/nifi
10 seconds
Open
conf/zookeeper.properties
server.1=zookeeper1:2888:3888;2181
server.2=zookeeper2:2888:3888;2181
server.3=zookeeper3:2888:3888;2181
conf/nifi.properties
#是否是集群节点
nifi.cluster.is.node=true
#zk连接信息
nifi.zookeeper.connect.string=zookeeper1:2181,zookeeper2:2181,zookeeper3:2181
#敏感字段加密key
nifi.sensitive.props.key=sadad22!!@#$ss
IP不做修改,其余配置按实际需要修改
启动Nifi
设置用户名密码
bin/nifi.sh set-single-user-credentials username password
bin/nifi.sh start