84 lines
2.0 KiB
YAML
84 lines
2.0 KiB
YAML
# Example values file for Apache NiFi with LDAP Authentication
|
|
# This file demonstrates LDAP authentication configuration
|
|
# Note: Basic auth is automatically disabled when LDAP is enabled
|
|
|
|
# Basic cluster configuration
|
|
global:
|
|
busybox:
|
|
repository: public.ecr.aws/docker/library/busybox:stable
|
|
nifi:
|
|
nodeCount: 3
|
|
# Authentication configuration
|
|
# Basic auth (automatically disabled when LDAP is enabled)
|
|
basic:
|
|
admin_username: "admin"
|
|
admin_password: "your32characterpasswordhere123"
|
|
|
|
# LDAP Authentication
|
|
ldap:
|
|
enabled: true
|
|
url: "ldaps://dc-1.example.com:636,ldaps://dc-2.example.com:636"
|
|
tlsProtocol: "TLSv1.2"
|
|
authenticationStrategy: "LDAPS" # ANONYMOUS|SIMPLE|LDAPS|START_TLS
|
|
identityStrategy: "USE_USERNAME" # USE_DN|USE_USERNAME
|
|
initialAdminIdentity: "CN=Administrator,DC=example,DC=com"
|
|
manager:
|
|
distinguishedName: "CN=Administrator,DC=example,DC=com"
|
|
passwordSecretRef:
|
|
name: "ldap-manager-secret"
|
|
key: "password"
|
|
userSearchBase: "DC=example,DC=com"
|
|
userSearchFilter: "sAMAccountName={0}"
|
|
|
|
# OIDC is disabled
|
|
oidc:
|
|
enabled: false
|
|
|
|
# Resource configuration for single node
|
|
resources:
|
|
requests:
|
|
memory: "2Gi"
|
|
cpu: "1000m"
|
|
limits:
|
|
memory: "4Gi"
|
|
cpu: "2000m"
|
|
|
|
# JVM Heap configuration for single node
|
|
jvmHeap:
|
|
min: 512m
|
|
max: 1g
|
|
|
|
# Storage configuration
|
|
volumeClaims:
|
|
config:
|
|
storageClass: "gp3"
|
|
size: "5Gi"
|
|
state:
|
|
storageClass: "gp3"
|
|
size: "10Gi"
|
|
logs:
|
|
storageClass: "gp3"
|
|
size: "2Gi"
|
|
flowfile:
|
|
storageClass: "gp3"
|
|
size: "10Gi"
|
|
content:
|
|
storageClass: "gp3"
|
|
size: "15Gi"
|
|
provenance:
|
|
storageClass: "gp3"
|
|
size: "10Gi"
|
|
|
|
# Your specific ALB ingress configuration
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: alb
|
|
hostName: example.com # nifi.example.com
|
|
siteToSite:
|
|
subDomain: s2s # Subdomain for site-to-site traffic (e.g. s2s.example.com)
|
|
annotations: { }
|
|
|
|
# Node selector and tolerations (adjust as needed for your cluster)
|
|
nodeSelector: {}
|
|
tolerations: []
|
|
affinity: {} |