Securing Cloudera Flow Management
Also available as:
PDF

NiFi Default Properties

<!--
    DO NOT INCLUDE COMMENTS WHEN COPYING TO CM XML EDITOR
-->
<!--
    This represents the default properties that can be copied and overridden using CM nifi.properties xml safety valves.
    One or more properties can be copied and edited as needed. Safety values can also be used for defining dynamic properties
    that may not exist by default (such as for content repository locations)
-->
<property>
<name>nifi.state.management.provider.local</name>
<value>local-provider</value>
</property>
<property>
<name>nifi.flowfile.repository.implementation</name>
<value>org.apache.nifi.controller.repository.WriteAheadFlowFileRepository</value>
</property>
<property>
<name>nifi.content.repository.always.sync</name>
<value>false</value>
</property>
<property>
<name>nifi.content.viewer.url</name>
<value>../nifi-content-viewer/</value>
</property>
<property>
<name>nifi.components.status.repository.buffer.size</name>
<value>1440</value>
</property>
<property>
<name>nifi.flowcontroller.graceful.shutdown.period</name>
<value>10 sec</value>
</property>
<property>
<name>nifi.provenance.repository.debug.frequency</name>
<value>1_000_000</value>
</property>
<property>
<name>nifi.web.http.port</name>
<value>8080</value>
</property>
<property>
<name>nifi.security.user.knox.audiences</name>
<value/>
</property>
<property>
<name>nifi.provenance.repository.indexed.fields</name>
<value>EventType, FlowFileUUID, Filename, ProcessorID, Relationship</value>
</property>
<property>
<name>nifi.variable.registry.properties</name>
<value/>
</property>
<property>
<name>nifi.nar.library.directory</name>
<value>${NIFI_DIST}/lib</value>
</property>
<property>
<name>nifi.content.claim.max.appendable.size</name>
<value>1 MB</value>
</property>
<property>
<name>nifi.administrative.yield.duration</name>
<value>30 sec</value>
</property>
<property>
<name>nifi.provenance.repository.always.sync</name>
<value>false</value>
</property>
<property>
<name>nifi.security.keyPasswd</name>
<value/>
</property>
<property>
<name>nifi.cluster.load.balance.max.thread.count</name>
<value>8</value>
</property>
<property>
<name>nifi.security.truststorePasswd</name>
<value/>
</property>
<property>
<name>nifi.provenance.repository.rollover.size</name>
<value>100 MB</value>
</property>
<property>
<name>nifi.zookeeper.root.node</name>
<value>ZK_NODE</value>
</property>
<property>
<name>nifi.cluster.load.balance.port</name>
<value>6342</value>
</property>
<property>
<name>nifi.flowfile.repository.checkpoint.interval</name>
<value>2 mins</value>
</property>
<property>
<name>nifi.cluster.load.balance.comms.timeout</name>
<value>30 sec</value>
</property>
<property>
<name>nifi.provenance.repository.concurrent.merge.threads</name>
<value>2</value>
</property>
<property>
<name>nifi.provenance.repository.encryption.key.provider.location</name>
<value/>
</property>
<property>
<name>nifi.web.https.port</name>
<value/>
</property>
<property>
<name>nifi.provenance.repository.max.storage.time</name>
<value>24 hours</value>
</property>
<property>
<name>nifi.flowservice.writedelay.interval</name>
<value>500 ms</value>
</property>
<property>
<name>nifi.cluster.flow.election.max.wait.time</name>
<value>5 mins</value>
</property>
<property>
<name>nifi.database.directory</name>
<value>${nifi.working.directory}/database_repository</value>
</property>
<property>
<name>nifi.cluster.flow.election.max.candidates</name>
<value/>
</property>
<property>
<name>nifi.security.keystorePasswd</name>
<value/>
</property>
<property>
<name>nifi.web.http.host</name>
<value>${CSD_HOST}</value>
</property>
<property>
<name>nifi.security.ocsp.responder.certificate</name>
<value/>
</property>
<property>
<name>nifi.remote.input.secure</name>
<value>false</value>
</property>
<property>
<name>nifi.cluster.node.max.concurrent.requests</name>
<value>100</value>
</property>
<property>
<name>nifi.nar.working.directory</name>
<value>${nifi.working.directory}/work/nar/</value>
</property>
<property>
<name>nifi.nar.library.autoload.directory</name>
<value>${nifi.working.directory}/extensions</value>
</property>
<property>
<name>nifi.queue.swap.threshold</name>
<value>20000</value>
</property>
<property>
<name>nifi.security.user.oidc.read.timeout</name>
<value>5 secs</value>
</property>
<property>
<name>nifi.sensitive.props.additional.keys</name>
<value/>
</property>
<property>
<name>nifi.ui.autorefresh.interval</name>
<value>30 sec</value>
</property>
<property>
<name>nifi.web.war.directory</name>
<value>${NIFI_DIST}/lib</value>
</property>
<property>
<name>nifi.cluster.load.balance.host</name>
<value/>
</property>
<property>
<name>nifi.provenance.repository.buffer.size</name>
<value>100000</value>
</property>
<property>
<name>nifi.bored.yield.duration</name>
<value>10 millis</value>
</property>
<property>
<name>nifi.content.repository.archive.max.usage.percentage</name>
<value>50%</value>
</property>
<property>
<name>nifi.security.keystoreType</name>
<value/>
</property>
<property>
<name>nifi.web.https.host</name>
<value>${CSD_HOST}</value>
</property>
<property>
<name>nifi.zookeeper.kerberos.removeRealmFromPrincipal</name>
<value/>
</property>
<property>
<name>nifi.cluster.is.node</name>
<value>true</value>
</property>
<property>
<name>nifi.remote.input.http.transaction.ttl</name>
<value>30 sec</value>
</property>
<property>
<name>nifi.content.repository.archive.enabled</name>
<value>true</value>
</property>
<property>
<name>nifi.web.proxy.host</name>
<value/>
</property>
<property>
<name>nifi.kerberos.spnego.authentication.expiration</name>
<value>12 hours</value>
</property>
<property>
<name>nifi.remote.input.host</name>
<value/>
</property>
<property>
<name>nifi.cluster.firewall.file</name>
<value/>
</property>
<property>
<name>nifi.provenance.repository.rollover.time</name>
<value>30 secs</value>
</property>
<property>
<name>nifi.security.keystore</name>
<value/>
</property>
<property>
<name>nifi.security.user.knox.publicKey</name>
<value/>
</property>
<property>
<name>nifi.provenance.repository.directory.default</name>
<value>${nifi.working.directory}/provenance_repository</value>
</property>
<property>
<name>nifi.cluster.node.address</name>
<value>${CSD_HOST}</value>
</property>
<property>
<name>nifi.provenance.repository.compress.on.rollover</name>
<value>true</value>
</property>
<property>
<name>nifi.sensitive.props.key</name>
<value/>
</property>
<property>
<name>nifi.state.management.configuration.file</name>
<value>${nifi.conf.directory}/state-management.xml</value>
</property>
<property>
<name>nifi.security.user.oidc.preferred.jwsalgorithm</name>
<value/>
</property>
<property>
<name>nifi.provenance.repository.implementation</name>
<value>org.apache.nifi.provenance.WriteAheadProvenanceRepository</value>
</property>
<property>
<name>nifi.web.proxy.globals.path</name>
<value/>
</property>
<property>
<name>nifi.zookeeper.auth.type</name>
<value/>
</property>
<property>
<name>nifi.kerberos.spnego.keytab.location</name>
<value>${CONF_DIR}/nifi.keytab</value>
</property>
<property>
<name>nifi.cluster.node.protocol.port</name>
<value>9088</value>
</property>
<property>
<name>nifi.components.status.repository.implementation</name>
<value>org.apache.nifi.controller.status.history.VolatileComponentStatusRepository</value>
</property>
<property>
<name>nifi.sensitive.props.key.protected</name>
<value/>
</property>
<property>
<name>nifi.cluster.node.protocol.max.threads</name>
<value>50</value>
</property>
<property>
<name>nifi.cluster.node.connection.timeout</name>
<value>30 sec</value>
</property>
<property>
<name>nifi.flowfile.repository.partitions</name>
<value>256</value>
</property>
<property>
<name>nifi.security.user.oidc.client.id</name>
<value/>
</property>
<property>
<name>nifi.security.user.authorizer</name>
<value>managed-authorizer</value>
</property>
<property>
<name>nifi.flow.configuration.file</name>
<value>${nifi.working.directory}/flow.xml.gz</value>
</property>
<property>
<name>nifi.swap.in.period</name>
<value>5 sec</value>
</property>
<property>
<name>nifi.provenance.repository.encryption.key</name>
<value/>
</property>
<property>
<name>nifi.flow.configuration.archive.max.storage</name>
<value>500 MB</value>
</property>
<property>
<name>nifi.zookeeper.kerberos.removeHostFromPrincipal</name>
<value/>
</property>
<property>
<name>nifi.remote.input.http.enabled</name>
<value>true</value>
</property>
<property>
<name>nifi.flowfile.repository.directory</name>
<value>${nifi.working.directory}/flowfile_repository</value>
</property>
<property>
<name>nifi.security.user.oidc.client.secret</name>
<value/>
</property>
<property>
<name>nifi.provenance.repository.query.threads</name>
<value>2</value>
</property>
<property>
<name>nifi.flow.configuration.archive.enabled</name>
<value>true</value>
</property>
<property>
<name>nifi.security.truststore</name>
<value/>
</property>
<property>
<name>nifi.documentation.working.directory</name>
<value>${nifi.working.directory}/work/docs/components</value>
</property>
<property>
<name>nifi.flow.configuration.archive.max.time</name>
<value>30 days</value>
</property>
<property>
<name>nifi.sensitive.props.algorithm</name>
<value>PBEWITHMD5AND256BITAES-CBC-OPENSSL</value>
</property>
<property>
<name>nifi.cluster.protocol.heartbeat.interval</name>
<value>5 sec</value>
</property>
<property>
<name>nifi.web.jetty.working.directory</name>
<value>${nifi.working.directory}/work/jetty</value>
</property>
<property>
<name>nifi.queue.backpressure.size</name>
<value>1 GB</value>
</property>
<property>
<name>nifi.security.user.login.identity.provider</name>
<value/>
</property>
<property>
<name>nifi.zookeeper.connect.timeout</name>
<value>3 secs</value>
</property>
<property>
<name>nifi.provenance.repository.index.threads</name>
<value>2</value>
</property>
<property>
<name>nifi.flow.configuration.archive.dir</name>
<value>${nifi.working.directory}/archive/</value>
</property>
<property>
<name>nifi.authorizer.configuration.file</name>
<value>${nifi.conf.directory}/authorizers.xml</value>
</property>
<property>
<name>nifi.security.truststoreType</name>
<value>JKS</value>
</property>
<property>
<name>nifi.flow.configuration.archive.max.count</name>
<value/>
</property>
<property>
<name>nifi.kerberos.service.keytab.location</name>
<value>${CONF_DIR}/nifi.keytab</value>
</property>
<property>
<name>nifi.provenance.repository.encryption.key.provider.implementation</name>
<value/>
</property>
<property>
<name>nifi.provenance.repository.encryption.key.id</name>
<value/>
</property>
<property>
<name>nifi.cluster.protocol.is.secure</name>
<value>false</value>
</property>
<property>
<name>nifi.content.repository.archive.max.retention.period</name>
<value>12 hours</value>
</property>
<property>
<name>nifi.content.repository.directory.default</name>
<value>${nifi.working.directory}/content_repository</value>
</property>
<property>
<name>nifi.cluster.node.read.timeout</name>
<value>30 sec</value>
</property>
<property>
<name>nifi.h2.url.append</name>
<value>;LOCK_TIMEOUT=25000;WRITE_DELAY=0;AUTO_SERVER=FALSE</value>
</property>
<property>
<name>nifi.web.jetty.threads</name>
<value>200</value>
</property>
<property>
<name>nifi.zookeeper.connect.string</name>
<value>${ZK_QUORUM}</value>
</property>
<property>
<name>nifi.swap.manager.implementation</name>
<value>org.apache.nifi.controller.FileSystemSwapManager</value>
</property>
<property>
<name>nifi.flowfile.repository.wal.implementation</name>
<value>org.apache.nifi.wali.SequentialAccessWriteAheadLog</value>
</property>
<property>
<name>nifi.sensitive.props.provider</name>
<value>BC</value>
</property>
<property>
<name>nifi.zookeeper.session.timeout</name>
<value>3 secs</value>
</property>
<property>
<name>nifi.security.user.knox.url</name>
<value/>
</property>
<property>
<name>nifi.content.claim.max.flow.files</name>
<value>100</value>
</property>
<property>
<name>nifi.components.status.snapshot.frequency</name>
<value>1 min</value>
</property>
<property>
<name>nifi.cluster.node.protocol.threads</name>
<value>10</value>
</property>
<property>
<name>nifi.security.user.oidc.connect.timeout</name>
<value>5 secs</value>
</property>
<property>
<name>nifi.security.ocsp.responder.url</name>
<value/>
</property>
<property>
<name>nifi.security.user.knox.cookieName</name>
<value>hadoop-jwt</value>
</property>
<property>
<name>nifi.swap.in.threads</name>
<value>1</value>
</property>
<property>
<name>nifi.swap.out.threads</name>
<value>4</value>
</property>
<property>
<name>nifi.web.max.header.size</name>
<value>16 KB</value>
</property>
<property>
<name>nifi.cluster.node.event.history.size</name>
<value>25</value>
</property>
<property>
<name>nifi.remote.contents.cache.expiration</name>
<value>30 secs</value>
</property>
<property>
<name>nifi.web.http.network.interface.default</name>
<value/>
</property>
<property>
<name>nifi.flowcontroller.autoResumeState</name>
<value>true</value>
</property>
<property>
<name>nifi.provenance.repository.index.shard.size</name>
<value>500 MB</value>
</property>
<property>
<name>nifi.provenance.repository.max.attribute.length</name>
<value>65536</value>
</property>
<property>
<name>nifi.cluster.load.balance.connections.per.node</name>
<value>4</value>
</property>
<property>
<name>nifi.swap.out.period</name>
<value>5 sec</value>
</property>
<property>
<name>nifi.templates.directory</name>
<value>${nifi.conf.directory}/templates</value>
</property>
<property>
<name>nifi.web.https.network.interface.default</name>
<value/>
</property>
<property>
<name>nifi.provenance.repository.max.storage.size</name>
<value>1 GB</value>
</property>
<property>
<name>nifi.queue.backpressure.count</name>
<value>10000</value>
</property>
<property>
<name>nifi.remote.input.socket.port</name>
<value/>
</property>
<property>
<name>nifi.provenance.repository.indexed.attributes</name>
<value/>
</property>
<property>
<name>nifi.flowfile.repository.always.sync</name>
<value>false</value>
</property>
<property>
<name>nifi.login.identity.provider.configuration.file</name>
<value>${nifi.conf.directory}/login-identity-providers.xml</value>
</property>
<property>
<name>nifi.state.management.provider.cluster</name>
<value>zk-provider</value>
</property>
<property>
<name>nifi.ui.banner.text</name>
<value/>
</property>
<property>
<name>nifi.security.user.oidc.discovery.url</name>
<value/>
</property>
<property>
<name>nifi.content.repository.implementation</name>
<value>org.apache.nifi.controller.repository.FileSystemRepository</value>
</property>